Steps to reproduce: 1. stap -e 'probe begin{printf("%1n%b\n",2);exit()}'
Created attachment 3039 [details] Results of stap-report
*** Bug 7015 has been marked as a duplicate of this bug. ***
Lack of checking bound in c_unparser::visit_print_format will cause the segment fault. Seems this patch can avoid that. diff --git a/translate.cxx b/translate.cxx index 4112855..741455e 100644 --- a/translate.cxx +++ b/translate.cxx @@ -4199,7 +4199,7 @@ c_unparser::visit_print_format (print_format* e) /* The type of the %c argument is 'int'. */ else if (components[i].type == print_format::conv_char) o->line() << ", (int)" << tmp[arg_ix++].value(); - else + else if (arg_ix < (int) tmp.size()) o->line() << ", " << tmp[arg_ix++].value(); }
See commit 1f5490d125bdb76179724ddd989569734235d185.
Decision in 7051 to remove %n