Re: NetBSD mac68k crashing on union regression test

Hi,

With the following patch, the crash still occurs in the same way. But
it does seem, reading the code, that it still may be necessary.

Re-reading the backtrace, here is another strange thing:
[...]
#7 0x001b79a0 in dopr (buffer=0xffffa4f8 "", format=0x22eab7 ".*g",
args=0xffffb514 "", end=0xffffb4f7 "\r???$") at snprintf.c:561
#8 0x001b75fe in pg_vsnprintf (str=0xffffa4f8 "", count=4096,
fmt=0x22eab6 "%.*g", args=0xffffb508 "") at snprintf.c:83
[...]

Note how the format loses the '%', for no apparent reason.

I see that pg_vsnprintf is defined differently than pg_snprintf,
pg_sprintf, pg_fprintf and pg_printf concerning va_list.
Is there a reason for that ?

RCS file: /projects/cvsroot/pgsql/src/port/snprintf.c,v
retrieving revision 1.26
diff -u -r1.26 snprintf.c
--- snprintf.c 20 Mar 2005 13:54:53 -0000 1.26
+++ snprintf.c 12 Apr 2005 06:08:02 -0000
@@ -222,7 +222,7 @@

/* Create enough structures to hold all arguments */
for (p = format; *p != '\0'; p++)
- if (*p == '%') /* counts %% as two, so
overcounts */
+ if ((*p == '%') || (*p == '*')) /* counts %% as
two, so overcounts */
percents++;

/* Need to use malloc() because memory system might not be
started yet. */

Regards,

Rémi Zara

Le 11 avr. 05, à 22:31, Tom Lane a écrit :

> =?ISO-8859-1?Q?R=E9mi_Zara?= <remi_zara(at)mac(dot)com> writes:
>> The crash occurs in pg_sprintf, work on which has been done beginning
>> march 11th....
>
> Offhand I'd bet it's overrunning its malloc'd arrays because the loop
> at
> the top doesn't count "*" as needing a fmtpos position.
>
> regards, tom lane
>
>
--
Rémi Zara
http://www.remi-zara.net/