From patchwork Tue Oct 19 20:56:03 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Joseph Myers X-Patchwork-Id: 46412 Return-Path: X-Original-To: patchwork@sourceware.org Delivered-To: patchwork@sourceware.org Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id AE3EC385782F for ; Tue, 19 Oct 2021 20:57:15 +0000 (GMT) X-Original-To: libc-alpha@sourceware.org Delivered-To: libc-alpha@sourceware.org Received: from esa3.mentor.iphmx.com (esa3.mentor.iphmx.com [68.232.137.180]) by sourceware.org (Postfix) with ESMTPS id 6A8073857C7A for ; Tue, 19 Oct 2021 20:56:10 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org 6A8073857C7A Authentication-Results: sourceware.org; dmarc=none (p=none dis=none) header.from=codesourcery.com Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=mentor.com IronPort-SDR: 4AAkfmiJBQXb95DzBvt6p+z/3ngT4ko5sHrt03k5S92sPXglfeFw1MLsWi7E2eEZX01Tdj2D0U AkgFrEC1NTWSgBb3ogRDZC6Rsy6fnjMQYcIUsjJoW7l/TLlheAHZZX2FxQ8CW6ZaVrWXP1r+4J 8dyVT39EhnZhfx7E8rvL88OplMeehmjWt9C0dj5S4G1V3jV+C43Y7l6Gu+ExVnB1WnfBf562oo vZjmbeQHxW81BArXPEJofVQzd2d+n8UknaP0WTj8jHfgsLCmesKvUTNNke8Hl5QFmQlnFsdXaW OhqLcrKyVXTxLe/Pu/JM3WPy X-IronPort-AV: E=Sophos;i="5.87,164,1631606400"; d="scan'208";a="67249597" Received: from orw-gwy-02-in.mentorg.com ([192.94.38.167]) by esa3.mentor.iphmx.com with ESMTP; 19 Oct 2021 12:56:10 -0800 IronPort-SDR: cUy1/C3c/HXig7Bii8zTvaY0niJghewA6QYNZtW5aLR6UY9zvLDp8fETOMYon2Rd7/fEggRmJE q3AX1u5d2Ei6oNSxV3e1rhfIXtotTAN7HmFM8Q755b86GFJuvLB6do4F70y4oAVfLn/uhXb9hf T8UIwb/+AFtZCB2xx3sA3iOmdSOQVBvgY0UcNnEdRnYAXMIy41IIhi+9m3MSoE2im+M5bt9DAv 4rJHNNj67N7QCYwyBokgUsA9vjqJx8W5Ps4zkPU1Cd3JBzJSsT/HBwA7iQKFZczk+1YiOidjYt T1k= Date: Tue, 19 Oct 2021 20:56:03 +0000 From: Joseph Myers X-X-Sender: jsm28@digraph.polyomino.org.uk To: Florian Weimer Subject: [PATCH v2] Correct access attribute on memfrob (bug 28475) In-Reply-To: <87v91syew0.fsf@oldenburg.str.redhat.com> Message-ID: References: <87v91syew0.fsf@oldenburg.str.redhat.com> User-Agent: Alpine 2.22 (DEB 394 2020-01-19) MIME-Version: 1.0 X-Originating-IP: [137.202.0.90] X-ClientProxiedBy: SVR-IES-MBX-04.mgc.mentorg.com (139.181.222.4) To svr-ies-mbx-01.mgc.mentorg.com (139.181.222.1) X-Spam-Status: No, score=-3123.5 required=5.0 tests=BAYES_00, GIT_PATCH_0, HEADER_FROM_DIFFERENT_DOMAINS, KAM_DMARC_STATUS, SPF_HELO_PASS, SPF_PASS, TXREP autolearn=ham autolearn_force=no version=3.4.4 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: libc-alpha@sourceware.org Errors-To: libc-alpha-bounces+patchwork=sourceware.org@sourceware.org Sender: "Libc-alpha" As noted in bug 28475, the access attribute on memfrob in is incorrect: the function both reads and writes the memory pointed to by its argument, so it needs to use __read_write__, not __write_only__. This incorrect attribute results in a build failure for accessing uninitialized memory for s390x-linux-gnu-O3 with build-many-glibcs.py using GCC mainline. Correct the attribute. Fixing this shows up that some calls to memfrob in elf/ tests are reading uninitialized memory; I'm not entirely sure of the purpose of those calls, but guess they are about ensuring that the stack space is indeed allocated at that point in the function, and so it matters that they are calling a function whose semantics are unknown to the compiler. Thus, change the first memfrob call in those tests to use explicit_bzero instead, as suggested by Florian in , to avoid the use of uninitialized memory. Tested for x86_64, and with build-many-glibcs.py (GCC mainline) for s390x-linux-gnu-O3. --- Changed in version 2 to use explicit_bzero in the elf/ tests as suggested by Florian. diff --git a/elf/tst-execstack-needed.c b/elf/tst-execstack-needed.c index 8b794a3d47..85078e40ef 100644 --- a/elf/tst-execstack-needed.c +++ b/elf/tst-execstack-needed.c @@ -26,7 +26,7 @@ static void deeper (void (*f) (void)) { char stack[1100 * 1024]; - memfrob (stack, sizeof stack); + explicit_bzero (stack, sizeof stack); (*f) (); memfrob (stack, sizeof stack); } diff --git a/elf/tst-execstack-prog.c b/elf/tst-execstack-prog.c index 8663153372..1b34bb5597 100644 --- a/elf/tst-execstack-prog.c +++ b/elf/tst-execstack-prog.c @@ -25,7 +25,7 @@ static void deeper (void (*f) (void)) { char stack[1100 * 1024]; - memfrob (stack, sizeof stack); + explicit_bzero (stack, sizeof stack); (*f) (); memfrob (stack, sizeof stack); } diff --git a/elf/tst-execstack.c b/elf/tst-execstack.c index 114f341d76..7e898b4f58 100644 --- a/elf/tst-execstack.c +++ b/elf/tst-execstack.c @@ -227,7 +227,7 @@ static void deeper (void (*f) (void)) { char stack[1100 * 1024]; - memfrob (stack, sizeof stack); + explicit_bzero (stack, sizeof stack); (*f) (); memfrob (stack, sizeof stack); } diff --git a/string/string.h b/string/string.h index 04e1b7067d..201d7e31c8 100644 --- a/string/string.h +++ b/string/string.h @@ -495,7 +495,7 @@ extern char *strfry (char *__string) __THROW __nonnull ((1)); /* Frobnicate N bytes of S. */ extern void *memfrob (void *__s, size_t __n) __THROW __nonnull ((1)) - __attr_access ((__write_only__, 1, 2)); + __attr_access ((__read_write__, 1, 2)); # ifndef basename /* Return the file name within directory of FILENAME. We don't