This is the mail archive of the
glibc-bugs@sourceware.org
mailing list for the glibc project.
[Bug nptl/22743] __pthread_register_cancel corrupts stack after f81ddabffd
- From: "cvs-commit at gcc dot gnu.org" <sourceware-bugzilla at sourceware dot org>
- To: glibc-bugs at sourceware dot org
- Date: Fri, 26 Jan 2018 07:44:42 +0000
- Subject: [Bug nptl/22743] __pthread_register_cancel corrupts stack after f81ddabffd
- Auto-submitted: auto-generated
- References: <bug-22743-131@http.sourceware.org/bugzilla/>
https://sourceware.org/bugzilla/show_bug.cgi?id=22743
--- Comment #5 from cvs-commit at gcc dot gnu.org <cvs-commit at gcc dot gnu.org> ---
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU C Library master sources".
The branch, master has been updated
via 2ec0e7eade0ea1258acd5c6f5e5e9bfaeb5041a8 (commit)
from 47c4b4b060db0290022dcc37cab7b5ff4bdb5c32 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=2ec0e7eade0ea1258acd5c6f5e5e9bfaeb5041a8
commit 2ec0e7eade0ea1258acd5c6f5e5e9bfaeb5041a8
Author: Carlos O'Donell <carlos@systemhalted.org>
Date: Wed Jan 24 20:35:22 2018 -0800
Revert Intel CET changes to __jmp_buf_tag (Bug 22743)
In commit cba595c350e52194e10c0006732e1991e3d0803b and commit
f81ddabffd76ac9dd600b02adbf3e1dac4bb10ec, ABI compatibility with
applications was broken by increasing the size of the on-stack
allocated __pthread_unwind_buf_t beyond the oringal size.
Applications only have the origianl space available for
__pthread_unwind_register, and __pthread_unwind_next to use,
any increase in the size of __pthread_unwind_buf_t causes these
functions to write beyond the original structure into other
on-stack variables leading to segmentation faults in common
applications like vlc. The only workaround is to version those
functions which operate on the old sized objects, but this must
happen in glibc 2.28.
Thank you to Andrew Senkevich, H.J. Lu, and Aurelien Jarno, for
submitting reports and tracking the issue down.
The commit reverts the above mentioned commits and testing on
x86_64 shows that the ABI compatibility is restored. A tst-cleanup1
regression test linked with an older glibc now passes when run
with the newly built glibc. Previously a tst-cleanup1 linked with
an older glibc would segfault when run with an affected glibc build.
Tested on x86_64 with no regressions.
Signed-off-by: Carlos O'Donell <carlos@redhat.com>
-----------------------------------------------------------------------
Summary of changes:
ChangeLog | 30 ++++++++++++++++
bits/types/__cancel_jmp_buf_tag.h | 28 ---------------
nptl/Makefile | 3 +-
nptl/descr.h | 3 --
sysdeps/i386/nptl/tcb-offsets.sym | 1 -
sysdeps/i386/nptl/tls.h | 4 --
sysdeps/nptl/pthread.h | 7 +++-
sysdeps/unix/sysv/linux/hppa/pthread.h | 7 +++-
.../linux/x86/bits/types/__cancel_jmp_buf_tag.h | 31 -----------------
sysdeps/unix/sysv/linux/x86/nptl/pthreadP.h | 36 --------------------
sysdeps/unix/sysv/linux/x86/pthreaddef.h | 22 ------------
sysdeps/x86_64/nptl/tcb-offsets.sym | 1 -
sysdeps/x86_64/nptl/tls.h | 5 +--
13 files changed, 42 insertions(+), 136 deletions(-)
delete mode 100644 bits/types/__cancel_jmp_buf_tag.h
delete mode 100644
sysdeps/unix/sysv/linux/x86/bits/types/__cancel_jmp_buf_tag.h
delete mode 100644 sysdeps/unix/sysv/linux/x86/nptl/pthreadP.h
delete mode 100644 sysdeps/unix/sysv/linux/x86/pthreaddef.h
--
You are receiving this mail because:
You are on the CC list for the bug.