'posix_spawn' glibc 2.26 race condition fires under qemu-binfmt

  • Done
  • quality assurance status badge
Details
5 participants
  • Chris Marusich
  • Danny Milosavljevic
  • Leo Famulari
  • Ludovic Courtès
  • Pjotr Prins
Owner
unassigned
Submitted by
Danny Milosavljevic
Severity
normal

Debbugs page

D
D
Danny Milosavljevic wrote on 8 Feb 2018 08:42
ARM compilation via qemu binfmt - Assertion failure
20180208174238.2abc85dc@scratchpost.org
Hi ng0,

On Tue, 06 Feb 2018 10:33:56 +0000
ng0@n0.is wrote:

Toggle quote (2 lines)
> recently I've read about slow but native compiling of ARM on qemu.

Unfortunately, there's a (pretty reproducible) problem with it.

guix-master/guix $ ./pre-inst-env guix system disk-image --system=armhf-linux -e "(@ (gnu system install) installation-os)"
[... building grub-2.02 ...]
phase `configure' succeeded after 821.8 seconds
starting phase `patch-generated-file-shebangs'
patch-makefile-SHELL: ./po/Makefile: changing `SHELL' from `/bin/sh' to `/gnu/st[...]
phase `patch-generated-file-shebangs' succeeded after 14.6 seconds
starting phase `build'
bison -d -p grub_script_yy -b grub_script ./grub-core/script/parser.y
flex -o grub_script.yy.c --header-file=grub_script.yy.h ./grub-core/script/yylex[...]
bison: ../sysdeps/unix/sysv/linux/spawni.c:360: __spawnix: Assertion `ec >= 0' failed

This is only fixed in glibc 2.27 (not in core-updates).

The fix is:

Toggle diff (22 lines)
diff --git a/sysdeps/unix/sysv/linux/spawni.c b/sysdeps/unix/sysv/linux/spawni.c
index dea1650..f02ac19 100644
--- a/sysdeps/unix/sysv/linux/spawni.c
+++ b/sysdeps/unix/sysv/linux/spawni.c
@@ -365,9 +365,15 @@ __spawnix (pid_t * pid, const char *file,
if (new_pid > 0)
{
ec = args.err;
- assert (ec >= 0);
if (ec != 0)
- __waitpid (new_pid, NULL, 0);
+ {
+ /* It handles the unlikely case where the auxiliary vfork process
+ is killed before calling _exit or execve. */
+ int status;
+ __waitpid (new_pid, &status, 0);
+ if (WIFSIGNALED (status))
+ ec = 0;
+ }
}
else
ec = -new_pid;
C
C
Chris Marusich wrote on 10 Feb 2018 15:45
(name . Danny Milosavljevic)(address . dannym@scratchpost.org)
87fu68o1dd.fsf@gmail.com
Danny Milosavljevic <dannym@scratchpost.org> writes:

Toggle quote (2 lines)
> This is only fixed in glibc 2.27 (not in core-updates).

Should we upgrade glibc in core-updates, then? Or is it better to do it
in the next core-updates cycle, to avoid still more unexpected breakage?

--
Chris
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEy/WXVcvn5+/vGD+x3UCaFdgiRp0FAlp/hA4ACgkQ3UCaFdgi
Rp1XhA/+L1qdclXARzM+Bgbjwhl7p/fHX2gFj0y/Ge0N3RZIeHuq03yzEggM7vm3
VnIDTMC3J6sEQAScH+oueGkZT6rQHds+qtyTsRZLO0gy3h9h8vgx/dIatiT7ZWb9
CtBrZbLJgK4o46qcY+0Z7THvFXegLb/4ua/qCiKn0lvW0BMKUuaYPzy/qRwwmeZP
l0Eg8PHgjfm4LMAKt1BSiV6kSi+2avExt0KUS9W5F1kZdTYJKyO5LWhYzZwtZtCh
2FeJMdPob754Ub/WEqEsFum1xRKyCG9JTymHCvCdvmQBrXIZ+SHI0NbHa0PxMO/f
1/LHf5fNuLf9aiGLAoDRTJtwjUKL7N2QC2TZvvV52q9Z/Q1nHaE49yWAPAhP4amW
zjqScH4yJ+4W7mKLmkOoxQpHgboZuemUh6i1Yfzek7utFDoGvhkQTaT8fjp31EMb
HB/4Q1SljaxsKK/rygGlmZ+BYr169V84GS6ennamDapz+sqTI9TO4nuXD5MpNR+b
bkcn1o0l4aYwnkf2zW/0mGXaD8YMfjVswk/zfcWLCdN4agPQ78iZOJGNqEpuoYqO
2ieou1nOLSn30l3TqogBAr8SJx/gAyYselSMvbR8rdvvYEMtlyH+3ASnEqQaFpFi
ZWJhMFY7AjgMgjemU5IkiTjsrpsSkih/n7yxYQHduantukTPd/w=
=Qp+k
-----END PGP SIGNATURE-----

L
L
Leo Famulari wrote on 10 Feb 2018 17:07
Re: bug#30394: ARM compilation via qemu binfmt - Assertion failure
(name . Chris Marusich)(address . cmmarusich@gmail.com)
20180211010728.GB28859@jasmine.lan
On Sun, Feb 11, 2018 at 12:45:18AM +0100, Chris Marusich wrote:
Toggle quote (7 lines)
> Danny Milosavljevic <dannym@scratchpost.org> writes:
>
> > This is only fixed in glibc 2.27 (not in core-updates).
>
> Should we upgrade glibc in core-updates, then? Or is it better to do it
> in the next core-updates cycle, to avoid still more unexpected breakage?

