Bug#171550: marked as done ([ia64] [patch] strncpy.S segfault patch)
Your message dated Sat, 21 Dec 2002 05:03:01 -0500
with message-id <E18PgTF-0008Kc-00@auric.debian.org>
and subject line Bug#171550: fixed in glibc 2.3.1-6
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 3 Dec 2002 07:35:39 +0000
>From randolph@tausq.org Tue Dec 03 01:35:39 2002
Return-path: <randolph@tausq.org>
Received: from gandalf.tausq.org (pippin.tausq.org) [64.81.244.94]
by master.debian.org with esmtp (Exim 3.12 1 (Debian))
id 18J7ak-0004tG-00; Tue, 03 Dec 2002 01:35:38 -0600
Received: by pippin.tausq.org (Postfix, from userid 1000)
id 187F3CD839; Mon, 2 Dec 2002 23:40:03 -0800 (PST)
Date: Mon, 2 Dec 2002 23:40:03 -0800
From: Randolph Chung <tausq@debian.org>
To: submit@bugs.debian.org
Subject: [ia64] [patch] strncpy.S segfault patch
Message-ID: <[🔎] 20021203074002.GZ21187@tausq.org>
Reply-To: Randolph Chung <tausq@debian.org>
Mime-Version: 1.0
Content-Type: multipart/mixed; boundary="LSp5EJdfMPwZcMS1"
Content-Disposition: inline
User-Agent: Mutt/1.4i
X-PGP: for PGP key, see http://www.tausq.org/pgp.txt
X-GPG: for GPG key, see http://www.tausq.org/gpg.txt
Delivered-To: submit@bugs.debian.org
X-Spam-Status: No, hits=-5.2 required=5.0
tests=PATCH_UNIFIED_DIFF,SPAM_PHRASE_00_01,USER_AGENT,
USER_AGENT_MUTT
version=2.41
X-Spam-Level:
--LSp5EJdfMPwZcMS1
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Package: glibc
Version: 2.3.1-5
Severity: important
Tags: patch
This is a slightly modified patch (from the one I forwarded upstream)
for strncpy.S on ia64. It differs only in that it applies against our
2.3.1 tarball rather than cvs.
Please add to the list.
randolph
--
Randolph Chung
Debian GNU/Linux Developer, hppa/ia64 ports
http://www.tausq.org/
--LSp5EJdfMPwZcMS1
Content-Type: text/plain; charset=us-ascii
Content-Disposition: attachment; filename="glibc23-ia64-strncpy.dpatch"
#! /bin/sh -e
# DP: Description: Fix recovery code in ia64 strncpy routine
# DP: Author: Kenneth W Chen <kenneth.w.chen@intel.com>
# DP: Upstream status: Pending
# DP: Status Details: Submitted to libc-alpha on Dec 2
# DP: Date: Mon, 02 Dec 2002 23:13:31 -0800
if [ $# -ne 2 ]; then
echo >&2 "`basename $0`: script expects -patch|-unpatch as argument"
exit 1
fi
case "$1" in
-patch) patch -d "$2" -f --no-backup-if-mismatch -p1 < $0;;
-unpatch) patch -d "$2" -f --no-backup-if-mismatch -R -p1 < $0;;
*)
echo >&2 "`basename $0`: script expects -patch|-unpatch as argument"
exit 1
esac
exit 0
# append the patch here and adjust the -p? flag in the patch calls.
2002-11-19 Kenneth W. Chen <kenneth.w.chen@intel.com>
* sysdeps/ia64/strncpy.S: (strncpy) initialize ar.ec,
ec is not guaranteed to be zero upon function entry;
fix segfault in recovery 4 section when src length
ends exactly at a page boundary, and there are no
mapping after that page.
