BusyBox Bug and Patch Tracking
BusyBox
  

Viewing Issue Simple Details Jump to Notes ] View Advanced ] Issue History ] Print ]
ID Category Severity Reproducibility Date Submitted Last Update
0005554 [uClibc] Other minor always 10-18-08 20:21 10-19-08 06:31
Reporter michael_d View Status public  
Assigned To uClibc
Priority normal Resolution fixed  
Status closed   Product Version 0.9.29
Summary 0005554: Flawed inline assembler in libc/sysdeps/linux/i386/sigaction.c
Description The implementation of sigaction on i386 for older kernels makes the system call using an inline asm element with two flaws:

1. The asm is not marked as depending on the kact structure or modifying the koact structure. Thus, GCC is free to assume these structures need not be kept consistent, allowing it to remove all initialization of kact.

2. The asm allows the signal number to be provided as a memory reference. But this allows GCC to provide a stack-relative operand, which will break because the assembler saves %ebx on the stack before using that operand.

0000001 didn't use to be a problem in practice because GCC 4.2.* didn't seize the optimization opportunity. GCC 4.3.2, however, optimizes out the "kact.sa_flags = act->sa_flags | SA_RESTORER;" line, so that the kernel sees garbage in sa_flags. This can result in the kernel seeing the SA_RESETHAND flag, causing erratic behaviour in signal dependent programs.

2 becomes an issue if "-fomit-frame-pointer" is provided. In uClibc-0.9.29 it isn't, uClibc-0.9.30-rc2 does use the flag by default.

I've attached a patch to fix these issues.
Additional Information
Attached Files  uClibc-0.9.29-sigaction.diff [^] (756 bytes) 10-18-08 20:21

- Relationships

- Notes
(0013834)
bernhardf
10-19-08 06:31

Applied as r23720. Thanks!
 

- Issue History
Date Modified Username Field Change
10-18-08 20:21 michael_d New Issue
10-18-08 20:21 michael_d Status new => assigned
10-18-08 20:21 michael_d Assigned To  => uClibc
10-18-08 20:21 michael_d File Added: uClibc-0.9.29-sigaction.diff
10-19-08 06:31 bernhardf Status assigned => closed
10-19-08 06:31 bernhardf Note Added: 0013834
10-19-08 06:31 bernhardf Resolution open => fixed
10-19-08 06:31 bernhardf Fixed in Version  => 0.9.30


Copyright © 2000 - 2006 Mantis Group
Powered by Mantis Bugtracker