public inbox for glibc-bugs@sourceware.org
help / color / mirror / Atom feed
* [Bug nptl/719] New: dlfcn/tststatic writes past end of dtv array
@ 2005-02-14 12:25 amodra at bigpond dot net dot au
2005-02-14 12:27 ` [Bug nptl/719] " amodra at bigpond dot net dot au
` (7 more replies)
0 siblings, 8 replies; 9+ messages in thread
From: amodra at bigpond dot net dot au @ 2005-02-14 12:25 UTC (permalink / raw)
To: glibc-bugs
The static_dtv array used by __libc_setup_tls has only enough room for one dtv.
thread pointer
(gdb) p/x $r13
$1 = 0x100a46a0
tcb
(gdb) p/x *(long *)($r13 - 0x7000 - 8)
$2 = 0x1009a8a8
dtv, including 2 reserved elements.
(gdb) p/x *(long *)(0x1009a8a8 - 16)@6
$3 = {0x1, 0x0, 0x0, 0x0, 0x1009d6a0, 0x100000000000000}
tststatic loads modstatic.so, which depends on libc.so.6, which has a PT_TLS
segment. libc.so get a tls_modid of 2, and the dtv array isn't extended before
_dl_nothread_init_static_tls is called.
Breakpoint 3, _dl_nothread_init_static_tls (map=0x1009ef90) at dl-reloc.c:128
(gdb) p/x $r13
$8 = 0x100a46a0
(gdb) p/x *(long *)($r13 - 0x7000 - 8)
$9 = 0x1009a8a8
(gdb) p/x *(long *)(0x1009a8a8 - 16)@6
$10 = {0x1, 0x0, 0x0, 0x0, 0x1009d6a0, 0x100000000000000}
(gdb) p map->l_name
$11 = 0x1009ef70 "../libc.so.6"
(gdb) p map->l_tls_modid
$12 = 2
This results in the test failing due to other static vars being trashed. The
attached patch should make the failure a bit more obvious.
--
Summary: dlfcn/tststatic writes past end of dtv array
Product: glibc
Version: unspecified
Status: NEW
Severity: normal
Priority: P2
Component: nptl
AssignedTo: drepper at redhat dot com
ReportedBy: amodra at bigpond dot net dot au
CC: glibc-bugs at sources dot redhat dot com
GCC host triplet: powerpc64-linux
http://sources.redhat.com/bugzilla/show_bug.cgi?id=719
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
^ permalink raw reply [flat|nested] 9+ messages in thread
* [Bug nptl/719] dlfcn/tststatic writes past end of dtv array
2005-02-14 12:25 [Bug nptl/719] New: dlfcn/tststatic writes past end of dtv array amodra at bigpond dot net dot au
@ 2005-02-14 12:27 ` amodra at bigpond dot net dot au
2005-02-15 12:32 ` amodra at bigpond dot net dot au
` (6 subsequent siblings)
7 siblings, 0 replies; 9+ messages in thread
From: amodra at bigpond dot net dot au @ 2005-02-14 12:27 UTC (permalink / raw)
To: glibc-bugs
------- Additional Comments From amodra at bigpond dot net dot au 2005-02-14 12:26 -------
Created an attachment (id=407)
--> (http://sources.redhat.com/bugzilla/attachment.cgi?id=407&action=view)
(_dl_nothread_init_static_tls): Assert that dtv array index is within bounds.
--
http://sources.redhat.com/bugzilla/show_bug.cgi?id=719
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
^ permalink raw reply [flat|nested] 9+ messages in thread
* [Bug nptl/719] dlfcn/tststatic writes past end of dtv array
2005-02-14 12:25 [Bug nptl/719] New: dlfcn/tststatic writes past end of dtv array amodra at bigpond dot net dot au
2005-02-14 12:27 ` [Bug nptl/719] " amodra at bigpond dot net dot au
@ 2005-02-15 12:32 ` amodra at bigpond dot net dot au
2005-02-18 0:44 ` roland at gnu dot org
` (5 subsequent siblings)
7 siblings, 0 replies; 9+ messages in thread
From: amodra at bigpond dot net dot au @ 2005-02-15 12:32 UTC (permalink / raw)
To: glibc-bugs
------- Additional Comments From amodra at bigpond dot net dot au 2005-02-15 12:32 -------
glibc-2_3-branch has the same problem, as do targets other than powerpc64-linux.
--
What |Removed |Added
----------------------------------------------------------------------------
Version|unspecified |2.3.4
http://sources.redhat.com/bugzilla/show_bug.cgi?id=719
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
^ permalink raw reply [flat|nested] 9+ messages in thread
* [Bug nptl/719] dlfcn/tststatic writes past end of dtv array
2005-02-14 12:25 [Bug nptl/719] New: dlfcn/tststatic writes past end of dtv array amodra at bigpond dot net dot au
2005-02-14 12:27 ` [Bug nptl/719] " amodra at bigpond dot net dot au
2005-02-15 12:32 ` amodra at bigpond dot net dot au
@ 2005-02-18 0:44 ` roland at gnu dot org
2005-02-18 0:44 ` roland at gnu dot org
` (4 subsequent siblings)
7 siblings, 0 replies; 9+ messages in thread
From: roland at gnu dot org @ 2005-02-18 0:44 UTC (permalink / raw)
To: glibc-bugs
--
What |Removed |Added
----------------------------------------------------------------------------
AssignedTo|drepper at redhat dot com |roland at gnu dot org
http://sources.redhat.com/bugzilla/show_bug.cgi?id=719
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
^ permalink raw reply [flat|nested] 9+ messages in thread
* [Bug nptl/719] dlfcn/tststatic writes past end of dtv array
2005-02-14 12:25 [Bug nptl/719] New: dlfcn/tststatic writes past end of dtv array amodra at bigpond dot net dot au
` (2 preceding siblings ...)
2005-02-18 0:44 ` roland at gnu dot org
@ 2005-02-18 0:44 ` roland at gnu dot org
2005-02-18 0:45 ` roland at gnu dot org
` (3 subsequent siblings)
7 siblings, 0 replies; 9+ messages in thread
From: roland at gnu dot org @ 2005-02-18 0:44 UTC (permalink / raw)
To: glibc-bugs
--
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |ASSIGNED
Last reconfirmed|0000-00-00 00:00:00 |2005-02-18 00:44:27
date| |
http://sources.redhat.com/bugzilla/show_bug.cgi?id=719
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
^ permalink raw reply [flat|nested] 9+ messages in thread
* [Bug nptl/719] dlfcn/tststatic writes past end of dtv array
2005-02-14 12:25 [Bug nptl/719] New: dlfcn/tststatic writes past end of dtv array amodra at bigpond dot net dot au
` (3 preceding siblings ...)
2005-02-18 0:44 ` roland at gnu dot org
@ 2005-02-18 0:45 ` roland at gnu dot org
2005-02-22 3:52 ` drepper at redhat dot com
` (2 subsequent siblings)
7 siblings, 0 replies; 9+ messages in thread
From: roland at gnu dot org @ 2005-02-18 0:45 UTC (permalink / raw)
To: glibc-bugs
--
What |Removed |Added
----------------------------------------------------------------------------
OtherBugsDependingO| |724
nThis| |
http://sources.redhat.com/bugzilla/show_bug.cgi?id=719
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
^ permalink raw reply [flat|nested] 9+ messages in thread
* [Bug nptl/719] dlfcn/tststatic writes past end of dtv array
2005-02-14 12:25 [Bug nptl/719] New: dlfcn/tststatic writes past end of dtv array amodra at bigpond dot net dot au
` (4 preceding siblings ...)
2005-02-18 0:45 ` roland at gnu dot org
@ 2005-02-22 3:52 ` drepper at redhat dot com
2005-02-26 1:10 ` cvs-commit at gcc dot gnu dot org
2005-02-26 1:10 ` cvs-commit at gcc dot gnu dot org
7 siblings, 0 replies; 9+ messages in thread
From: drepper at redhat dot com @ 2005-02-22 3:52 UTC (permalink / raw)
To: glibc-bugs
------- Additional Comments From drepper at redhat dot com 2005-02-22 03:52 -------
I checked in a patch. It consists simply of failing to load modules with TLS
right away. This never worked, the dtv handling isn't up to this. None of the
nss or iconv modules we ship uses TLS, so this is no problem at all.
--
What |Removed |Added
----------------------------------------------------------------------------
Status|ASSIGNED |RESOLVED
Resolution| |FIXED
http://sources.redhat.com/bugzilla/show_bug.cgi?id=719
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
^ permalink raw reply [flat|nested] 9+ messages in thread
* [Bug nptl/719] dlfcn/tststatic writes past end of dtv array
2005-02-14 12:25 [Bug nptl/719] New: dlfcn/tststatic writes past end of dtv array amodra at bigpond dot net dot au
` (6 preceding siblings ...)
2005-02-26 1:10 ` cvs-commit at gcc dot gnu dot org
@ 2005-02-26 1:10 ` cvs-commit at gcc dot gnu dot org
7 siblings, 0 replies; 9+ messages in thread
From: cvs-commit at gcc dot gnu dot org @ 2005-02-26 1:10 UTC (permalink / raw)
To: glibc-bugs
------- Additional Comments From cvs-commit at gcc dot gnu dot org 2005-02-26 01:09 -------
Subject: Bug 719
CVSROOT: /cvs/glibc
Module name: libc
Branch: glibc-2_3-branch
Changes by: roland@sources.redhat.com 2005-02-26 01:09:45
Modified files:
sysdeps/generic: libc-tls.c
Log message:
2005-02-22 Ulrich Drepper <drepper@redhat.com>
[BZ #719]
* sysdeps/generic/libc-tls.c (static_dtv): Size the same as the
slotinfo array.
(__libc_setup_tls): Initialize length of DTV based on array length.
* elf/dl-load.c: Revert last change.
* sysdeps/generic/dl-tls.c: Revert last change.
