[Group.of.nepali.translators] [Bug 1873448] Re: stress-ng in xenial segfaults on dup stressor on arm64
** Changed in: stress-ng (Ubuntu) Status: New => Won't Fix -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1873448 Title: stress-ng in xenial segfaults on dup stressor on arm64 Status in stress-ng package in Ubuntu: Won't Fix Status in stress-ng source package in Xenial: Won't Fix Bug description: == SRU justification, Xenial == When running the --dup stressor with stress-ng with a process that is allowed to open more than 64K file descriptors we trigger a segfault because of an array overflow. == Fix == A simple fix is required, just a bounds check on the maximum size max_fd to limit it to the size of the fds array. == Testcase == stress-ng on arm64 with the --dup stressor will trigger this quite easily. The bug was found during regression testing of the previous xenial stress-ng upload. stress-ng --dup without the fix this will segfault. with the fix it works correctly. == Regression Potential == Low. This affects one stress case in stress-ng, the fix is localized and it a backport from an upstream stress-ng fix that has been working for several years w/o problem. Using host libthread_db library "/lib/aarch64-linux-gnu/libthread_db.so.1". stress-ng: info: [10979] defaulting to a 86400 second run per stressor stress-ng: info: [10979] dispatching hogs: 1 dup stress-ng: info: [10979] cache allocate: using built-in defaults as unable to determine cache details stress-ng: info: [10979] cache allocate: default cache size: 2048K [New process 10982] [Thread debugging using libthread_db enabled] Using host libthread_db library "/lib/aarch64-linux-gnu/libthread_db.so.1". 65536 1048573 Thread 2.1 "stress-ng-dup" received signal SIGSEGV, Segmentation fault. [Switching to Thread 0xb7ff1000 (LWP 10982)] 0x004191f0 in stress_dup (counter=0xb7cbee78, instance=, max_ops=0, name=) at stress-dup.c:63 63fds[i] = dup(fds[0]); This requires a fix from commit: 67d872611b860a79b03dca8c7549e5cee7fec4eb Mon Sep 17 00:00:00 2001 From: Colin Ian King Date: Tue, 8 Nov 2016 15:50:20 + Subject: [PATCH] treewide: remove messy #if defined() build checks diff --git a/stress-dup.c b/stress-dup.c index 2fe2d6a6..0ac13fee 100644 --- a/stress-dup.c +++ b/stress-dup.c @@ -45,7 +45,7 @@ int stress_dup( const char *name) { int fds[STRESS_FD_MAX]; - const size_t max_fd = stress_get_file_limit(); + size_t max_fd = stress_get_file_limit(); size_t i; #if defined(__linux__) bool do_dup3 = true; @@ -53,6 +53,9 @@ int stress_dup( (void)instance; + if (max_fd > SIZEOF_ARRAY(fds)) + max_fd = SIZEOF_ARRAY(fds); + fds[0] = open("/dev/zero", O_RDONLY); if (fds[0] < 0) { pr_fail_dbg(name, "open on /dev/zero"); To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/stress-ng/+bug/1873448/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1873448] Re: stress-ng in xenial segfaults on dup stressor on arm64
The version of stress-ng in the proposed pocket of Xenial that was purported to fix this bug report has been removed because one or more bugs that were to be fixed by the upload have failed verification and been in this state for more than 10 days. ** Tags removed: verification-needed-xenial ** Changed in: stress-ng (Ubuntu Xenial) Status: Fix Committed => Won't Fix -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1873448 Title: stress-ng in xenial segfaults on dup stressor on arm64 Status in stress-ng package in Ubuntu: New Status in stress-ng source package in Xenial: Won't Fix Bug description: == SRU justification, Xenial == When running the --dup stressor with stress-ng with a process that is allowed to open more than 64K file descriptors we trigger a segfault because of an array overflow. == Fix == A simple fix is required, just a bounds check on the maximum size max_fd to limit it to the size of the fds array. == Testcase == stress-ng on arm64 with the --dup stressor will trigger this quite easily. The bug was found during regression testing of the previous xenial stress-ng upload. stress-ng --dup without the fix this will segfault. with the fix it works correctly. == Regression Potential == Low. This affects one stress case in stress-ng, the fix is localized and it a backport from an upstream stress-ng fix that has been working for several years w/o problem. Using host libthread_db library "/lib/aarch64-linux-gnu/libthread_db.so.1". stress-ng: info: [10979] defaulting to a 86400 second run per stressor stress-ng: info: [10979] dispatching hogs: 1 dup stress-ng: info: [10979] cache allocate: using built-in defaults as unable to determine cache details stress-ng: info: [10979] cache allocate: default cache size: 2048K [New process 10982] [Thread debugging using libthread_db enabled] Using host libthread_db library "/lib/aarch64-linux-gnu/libthread_db.so.1". 