[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: strstr broken on alpha GNU/Linux
|
From: |
Eric Blake |
|
Subject: |
Re: strstr broken on alpha GNU/Linux |
|
Date: |
Tue, 14 Sep 2010 09:45:21 -0600 |
|
User-agent: |
Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.9) Gecko/20100907 Fedora/3.1.3-1.fc13 Mnenhy/0.8.3 Thunderbird/3.1.3 |
On 09/08/2010 02:48 PM, Mike Frysinger wrote:
On Wednesday, September 08, 2010 16:36:13 Eric Blake wrote:
I received an off-list report of a test-strstr failure on m4 1.4.15:
Linux xxx 2.6.34-gentoo-r1 #1 SMP Sun Aug 8 17:45:07 MDT 2010 alpha
GNU/Linux
gcc (Gentoo 4.4.3-r2 p1.2) 4.4.3
/bin/sh: line 1: 30207 Segmentation fault (core dumped) EXEEXT=''
I'm not sure which version of glibc is running on this platform, but it
seems like we should be working around this bug (and also reporting it
to glibc, if it hasn't yet been fixed there). I'm also trying to see if
I can log in to that machine and reproduce precisely which search is
causing the out-of-bounds reference from glibc's strstr implementation.
if you cant, then i have Gentoo alpha systems as well i can add you to
I got access to the machine in question. More details:
$ /lib/libc.so.6.1
GNU C Library stable release version 2.11.2, by Roland McGrath et al.
...
Compiled by GNU CC version 4.4.3.
Compiled on a Linux 2.6.33 system on 2010-08-09.
Program received signal SIGSEGV, Segmentation fault.
0x00000200000c3330 in memchr () from /lib/libc.so.6.1
(gdb) bt
#0 0x00000200000c3330 in memchr () from /lib/libc.so.6.1
#1 0x00000200000c2fe4 in strstr () from /lib/libc.so.6.1
#2 0x0000000120000ee8 in main (argc=1, argv=0x11f880578)
at ../../tests/test-strstr.c:70
corresponding to this code:
{
/* On some platforms, the memchr() functions reads past the first
occurrence of the byte to be searched, leading to an out-of-bounds
read access for strstr().
See <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=521737>.
This is a bug in memchr(), see the Austin Group's clarification
<http://www.opengroup.org/austin/docs/austin_454.txt>. */
const char *fix = "aBaaaaaaaaaaax";
char *page_boundary = (char *) zerosize_ptr ();
size_t len = strlen (fix) + 1;
char *input = page_boundary ? page_boundary - len : malloc (len);
const char *result;
strcpy (input, fix);
result = strstr (input, "B1x");
ASSERT (result == NULL);
if (!page_boundary)
free (input);
}
Hmm- strstr.m4 already checks for broken memchr, in which case strstr is
already replaced. Investigating further shows that this particular
memchr failure is not caught by the existing memchr.m4, so the fix
should be to beef up that m4 test (and probably also test-memchr.c, so
that the problem is obvious even if you don't use the strstr module).
Patch coming up soon.
configure:4922: checking whether memchr works
configure:4982: gcc -o conftest -g -O2 conftest.c >&5
configure:4982: $? = 0
configure:4982: ./conftest
configure:4982: $? = 0
configure:4992: result: yes
Meanwhile, I saw a glibc bug for memchr overshooting on ia64, but not
for Alpha, so I created:
http://sources.redhat.com/bugzilla/show_bug.cgi?id=12019
--
Eric Blake address@hidden +1-801-349-2682
Libvirt virtualization library http://libvirt.org