It's too late in this cycle. Upgrading glibc would require a full
rebuild and would introduce new failures.
-----BEGIN PGP SIGNATURE-----

iQIzBAABCAAdFiEEsFFZSPHn08G5gDigJkb6MLrKfwgFAlp/l1AACgkQJkb6MLrK
fwh4GxAAkLGGmGIDoiHr6i+qUFKLwrwbWIF7XV+OGX/8DX9j2Kin65WdJb6IduDz
ixXadA7UiOqdWouuaSq/cw/6zZuvKJZ8SXNNu3noGbseWlF7f2o+uwkhBUdFnUVZ
YipiQGmDDarMo+2ImTyFuYtLMEaHqiw9YK2rLhsTCj0VUk+X37zoOvM4DYJ2mpxX
KIdxxGjuxHtHgbOCJdgPn29Gh5xVvnwr+ZTCpLxBQa0f3z/SrU8v8/ibWKOyciaE
M09/PkQY6rYCWD3R01KFOnz98sQt3///BzSoRZnDs6c73M68ElTDxrAXiL3dOfj/
J/uuJd4WUJLHcuaVpsoaBEdWBs2KcQiwwcv+vRlIZ3bWOLxlcvrjb8gv49DirJkB
lZWqTYNEom8GQOdUq/zrOdLqC2NhRbZtTPZO/s7ceEY+itLwoyO4TDtjyTbBD2iq
NlE/zK8+E9NIl0pQevVgsOmcI5hpUeuS4OCv0+L3k5SD3uAFXw0MGa3Pljqwir/n
tq6FiqppBON1gPK8c21v/+gqeEhR33Z+4hcg24jH7+1TyAtz7kK0bUcvS2H+V5Bb
3/S+UcC+9LxnmOstIzsetfLe7dMUTQFCq1VvPX28tm+DT9ylcIc+wKhmokva0uYr
3UmsoPjpDDzZEhu5/gxnGUIzq7dC7SDlXGoT4GBwpwfsrmD5FqI=
=T/Z0
-----END PGP SIGNATURE-----


P
P
Pjotr Prins wrote on 11 Feb 2018 01:53
Re: ARM compilation via qemu binfmt - Assertion failure
(name . Chris Marusich)(address . cmmarusich@gmail.com)
20180211095332.GA18764@thebird.nl
On Sun, Feb 11, 2018 at 12:45:18AM +0100, Chris Marusich wrote:
Toggle quote (7 lines)
> Danny Milosavljevic <dannym@scratchpost.org> writes:
>
> > This is only fixed in glibc 2.27 (not in core-updates).
>
> Should we upgrade glibc in core-updates, then? Or is it better to do it
> in the next core-updates cycle, to avoid still more unexpected breakage?

I think we should not update packages deep in the tree unless there is
a security patch. What we have now is well tested.

Pj.


--
L
L
Ludovic Courtès wrote on 16 Feb 2018 02:35
Re: bug#30394: ARM compilation via qemu binfmt - Assertion failure
(name . Danny Milosavljevic)(address . dannym@scratchpost.org)
87vaexp6gw.fsf@gnu.org
Hello,

Danny Milosavljevic <dannym@scratchpost.org> skribis:

Toggle quote (13 lines)
> Unfortunately, there's a (pretty reproducible) problem with it.
>
> guix-master/guix $ ./pre-inst-env guix system disk-image --system=armhf-linux -e "(@ (gnu system install) installation-os)"
> [... building grub-2.02 ...]
> phase `configure' succeeded after 821.8 seconds
> starting phase `patch-generated-file-shebangs'
> patch-makefile-SHELL: ./po/Makefile: changing `SHELL' from `/bin/sh' to `/gnu/st[...]
> phase `patch-generated-file-shebangs' succeeded after 14.6 seconds
> starting phase `build'
> bison -d -p grub_script_yy -b grub_script ./grub-core/script/parser.y
> flex -o grub_script.yy.c --header-file=grub_script.yy.h ./grub-core/script/yylex[...]
> bison: ../sysdeps/unix/sysv/linux/spawni.c:360: __spawnix: Assertion `ec >= 0' failed

[...]

Toggle quote (12 lines)
> diff --git a/sysdeps/unix/sysv/linux/spawni.c b/sysdeps/unix/sysv/linux/spawni.c
> index dea1650..f02ac19 100644
> --- a/sysdeps/unix/sysv/linux/spawni.c
> +++ b/sysdeps/unix/sysv/linux/spawni.c
> @@ -365,9 +365,15 @@ __spawnix (pid_t * pid, const char *file,
> if (new_pid > 0)
> {
> ec = args.err;
> - assert (ec >= 0);
> if (ec != 0)

Note that this is only a problem for code that uses the ‘posix_spawn’
interface, such as Bison in the example above.

In practice that interface is rarely used, which is probably why I never
hit that assertion before.

Ludo’.
L
L
Ludovic Courtès wrote on 9 Mar 2018 04:36
control message for bug #30394
(address . control@debbugs.gnu.org)
87r2otzarl.fsf@gnu.org
retitle 30394 'posix_spawn' glibc 2.26 race condition fires under qemu-binfmt
L
L
Ludovic Courtès wrote on 31 Jan 2020 09:41
(address . control@debbugs.gnu.org)
87k1574j6o.fsf@gnu.org
tags 30394 notabug
close 30394
quit
?
Your comment

This issue is archived.

To comment on this conversation send an email to 30394@patchwise.org

To respond to this issue using the mumi CLI, first switch to it
mumi current 30394
Then, you may apply the latest patchset in this issue (with sign off)
mumi am -- -s
Or, compose a reply to this issue
mumi compose
Or, send patches to this issue
mumi send-email *.patch