bug#26497: glibc 2.25 broken on i686

bug#26497: glibc 2.25 broken on i686

[Ricardo Wurmus]

Guix on i686 is broken since the update to glibc 2.25.  There are
seemingly random segfaults all over the place on my server.

Ludo posted this upstream discussion:

    https://sourceware.org/bugzilla/show_bug.cgi?id=21182

I could test the patch on my i686 system, but it would take much too
long for me to build the system from source on my machines.

-- 
Ricardo

GPG: BCA6 89B6 3655 3801 C3C6  2150 197A 5888 235F ACAC
https://elephly.net

bug#26497: glibc 2.25 broken on i686

[Ludovic Courtès]

Ricardo Wurmus <rekado@elephly.net> skribis:

> Guix on i686 is broken since the update to glibc 2.25.  There are
> seemingly random segfaults all over the place on my server.
>
> Ludo posted this upstream discussion:
>
>     https://sourceware.org/bugzilla/show_bug.cgi?id=21182

Perhaps we don’t see the problem when running i686 code on x86_64.

> I could test the patch on my i686 system, but it would take much too
> long for me to build the system from source on my machines.

Could you first check if there’s a simple way to reproduce it on your
machine?  For example, run “guix build coreutils” or “guix build
coreutils --check” and see if that fails.

If it does, you could arrange to test the patch just in this setup.

Thanks,
Ludo’.

bug#26497: glibc 2.25 broken on i686

[Ricardo Wurmus]

Ludovic Courtès <ludo@gnu.org> writes:

> Ricardo Wurmus <rekado@elephly.net> skribis:
>
>> Guix on i686 is broken since the update to glibc 2.25.  There are
>> seemingly random segfaults all over the place on my server.
>>
>> Ludo posted this upstream discussion:
>>
>>     https://sourceware.org/bugzilla/show_bug.cgi?id=21182
>
> Perhaps we don’t see the problem when running i686 code on x86_64.
>
>> I could test the patch on my i686 system, but it would take much too
>> long for me to build the system from source on my machines.
>
> Could you first check if there’s a simple way to reproduce it on your
> machine?  For example, run “guix build coreutils” or “guix build
> coreutils --check” and see if that fails.
>
> If it does, you could arrange to test the patch just in this setup.

Do you mean apply the patch and build on i686 or apply the patch and
build with “--system” on my x86_64 system?

On the i686 system I cannot run anything with the latest glibc, so
building there will likely fail unless the bug is fixed.

-- 
Ricardo

GPG: BCA6 89B6 3655 3801 C3C6  2150 197A 5888 235F ACAC
https://elephly.net

bug#26497: glibc 2.25 broken on i686

[Ludovic Courtès]

Ricardo Wurmus <rekado@elephly.net> skribis:

> Ludovic Courtès <ludo@gnu.org> writes:
>
>> Ricardo Wurmus <rekado@elephly.net> skribis:
>>
>>> Guix on i686 is broken since the update to glibc 2.25.  There are
>>> seemingly random segfaults all over the place on my server.
>>>
>>> Ludo posted this upstream discussion:
>>>
>>>     https://sourceware.org/bugzilla/show_bug.cgi?id=21182
>>
>> Perhaps we don’t see the problem when running i686 code on x86_64.
>>
>>> I could test the patch on my i686 system, but it would take much too
>>> long for me to build the system from source on my machines.
>>
>> Could you first check if there’s a simple way to reproduce it on your
>> machine?  For example, run “guix build coreutils” or “guix build
>> coreutils --check” and see if that fails.
>>
>> If it does, you could arrange to test the patch just in this setup.
>
> Do you mean apply the patch and build on i686 or apply the patch and
> build with “--system” on my x86_64 system?
>
> On the i686 system I cannot run anything with the latest glibc, so
> building there will likely fail unless the bug is fixed.

What I mean is that if you could test the patch in any way you like ;-)
and ensure that it fixes the problem, it would be great.

Then we soon apply the patch conditionally on glibc (like I did for the
Coreutils patch for ARM) ASAP so that Hydra has time to rebuild the i686
world.

TIA! :-)

Ludo’.

bug#26497: glibc 2.25 broken on i686

[Ricardo Wurmus]

[-- Attachment #1: Type: text/plain, Size: 1848 bytes --]


Ludovic Courtès <ludo@gnu.org> writes:

> Ricardo Wurmus <rekado@elephly.net> skribis:
>
>> Ludovic Courtès <ludo@gnu.org> writes:
>>
>>> Ricardo Wurmus <rekado@elephly.net> skribis:
>>>
>>>> Guix on i686 is broken since the update to glibc 2.25.  There are
>>>> seemingly random segfaults all over the place on my server.
>>>>
>>>> Ludo posted this upstream discussion:
>>>>
>>>>     https://sourceware.org/bugzilla/show_bug.cgi?id=21182
>>>
>>> Perhaps we don’t see the problem when running i686 code on x86_64.
>>>
>>>> I could test the patch on my i686 system, but it would take much too
>>>> long for me to build the system from source on my machines.
>>>
>>> Could you first check if there’s a simple way to reproduce it on your
>>> machine?  For example, run “guix build coreutils” or “guix build
>>> coreutils --check” and see if that fails.
>>>
>>> If it does, you could arrange to test the patch just in this setup.
>>
>> Do you mean apply the patch and build on i686 or apply the patch and
>> build with “--system” on my x86_64 system?
>>
>> On the i686 system I cannot run anything with the latest glibc, so
>> building there will likely fail unless the bug is fixed.
>
> What I mean is that if you could test the patch in any way you like ;-)
> and ensure that it fixes the problem, it would be great.

