From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: by sourceware.org (Postfix, from userid 48) id 53E7F3858C2D; Thu, 9 Feb 2023 22:58:38 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 53E7F3858C2D DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sourceware.org; s=default; t=1675983518; bh=ReEBPuok4rAp7UdCienabuu2PMFu2xndW5sW4IkWulk=; h=From:To:Subject:Date:From; b=Pdl+1um0DgI/+f3S7JGsgkhl0DVO6KcmWo9lD6tu2WyfVPB5xff3fCX1WVva5p2sz 3KassOkzjrO5cizrlhnYkF9d2Xq0YDADTkw4hDmTNrifeb9AXSYVmK8PcVgpqQk2l3 y3IIApXZFeFc1EQaMTw/FosKL7c0LJwdOXGx/ZUE= From: "vitiral at gmail dot com" To: glibc-bugs@sourceware.org Subject: [Bug libc/30106] New: backtrace overwrites other memory Date: Thu, 09 Feb 2023 22:58:37 +0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: new X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: glibc X-Bugzilla-Component: libc X-Bugzilla-Version: 2.36 X-Bugzilla-Keywords: X-Bugzilla-Severity: normal X-Bugzilla-Who: vitiral at gmail dot com X-Bugzilla-Status: UNCONFIRMED X-Bugzilla-Resolution: X-Bugzilla-Priority: P2 X-Bugzilla-Assigned-To: unassigned at sourceware dot org X-Bugzilla-Target-Milestone: --- X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: bug_id short_desc product version bug_status bug_severity priority component assigned_to reporter cc target_milestone attachments.created Message-ID: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: http://sourceware.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 List-Id: https://sourceware.org/bugzilla/show_bug.cgi?id=3D30106 Bug ID: 30106 Summary: backtrace overwrites other memory Product: glibc Version: 2.36 Status: UNCONFIRMED Severity: normal Priority: P2 Component: libc Assignee: unassigned at sourceware dot org Reporter: vitiral at gmail dot com CC: drepper.fsp at gmail dot com Target Milestone: --- Created attachment 14669 --> https://sourceware.org/bugzilla/attachment.cgi?id=3D14669&action=3Ded= it make output I am using the backtrace() function and it seems to be overwriting memory I didn't give it. The value in a different region of memory changes after executing the below code: void* m[100] =3D {0}; size_t len =3D backtrace(m, 100); Note: I am using -m32 (32 bit) In the below logs, addrOver is the address that is getting overwritten, tra= ce is the value being sent to backtrace. You can see that before and after are changing. ??? Kern_handleSig addrOver=3D94A7444 ??? Kern_handleSig trace =3DFFEB3D18 ??? Kern_handleSig before =3D94A4FC8 ??? Kern_handleSig after =3D94A754C # Command to build git clone git@github.com:civboot/fngi.git git clone git@github.com:civboot/civc.git git clone git@github.com:civboot/cxt.git=20 git clone git@github.com:civboot/zoa.git=20 cd fngi git checkout branch origin/gccBug make &> /tmp/make.txt make.txt is attached. The top of it reads: Using built-in specs.=20=20=20=20=20=20 COLLECT_GCC=3Dgcc=20=20=20=20=20 COLLECT_LTO_WRAPPER=3D/usr/lib/gcc/x86_64-linux-gnu/12/lto-wrapper OFFLOAD_TARGET_NAMES=3Dnvptx-none:amdgcn-amdhsa OFFLOAD_TARGET_DEFAULT=3D1 Target: x86_64-linux-gnu Configured with: ../src/configure -v --with-pkgversion=3D'Debian 12.2.0-10' --with-bugurl=3Dfile:///usr/share/doc/gcc-12/README.Bugs --enable-languages=3Dc,ada,c++,go,d,fortran,objc,obj-c++,m2 --prefix=3D/usr --with-gcc- major-version-only --program-suffix=3D-12 --program-prefix=3Dx86_64-linux-g= nu- --enable-shared --enable-linker-build-id --libexecdir=3D/usr/lib --without-included-gettext --enable-threads=3Dposix --libdir=3D/usr/lib --e= nab le-nls --enable-clocale=3Dgnu --enable-libstdcxx-debug --enable-libstdcxx-time=3Dyes --with-default-libstdcxx-abi=3Dnew --enable-gnu-unique-object --disable-vtable-verify --enable-plugin --enable-default-pie --with-sys tem-zlib --enable-libphobos-checking=3Drelease --with-target-system-zlib=3D= auto --enable-objc-gc=3Dauto --enable-multiarch --disable-werror --enable-cet --with-arch-32=3Di686 --with-abi=3Dm64 --with-multilib-list=3Dm32,m64,m x32 --enable-multilib --with-tune=3Dgeneric --enable-offload-targets=3Dnvptx-none=3D/build/gcc-12-hWCYKv/gcc-12-12.2.0/= debian/tmp-nvptx/usr,amdgcn-amdhsa=3D/build/gcc-12-hWCYKv/gcc-12-12.2.0/deb= ian/tmp-gcn/usr --enable-o ffload-defaulted --without-cuda-driver --enable-checking=3Drelease --build=3Dx86_64-linux-gnu --host=3Dx86_64-linux-gnu --target=3Dx86_64-linu= x-gnu Thread model: posix=20 Supported LTO compression algorithms: zlib zstd gcc version 12.2.0 (Debian 12.2.0-10)=20 COLLECT_GCC_OPTIONS=3D'-v' '-save-temps' '-m32' '-no-pie' '-g' '-rdynamic' '-Wall' '-Wno-pointer-sign' '-Wformat=3D0' '-I' '../civc' '-o' 'bin/tests' '-mtune=3Dgeneric' '-march=3Di686' '-dumpdir' 'bin/tests-' /usr/lib/gcc/x86_64-linux-gnu/12/cc1 -E -quiet -v -I ../civc -imultilib 32 -imultiarch i386-linux-gnu ../civc/civ/civ.c -m32 -mtune=3Dgeneric -march= =3Di686 -Wall -Wno-pointer-sign -Wformat=3D0 -g -fworking-directory - fpch-preprocess -fasynchronous-unwind-tables -o bin/tests-civ.i Note: I previously opened this as https://gcc.gnu.org/bugzilla/show_bug.cgi?id=3D108746 --=20 You are receiving this mail because: You are on the CC list for the bug.=