2002-12-02 Randolph Chung <tausq@debian.org>
* string/bug-strncpy.c: test case for strncpy segfault
* string/Makefile: add bug-strncpy test case
--- glibc/sysdeps/ia64/strncpy.S.orig 2002-09-30 15:02:45.000000000 -0700
+++ glibc/sysdeps/ia64/strncpy.S 2002-12-02 21:55:48.000000000 -0800
@@ -63,6 +63,7 @@
mov saved_pr = pr // save the predicate registers
.save ar.lc, saved_lc
mov saved_lc = ar.lc // save the loop counter
+ mov ar.ec = 0
.body
cmp.geu p6, p5 = 24, in2
(p6) br.cond.spnt .short_len
@@ -217,11 +218,13 @@
(p5) mov r[0] = r0
br.cond.sptk .back2
.recovery3:
- add tmp = -MEMLAT * 8, src ;;
+ add tmp = -(MEMLAT + 1) * 8, src ;;
ld8 r[MEMLAT] = [tmp]
br.cond.sptk .back3
.recovery4:
- add tmp = -(MEMLAT - 1) * 8, src ;;
- ld8 r[MEMLAT - 1] = [tmp]
+ cmp.eq p8,p9=0,len
+ add tmp = -MEMLAT * 8, src ;;
+(p8) mov r[MEMLAT - 1] = r0
+(p9) ld8 r[MEMLAT - 1] = [tmp]
br.cond.sptk .back4
END(strncpy)
--- glibc/string/Makefile.orig 2002-12-02 22:26:22.000000000 -0800
+++ glibc/string/Makefile 2002-12-02 22:27:46.000000000 -0800
@@ -48,7 +48,7 @@
tests := tester inl-tester noinl-tester testcopy test-ffs \
tst-strlen stratcliff tst-svc tst-inlcall \
bug-strncat1 bug-strspn1 bug-strpbrk1 tst-bswap \
- tst-strtok tst-strxfrm bug-strcoll1
+ tst-strtok tst-strxfrm bug-strcoll1 bug-strncpy
distribute := memcopy.h pagecopy.h tst-svc.expect
--- glibc/string/bug-strncpy.c 2002-12-02 22:27:32.000000000 -0800
+++ glibc/string/bug-strncpy.c 2002-12-02 22:27:32.000000000 -0800
@@ -0,0 +1,81 @@
+/* Test case from Kenneth W Chen <kenneth.w.chen@intel.com>; adapted
+ * for glibc by Randolph Chung <tausq@debian.org>
+ *
+ * Tests the case where the src length ends at a page boundary
+ * and the next page is not mapped
+ */
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include <sys/shm.h>
+#include <signal.h>
+
+#define MCPYSIZE 2048
+#define SHMSIZE (MCPYSIZE * sizeof(long))
+static int shmid = -1;
+static char* shmaddr;
+
+void sighandler(int sig)
+{
+ if (shmid != -1)
+ {
+ shmdt(shmaddr);
+ shmctl(shmid, IPC_RMID, NULL);
+ }
+
+ exit(1);
+}
+
+int main(int argc, char **argv)
+{
+ long buffer[MCPYSIZE];
+ int i, j, k, x;
+ char *src, *dst;
+ size_t len;
+
+ shmid = shmget(1, SHMSIZE, IPC_CREAT|SHM_R|SHM_W);
+ shmaddr = (char*) shmat(shmid, NULL, SHM_RND);
+
+ signal(SIGSEGV, sighandler);
+
+ for (i=0; i<SHMSIZE; i++)
+ shmaddr[i] = i;
+
+ dst = (char*) buffer;
+
+ for (k=1; k<1000; k+=1) {
+ for (i=0; i<8; i++) {
+ for (j=0; j<8; j++) {
+
+ src = (char*) shmaddr + SHMSIZE - k - i;
+ dst = (char*) buffer + j;
+ len = k;
+
+ // printf("dst %p src %p n %4d\n", dst, src, len);
+ strncpy(dst, src, len);
+
+ for (x=0; x<len; x++) {
+ if (src[x] == 0) break;
+ if ( dst[x] != src[x] ) {
+ unsigned long * l_src = (unsigned long*) ((unsigned long) &src[x] & -8);
+ unsigned long * l_dst = (unsigned long*) ((unsigned long) &dst[x] & -8);
+
+ printf("error\t");
+ printf("dst %p src %p n %4zd\n", dst, src, len);
+
+ printf("%d: %x %x\n", x, dst[x], src[x]);
+
+ printf("%d: %16lx %16lx\n", x, *l_dst, *l_src);
+ exit(1);
+ }
+ }
+ } /* for (j=0 ... */
+ } /* for (i=0 ... */
+ } /* for (k=0 ... */
+
+ shmdt(shmaddr);
+ shmctl(shmid, IPC_RMID, NULL);
+
+ return 0;
+}
+
