Bug#159633: strncpy on alpha/libc broken
On Wed, Sep 04, 2002 at 06:33:18PM +0000, Adam Heath wrote:
> package: libc6.1
> version: 2.2.5-11.1
> severity: serious
>
> On lully, I have a repeatable segfault being caused by strncpy(which calls
> __stxncpy).
Here is a patch which should solve this problem. It still needs to be
analysed for scheduling.
I don't buy the serious severity though since all it does is cross
a page boundary in very rare circumstances. I know it's rare because
this code has been around for at least five years in both Linux and
glibc, yet no one has reported this before.
--
Debian GNU/Linux 3.0 is out! ( http://www.debian.org/ )
Email: Herbert Xu ~{PmV>HI~} <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
--- stxncpy.S 2001-07-24 03:55:20.000000000 +1000
+++ /home/gondolin/herbert/stxncpy.S 2002-09-08 19:23:45.000000000 +1000
@@ -192,6 +192,7 @@
cmpbge zero, t2, t7 # e0 : find nulls in second partial
addq a0, 8, a0 # .. e1 :
subq a2, 1, a2 # e0 :
+ beq a2, $u_late_head_exit
bne t7, $u_late_head_exit # .. e1 :
/* Finally, we've got all the stupid leading edge cases taken care
@@ -200,6 +201,7 @@
extql t2, a1, t1 # e0 : position hi-bits of lo word
ldq_u t2, 8(a1) # .. e1 : read next high-order source word
addq a1, 8, a1 # e0 :
+ subq a2, 1, a2
cmpbge zero, t2, t7 # e1 (stall)
beq a2, $u_eoc # e1 :
bne t7, $u_eos # e1 :
Reply to: