'posix_spawn' glibc 2.26 race condition fires under qemu-binfmt

  • Done
  • quality assurance status badge
Details
5 participants
  • Chris Marusich
  • Danny Milosavljevic
  • Leo Famulari
  • Ludovic Courtès
  • Pjotr Prins
Owner
unassigned
Submitted by
Danny Milosavljevic
Severity
normal
D
D
Danny Milosavljevic wrote on 8 Feb 2018 17:42
ARM compilation via qemu binfmt - Assertion failure
20180208174238.2abc85dc@scratchpost.org
Hi ng0,

On Tue, 06 Feb 2018 10:33:56 +0000
ng0@n0.is wrote:

Toggle quote (2 lines)
> recently I've read about slow but native compiling of ARM on qemu.

Unfortunately, there's a (pretty reproducible) problem with it.

guix-master/guix $ ./pre-inst-env guix system disk-image --system=armhf-linux -e "(@ (gnu system install) installation-os)"
[... building grub-2.02 ...]
phase `configure' succeeded after 821.8 seconds
starting phase `patch-generated-file-shebangs'
patch-makefile-SHELL: ./po/Makefile: changing `SHELL' from `/bin/sh' to `/gnu/st[...]
phase `patch-generated-file-shebangs' succeeded after 14.6 seconds
starting phase `build'
bison -d -p grub_script_yy -b grub_script ./grub-core/script/parser.y
flex -o grub_script.yy.c --header-file=grub_script.yy.h ./grub-core/script/yylex[...]
bison: ../sysdeps/unix/sysv/linux/spawni.c:360: __spawnix: Assertion `ec >= 0' failed

This is only fixed in glibc 2.27 (not in core-updates).

The fix is:

Toggle diff (22 lines)
diff --git a/sysdeps/unix/sysv/linux/spawni.c b/sysdeps/unix/sysv/linux/spawni.c
index dea1650..f02ac19 100644
--- a/sysdeps/unix/sysv/linux/spawni.c
+++ b/sysdeps/unix/sysv/linux/spawni.c
@@ -365,9 +365,15 @@ __spawnix (pid_t * pid, const char *file,
if (new_pid > 0)
{
ec = args.err;
- assert (ec >= 0);
if (ec != 0)
- __waitpid (new_pid, NULL, 0);
+ {
+ /* It handles the unlikely case where the auxiliary vfork process
+ is killed before calling _exit or execve. */
+ int status;
+ __waitpid (new_pid, &status, 0);
+ if (WIFSIGNALED (status))
+ ec = 0;
+ }
}
else
ec = -new_pid;
C
C
Chris Marusich wrote on 11 Feb 2018 00:45
(name . Danny Milosavljevic)(address . dannym@scratchpost.org)
87fu68o1dd.fsf@gmail.com
Danny Milosavljevic <dannym@scratchpost.org> writes:

Toggle quote (2 lines)
> This is only fixed in glibc 2.27 (not in core-updates).

Should we upgrade glibc in core-updates, then? Or is it better to do it
in the next core-updates cycle, to avoid still more unexpected breakage?

--
Chris
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEy/WXVcvn5+/vGD+x3UCaFdgiRp0FAlp/hA4ACgkQ3UCaFdgi
Rp1XhA/+L1qdclXARzM+Bgbjwhl7p/fHX2gFj0y/Ge0N3RZIeHuq03yzEggM7vm3
VnIDTMC3J6sEQAScH+oueGkZT6rQHds+qtyTsRZLO0gy3h9h8vgx/dIatiT7ZWb9
CtBrZbLJgK4o46qcY+0Z7THvFXegLb/4ua/qCiKn0lvW0BMKUuaYPzy/qRwwmeZP
l0Eg8PHgjfm4LMAKt1BSiV6kSi+2avExt0KUS9W5F1kZdTYJKyO5LWhYzZwtZtCh
2FeJMdPob754Ub/WEqEsFum1xRKyCG9JTymHCvCdvmQBrXIZ+SHI0NbHa0PxMO/f
1/LHf5fNuLf9aiGLAoDRTJtwjUKL7N2QC2TZvvV52q9Z/Q1nHaE49yWAPAhP4amW
zjqScH4yJ+4W7mKLmkOoxQpHgboZuemUh6i1Yfzek7utFDoGvhkQTaT8fjp31EMb
HB/4Q1SljaxsKK/rygGlmZ+BYr169V84GS6ennamDapz+sqTI9TO4nuXD5MpNR+b
bkcn1o0l4aYwnkf2zW/0mGXaD8YMfjVswk/zfcWLCdN4agPQ78iZOJGNqEpuoYqO
2ieou1nOLSn30l3TqogBAr8SJx/gAyYselSMvbR8rdvvYEMtlyH+3ASnEqQaFpFi
ZWJhMFY7AjgMgjemU5IkiTjsrpsSkih/n7yxYQHduantukTPd/w=
=Qp+k
-----END PGP SIGNATURE-----

L
L
Leo Famulari wrote on 11 Feb 2018 02:07
Re: bug#30394: ARM compilation via qemu binfmt - Assertion failure
(name . Chris Marusich)(address . cmmarusich@gmail.com)
20180211010728.GB28859@jasmine.lan
On Sun, Feb 11, 2018 at 12:45:18AM +0100, Chris Marusich wrote:
Toggle quote (7 lines)
> Danny Milosavljevic <dannym@scratchpost.org> writes:
>
> > This is only fixed in glibc 2.27 (not in core-updates).
>
> Should we upgrade glibc in core-updates, then? Or is it better to do it
> in the next core-updates cycle, to avoid still more unexpected breakage?

