From mboxrd@z Thu Jan 1 00:00:00 1970 From: Ricardo Wurmus Subject: bug#26497: glibc 2.25 broken on i686 Date: Mon, 24 Apr 2017 23:24:33 +0200 Message-ID: <87k269sdm6.fsf@elephly.net> References: <87tw5r5hxs.fsf@elephly.net> <87d1cfdu6c.fsf@gnu.org> <87zif7sc88.fsf@elephly.net> <87k26bdy3y.fsf@gnu.org> Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="=-=-=" Return-path: Received: from eggs.gnu.org ([2001:4830:134:3::10]:53656) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1d2lTl-0008RK-MR for bug-guix@gnu.org; Mon, 24 Apr 2017 17:25:07 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1d2lTi-0004ji-8X for bug-guix@gnu.org; Mon, 24 Apr 2017 17:25:05 -0400 Received: from debbugs.gnu.org ([208.118.235.43]:40397) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1d2lTi-0004jN-4j for bug-guix@gnu.org; Mon, 24 Apr 2017 17:25:02 -0400 Sender: "Debbugs-submit" Resent-Message-ID: In-reply-to: <87k26bdy3y.fsf@gnu.org> List-Id: Bug reports for GNU Guix List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-guix-bounces+gcggb-bug-guix=m.gmane.org@gnu.org Sender: "bug-Guix" To: Ludovic =?UTF-8?Q?Court=C3=A8s?= Cc: 26497@debbugs.gnu.org --=-=-= Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit Ludovic Courtès writes: > Ricardo Wurmus skribis: > >> Ludovic Courtès writes: >> >>> Ricardo Wurmus skribis: >>> >>>> Guix on i686 is broken since the update to glibc 2.25. There are >>>> seemingly random segfaults all over the place on my server. >>>> >>>> Ludo posted this upstream discussion: >>>> >>>> https://sourceware.org/bugzilla/show_bug.cgi?id=21182 >>> >>> Perhaps we don’t see the problem when running i686 code on x86_64. >>> >>>> I could test the patch on my i686 system, but it would take much too >>>> long for me to build the system from source on my machines. >>> >>> Could you first check if there’s a simple way to reproduce it on your >>> machine? For example, run “guix build coreutils” or “guix build >>> coreutils --check” and see if that fails. >>> >>> If it does, you could arrange to test the patch just in this setup. >> >> Do you mean apply the patch and build on i686 or apply the patch and >> build with “--system” on my x86_64 system? >> >> On the i686 system I cannot run anything with the latest glibc, so >> building there will likely fail unless the bug is fixed. > > What I mean is that if you could test the patch in any way you like ;-) > and ensure that it fixes the problem, it would be great. Oh, okay. I had misunderstood your message :) I applied the following patch to my i686 netbook and waited a day for coreutils and procps to be built with the new glibc. I cannot reproduce any crashes with these packages, so this seems to be fine. > Then we soon apply the patch conditionally on glibc (like I did for the > Coreutils patch for ARM) ASAP so that Hydra has time to rebuild the i686 > world. The attached patch is for core-updates, but I could also try to make it apply conditionally for i686. --=-=-= Content-Type: text/x-patch Content-Disposition: inline; filename=0001-gnu-glibc-linux-Fix-segfaults-on-i686.patch >From 2b2f1d4947e2198f7011b00a496be078f6a924fd Mon Sep 17 00:00:00 2001 From: Ricardo Wurmus Date: Mon, 24 Apr 2017 23:15:41 +0200 Subject: [PATCH] gnu: glibc/linux: Fix segfaults on i686. * gnu/packages/patches/glibc-memchr-overflow-i686.