This is the mail archive of the glibc-bugs@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

[Bug libc/22624] MIPS setjmp() saves incorrect 'o0' register in --enable-stack-protector=all

From: "cvs-commit at gcc dot gnu.org" <sourceware-bugzilla at sourceware dot org>
To: glibc-bugs at sourceware dot org
Date: Mon, 18 Dec 2017 17:24:27 +0000
Subject: [Bug libc/22624] MIPS setjmp() saves incorrect 'o0' register in --enable-stack-protector=all
Auto-submitted: auto-generated
References: <bug-22624-131@http.sourceware.org/bugzilla/>

https://sourceware.org/bugzilla/show_bug.cgi?id=22624

--- Comment #5 from cvs-commit at gcc dot gnu.org <cvs-commit at gcc dot gnu.org> ---
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU C Library master sources".

The branch, master has been updated
       via  368b6c8da9f8ae453f5d70f8a62dbf3f1b6d5995 (commit)
      from  c8e939f12a4fce3bb09a8c4818629ccf76c8658c (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=368b6c8da9f8ae453f5d70f8a62dbf3f1b6d5995

commit 368b6c8da9f8ae453f5d70f8a62dbf3f1b6d5995
Author: Sergei Trofimovich <slyfox@gentoo.org>
Date:   Mon Dec 18 17:23:02 2017 +0000

    mips64: fix clobbering s0 in setjmp() [BZ #22624]

    When configured as --enable-stack-protector=all glibc
    inserts stack checking canary into every function
    including __sigsetjmp_aux(). Stack checking code
    ends up using s0 register to temporary hold address
    of global canary value.

    Unfortunately __sigsetjmp_aux assumes no caller' caller-save
    registers should be clobbered as it stores them as-is.

    The fix is to disable stack protection of __sigsetjmp_aux.

    Tested on the following test:

        #include <setjmp.h>
        #include <stdio.h>

        int main() {
            jmp_buf jb;
            volatile register long s0 asm ("$s0");
            s0 = 1234;
            if (setjmp(jb) == 0)
                longjmp(jb, 1);
            printf ("$s0 = %lu\n", s0);
        }

    Without the fix:
        $ qemu-mipsn32 -L . ./mips-longjmp-bug
        $s0 = 1082346228

    With the fix:
        $ qemu-mipsn32 -L . ./mips-longjmp-bug
        $s0 = 1234

        [BZ #22624]
        * sysdeps/mips/mips64/setjmp_aux.c (__sigsetjmp_aux): Use
        inhibit_stack_protector.

-----------------------------------------------------------------------

Summary of changes:
 ChangeLog                        |    6 ++++++
 sysdeps/mips/mips64/setjmp_aux.c |    5 +++++
 2 files changed, 11 insertions(+), 0 deletions(-)

-- 
You are receiving this mail because:
You are on the CC list for the bug.

References:
- [Bug libc/22624] New: MIPS setjmp() saves incorrect 'o0' register in --enable-stack-protector=all
  - From: slyfox at inbox dot ru

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]