From: Sergei Trofimovich Date: Mon, 18 Dec 2017 17:23:02 +0000 (+0000) Subject: mips64: fix clobbering s0 in setjmp() [BZ #22624] X-Git-Tag: glibc-2.27~260 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=368b6c8da9f8ae453f5d70f8a62dbf3f1b6d5995;p=thirdparty%2Fglibc.git mips64: fix clobbering s0 in setjmp() [BZ #22624] When configured as --enable-stack-protector=all glibc inserts stack checking canary into every function including __sigsetjmp_aux(). Stack checking code ends up using s0 register to temporary hold address of global canary value. Unfortunately __sigsetjmp_aux assumes no caller' caller-save registers should be clobbered as it stores them as-is. The fix is to disable stack protection of __sigsetjmp_aux. Tested on the following test: #include #include int main() { jmp_buf jb; volatile register long s0 asm ("$s0"); s0 = 1234; if (setjmp(jb) == 0) longjmp(jb, 1); printf ("$s0 = %lu\n", s0); } Without the fix: $ qemu-mipsn32 -L . ./mips-longjmp-bug $s0 = 1082346228 With the fix: $ qemu-mipsn32 -L . ./mips-longjmp-bug $s0 = 1234 [BZ #22624] * sysdeps/mips/mips64/setjmp_aux.c (__sigsetjmp_aux): Use inhibit_stack_protector. --- diff --git a/ChangeLog b/ChangeLog index d290d60a84e..4a7164354f2 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,9 @@ +2017-12-18 Sergei Trofimovich + + [BZ #22624] + * sysdeps/mips/mips64/setjmp_aux.c (__sigsetjmp_aux): Use + inhibit_stack_protector. + 2017-12-18 Dmitry V. Levin [BZ #22627] diff --git a/sysdeps/mips/mips64/setjmp_aux.c b/sysdeps/mips/mips64/setjmp_aux.c index b43c36a7d50..43fffc74bf1 100644 --- a/sysdeps/mips/mips64/setjmp_aux.c +++ b/sysdeps/mips/mips64/setjmp_aux.c @@ -24,7 +24,12 @@ pointer. We do things this way because it's difficult to reliably access them in C. */ +/* Stack protection is disabled to avoid changing s0 (or any other + caller-save register) before storing it to environment. + See BZ #22624. */ + int +inhibit_stack_protector __sigsetjmp_aux (jmp_buf env, int savemask, long long sp, long long fp, long long gp) {