Oh, okay.  I had misunderstood your message :)

I applied the following patch to my i686 netbook and waited a day for
coreutils and procps to be built with the new glibc.  I cannot reproduce
any crashes with these packages, so this seems to be fine.

> Then we soon apply the patch conditionally on glibc (like I did for the
> Coreutils patch for ARM) ASAP so that Hydra has time to rebuild the i686
> world.

The attached patch is for core-updates, but I could also try to make it
apply conditionally for i686.


[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: 0001-gnu-glibc-linux-Fix-segfaults-on-i686.patch --]
[-- Type: text/x-patch, Size: 4769 bytes --]

From 2b2f1d4947e2198f7011b00a496be078f6a924fd Mon Sep 17 00:00:00 2001
From: Ricardo Wurmus <rekado@elephly.net>
Date: Mon, 24 Apr 2017 23:15:41 +0200
Subject: [PATCH] gnu: glibc/linux: Fix segfaults on i686.

* gnu/packages/patches/glibc-memchr-overflow-i686.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/base.scm (glibc/linux)[source]: Add patch.
---
 gnu/local.mk                                       |  1 +
 gnu/packages/base.scm                              |  1 +
 .../patches/glibc-memchr-overflow-i686.patch       | 74 ++++++++++++++++++++++
 3 files changed, 76 insertions(+)
 create mode 100644 gnu/packages/patches/glibc-memchr-overflow-i686.patch

diff --git a/gnu/local.mk b/gnu/local.mk
index a0d7cfd0a..61c3f6ad8 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -609,6 +609,7 @@ dist_patch_DATA =						\
   %D%/packages/patches/glibc-bootstrap-system.patch		\
   %D%/packages/patches/glibc-ldd-x86_64.patch			\
   %D%/packages/patches/glibc-locales.patch			\
+  %D%/packages/patches/glibc-memchr-overflow-i686.patch		\
   %D%/packages/patches/glibc-o-largefile.patch			\
   %D%/packages/patches/glibc-versioned-locpath.patch		\
   %D%/packages/patches/gmp-arm-asm-nothumb.patch		\
diff --git a/gnu/packages/base.scm b/gnu/packages/base.scm
index 4fd9ed87e..52074c655 100644
--- a/gnu/packages/base.scm
+++ b/gnu/packages/base.scm
@@ -535,6 +535,7 @@ store.")
             (modules '((guix build utils)))
             (patches (search-patches "glibc-ldd-x86_64.patch"
                                      "glibc-versioned-locpath.patch"
+                                     "glibc-memchr-overflow-i686.patch"
                                      "glibc-o-largefile.patch"))))
    (build-system gnu-build-system)
 
