Opened 9 years ago

Closed 9 years ago

Last modified 9 years ago

#6417 closed bug (invalid)

__printf_fphex crashes in haiku

Reported by: MrSunshine Owned by: zooey
Priority: normal Milestone: R1
Component: System/libroot.so Version: R1/Development
Keywords: Cc:
Blocked By: Blocking:
Has a Patch: no Platform: All

Description (last modified by mmadia)

Been trying to compile Tango using LDC D compiler, and it crashed so started investigating, this test crashes on haiku but not on linux:

/* vfprintf example */
#include <stdio.h>
#include <stdarg.h>

void WriteFormatted (FILE * stream, char * format, ...)
{
  va_list args;
  va_start (args, format);
  vfprintf (stream, format, args);
  va_end (args);
}

int main ()
{
   FILE * pFile;

   pFile = fopen ("myfile.txt","w");

   WriteFormatted (pFile,"Call with %x variable %s.\n",2.0f,"arguments");

   fclose (pFile);

   return 0;
}

Change History (5)

comment:1 Changed 9 years ago by mmadia

Description: modified (diff)

comment:2 Changed 9 years ago by zooey

Owner: changed from axeld to zooey
Status: newassigned

comment:3 Changed 9 years ago by MrSunshine

This one might actualy be invalid, crashes in my linux also ... worked fine for a guy that tested it for me in his linux ... feels a bit strange :/

comment:4 Changed 9 years ago by bonefish

Resolution: invalid
Status: assignedclosed

The first format specification is %x, which expects a signed or unsigned int, but the respective argument is 0.2f, which is a float. The float gets converted to double when passed via varargs, so this has indeed a good chance to crash on any system where sizeof(int) != sizeof(double), since part of the double argument will be interpreted as a string pointer.

BTW, -Wall is your friend.

comment:5 in reply to:  4 Changed 9 years ago by zooey

Replying to bonefish:

The first format specification is %x, which expects a signed or unsigned int, but the respective argument is 0.2f, which is a float. The float gets converted to double when passed via varargs, so this has indeed a good chance to crash on any system where sizeof(int) != sizeof(double), since part of the double argument will be interpreted as a string pointer.

I told him that in IRC, yesterday - the only reason I kept this open is that he mentioned the crash would be in __printf_fphex(), which indicated a problem during the formatting of the hex number. Since that should be the last thing to actually work fine, it got me curious. But I have been unable to reproduce crashes in __printf_fphex(), it's either vfprintf() or strlen() crashing, both of which would be explainable.

So there's really nothing special to learn from this.

Note: See TracTickets for help on using tickets.