bug-binutils
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Bug ld/20852] New: glibc/MIPS strfry call strlen by bal not jalr

From: ambrosehua at 126 dot com
Subject: [Bug ld/20852] New: glibc/MIPS strfry call strlen by bal not jalr
Date: Tue, 22 Nov 2016 08:27:13 +0000 
https://sourceware.org/bugzilla/show_bug.cgi?id=20852

            Bug ID: 20852
           Summary: glibc/MIPS strfry call strlen by bal not jalr
           Product: binutils
           Version: 2.26
            Status: UNCONFIRMED
          Severity: normal
          Priority: P2
         Component: ld
          Assignee: unassigned at sourceware dot org
          Reporter: ambrosehua at 126 dot com
  Target Milestone: ---

Fedora 21/loongson glibc 2.20 n64,function strfry.c is compiled with calling
strlen with jalr in strfry.os, but in
final libc-2.20.so, the function strfry is built with calling strlen with bal.
I think it has something to do with gcc's
-mrelax-pic-calls option. 

++++++++++++++++++++++++++
strfry in libc.so
......
00000000000c0e00 <strfry>:
   c0e00:       67bdffb0        daddiu  sp,sp,-80
   c0e04:       ffbc0040        sd      gp,64(sp)
   c0e08:       3c1c0013        lui     gp,0x13
   c0e0c:       0399e02d        daddu   gp,gp,t9
   c0e10:       ffb10018        sd      s1,24(sp)
   c0e14:       679cea20        daddiu  gp,gp,-5600
   c0e18:       ffb00010        sd      s0,16(sp)
   c0e1c:       0080802d        move    s0,a0
   c0e20:       df9180b0        ld      s1,-32592(gp)
   c0e24:       ffbf0048        sd      ra,72(sp)
   c0e28:       ffb50038        sd      s5,56(sp)
   c0e2c:       8e22b370        lw      v0,-19600(s1)
   c0e30:       ffb40030        sd      s4,48(sp)
   c0e34:       ffb30028        sd      s3,40(sp)
   c0e38:       1040002b        beqz    v0,c0ee8 <strfry+0xe8>
   c0e3c:       ffb20020        sd      s2,32(sp)
   c0e40:       df9980d0        ld      t9,-32560(gp)                // t9
pointed to new strlen addr not the strlen in glibc when interposing
   c0e44:       0411ef52        bal     bcb90 <strlen>             //here it
is, jalr is in strfry.os and libc_pic.os
   c0e48:       0200202d        move    a0,s0
   c0e4c:       0040882d        move    s1,v0
   c0e50:       2c420002        sltiu   v0,v0,2
   c0e54:       14400018        bnez    v0,c0eb8 <strfry+0xb8>
   c0e58:       df9280b0        ld      s2,-32592(gp)
   c0e5c:       6633ffff        daddiu  s3,s1,-1
   c0e60:       0200a82d        move    s5,s0
   c0e64:       0000a02d        move    s4,zero
   c0e68:       6652b340        daddiu  s2,s2,-19648
   c0e6c:       00000000        nop
........


I also check the libc_pic.os, it has the same strfry as strfry.os, which is
used by ld in building final libc.so, 

#.    According to SVR4, global function strlen in glibc should be able to be
interposed,  however, it is called by
bal not jalr, so is it a bug since the symbol interpositon for strlen in strfry
is unavailable?

#.    Suppose the strlen in glibc is using gp. When strlen is being interposed,
the t9 is pointed to the new strlen, "bal strlen"
is calling strlen in glibc with wrong t9 and wrong gp. OOPS!

I also check Gentoo/MIPS glibc2.23 n32, O32/N64/gcc 4.8.5/binutils 2.24 p1.4,
same symptom as Fedora 21/loongson glibc-2.20
binutils 2.25 / gcc 4.9.3,

-- 
You are receiving this mail because:
You are on the CC list for the bug.
reply via email to
[Prev in Thread] Current Thread [Next in Thread]