--LSp5EJdfMPwZcMS1--
---------------------------------------
Received: (at 171550-close) by bugs.debian.org; 21 Dec 2002 10:04:15 +0000
>From katie@auric.debian.org Sat Dec 21 04:04:14 2002
Return-path: <katie@auric.debian.org>
Received: from auric.debian.org [206.246.226.45] (mail)
by master.debian.org with esmtp (Exim 3.12 1 (Debian))
id 18PgUQ-0003e9-00; Sat, 21 Dec 2002 04:04:14 -0600
Received: from katie by auric.debian.org with local (Exim 3.35 1 (Debian))
id 18PgTF-0008Kc-00; Sat, 21 Dec 2002 05:03:01 -0500
From: Jeff Bailey <jbailey@nisa.net>
To: 171550-close@bugs.debian.org
X-Katie: $Revision: 1.29 $
Subject: Bug#171550: fixed in glibc 2.3.1-6
Message-Id: <E18PgTF-0008Kc-00@auric.debian.org>
Sender: Archive Administrator <katie@auric.debian.org>
Date: Sat, 21 Dec 2002 05:03:01 -0500
Delivered-To: 171550-close@bugs.debian.org
We believe that the bug you reported is fixed in the latest version of
glibc, which is due to be installed in the Debian FTP archive:
glibc-doc_2.3.1-6_all.deb
to pool/main/g/glibc/glibc-doc_2.3.1-6_all.deb
glibc_2.3.1-6.diff.gz
to pool/main/g/glibc/glibc_2.3.1-6.diff.gz
glibc_2.3.1-6.dsc
to pool/main/g/glibc/glibc_2.3.1-6.dsc
libc-udeb_2.3.1-6_i386.udeb
to pool/main/g/glibc/libc-udeb_2.3.1-6_i386.udeb
libc6-dbg_2.3.1-6_i386.deb
to pool/main/g/glibc/libc6-dbg_2.3.1-6_i386.deb
libc6-dev_2.3.1-6_i386.deb
to pool/main/g/glibc/libc6-dev_2.3.1-6_i386.deb
libc6-pic_2.3.1-6_i386.deb
to pool/main/g/glibc/libc6-pic_2.3.1-6_i386.deb
libc6-prof_2.3.1-6_i386.deb
to pool/main/g/glibc/libc6-prof_2.3.1-6_i386.deb
libc6_2.3.1-6_i386.deb
to pool/main/g/glibc/libc6_2.3.1-6_i386.deb
locales_2.3.1-6_all.deb
to pool/main/g/glibc/locales_2.3.1-6_all.deb
nscd_2.3.1-6_i386.deb
to pool/main/g/glibc/nscd_2.3.1-6_i386.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 171550@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Jeff Bailey <jbailey@nisa.net> (supplier of updated glibc package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Fri, 20 Dec 2002 20:19:24 -0500
Source: glibc
Binary: libc6.1-prof libc1 libc0.3-pic locales glibc-doc libc6-pic libc-udeb libc1-prof libc0.3 libc0.3-dbg libc6.1-dev libc1-pic libc6-s390x libc6-prof libc1-dbg libc6-dev-sparc64 libc6 libc0.3-dev libc6-dbg nscd libc6.1-dbg libc6.1-pic libc6-sparc64 libc6-dev libc0.3-prof libc6.1 libc6-dev-s390x libc1-dev
Architecture: source i386 all
Version: 2.3.1-6
Distribution: unstable
Urgency: low
Maintainer: GNU Libc Maintainers <debian-glibc@lists.debian.org>
Changed-By: Jeff Bailey <jbailey@nisa.net>
Description:
glibc-doc - GNU C Library: Documentation
libc-udeb - GNU C Library: Shared libraries and Timezone data - udeb (udeb)
libc6 - GNU C Library: Shared libraries and Timezone data
libc6-dbg - GNU C Library: Libraries with debugging symbols
libc6-dev - GNU C Library: Development Libraries and Header Files.
libc6-pic - GNU C Library: PIC archive library
libc6-prof - GNU C Library: Profiling Libraries.
locales - GNU C Library: National Language (locale) data [support]
nscd - GNU C Library: Name Service Cache Daemon
Closes: 151784 154244 156386 164523 165358 165603 169919 170385 170507 171451 171550 171804 173201
Changes:
glibc (2.3.1-6) unstable; urgency=low
.
