#310 %'u causes __mingw_vsnprintf to misbehave (and crash)

closed-fixed
nobody
crt (84)
5
2012-07-17
2012-07-15
Alexey Loukianov
No

I'm not sure if it's correct to report bugs against personal builds, hope it won't hurm and this report would be closed invalid in the worst case.

I use rubenv custom build binaries of gcc 4.6.3 for x86_64-w64_mingw32 host/target triplet.
Compiling and running following simple program leads to a SIGSEGV (i.e. it is generated code which crashes, and not gcc itself):

----------------------
#define __USE_MINGW_ANSI_STDIO 1
#include <stdio.h>

unsigned char buf[128] = {0};

int main()
{
snprintf(buf, 128, "%'u", 1U);
printf("buf = %s\n", buf);
return 0;
}
----------------------

Disabling usage of mingw-supplied snprintf (i.e. commenting out __USE_MINGW_ANSI_STDIO define) workarounds the problem.
Mingw-supplied printf seems to be unaffected by this bug.

Discussion

  • Jonathan Yong
    Jonathan Yong
    2012-07-16

    Can you elaborate on what %'u is supposed to do? I have not seen it before.

     
  • Sure, it is supposed to add thousands separators in case current locale instructs to do so. I.e. it could produce numbers like "1'000'000" instead of plain "1000000" if supported by locale. Read "man snprintf" on any *nix of your choice for more info. Actually it is not so important about what does this format string suppose to do, as the generated code shouldn't crash in any case due to misbehaving but perfectly correct format string. This format string is obviously correct - it refers to "u"signed int and it has ' format flag modifier. Supplied arguments list conforms to it - 1 is obviously an unsigned number :-). Thus, I couldn't imagine any reasons for snprintf to fail in this case, it's not something like trying to printf z-terminated string and supplying an invalid pointer as an argument.

     
  • Forgot to add that I had run into this bug while been building xz utils package on my Win7 64bit box. Produced xz.exe and other binaries tend to sigsegv upon any attempt to use it, so I dug into gdb in search for the reason and come up with this bug. xz utils build configuration system, when built under mingw[64], auto-defines __USE_MINGW_ANSI_STDIO and then it implements its own uint64tostr functions using snprintf. One of the checks it does at runtime is if "%'u" produces expected results which leads to sigsegv if built with rebenvb 4.6.3 mingw64.

     
  • Kai Tietz
    Kai Tietz
    2012-07-17

    • status: open --> pending-fixed
     
  • Kai Tietz
    Kai Tietz
    2012-07-17

    Fixed on trunk at revision 5229. Might be something for 2.x branch too. So I keep bug open as pending.

     
  • Ozkan Sezer
    Ozkan Sezer
    2012-07-17

    Applied the fix to stable/v2.x at rev. 5232. As it is at present, stable/v1.x isn't affected. Closing.

     
  • Ozkan Sezer
    Ozkan Sezer
    2012-07-17

    • status: pending-fixed --> closed-fixed