65536 1048573 Thread 2.1 "stress-ng-dup" received signal SIGSEGV, Segmentation fault. [Switching to Thread 0xb7ff1000 (LWP 10982)] 0x004191f0 in stress_dup (counter=0xb7cbee78, instance=, max_ops=0, name=) at stress-dup.c:63 63fds[i] = dup(fds[0]); This requires a fix from commit: 67d872611b860a79b03dca8c7549e5cee7fec4eb Mon Sep 17 00:00:00 2001 From: Colin Ian King Date: Tue, 8 Nov 2016 15:50:20 + Subject: [PATCH] treewide: remove messy #if defined() build checks diff --git a/stress-dup.c b/stress-dup.c index 2fe2d6a6..0ac13fee 100644 --- a/stress-dup.c +++ b/stress-dup.c @@ -45,7 +45,7 @@ int stress_dup( const char *name) { int fds[STRESS_FD_MAX]; - const size_t max_fd = stress_get_file_limit(); + size_t max_fd = stress_get_file_limit(); size_t i; #if defined(__linux__) bool do_dup3 = true; @@ -53,6 +53,9 @@ int stress_dup( (void)instance; + if (max_fd > SIZEOF_ARRAY(fds)) + max_fd = SIZEOF_ARRAY(fds); + fds[0] = open("/dev/zero", O_RDONLY); if (fds[0] < 0) { pr_fail_dbg(name, "open on /dev/zero"); To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/stress-ng/+bug/1873448/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1873448] Re: stress-ng in xenial segfaults on dup stressor on arm64
** Changed in: stress-ng (Ubuntu Xenial) Status: In Progress => Fix Released ** Changed in: stress-ng (Ubuntu Xenial) Status: Fix Released => Fix Committed -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1873448 Title: stress-ng in xenial segfaults on dup stressor on arm64 Status in stress-ng package in Ubuntu: New Status in stress-ng source package in Xenial: Fix Committed Bug description: == SRU justification, Xenial == When running the --dup stressor with stress-ng with a process that is allowed to open more than 64K file descriptors we trigger a segfault because of an array overflow. == Fix == A simple fix is required, just a bounds check on the maximum size max_fd to limit it to the size of the fds array. == Testcase == stress-ng on arm64 with the --dup stressor will trigger this quite easily. The bug was found during regression testing of the previous xenial stress-ng upload. stress-ng --dup without the fix this will segfault. with the fix it works correctly. == Regression Potential == Low. This affects one stress case in stress-ng, the fix is localized and it a backport from an upstream stress-ng fix that has been working for several years w/o problem. Using host libthread_db library "/lib/aarch64-linux-gnu/libthread_db.so.1". stress-ng: info: [10979] defaulting to a 86400 second run per stressor stress-ng: info: [10979] dispatching hogs: 1 dup stress-ng: info: [10979] cache allocate: using built-in defaults as unable to determine cache details stress-ng: info: [10979] cache allocate: default cache size: 2048K [New process 10982] [Thread debugging using libthread_db enabled] Using host libthread_db library "/lib/aarch64-linux-gnu/libthread_db.so.1". 65536 1048573 Thread 2.1 "stress-ng-dup" received signal SIGSEGV, Segmentation fault. [Switching to Thread 0xb7ff1000 (LWP 10982)] 0x004191f0 in stress_dup (counter=0xb7cbee78, instance=, max_ops=0, name=) at stress-dup.c:63 63fds[i] = dup(fds[0]); This requires a fix from commit: 67d872611b860a79b03dca8c7549e5cee7fec4eb Mon Sep 17 00:00:00 2001 From: Colin Ian King Date: Tue, 8 Nov 2016 15:50:20 + Subject: [PATCH] treewide: remove messy #if defined() build checks diff --git a/stress-dup.c b/stress-dup.c index 2fe2d6a6..0ac13fee 100644 --- a/stress-dup.c +++ b/stress-dup.c @@ -45,7 +45,7 @@ int stress_dup( const char *name) { int fds[STRESS_FD_MAX]; - const size_t max_fd = stress_get_file_limit(); + size_t max_fd = stress_get_file_limit(); size_t i; #if defined(__linux__) bool do_dup3 = true; @@ -53,6 +53,9 @@ int stress_dup( (void)instance; + if (max_fd > SIZEOF_ARRAY(fds)) + max_fd = SIZEOF_ARRAY(fds); + fds[0] = open("/dev/zero", O_RDONLY); if (fds[0] < 0) { pr_fail_dbg(name, "open on /dev/zero"); To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/stress-ng/+bug/1873448/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp