Launchpad has imported 4 comments from the remote bug at http://sourceware.org/bugzilla/show_bug.cgi?id=11968.
If you reply to an imported comment from within Launchpad, your comment will be sent to the remote bug automatically. Read more about Launchpad's inter-bugtracker facilities at https://help.launchpad.net/InterBugTracking. ------------------------------------------------------------------------ On 2010-09-02T18:15:45+00:00 Kees Cook wrote: Since 2.11 and later, it seems that longjmp will fail on x86_64 when _FORTIFY_SOURCE is enabled. Works on x86_32, and 2.10 and earlier. https://launchpad.net/bugs/601030 Reply at: https://bugs.launchpad.net/gcc-linaro/+bug/601030/comments/17 ------------------------------------------------------------------------ On 2010-09-02T18:22:00+00:00 Kees Cook wrote: Created attachment 4962 reproducer Here is the reproducer. This dies on alarm on Ubuntu x86_64 (eglibc 2.11 and 2.12) and Fedora x86_64 (2.12) when using more recent glibc: $ gcc -O2 -fno-stack-protector -D_FORTIFY_SOURCE=2 -Wall minimal.c -o minimal /tmp $ ./minimal Alarm Clock It doesn't always fail, and I tried to mitigate this by disabling ASLR. Michael Hope noticed: "The fault occurs as the 'pass' value given to longjmp() gets corrupted before use by setjmp(), causing the 'setjmp() < 2' test to fail and the system to loop forever. The only assembler level fortify/non-fortify difference is a call to longjmp_chk instead of longjmp. Note that shifting 'mystack' off the stack and into static memory also works around the problem. glibc-2.11.1/sysdeps/unix/sysv/linux/x86_64/____longjmp_chk.S is broken. It saves the value of 'pass' in ecx for later use but ecx is trashed by a syscall. The syscall is used to bring in the signal stack so that the fortify code can print an error message if needed. The problem goes away with -U_FORTIFY_SOURCE as no such syscall is used." Reply at: https://bugs.launchpad.net/gcc-linaro/+bug/601030/comments/18 ------------------------------------------------------------------------ On 2010-09-08T22:52:49+00:00 Drepper-fsp wrote: Fixed in git. Reply at: https://bugs.launchpad.net/gcc-linaro/+bug/601030/comments/19 ------------------------------------------------------------------------ On 2010-09-08T23:04:54+00:00 Kees Cook wrote: Thanks! http://sourceware.org/git/?p=glibc.git;a=commitdiff;h=c044aa75354b48d4b7aaffe465706282192e54c2 Reply at: https://bugs.launchpad.net/gcc-linaro/+bug/601030/comments/20 ** Changed in: glibc Status: Confirmed => Fix Released ** Changed in: glibc Importance: Unknown => Medium -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/601030 Title: broken configuration test with fortify source -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