diff --git a/gnu/packages/patches/glibc-memchr-overflow-i686.patch b/gnu/packages/patches/glibc-memchr-overflow-i686.patch
new file mode 100644
index 000000000..0b1b5b9f9
--- /dev/null
+++ b/gnu/packages/patches/glibc-memchr-overflow-i686.patch
@@ -0,0 +1,74 @@
+Extracted from glibc upstream git repository.  Changes to the ChangeLog have
+been removed.  This patch is needed to fix spurious segmentation faults on
+i686.
+
+From 3abeeec5f46ff036bd9df60bb096e20314ccd078 Mon Sep 17 00:00:00 2001
+From: Adhemerval Zanella <adhemerval.zanella@linaro.org>
+Date: Tue, 14 Mar 2017 14:16:13 -0300
+Subject: [PATCH] Fix i686 memchr overflow calculation (BZ#21182)
+
+This patch fixes the regression added by 23d2770 for final address
+overflow calculation.  The subtraction of the considered size (16)
+at line 120 is at wrong place, for sizes less than 16 subsequent
+overflow check will not take in consideration an invalid size (since
+the subtraction will be negative).  Also, the lea instruction also
+does not raise the carry flag (CF) that is used in subsequent jbe
+to check for overflow.
+
+The fix is to follow x86_64 logic from 3daef2c where the overflow
+is first check and a sub instruction is issued.  In case of resulting
+negative size, CF will be set by the sub instruction and a NULL
+result will be returned.  The patch also add similar tests reported
+in bug report.
+
+Checked on i686-linux-gnu and x86_64-linux-gnu.
+
+	* string/test-memchr.c (do_test): Add BZ#21182 checks for address
+	near end of a page.
+	* sysdeps/i386/i686/multiarch/memchr-sse2.S (__memchr): Fix
+	overflow calculation.
+---
+ string/test-memchr.c                      | 6 ++++++
+ sysdeps/i386/i686/multiarch/memchr-sse2.S | 2 +-
+ 3 files changed, 15 insertions(+), 1 deletion(-)
+
+diff --git a/string/test-memchr.c b/string/test-memchr.c
+index 2403c9242b..669e092e7d 100644
+--- a/string/test-memchr.c
++++ b/string/test-memchr.c
+@@ -210,6 +210,12 @@ test_main (void)
+       do_test (0, i, i + 1, i + 1, 0);
+     }
+ 
++  /* BZ#21182 - wrong overflow calculation for i686 implementation
++     with address near end of the page.  */
++  for (i = 2; i < 16; ++i)
++    /* page_size is in fact getpagesize() * 2.  */
++    do_test (page_size / 2 - i, i, i, 1, 0x9B);
++
+   do_random_tests ();
+   return ret;
+ }
+diff --git a/sysdeps/i386/i686/multiarch/memchr-sse2.S b/sysdeps/i386/i686/multiarch/memchr-sse2.S
+index 910679cfc0..e41f324a77 100644
+--- a/sysdeps/i386/i686/multiarch/memchr-sse2.S
++++ b/sysdeps/i386/i686/multiarch/memchr-sse2.S
+@@ -117,7 +117,6 @@ L(crosscache):
+ 
+ # ifndef USE_AS_RAWMEMCHR
+ 	jnz	L(match_case2_prolog1)
+-	lea	-16(%edx), %edx
+         /* Calculate the last acceptable address and check for possible
+            addition overflow by using satured math:
+            edx = ecx + edx
+@@ -125,6 +124,7 @@ L(crosscache):
+ 	add	%ecx, %edx
+ 	sbb	%eax, %eax
+ 	or	%eax, %edx
++	sub	$16, %edx
+ 	jbe	L(return_null)
+ 	lea	16(%edi), %edi
+ # else
+-- 
+2.12.2
+
-- 
2.12.2


[-- Attachment #3: Type: text/plain, Size: 91 bytes --]


--
Ricardo

GPG: BCA6 89B6 3655 3801 C3C6  2150 197A 5888 235F ACAC
https://elephly.net

bug#26497: glibc 2.25 broken on i686

[Ricardo Wurmus]

Ricardo Wurmus <rekado@elephly.net> writes:

> I applied the following patch to my i686 netbook and waited a day for
> coreutils and procps to be built with the new glibc.  I cannot reproduce
> any crashes with these packages, so this seems to be fine.

I should also note that I cannot reproduce the crashes at all when
running the old binaries that were built with the broken glibc 2.25.
The crashes only happened on a reconfigured system with the broken glibc
2.25.

I cannot really reconfigure the whole system to test this, because that
would take a very very long time.

--
Ricardo

GPG: BCA6 89B6 3655 3801 C3C6  2150 197A 5888 235F ACAC
https://elephly.net

bug#26497: glibc 2.25 broken on i686

[Ludovic Courtès]

Hello!

Ricardo Wurmus <rekado@elephly.net> skribis:

> I applied the following patch to my i686 netbook and waited a day for
> coreutils and procps to be built with the new glibc.  I cannot reproduce
> any crashes with these packages, so this seems to be fine.
>
>> Then we soon apply the patch conditionally on glibc (like I did for the
>> Coreutils patch for ARM) ASAP so that Hydra has time to rebuild the i686
>> world.
>
> The attached patch is for core-updates, but I could also try to make it
> apply conditionally for i686.

Yes, that would be great.

> From 2b2f1d4947e2198f7011b00a496be078f6a924fd Mon Sep 17 00:00:00 2001
> From: Ricardo Wurmus <rekado@elephly.net>
> Date: Mon, 24 Apr 2017 23:15:41 +0200
> Subject: [PATCH] gnu: glibc/linux: Fix segfaults on i686.
>
> * gnu/packages/patches/glibc-memchr-overflow-i686.patch: New file.
> * gnu/local.mk (dist_patch_DATA): Add it.
> * gnu/packages/base.scm (glibc/linux)[source]: Add patch.

Perfect, thank you for taking care of it!

Ludo’.

bug#26497: glibc 2.25 broken on i686

[Ludovic Courtès]

Ricardo Wurmus <rekado@elephly.net> skribis:

>From 2b2f1d4947e2198f7011b00a496be078f6a924fd Mon Sep 17 00:00:00 2001
> From: Ricardo Wurmus <rekado@elephly.net>
> Date: Mon, 24 Apr 2017 23:15:41 +0200
> Subject: [PATCH] gnu: glibc/linux: Fix segfaults on i686.
>
> * gnu/packages/patches/glibc-memchr-overflow-i686.patch: New file.
> * gnu/local.mk (dist_patch_DATA): Add it.
> * gnu/packages/base.scm (glibc/linux)[source]: Add patch.

This was pushed as b2fd8f63679aa4f244c36fdca62f23c00b8eded9; closing.

Ludo’.