On Mar 10, 2010, at 11:26 AM, Hyrum K. Wright wrote: > In trying to get Subversion acquainted with the 1.4.x branch, I > encountered the a crash within an invocation of apr_psprintf(). The > attached patch adds a test case demonstrating the crash. The patch is > against 1.4.x, but applies to trunk as well, where the bug is also > present. > > The test case is essentially a replication of one of the calls to > apr_psprintf() that happens deep within Subversion, and which > functions just fine when working against 1.3.x. In digging a little > deeper, it appears that the var arg pointer isn't being advanced > properly at some point in apr_vformatter(), but I'm hoping that > someone more familiar with the code will be able to figure out what's > really going on.
Digging deeper, it appears to be an error in apr_vformatter() when parsing the format '%lld'. I'm running the tests on Mac OS X where APR_OFF_FMT_T is defined as lld, so this format occurs frequently. Consequently, I'm also seeing a failure in testfmt at line 63, where the parser is attempting to parse APR_OFF_FMT_T, but failing. Can anybody else replicate this bug? I'm a little new here, but would consider something like this is probably a blocker for 1.4.x. This may already have been discussed, but I haven't seen it, at least in the past couple of months. -Hyrum
