Bug#882794: marked as done (glibc: Please backport fix for assertion failure in posix_spawn())

[owner@bugs.debian.org (Debian Bug Tracking System)]

Your message dated Sat, 02 Dec 2017 11:49:15 +0000
with message-id <E1eL6IF-000CaD-8D@fasolo.debian.org>
and subject line Bug#882794: fixed in glibc 2.25-3
has caused the Debian Bug report #882794,
regarding glibc: Please backport fix for assertion failure in posix_spawn()
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
882794: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=882794
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

• To: Debian Bug Tracking System <submit@bugs.debian.org>
• Subject: glibc: Please backport fix for assertion failure in posix_spawn()
• From: John Paul Adrian Glaubitz <glaubitz@physik.fu-berlin.de>
• Date: Sun, 26 Nov 2017 22:13:08 +0100
• Message-id: <151173078807.2862.11905914724550694296.reportbug@nofan.physik.fu-berlin.de>

Source: glibc
Version: 2.24-11+deb9u1
Severity: important
Tags: patch upstream

Hello!

With glibc 2.25, an upstream change was introduced with causes an
assertion failure on current versions of QEMU:

dpkg: warning: ignoring pre-dependency problem!
Preparing to unpack .../archives/bash_4.4-5_m68k.deb ...
preinst: ../sysdeps/unix/sysv/linux/spawni.c:366: __spawnix: Assertion `ec >= 0' failed.
qemu: uncaught target signal 6 (Aborted) - core dumped
dpkg: error processing archive /var/cache/apt/archives/bash_4.4-5_m68k.deb (--unpack):
 new bash package pre-installation script subprocess was killed by signal (Aborted)
 Selecting previously unselected package bsdutils.
 dpkg: regarding .../bsdutils_1%3a2.30.2-0.1_m68k.deb containing bsdutils, pre-dependency problem:
  bsdutils pre-depends on libsystemd0
    libsystemd0 is not installed.

This was introduced with [1] and reported in [2]. A QEMU bug report
has also been opened [3]. I'm currently rebuilding glibc for m68k with
the attached patch which should fix the issue. Would be great if it
could be included in one of the next uploads provided that it fixes
the issue which I am going to find out soon.

Adrian

> [1] https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=4b4d4056bb154603f36c6f8845757c1012758158;hp=8d3bd947483f50b57aee7c35c07dc1927d6e8a27
> [2] https://sourceware.org/bugzilla/show_bug.cgi?id=22273
> [3] https://bugs.launchpad.net/qemu/+bug/1673976

--
  .''`.  John Paul Adrian Glaubitz
 : :' :  Debian Developer - glaubitz@debian.org
 `. `'   Freie Universitaet Berlin - glaubitz@physik.fu-berlin.de
   `-    GPG: 62FF 8A75 84E0 2956 9546  0006 7426 3B37 F5B5 F913

Description: Fix improper assert in Linux posix_spawn (BZ#22273)
 Fixes assertion failure on qemu-user.
 .
Origin: upstream
Bug: https://sourceware.org/bugzilla/show_bug.cgi?id=22273
Last-Update: 2017-11-26

--- glibc-2.25.orig/sysdeps/unix/sysv/linux/spawni.c
+++ glibc-2.25/sysdeps/unix/sysv/linux/spawni.c
@@ -17,7 +17,6 @@
    <http://www.gnu.org/licenses/>.  */
 
 #include <spawn.h>
-#include <assert.h>
 #include <fcntl.h>
 #include <paths.h>
 #include <string.h>
@@ -266,7 +265,6 @@ __spawni_child (void *arguments)
   __sigprocmask (SIG_SETMASK, (attr->__flags & POSIX_SPAWN_SETSIGMASK)
 		 ? &attr->__ss : &args->oldmask, 0);
 
-  args->err = 0;
   args->exec (args->file, args->argv, args->envp);
 
   /* This is compatibility function required to enable posix_spawn run
@@ -337,7 +335,7 @@ __spawnix (pid_t * pid, const char *file
 
   /* Child must set args.err to something non-negative - we rely on
      the parent and child sharing VM.  */
-  args.err = -1;
+  args.err = 0;
   args.file = file;
   args.exec = exec;
   args.fa = file_actions;
@@ -360,12 +358,26 @@ __spawnix (pid_t * pid, const char *file
   new_pid = CLONE (__spawni_child, STACK (stack, stack_size), stack_size,
 		   CLONE_VM | CLONE_VFORK | SIGCHLD, &args);
 
