Bug 1529982

Summary: glibc: recompile glibc to fix incorrect CFI information on i386
Product: Red Hat Enterprise Linux 7 Reporter: Florian Weimer <fweimer>
Component: glibcAssignee: Carlos O'Donell <codonell>
Status: CLOSED ERRATA QA Contact: Sergey Kolosov <skolosov>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 7.5CC: ashankar, bgollahe, codonell, fweimer, lmiksik, mnewsome, pfrankli, skolosov
Target Milestone: rc   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: glibc-2.17-221.el7 Doc Type: No Doc Update
Doc Text:
undefined
 Story Points: ---
Clone Of: Environment:
Last Closed: 2018-04-10 14:04:32 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1529981    
Bug Blocks:    

Description Florian Weimer 2017-12-31 16:26:42 UTC 
glibc-2.17-220.el7.i686 has incorrect unwind information in /lib/libpthread.so.0:

0000d5b0 <__pthread_unwind>:
    d5b0:       57                      push   %edi
    d5b1:       56                      push   %esi
    d5b2:       53                      push   %ebx
    d5b3:       56                      push   %esi
    d5b4:       5e                      pop    %esi
    d5b5:       31 d2                   xor    %edx,%edx
    d5b7:       e8 14 7e ff ff          call   53d0 <__x86.get_pc_thunk.bx>
    d5bc:       81 c3 44 aa 00 00       add    $0xaa44,%ebx
    d5c2:       65 8b 35 08 00 00 00    mov    %gs:0x8,%esi
    d5c9:       89 c7                   mov    %eax,%edi
    d5cb:       83 ec 10                sub    $0x10,%esp
    d5ce:       31 c0                   xor    %eax,%eax
    d5d0:       65 a3 50 02 00 00       mov    %eax,%gs:0x250
    d5d6:       65 89 15 54 02 00 00    mov    %edx,%gs:0x254
    d5dd:       8d 83 50 54 ff ff       lea    -0xabb0(%ebx),%eax
    d5e3:       65 a3 58 02 00 00       mov    %eax,%gs:0x258
    d5e9:       8d 83 90 54 ff ff       lea    -0xab70(%ebx),%eax
    d5ef:       81 c6 50 02 00 00       add    $0x250,%esi
    d5f5:       89 7c 24 08             mov    %edi,0x8(%esp)
    d5f9:       89 44 24 04             mov    %eax,0x4(%esp)
    d5fd:       89 34 24                mov    %esi,(%esp)
    d600:       e8 bb 22 00 00          call   f8c0 <_Unwind_ForcedUnwind>
    d605:       e8 c6 70 ff ff          call   46d0 <abort@plt>
    d60a:       8d b6 00 00 00 00       lea    0x0(%esi),%esi

0000280c 00000028 00002810 FDE cie=00000000 pc=0000d5b0..0000d60a
  DW_CFA_advance_loc: 1 to 0000d5b1
  DW_CFA_def_cfa_offset: 8
  DW_CFA_offset: r7 (edi) at cfa-8
  DW_CFA_advance_loc: 1 to 0000d5b2
  DW_CFA_def_cfa_offset: 12
  DW_CFA_offset: r6 (esi) at cfa-12
  DW_CFA_advance_loc: 1 to 0000d5b3
  DW_CFA_def_cfa_offset: 16
  DW_CFA_offset: r3 (ebx) at cfa-16
  DW_CFA_advance_loc: 1 to 0000d5b4
  DW_CFA_def_cfa_offset: 20
  DW_CFA_offset: r6 (esi) at cfa-20
  DW_CFA_advance_loc: 1 to 0000d5b5
  DW_CFA_restore: r6 (esi)
  DW_CFA_def_cfa_offset: 16
  DW_CFA_advance_loc: 25 to 0000d5ce
  DW_CFA_def_cfa_offset: 32

There is a DW_CFA_restore for r6 (esi) at offset d5b5 (claiming that the register has the same value in the caller), but the register is overwritten at offset d5c9, so that the unwinder does not restore the original register value.

A simple recompilation of glibc should suffice to address this once bug 1529981 in gcc is fixed.
Comment 2 Florian Weimer 2017-12-31 19:02:54 UTC 
Presence of the bug confirmed in glibc-2.17-220.el7.i686:

$ build/tst-thread-exit-clobber 
info: unsigned int, direct pthread_exit call
tests/tst-thread-exit-clobber.cc:80: numeric comparison failure
   left: 4148288912 (0xf741dd90); from: value
  right: 1600833940 (0x5f6ac994); from: magic_values.v2
info: double, direct pthread_exit call
info: unsigned int, indirect pthread_exit call
info: double, indirect pthread_exit call
error: 1 test failures
Comment 3 Florian Weimer 2018-01-11 15:51:31 UTC 
We should backport the upstream test for this:

commit 579396ee082565ab5f42ff166a264891223b7b82
Author: Florian Weimer <fweimer>
Date:   Mon Jan 8 14:57:25 2018 +0100

    nptl: Add test for callee-saved register restore in pthread_exit

Also depends on a support/ update (we should just rebase):

commit dabd75b6a1180c2ca6a6f966f08cc00e8e72cce9
Author: Florian Weimer <fweimer>
Date:   Mon Jan 8 14:39:51 2018 +0100

    support: Define support_static_assert for use with C and C++
    
    And update TEST_COMPARE to use it, to make it usable from C++.
Comment 11 errata-xmlrpc 2018-04-10 14:04:32 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2018:0805