Patches:
http://sources.redhat.com/cgi-bin/cvsweb.cgi/libc/sysdeps/generic/libc-tls.c.diff?cvsroot=glibc&only_with_tag=glibc-2_3-branch&r1=1.23&r2=1.23.4.1
------- Additional Comments From cvs-commit at gcc dot gnu dot org 2005-02-26 01:09 -------
Subject: Bug 719
CVSROOT: /cvs/glibc
Module name: libc
Branch: glibc-2_3-branch
Changes by: roland@sources.redhat.com 2005-02-26 01:09:48
Modified files:
elf : dl-reloc.c
Log message:
2005-02-21 Alan Modra <amodra@bigpond.net.au>
[BZ #719]
* elf/dl-reloc.c (_dl_nothread_init_static_tls): Assert that dtv
array index is within bounds.
2005-02-21 Ulrich Drepper <drepper@redhat.com>
[BZ #719]
* elf/dl-reloc.c (_dl_nothread_init_static_tls): Avoid using
THREAD_DTV multiple times, this minimally reduces code size on
some archs.
Patches:
http://sources.redhat.com/cgi-bin/cvsweb.cgi/libc/elf/dl-reloc.c.diff?cvsroot=glibc&only_with_tag=glibc-2_3-branch&r1=1.96&r2=1.96.4.1
--
http://sources.redhat.com/bugzilla/show_bug.cgi?id=719
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
^ permalink raw reply [flat|nested] 9+ messages in thread
* [Bug nptl/719] dlfcn/tststatic writes past end of dtv array
2005-02-14 12:25 [Bug nptl/719] New: dlfcn/tststatic writes past end of dtv array amodra at bigpond dot net dot au
` (5 preceding siblings ...)
2005-02-22 3:52 ` drepper at redhat dot com
@ 2005-02-26 1:10 ` cvs-commit at gcc dot gnu dot org
2005-02-26 1:10 ` cvs-commit at gcc dot gnu dot org
7 siblings, 0 replies; 9+ messages in thread
From: cvs-commit at gcc dot gnu dot org @ 2005-02-26 1:10 UTC (permalink / raw)
To: glibc-bugs
------- Additional Comments From cvs-commit at gcc dot gnu dot org 2005-02-26 01:09 -------
Subject: Bug 719
CVSROOT: /cvs/glibc
Module name: libc
Branch: glibc-2_3-branch
Changes by: roland@sources.redhat.com 2005-02-26 01:09:45
Modified files:
sysdeps/generic: libc-tls.c
Log message:
2005-02-22 Ulrich Drepper <drepper@redhat.com>
[BZ #719]
* sysdeps/generic/libc-tls.c (static_dtv): Size the same as the
slotinfo array.
(__libc_setup_tls): Initialize length of DTV based on array length.
* elf/dl-load.c: Revert last change.
* sysdeps/generic/dl-tls.c: Revert last change.
Patches:
http://sources.redhat.com/cgi-bin/cvsweb.cgi/libc/sysdeps/generic/libc-tls.c.diff?cvsroot=glibc&only_with_tag=glibc-2_3-branch&r1=1.23&r2=1.23.4.1
------- Additional Comments From cvs-commit at gcc dot gnu dot org 2005-02-26 01:09 -------
Subject: Bug 719
CVSROOT: /cvs/glibc
Module name: libc
Branch: glibc-2_3-branch
Changes by: roland@sources.redhat.com 2005-02-26 01:09:48
Modified files:
elf : dl-reloc.c
Log message:
2005-02-21 Alan Modra <amodra@bigpond.net.au>
[BZ #719]
* elf/dl-reloc.c (_dl_nothread_init_static_tls): Assert that dtv
array index is within bounds.
2005-02-21 Ulrich Drepper <drepper@redhat.com>
[BZ #719]
* elf/dl-reloc.c (_dl_nothread_init_static_tls): Avoid using
THREAD_DTV multiple times, this minimally reduces code size on
some archs.
Patches:
http://sources.redhat.com/cgi-bin/cvsweb.cgi/libc/elf/dl-reloc.c.diff?cvsroot=glibc&only_with_tag=glibc-2_3-branch&r1=1.96&r2=1.96.4.1
--
http://sources.redhat.com/bugzilla/show_bug.cgi?id=719
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
^ permalink raw reply [flat|nested] 9+ messages in thread
end of thread, other threads:[~2005-02-26 1:10 UTC | newest]
Thread overview: 9+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2005-02-14 12:25 [Bug nptl/719] New: dlfcn/tststatic writes past end of dtv array amodra at bigpond dot net dot au
2005-02-14 12:27 ` [Bug nptl/719] " amodra at bigpond dot net dot au
2005-02-15 12:32 ` amodra at bigpond dot net dot au
2005-02-18 0:44 ` roland at gnu dot org
2005-02-18 0:44 ` roland at gnu dot org
2005-02-18 0:45 ` roland at gnu dot org
2005-02-22 3:52 ` drepper at redhat dot com
2005-02-26 1:10 ` cvs-commit at gcc dot gnu dot org
2005-02-26 1:10 ` cvs-commit at gcc dot gnu dot org
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).