* The "I will not be thwarted" release.
.
* Daniel Jacobowitz <dan@debian.org>
- Update glibc23-ctype-compat.patch to fix segfaults in old static
binaries (Closes: #171451).
- Allow building from the CVS checkout without getting CVS dirs in the
resulting packages. Whew.
.
* Jeff Bailey <jbailey@nisa.net>
- debian/patches/cvs.dpatch: Update.
(Closes: #171550, #170507)
- debian/patches/0list: Update
- debian/control.in/libc: Conflict against wine (<< 0.0.20021007-1)
(Closes: #170385)
Also conflict against php4 (<< 4:4.2.3-5)
Thanks to Steve Langasek for hunting this down!
- debian/rules: Disable sparc64 build targets for now.
- debian/packages.d/s390x.mx: Setup the 64 bit build as a cross-compile,
because 's390' cannot run binaries intended for 's390x'
.
* GOTO Masanori <gotom@debian.or.jp>
- cvs.dpatch update resolve some bugs (Closes: #169919, #165603)
- debian/patches/glibc23-hppa-Rminkernel.dpatch: Added hppa kernel
version checking due to prevent people from installing unmatched version.
Patched by Carlos O'Donell (Closes: #171804)
- debian/libc/DEBIAN/preinst: likewise.
- glibc23-function-compat.dpatch: Added for some bad application to
keep running and not to resolve some symbols like __libc_wait,
__libc_waitpid, so on. This patch will be removed when sarge will be
relased apparently. (Closes: #165358, #173201)
.
- debian/locales/DEBIAN/config: db_set is set if and only if locale.gen
is existed. Patched by Masato Taruishi <taru@debian.org>
His note:
The previous config script always set locales_to_be_generated
even when /etc/locale.gen doesn't exist. So the question in
dpkg-preconfigure time became empty in dpkg --configure locales time.
This change resolves long outstanding locales bug.
(Closes: #156386, #151784, #154244, #164523)
Files:
25e7b44821cc29e548bde35f660cf3a3 1523 libs required glibc_2.3.1-6.dsc
a2e8886b35c81ae49e50f2c3a14ab195 1808921 libs required glibc_2.3.1-6.diff.gz
bdb7870dc7e68fc311b4e909c861264c 3191026 base required libc6_2.3.1-6_i386.deb
5ebe3058f2bb39f1976f38c18938472c 516008 debian-installer required libc-udeb_2.3.1-6_i386.udeb
74155f0ddc9c2bea9e540e1d7cb9084e 2386682 devel standard libc6-dev_2.3.1-6_i386.deb
74cb9c633284350298259704f17943ae 889004 devel extra libc6-prof_2.3.1-6_i386.deb
1d55e54d84d40245b9068d1f08916aa8 5286474 devel extra libc6-dbg_2.3.1-6_i386.deb
2d5864584789034febd98569e9f6cc60 840770 devel optional libc6-pic_2.3.1-6_i386.deb
0868eb8b1c3e70285ec883604617632d 63674 admin optional nscd_2.3.1-6_i386.deb
5510bbd029c3b04e21f36c2aca12b6f5 3741954 base standard locales_2.3.1-6_all.deb
1ddfa90f4c0f5c282ad099c75418299b 2980526 doc optional glibc-doc_2.3.1-6_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
iD8DBQE+BDLM5M5hmdCYCpkRAmmJAJ4hmzu6S4EIHwcgJF4P0qWqrV24dgCdH80z
r7n7bZl9ztDcgvvVw9QBaIQ=
=Vvxe
-----END PGP SIGNATURE-----
Reply to: