Bug 12611

Summary: /usr/bin/jot crashes with floating point exception
Product: Base System Reporter: frodef <frodef>
Component: binAssignee: Sheldon Hearn <sheldonh>
Status: Closed FIXED    
Severity: Affects Only Me    
Priority: Normal    
Version: Unspecified   
Hardware: Any   
OS: Any   

Description frodef 1999-07-12 19:10:01 UTC 
/usr/bin/jot core-dumps with a floating point exception when
trying to generate a large (32-bit) random number.

How-To-Repeat: % jot -r 1 -p 4294967296
zsh: floating point exception (core dumped)  jot -r 1 -p 4294967296
Comment 1 Sheldon Hearn 1999-07-13 11:46:45 UTC 
On Mon, 12 Jul 1999 11:05:07 MST, frodef@acm.org wrote:

> >How-To-Repeat:
> % jot -r 1 -p 4294967296
> zsh: floating point exception (core dumped)  jot -r 1 -p 4294967296

It's not always reproducible because it relies on a random number, which
might be small on any given run. However, when it does fail, I get the
following:

| (gdb) set args -r 1 -p 4294967296
| (gdb) run
| Starting program: /usr/bin/jot -r 1 -p 4294967296
| 
| Program received signal SIGFPE, Arithmetic exception.
| 0x804918b in putdata (x=4058183150.1194973, notlast=0)
|     at /usr/src/usr.bin/jot/jot.c:313
| 313             long            d = x;
| (gdb) back
| #0  0x804918b in putdata (x=4058183150.1194973, notlast=0)
|     at /usr/src/usr.bin/jot/jot.c:313
| #1  0x804881e in main (argc=5, argv=0xbfbfd680)
|     at /usr/src/usr.bin/jot/jot.c:106
| #2  0x80486d1 in _start ()

It looks like a simple assignment from a long to a double. Try the
following patch.

Ciao,
Sheldon.

Index: jot.c
===================================================================
RCS file: /home/ncvs/src/usr.bin/jot/jot.c,v
retrieving revision 1.9
diff -u -d -r1.9 jot.c
--- jot.c	1999/05/13 12:18:24	1.9
+++ jot.c	1999/07/13 10:42:06
@@ -310,8 +310,8 @@
 	double x;
 	long notlast;
 {
-	long		d = x;
-	register long	*dp = &d;
+	double		d = x;
+	register double	*dp = &d;
 
 	if (boring)				/* repeated word */
 		printf(format);
Comment 2 Sheldon Hearn freebsd_committer freebsd_triage 1999-07-13 12:08:58 UTC 
State Changed
From-To: open->feedback

Waiting for submitter's feedback on supplied patch.
Comment 3 Sheldon Hearn freebsd_committer freebsd_triage 1999-07-13 12:09:44 UTC 
Responsible Changed
From-To: freebsd-bugs->sheldonh

Looks like I'll take this one. :-)
Comment 4 frodef 1999-07-13 13:09:40 UTC 
Sheldon Hearn <sheldonh@uunet.co.za> writes:
> It's not always reproducible because it relies on a random number,

Right, I forgot that in my report. Your patch seems to do the trick
here, I get no more core-dumps.

Thanks,
-- 
Frode Vatvedt Fjeld
Comment 5 Sheldon Hearn freebsd_committer freebsd_triage 1999-07-19 11:17:39 UTC 
State Changed
From-To: feedback->analyzed

My patch isn't a proper fix. We need to do two things. First, we need to 
fix jot's printf(3) conversion specifier parsing in getformat(). Then 
we need to fix the main code so that it uses the correct data types for 
each of (chardata), (dox) and (!(chardata || dox)). I'm working on it.
Comment 6 Sheldon Hearn freebsd_committer freebsd_triage 1999-07-22 18:36:34 UTC 
State Changed
From-To: analyzed->suspended

Doing it the right way is too much work. I've done the conversion  
specifier format parsing part of the fix and installed a signal 
handler to avoid dropping core on overflow. I'll leave this 
suspended for anyone looking for a challenge. :-)
Comment 7 Sheldon Hearn freebsd_committer freebsd_triage 2000-06-22 14:07:08 UTC 
State Changed
From-To: suspended->closed

FreeBSD now uses the less strict policy for exceptions, motting 
this point.