From mboxrd@z Thu Jan 1 00:00:00 1970 X-Msuck: nntp://news.gmane.org/gmane.linux.lib.musl.general/1213 Path: news.gmane.org!not-for-mail From: Bruno Haible Newsgroups: gmane.linux.lib.musl.general,gmane.comp.lib.gnulib.bugs Subject: Re: musl, printf out-of-memory test Date: Wed, 20 Jun 2012 11:35:28 +0200 Message-ID: <2880353.4bDTyI3WGR@linuix> References: <20120609230541.47eac2de@newbook> <4210755.aMrNX6YhFs@linuix> <20120620015249.GT163@brightrain.aerifal.cx> Reply-To: musl@lists.openwall.com NNTP-Posting-Host: plane.gmane.org Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7Bit X-Trace: dough.gmane.org 1340184825 2989 80.91.229.3 (20 Jun 2012 09:33:45 GMT) X-Complaints-To: usenet@dough.gmane.org NNTP-Posting-Date: Wed, 20 Jun 2012 09:33:45 +0000 (UTC) Cc: bug-gnulib@gnu.org, musl@lists.openwall.com Bcc: bruno@haible.de To: Rich Felker Original-X-From: musl-return-1214-gllmg-musl=m.gmane.org@lists.openwall.com Wed Jun 20 11:33:42 2012 Return-path: Envelope-to: gllmg-musl@plane.gmane.org Original-Received: from mother.openwall.net ([195.42.179.200]) by plane.gmane.org with smtp (Exim 4.69) (envelope-from ) id 1ShHIB-0001r9-E0 for gllmg-musl@plane.gmane.org; Wed, 20 Jun 2012 11:33:39 +0200 Original-Received: (qmail 19536 invoked by uid 550); 20 Jun 2012 09:33:34 -0000 Mailing-List: contact musl-help@lists.openwall.com; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: Original-Received: (qmail 19516 invoked from network); 20 Jun 2012 09:33:34 -0000 X-RZG-AUTH: :Ln4Re0+Ic/6oZXR1YgKryK8brksyK8dozXDwHXjf9hj/zDNRbvY44zMkpA== X-RZG-CLASS-ID: mo00 User-Agent: KMail/4.7.4 (Linux/3.1.10-1.9-desktop; KDE/4.7.4; x86_64; ; ) In-Reply-To: <20120620015249.GT163@brightrain.aerifal.cx> Xref: news.gmane.org gmane.linux.lib.musl.general:1213 gmane.comp.lib.gnulib.bugs:31073 Archived-At: Rich Felker wrote: > The problem was an obscure pointer-arithmetic overflow ... > where the stack pointer is near the 4GB boundary. This explains also why it occurred only with a certain probability outside gdb, but with 100% probability from within gdb: Apparently gdb runs the program without address space layout randomization. > Anyway, it's fixed now. I confirm that http://git.etalabs.net/cgi-bin/gitweb.cgi?p=musl;a=commitdiff;h=914949d321448bd2189bdcbce794dbae2c8ed16e fixes the bug. Bruno