This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Re: [PATCH] Extend tst-{atexit,at_quick_exit,cxa_atexit,onexit} to verify minimum number of supported handlers
On Fri, Sep 1, 2017 at 11:37 AM, Paul Pluzhnikov <ppluzhnikov@google.com> wrote:
> On Fri, Sep 1, 2017 at 11:03 AM, H.J. Lu <hjl.tools@gmail.com> wrote:
>
>> It failed on Linux/i686:
>
> The "crumbs" buffer was not sized correctly, and I had global buffer overflow:
>
> ==71453==ERROR: AddressSanitizer: global-buffer-overflow on address
> 0x0000006023c0 at pc 0x000000400e84 bp 0x7ffe059dc370 sp
> 0x7ffe059dc368
> WRITE of size 1 at 0x0000006023c0 thread T0
> #0 0x400e83 in fn1 ../stdlib/tst-atexit-common.c:53
> #1 0x7ff8af2da1a8 (/lib/x86_64-linux-gnu/libc.so.6+0x3c1a8)
> #2 0x7ff8af2da1f4 in exit (/lib/x86_64-linux-gnu/libc.so.6+0x3c1f4)
> #3 0x400bf5 in do_test ../stdlib/tst-atexit-common.c:140
> #4 0x400bf5 in main ../stdlib/tst-atexit-common.c:143
> #5 0x7ff8af2bff44 in __libc_start_main
> (/lib/x86_64-linux-gnu/libc.so.6+0x21f44)
> #6 0x400d39 (/glibc-git/stdlib/a.out+0x400d39)
>
> 0x0000006023c0 is located 0 bytes to the right of global variable
> 'crumbs' defined in '../stdlib/tst-atexit-common.c:33:13' (0x6023a0)
> of size 32
>
> Sorry about that. Committed attached fix.
>
I still got
[hjl@gnu-6 build-i686-linux]$ ./stdlib/tst-tls-atexit
tst-tls-atexit: allocatestack.c:530: allocate_stack: Assertion `size
!= 0' failed.
Didn't expect signal from child: got `Aborted'
[hjl@gnu-6 build-i686-linux]$
--
H.J.