Bug 579622

Summary: [abrt] Arithmetic expansion does not trap 2 ** 63 / -1
Product: [Fedora] Fedora Reporter: Matt McCutchen <matt>
Component: bashAssignee: Roman Rakus <rrakus>
Status: CLOSED WONTFIX QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: medium Docs Contact:
Priority: low    
Version: 12CC: rrakus, tsmetana
Target Milestone: ---   
Target Release: ---   
Hardware: x86_64   
OS: Linux   
Whiteboard: abrt_hash:fed561a6216f6b7f596b077f7e7821ffc2f5dc12
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
: 579808 (view as bug list) Environment:
Last Closed: 2010-05-20 11:44:42 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
File: backtrace none

Description Matt McCutchen 2010-04-06 04:58:18 UTC 
abrt 1.0.8 detected a crash.

architecture: x86_64
Attached file: backtrace
cmdline: bash -c '$((2 ** 63 / -1))'
comment: I saw this case mentioned in the sigaction(2) man page and wondered how bash handled it.
component: bash
executable: /bin/bash
kernel: 2.6.32.10-90.fc12.x86_64
package: bash-4.0.35-2.fc12
rating: 4
reason: Process /bin/bash was killed by signal 8 (SIGFPE)
release: Fedora release 12 (Constantine)
How to reproduce: 1. bash -c '$((2 ** 63 / -1))'
Comment 1 Matt McCutchen 2010-04-06 04:58:20 UTC 
Created attachment 404601 [details]
File: backtrace
Comment 2 Matt McCutchen 2010-04-06 05:01:32 UTC 
Bash specifically traps division by zero.  If 2 ** 63 / -1 can result in a SIGFPE, bash should trap that too.

(I'll admit it's unlikely that anyone will ever hit this in practice.)
Comment 3 Roman Rakus 2010-04-06 11:16:39 UTC 
Thanks for the report. I will ask upstream what he thinks about it.
Comment 4 Matt McCutchen 2010-04-06 14:38:51 UTC 
This case is so easy to forget that it might be worth having a gnulib module for "division of untrusted integers without incurring SIGFPE".
Comment 5 Roman Rakus 2010-04-08 11:43:30 UTC 
You can track the discussion on bash bug mailing list; http://www.mail-archive.com/bug-bash@gnu.org/msg07182.html

Chet is not convinced of the need. I think you can easily use trap to catch it.
Comment 6 Matt McCutchen 2010-04-08 13:01:38 UTC 
It's not really possible to "catch" the SIGFPE with trap.  When the trap handler returns, the faulting division will be performed again and the trap handler will be called again.  There is no way to resume normal execution after the division.
Comment 7 Roman Rakus 2010-04-08 15:11:41 UTC 
Ah, yes. You're right.
Comment 8 Roman Rakus 2010-05-20 11:44:42 UTC 
There will not be any change here as discussed upstream.
Comment 9 Matt McCutchen 2010-05-20 19:12:05 UTC 
WONTFIX is a more accurate description of the decision made.
Comment 10 Matt McCutchen 2010-05-20 19:12:57 UTC 
The upstream discussion:

http://lists.gnu.org/archive/html/bug-bash/2010-04/msg00020.html
Comment 11 Matt McCutchen 2010-05-20 19:16:44 UTC 
*** Bug 594473 has been marked as a duplicate of this bug. ***