Bug#159633: strncpy on alpha/libc broken
On Wed, Sep 04, 2002 at 06:33:18PM +, Adam Heath wrote:
package: libc6.1
version: 2.2.5-11.1
severity: serious
On lully, I have a repeatable segfault being caused by strncpy(which calls
__stxncpy).
Here is a patch which should solve this problem. It still needs to be
analysed for scheduling.
I don't buy the serious severity though since all it does is cross
a page boundary in very rare circumstances. I know it's rare because
this code has been around for at least five years in both Linux and
glibc, yet no one has reported this before.
--
Debian GNU/Linux 3.0 is out! ( http://www.debian.org/ )
Email: Herbert Xu ~{PmVHI~} [EMAIL PROTECTED]
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
--- stxncpy.S 2001-07-24 03:55:20.0 +1000
+++ /home/gondolin/herbert/stxncpy.S2002-09-08 19:23:45.0 +1000
@@ -192,6 +192,7 @@
cmpbge zero, t2, t7# e0: find nulls in second partial
addqa0, 8, a0 # .. e1 :
subqa2, 1, a2 # e0:
+ beq a2, $u_late_head_exit
bne t7, $u_late_head_exit # .. e1 :
/* Finally, we've got all the stupid leading edge cases taken care
@@ -200,6 +201,7 @@
extql t2, a1, t1 # e0: position hi-bits of lo word
ldq_u t2, 8(a1) # .. e1 : read next high-order source word
addqa1, 8, a1 # e0:
+ subqa2, 1, a2
cmpbge zero, t2, t7# e1 (stall)
beq a2, $u_eoc # e1:
bne t7, $u_eos # e1:
Re: perl script to find symbols for libgcc-compat
another improvement would be to read the used libgcc_s.so from the command line, use binutils-multiarch and run it nice'd on ftp-master or a mirror for all architectures ... -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#159633: strncpy on alpha/libc broken
On Sun, Sep 08, 2002 at 11:57:36AM -0400, Daniel Jacobowitz wrote:
This patch is incorrect, unfortunately:
{standard input}:182: Error: symbol `xdr_bp_whoambp_wh' is already defined
{standard input}:187: Error: symbol `$xdr_bp_whoambp_wh..ng' is already defined
This error doesn't seem related to stxncpy, but I'm doing a glibc build
now to see if I can reproduce it.
I'm not quite sure why your patch doesn't work but I think that
$u_late_head_exit is the wrong exit point... and I'm not sure why the
u_late_head_exit is the right exit point for that place since it also
deals with end-of-count by oring t7 with t10.
extra subtract was needed. I was testing a branch to $u_eocfin but
that isn't right either...
Without the extra subtract, the load in the loop may cause a SEGV...
Try strncpy(buf, page + 8169, 20).
I've got a better patch in terms of scheduling now.
As to sending it upstream, I'd simply send it to Richard Henderson
as he is the author of that file which is in both Linux and glibc.
--
Debian GNU/Linux 3.0 is out! ( http://www.debian.org/ )
Email: Herbert Xu ~{PmVHI~} [EMAIL PROTECTED]
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
--- stxncpy.S 2001-07-24 03:55:20.0 +1000
+++ /home/gondolin/herbert/stxncpy.S2002-09-08 22:22:07.0 +1000
@@ -189,10 +189,11 @@
mskql t6, a1, t6 # e0: already seen
stq_u t0, 0(a0) # e0: store first output word
or t6, t2, t2 # .. e1 :
+ addqa0, 8, a0 # e0:
+ subqa2, 1, a2 # .. e1 :
cmpbge zero, t2, t7# e0: find nulls in second partial
- addqa0, 8, a0 # .. e1 :
- subqa2, 1, a2 # e0:
- bne t7, $u_late_head_exit # .. e1 :
+ beq a2, $u_late_head_exit # .. e1 :
+ bne t7, $u_late_head_exit # e1:
/* Finally, we've got all the stupid leading edge cases taken care
of and we can set up to enter the main loop. */
@@ -200,8 +201,9 @@
extql t2, a1, t1 # e0: position hi-bits of lo word
ldq_u t2, 8(a1) # .. e1 : read next high-order source word
addqa1, 8, a1 # e0:
- cmpbge zero, t2, t7# e1 (stall)
- beq a2, $u_eoc # e1:
+ subqa2, 1, a2 # .. e1 :
+ cmpbge zero, t2, t7# e0:
+ beq a2, $u_eoc # .. e1 :
bne t7, $u_eos # e1:
/* Unaligned copy main loop. In order to avoid reading too much,
Bug#159633: strncpy on alpha/libc broken
On Mon, Sep 09, 2002 at 07:34:31AM +1000, herbert wrote:
On Sun, Sep 08, 2002 at 11:57:36AM -0400, Daniel Jacobowitz wrote:
This patch is incorrect, unfortunately:
{standard input}:182: Error: symbol `xdr_bp_whoambp_wh' is already defined
{standard input}:187: Error: symbol `$xdr_bp_whoambp_wh..ng' is already defined
This error doesn't seem related to stxncpy, but I'm doing a glibc build
now to see if I can reproduce it.
I've just built libc6.1 on lully with my new patch and it seems to
work fine.
--
Debian GNU/Linux 3.0 is out! ( http://www.debian.org/ )
Email: Herbert Xu ~{PmVHI~} [EMAIL PROTECTED]
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
