Bug#652146: hwinfo crash with segfault
tags 652146 patch thanks Michael Prokop wrote... Problem doesn't seem to be present on 32bit systems, but on amd64 it's definitely reproducable. The most likely culprit is push %%rbx\n\t in src/hd/hd.c:hd_is_xen, in combination with the compiler and perhaps libc. As the compiler makes the strcmp call inline, hd_is_xen becomes a leaf function. Hence the compiler optimizes the frame pointer handling, therefore %rsp is not decremented and may not be used for push/pop operations - at least not without tampering data, probably somewhere in the caller's domain. Suggested solution: Instead of pushing, save %rbp in another register and mark that one clobbered: --- src/hd/hd.c.orig2009-05-12 17:49:52.0 +0200 +++ src/hd/hd.c 2012-01-16 00:57:35.600532496 +0100 @@ -3245,16 +3257,16 @@ mov %%edx,8(%%esi)\n\t pop %%ebx #else -push %%rbx\n\t +mov %%ebx,%%edi\n\t cpuid\n\t mov %%ebx,(%%rsi)\n\t mov %%ecx,4(%%rsi)\n\t mov %%edx,8(%%rsi)\n\t -pop %%rbx +mov %%edi,%%ebx\n\t #endif : =a (u), =c (foo) : a (0x4000), c (0), S (signature) -: %edx +: %edx, %edi ); signature[12] = 0; Other solutions: * Mark %ebx clobbered. This appears to create the regular frameing but I wouldn't rely on that. * Use some kind of pragma that disables frame optimization. Ditto. Still unexplained: Why does this not happen on i386? Avoiding push/pop there too would at least do not harm. Christoph signature.asc Description: Digital signature
Bug#652146: hwinfo crash with segfault
severity 652146 grave thanks * [Don Dez 15, 2011 at 09:58:30 +0100]: hwinfo already chrash with segfault. 'dmesg | grep hwinfo' output [ 6750.021903] hwinfo[25037]: segfault at 503 ip 7fa9ba15a1e1 sp 7fff641fdb20 error 4 in libhd.so.16.0[7fa9ba12d000+bb000] I can reproduce the bug. Problem doesn't seem to be present on 32bit systems, but on amd64 it's definitely reproducable. regards, -mika- signature.asc Description: Digital signature
Bug#652146: hwinfo crash with segfault
Package: hwinfo Version: 16.0-2.1 Severity: important Dear Maintainer, *** Please consider answering these questions, where appropriate *** * What led up to the situation? * What exactly did you do (or not do) that was effective (or ineffective)? * What was the outcome of this action? * What outcome did you expect instead? *** End of the template - remove these lines *** -- System Information: Debian Release: wheezy/sid APT prefers testing-proposed-updates APT policy: (500, 'testing-proposed-updates'), (500, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 3.1.0-1-amd64 (SMP w/2 CPU cores) Locale: LANG=sk_SK.UTF-8, LC_CTYPE=sk_SK.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages hwinfo depends on: ii libc62.13-21 ii libhd16 16.0-2.1 hwinfo recommends no packages. hwinfo suggests no packages. -- no debconf information hwinfo already chrash with segfault. 'dmesg | grep hwinfo' output [ 6750.021903] hwinfo[25037]: segfault at 503 ip 7fa9ba15a1e1 sp 7fff641fdb20 error 4 in libhd.so.16.0[7fa9ba12d000+bb000] -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
