I have found a bug in .../libc/string/generic/memmove.c, which is the one that MIPS uses, since there's no specialized, optimized version for MIPS.
We're currently using uClibc v. 1.0.12, but I suspect the bug to be present in earlier releases too.
Here's a snippet from memmove.c#memmove(): ---------------------oOo--------------------- /* This test makes the forward copying code be used whenever possible. Reduces the working set. */ if (dstp - srcp >= len) /* *Unsigned* compare! */ { #ifndef __ARCH_HAS_BWD_MEMCPY__ /* Backward memcpy implementation cannot be used */ memcpy(dest, src, len); #else /* Copy from the beginning to the end. */ ---------------------oOo---------------------
Given the name of the define (__ARCH_HAS_BWD_MEMCPY__) it sounds as when this is defined, the architecture indeed has backward memcpy() support. But how come the line is preceded by #ifndef and not #ifdef, when the code inside calls memcpy()?
Also, the first comment inside the #ifndef seems odd, since memcpy() indeed is called: /* Backward memcpy implementation cannot be used */
Our SDK does not define __ARCH_HAS_BWD_MEMCPY__, so when memmove() resorts to a simple memcpy() that does the wrong thing for overlapping regions, our application fails with disastrous side-effects.
I have attached a patch that fixes this.
Please CC me in case of any inquiries/replies: rene.nielsen (at) microsemi.com
Thanks & regards, Rene Schipp von Branitz Nielsen