From: Takashi Yano <takashi.yano@nifty.ne.jp>
To: cygwin@cygwin.com
Subject: Re: possible snprintf() regression in 3.3.2
Date: Wed, 17 Nov 2021 18:21:08 +0900 [thread overview]
Message-ID: <20211117182108.b38599f5e13071bf269a0d48@nifty.ne.jp> (raw)
In-Reply-To: <20211117003718.GF10332@venus.tony.develop-help.com>
On Wed, 17 Nov 2021 11:37:18 +1100
Tony Cook wrote:
> This came up from regression testing perl.
>
> Regression testing of perl @4a1b9dd524007193213d3919d6a331109608b90c
> used (from uname):
>
> cygwin_nt-10.0 fv-az177-186 3.3.1(0.34153) 2021-10-28 20:52 x86_64 cygwin
>
> this did not exhibit the problem. See https://github.com/Perl/perl5/runs/4084168038?check_suite_focus=true
>
> Testing of perl @a85e04e2281234a61c051f8f3ff63bed7381902c, the next
> commit, which is purely a documentation change did exhibit the bug, used:
>
> cygwin_nt-10.0 fv-az177-290 3.3.2(0.34153) 2021-11-08 16:55 x86_64 cygwin
>
> which did crash. See https://github.com/Perl/perl5/runs/4159124596?check_suite_focus=true
>
> snprintf() appears to be crashing internally to ldtoa_r(), without
> cygwin-debuginfo the backtrace is:
>
> Thread 1 "perl" received signal SIGSEGV, Segmentation fault.
> 0x00007ffd26b21548 in ntdll!RtlVirtualUnwind ()
> from /cygdrive/c/WINDOWS/SYSTEM32/ntdll.dll
> (gdb) bt
> #0 0x00007ffd26b21548 in ntdll!RtlVirtualUnwind ()
> from /cygdrive/c/WINDOWS/SYSTEM32/ntdll.dll
> #1 0x00007ffd26b21040 in ntdll!RtlVirtualUnwind ()
> from /cygdrive/c/WINDOWS/SYSTEM32/ntdll.dll
> #2 0x00007ffd26b20e7b in ntdll!RtlVirtualUnwind ()
> from /cygdrive/c/WINDOWS/SYSTEM32/ntdll.dll
> #3 0x00007ffd26b413a8 in ntdll!RtlRaiseException ()
> from /cygdrive/c/WINDOWS/SYSTEM32/ntdll.dll
> #4 0x00007ffd26b90bfe in ntdll!KiUserExceptionDispatcher ()
> from /cygdrive/c/WINDOWS/SYSTEM32/ntdll.dll
> #5 0x00000001801fec7c in eiremain () from /usr/bin/cygwin1.dll
> #6 0x0000000180200319 in _ldtoa_r () from /usr/bin/cygwin1.dll
> #7 0x00000001801cfca9 in _svfprintf_r () from /usr/bin/cygwin1.dll
> #8 0x00000001801bf327 in snprintf () from /usr/bin/cygwin1.dll
> #9 0x000000018018eb0b in _sigfe () from /usr/bin/cygwin1.dll
> #10 0x0000000052162647 in Perl_sv_vcatpvfn_flags (my_perl=0x80004a3e0,
> sv=0x800ca9e78, pat=0x523a3501 <regexp_core_intflags_names+4769> "%.9f",
> patlen=4, args=0xffffc550, svargs=0x0, sv_count=0, maybe_tainted=0x0,
> flags=0) at sv.c:13482
> #11 0x000000005215e360 in Perl_sv_vsetpvfn (my_perl=0x80004a3e0,
> sv=0x800ca9e78, pat=0x523a3501 <regexp_core_intflags_names+4769> "%.9f",
> patlen=4, args=0xffffc550, svargs=0x0, sv_count=0, maybe_tainted=0x0)
> at sv.c:11271
> #12 0x000000005215dde9 in Perl_sv_vsetpvf (my_perl=0x80004a3e0,
> sv=0x800ca9e78, pat=0x523a3501 <regexp_core_intflags_names+4769> "%.9f",
> args=0xffffc550) at sv.c:11101
> #13 0x000000005215dd6a in Perl_sv_setpvf (my_perl=0x80004a3e0, sv=0x800ca9e78,
> pat=0x523a3501 <regexp_core_intflags_names+4769> "%.9f") at sv.c:11076
> #14 0x000000005210aa74 in Perl_upg_version (my_perl=0x80004a3e0,
> ver=0x800cacb00, qv=false) at /home/tony/dev/perl/git/perl/vutil.c:700
> #15 0x00000000520440a4 in XS_universal_version (my_perl=0x80004a3e0,
> cv=0x80004dfa0) at /home/tony/dev/perl/git/perl/vxs.inc:122
> #16 0x0000000052142b10 in Perl_pp_entersub (my_perl=0x80004a3e0)
> at pp_hot.c:5361
> #17 0x00000000521318e7 in Perl_runops_standard (my_perl=0x80004a3e0)
> at run.c:41
> #18 0x00000000520376ff in S_run_body (my_perl=0x80004a3e0, oldscope=1)
> at perl.c:2715
> #19 0x0000000052037214 in perl_run (my_perl=0x80004a3e0) at perl.c:2643
> #20 0x000000010040117c in main (argc=4, argv=0xffffcc00, env=0x8000281a0)
> at perlmain.c:110
>
> With cygwin-debuginfo installed the backtrace is:
>
> Thread 1 "perl" received signal SIGSEGV, Segmentation fault.
