[U-Boot-Users] [PATCH] Off-by-two bug when relocating GOT

Vlad Lungu vlad at comsys.ro
Sat Oct 6 14:27:46 CEST 2007 

Thomas Lange wrote:
> Vlad Lungu wrote:
>   
>> Thomas Lange wrote:
>>     
>>> Vlad Lungu wrote:
>>>   
>>>       
>>>> Shinya Kuribayashi wrote:
>>>>     
>>>>         
>>>>> Vlad Lungu wrote:
>>>>>   
>>>>>       
>>>>>           
>>>>>> The first two entries are skipped but the number of relocated entries
>>>>>> is not adjusted; as a result, the first __u_boot_cmd_* structure is
>>>>>> smashed and no commands can be issued.
>>>>>>     
>>>>>>         
>>>>>>             
>>>>> This is a known, long stading, pretty critical, but not fixed problem. See below:
>>>>>
>>>>> http://search.gmane.org/search.php?group=gmane.comp.boot-loaders.u-boot&query=mips+got
>>>>>
>>>>> I'm going to look closely into this.
>>>>>   
>>>>>       
>>>>>           
>>>> The thing I don't get is why skip the top two entries in the first place? Is it because 
>>>> _gp=ALIGN(16) ? Maybe Robert has a point:
>>>>
>>>> http://thread.gmane.org/gmane.comp.boot-loaders.u-boot/25533
>>>>     
>>>>         
>>> Yes, Roberts patch sent 12/15/06 09:53 worked for me when my command
>>> table suddenly got corrupted.
>>>   
>>>       
>> That's my case:
>>                 0x00000000bfc1d950                _gp = ALIGN (0x10)
>>                 0x00000000bfc1d94c                __got_start = .
>>
>> .got            0x00000000bfc1d950      0x500
>>  *(.got)
>>  .got           0x00000000bfc1d950      0x500 cpu/mips/start.o
>>                 0x00000000bfc1d950                _GLOBAL_OFFSET_TABLE_
>>                 0x00000000bfc1de50                __got_end = .
>>                 0x00000000bfc1de50                . = .
>>                 0x00000000bfc1de50                __u_boot_cmd_start = .
>>
>>  The thing is,  num_got_entries=(__got_end - __got_start)>>2 and that's 
>> 0x141 and it should be only 0x140.
>> That is what triggers the bug. In start.S, lines 353-354, $t4 is loaded 
>> with $gp+8 and $t2 with 2 and not with 0, so in effect
>> if I substract 2 from $t3 I'm not relocating the last entry, and with 
>> Robert's patch I'm not relocating the last two.
>> One more point: loading  $gp with _GLOBAL_OFFSET_TABLE_ is not a good  
>> idea, it should be loaded with _gp. The value
>> is the same at the moment, but it's not guaranteed at all, someone could 
>> start playing with the link scripts and break this.
>>     
>>> It is still not applied to sources.
>>>
>>> Is it rejected/pending/forgotten?
>>>   
>>>       
>> Well, it was not a "proper" patch so it kind of fell trought the cracks, 
>> probably.
>> This one is a "proper" patch but it's actually wrong, so please don't 
>> apply it.
>>     
>
> Hmm, are we talking about the same patch?
>
> [PATCH] Fix: Bug in MIPS linker scripts
> http://article.gmane.org/gmane.comp.boot-loaders.u-boot/25541/
>   
Didn't see this one. I was talking about

http://thread.gmane.org/gmane.comp.boot-loaders.u-boot/25533

Well, who knows? There are no commits in the MIPS tree since March, and the patch is not applied there,
even if the dude is listed as custodian of the tree.

Vlad

More information about the U-Boot mailing list