It's too late in this cycle. Upgrading glibc would require a full
rebuild and would introduce new failures.
-----BEGIN PGP SIGNATURE-----

iQIzBAABCAAdFiEEsFFZSPHn08G5gDigJkb6MLrKfwgFAlp/l1AACgkQJkb6MLrK
fwh4GxAAkLGGmGIDoiHr6i+qUFKLwrwbWIF7XV+OGX/8DX9j2Kin65WdJb6IduDz
ixXadA7UiOqdWouuaSq/cw/6zZuvKJZ8SXNNu3noGbseWlF7f2o+uwkhBUdFnUVZ
YipiQGmDDarMo+2ImTyFuYtLMEaHqiw9YK2rLhsTCj0VUk+X37zoOvM4DYJ2mpxX
KIdxxGjuxHtHgbOCJdgPn29Gh5xVvnwr+ZTCpLxBQa0f3z/SrU8v8/ibWKOyciaE
M09/PkQY6rYCWD3R01KFOnz98sQt3///BzSoRZnDs6c73M68ElTDxrAXiL3dOfj/
J/uuJd4WUJLHcuaVpsoaBEdWBs2KcQiwwcv+vRlIZ3bWOLxlcvrjb8gv49DirJkB
lZWqTYNEom8GQOdUq/zrOdLqC2NhRbZtTPZO/s7ceEY+itLwoyO4TDtjyTbBD2iq
NlE/zK8+E9NIl0pQevVgsOmcI5hpUeuS4OCv0+L3k5SD3uAFXw0MGa3Pljqwir/n
tq6FiqppBON1gPK8c21v/+gqeEhR33Z+4hcg24jH7+1TyAtz7kK0bUcvS2H+V5Bb
3/S+UcC+9LxnmOstIzsetfLe7dMUTQFCq1VvPX28tm+DT9ylcIc+wKhmokva0uYr
3UmsoPjpDDzZEhu5/gxnGUIzq7dC7SDlXGoT4GBwpwfsrmD5FqI=
=T/Z0
-----END PGP SIGNATURE-----


P
P
Pjotr Prins wrote on 11 Feb 2018 10:53
Re: ARM compilation via qemu binfmt - Assertion failure
(name . Chris Marusich)(address . cmmarusich@gmail.com)
20180211095332.GA18764@thebird.nl
On Sun, Feb 11, 2018 at 12:45:18AM +0100, Chris Marusich wrote:
Toggle quote (7 lines)
> Danny Milosavljevic <dannym@scratchpost.org> writes:
>
> > This is only fixed in glibc 2.27 (not in core-updates).
>
> Should we upgrade glibc in core-updates, then? Or is it better to do it
> in the next core-updates cycle, to avoid still more unexpected breakage?

I think we should not update packages deep in the tree unless there is
a security patch. What we have now is well tested.

Pj.


--
L
L
Ludovic Courtès wrote on 16 Feb 2018 11:35
Re: bug#30394: ARM compilation via qemu binfmt - Assertion failure
(name . Danny Milosavljevic)(address . dannym@scratchpost.org)
87vaexp6gw.fsf@gnu.org
Hello,

Danny Milosavljevic <dannym@scratchpost.org> skribis:

Toggle quote (13 lines)
> Unfortunately, there's a (pretty reproducible) problem with it.
>
> guix-master/guix $ ./pre-inst-env guix system disk-image --system=armhf-linux -e "(@ (gnu system install) installation-os)"
> [... building grub-2.02 ...]
> phase `configure' succeeded after 821.8 seconds
> starting phase `patch-generated-file-shebangs'
> patch-makefile-SHELL: ./po/Makefile: changing `SHELL' from `/bin/sh' to `/gnu/st[...]
> phase `patch-generated-file-shebangs' succeeded after 14.6 seconds
> starting phase `build'
> bison -d -p grub_script_yy -b grub_script ./grub-core/script/parser.y
> flex -o grub_script.yy.c --header-file=grub_script.yy.h ./grub-core/script/yylex[...]
> bison: ../sysdeps/unix/sysv/linux/spawni.c:360: __spawnix: Assertion `ec >= 0' failed

[...]

Toggle quote (12 lines)
> diff --git a/sysdeps/unix/sysv/linux/spawni.c b/sysdeps/unix/sysv/linux/spawni.c
> index dea1650..f02ac19 100644
> --- a/sysdeps/unix/sysv/linux/spawni.c
> +++ b/sysdeps/unix/sysv/linux/spawni.c
> @@ -365,9 +365,15 @@ __spawnix (pid_t * pid, const char *file,
> if (new_pid > 0)
> {
> ec = args.err;
> - assert (ec >= 0);
> if (ec != 0)

Note that this is only a problem for code that uses the ‘posix_spawn’
interface, such as Bison in the example above.

In practice that interface is rarely used, which is probably why I never
hit that assertion before.

Ludo’.
L
L
Ludovic Courtès wrote on 9 Mar 2018 13:36
control message for bug #30394
(address . control@debbugs.gnu.org)
87r2otzarl.fsf@gnu.org
retitle 30394 'posix_spawn' glibc 2.26 race condition fires under qemu-binfmt
L
L
Ludovic Courtès wrote on 31 Jan 2020 18:41
(address . control@debbugs.gnu.org)
87k1574j6o.fsf@gnu.org
tags 30394 notabug
close 30394
quit
?