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/base.scm (glibc/linux)[source]: Add patch. --- gnu/local.mk | 1 + gnu/packages/base.scm | 1 + .../patches/glibc-memchr-overflow-i686.patch | 74 ++++++++++++++++++++++ 3 files changed, 76 insertions(+) create mode 100644 gnu/packages/patches/glibc-memchr-overflow-i686.patch diff --git a/gnu/local.mk b/gnu/local.mk index a0d7cfd0a..61c3f6ad8 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -609,6 +609,7 @@ dist_patch_DATA = \ %D%/packages/patches/glibc-bootstrap-system.patch \ %D%/packages/patches/glibc-ldd-x86_64.patch \ %D%/packages/patches/glibc-locales.patch \ + %D%/packages/patches/glibc-memchr-overflow-i686.patch \ %D%/packages/patches/glibc-o-largefile.patch \ %D%/packages/patches/glibc-versioned-locpath.patch \ %D%/packages/patches/gmp-arm-asm-nothumb.patch \ diff --git a/gnu/packages/base.scm b/gnu/packages/base.scm index 4fd9ed87e..52074c655 100644 --- a/gnu/packages/base.scm +++ b/gnu/packages/base.scm @@ -535,6 +535,7 @@ store.") (modules '((guix build utils))) (patches (search-patches "glibc-ldd-x86_64.patch" "glibc-versioned-locpath.patch" + "glibc-memchr-overflow-i686.patch" "glibc-o-largefile.patch")))) (build-system gnu-build-system) diff --git a/gnu/packages/patches/glibc-memchr-overflow-i686.patch b/gnu/packages/patches/glibc-memchr-overflow-i686.patch new file mode 100644 index 000000000..0b1b5b9f9 --- /dev/null +++ b/gnu/packages/patches/glibc-memchr-overflow-i686.patch @@ -0,0 +1,74 @@ +Extracted from glibc upstream git repository. Changes to the ChangeLog have +been removed. This patch is needed to fix spurious segmentation faults on +i686. + +From 3abeeec5f46ff036bd9df60bb096e20314ccd078 Mon Sep 17 00:00:00 2001 +From: Adhemerval Zanella +Date: Tue, 14 Mar 2017 14:16:13 -0300 +Subject: [PATCH] Fix i686 memchr overflow calculation (BZ#21182) + +This patch fixes the regression added by 23d2770 for final address +overflow calculation. The subtraction of the considered size (16) +at line 120 is at wrong place, for sizes less than 16 subsequent +overflow check will not take in consideration an invalid size (since +the subtraction will be negative). Also, the lea instruction also +does not raise the carry flag (CF) that is used in subsequent jbe +to check for overflow. + +The fix is to follow x86_64 logic from 3daef2c where the overflow +is first check and a sub instruction is issued. In case of resulting +negative size, CF will be set by the sub instruction and a NULL +result will be returned. The patch also add similar tests reported +in bug report. + +Checked on i686-linux-gnu and x86_64-linux-gnu. + + * string/test-memchr.c (do_test): Add BZ#21182 checks for address + near end of a page. + * sysdeps/i386/i686/multiarch/memchr-sse2.S (__memchr): Fix + overflow calculation. +--- + string/test-memchr.c | 6 ++++++ + sysdeps/i386/i686/multiarch/memchr-sse2.S | 2 +- + 3 files changed, 15 insertions(+), 1 deletion(-) + +diff --git a/string/test-memchr.c b/string/test-memchr.c +index 2403c9242b..669e092e7d 100644 +--- a/string/test-memchr.c ++++ b/string/test-memchr.c +@@ -210,6 +210,12 @@ test_main (void) + do_test (0, i, i + 1, i + 1, 0); + } + ++ /* BZ#21182 - wrong overflow calculation for i686 implementation ++ with address near end of the page. */ ++ for (i = 2; i < 16; ++i) ++ /* page_size is in fact getpagesize() * 2. */ ++ do_test (page_size / 2 - i, i, i, 1, 0x9B); ++ + do_random_tests (); + return ret; + } +diff --git a/sysdeps/i386/i686/multiarch/memchr-sse2.S b/sysdeps/i386/i686/multiarch/memchr-sse2.S +index 910679cfc0..e41f324a77 100644 +--- a/sysdeps/i386/i686/multiarch/memchr-sse2.S ++++ b/sysdeps/i386/i686/multiarch/memchr-sse2.S +@@ -117,7 +117,6 @@ L(crosscache): + + # ifndef USE_AS_RAWMEMCHR + jnz L(match_case2_prolog1) +- lea -16(%edx), %edx + /* Calculate the last acceptable address and check for possible + addition overflow by using satured math: + edx = ecx + edx +@@ -125,6 +124,7 @@ L(crosscache): + add %ecx, %edx + sbb %eax, %eax + or %eax, %edx ++ sub $16, %edx + jbe L(return_null) + lea 16(%edi), %edi + # else +-- +2.12.2 + -- 2.12.2 --=-=-= Content-Type: text/plain -- Ricardo GPG: BCA6 89B6 3655 3801 C3C6 2150 197A 5888 235F ACAC https://elephly.net --=-=-=--