> 0x00007ffd26b21548 in ntdll!RtlVirtualUnwind ()
> from /cygdrive/c/WINDOWS/SYSTEM32/ntdll.dll
> (gdb) bt
> #0 0x00007ffd26b21548 in ntdll!RtlVirtualUnwind ()
> from /cygdrive/c/WINDOWS/SYSTEM32/ntdll.dll
> #1 0x00007ffd26b21040 in ntdll!RtlVirtualUnwind ()
> from /cygdrive/c/WINDOWS/SYSTEM32/ntdll.dll
> #2 0x00007ffd26b20e7b in ntdll!RtlVirtualUnwind ()
> from /cygdrive/c/WINDOWS/SYSTEM32/ntdll.dll
> #3 0x00007ffd26b413a8 in ntdll!RtlRaiseException ()
> from /cygdrive/c/WINDOWS/SYSTEM32/ntdll.dll
> #4 0x00007ffd26b90bfe in ntdll!KiUserExceptionDispatcher ()
> from /cygdrive/c/WINDOWS/SYSTEM32/ntdll.dll
> #5 0x00000001801fec7c in eiremain (den=0x1, num=0x0, ldp=0x5)
> at /usr/src/debug/cygwin-3.3.2-1/newlib/libc/stdlib/ldtoa.c:3736
> #6 0x00000001802bb0b0 in etens () from /usr/bin/cygwin1.dll
> #7 0x00000000ffffbac2 in ?? ()
> Backtrace stopped: previous frame inner to this frame (corrupt stack?)
>
> The stack appears to be badly corrupted (etens isn't a function).
I found the caused by the commit:
commit 4d90e5335914551862831de3e02f6c102b78435b
Author: Corinna Vinschen <corinna@vinschen.de>
Date: Thu Nov 4 11:30:44 2021 +0100
ldtoa: fix dropping too many digits from output
ldtoa cuts the number of digits it returns based on a computation of
number of supported bits (144) divide by log10(2). Not only is the
integer approximation of log10(2) ~= 8/27 missing a digit here, it
also fails to take really small double and long double values into
account.
Allow for the full potential precision of long double values. At the
same time, change the local string array allocation to request only as
much bytes as necessary to support the caller-requested number of
digits, to keep the stack size low on small targets.
In the long run a better fix would be to switch to gdtoa, as the BSD
variants, as well as Mingw64 do.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Reverting this commit solves the problem.
Corinna, could you please have a look?
--
Takashi Yano <takashi.yano@nifty.ne.jp>
next prev parent reply other threads:[~2021-11-17 9:21 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-11-17 0:37 Tony Cook
2021-11-17 9:21 ` Takashi Yano [this message]
2021-11-17 12:27 ` Corinna Vinschen
2021-11-18 0:06 ` Tony Cook
2021-11-18 11:35 ` Takashi Yano
2021-11-18 13:19 ` Corinna Vinschen
2021-11-18 14:11 ` Noel Grandin
2021-11-18 14:27 ` Corinna Vinschen
2021-11-18 21:08 ` Sam Edge
2021-11-21 0:16 ` Tony Cook
2021-11-22 10:34 ` Corinna Vinschen
2021-11-22 13:04 ` Corinna Vinschen
2021-11-22 23:23 ` Tony Cook
2021-11-23 8:34 ` Takashi Yano
2021-11-23 9:48 ` Corinna Vinschen
2021-11-24 3:40 ` Takashi Yano
2021-11-24 8:48 ` Corinna Vinschen
2021-11-24 8:52 ` Takashi Yano
2021-11-24 9:14 ` Takashi Yano
2021-11-24 9:28 ` Corinna Vinschen
2021-11-24 12:29 ` Lemke, Michael SF/HZA-ZI2E
2021-11-25 12:02 ` Takashi Yano
2021-11-25 12:45 ` Corinna Vinschen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20211117182108.b38599f5e13071bf269a0d48@nifty.ne.jp \
--to=takashi.yano@nifty.ne.jp \
--cc=cygwin@cygwin.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).