+  /* It needs to collect the case where the auxiliary process was created
+     but failed to execute the file (due either any preparation step or
+     for execve itself).  */
   if (new_pid > 0)
     {
+      /* Also, it handles the unlikely case where the auxiliary process was
+	 terminated before calling execve as if it was successfully.  The
+	 args.err is set to 0 as default and changed to a positive value
+	 only in case of failure, so in case of premature termination
+	 due a signal args.err will remain zeroed and it will be up to
+	 caller to actually collect it.  */
       ec = args.err;
-      assert (ec >= 0);
-      if (ec != 0)
-	  __waitpid (new_pid, NULL, 0);
+      if (ec > 0)
+	/* There still an unlikely case where the child is cancelled after
+	   setting args.err, due to a positive error value.  Also due a
+	   possible pid reuse race (where the kernel allocated the same pid
+	   to unrelated process) we need not to undefinitely hang expecting
+	   an invalid pid.  In both cases an error is returned to the
+	   caller.  */
+	__waitpid (new_pid, NULL, WNOHANG);
     }
   else
     ec = -new_pid;

--- End Message ---

--- Begin Message ---

• To: 882794-close@bugs.debian.org
• Subject: Bug#882794: fixed in glibc 2.25-3
• From: Aurelien Jarno <aurel32@debian.org>
• Date: Sat, 02 Dec 2017 11:49:15 +0000
• Message-id: <E1eL6IF-000CaD-8D@fasolo.debian.org>

Source: glibc
Source-Version: 2.25-3

We believe that the bug you reported is fixed in the latest version of
glibc, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 882794@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Aurelien Jarno <aurel32@debian.org> (supplier of updated glibc package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 02 Dec 2017 11:07:17 +0100
Source: glibc
Binary: libc-bin libc-dev-bin libc-l10n glibc-doc glibc-source locales locales-all nscd multiarch-support libc6 libc6-dev libc6-dbg libc6-pic libc6-udeb libc6.1 libc6.1-dev libc6.1-dbg libc6.1-pic libc6.1-udeb libc0.3 libc0.3-dev libc0.3-dbg libc0.3-pic libc0.3-udeb libc0.1 libc0.1-dev libc0.1-dbg libc0.1-pic libc0.1-udeb libc6-i386 libc6-dev-i386 libc6-sparc libc6-dev-sparc libc6-sparc64 libc6-dev-sparc64 libc6-s390 libc6-dev-s390 libc6-amd64 libc6-dev-amd64 libc6-powerpc libc6-dev-powerpc libc6-ppc64 libc6-dev-ppc64 libc6-mips32 libc6-dev-mips32 libc6-mipsn32 libc6-dev-mipsn32 libc6-mips64 libc6-dev-mips64 libc0.1-i386 libc0.1-dev-i386 libc6-x32 libc6-dev-x32 libc6-xen libc0.3-xen libc6.1-alphaev67
Architecture: source
Version: 2.25-3
Distribution: unstable
Urgency: medium
Maintainer: GNU Libc Maintainers <debian-glibc@lists.debian.org>
Changed-By: Aurelien Jarno <aurel32@debian.org>
Description:
 glibc-doc  - GNU C Library: Documentation
 glibc-source - GNU C Library: sources
 libc-bin   - GNU C Library: Binaries
 libc-dev-bin - GNU C Library: Development binaries
 libc-l10n  - GNU C Library: localization files
 libc0.1    - GNU C Library: Shared libraries
 libc0.1-dbg - GNU C Library: detached debugging symbols
 libc0.1-dev - GNU C Library: Development Libraries and Header Files
 libc0.1-dev-i386 - GNU C Library: 32bit development libraries for AMD64
 libc0.1-i386 - GNU C Library: 32bit shared libraries for AMD64
 libc0.1-pic - GNU C Library: PIC archive library
 libc0.1-udeb - GNU C Library: Shared libraries - udeb (udeb)
 libc0.3    - GNU C Library: Shared libraries
 libc0.3-dbg - GNU C Library: detached debugging symbols
 libc0.3-dev - GNU C Library: Development Libraries and Header Files
 libc0.3-pic - GNU C Library: PIC archive library
 libc0.3-udeb - GNU C Library: Shared libraries - udeb (udeb)
 libc0.3-xen - GNU C Library: Shared libraries [Xen version]
 libc6      - GNU C Library: Shared libraries
 libc6-amd64 - GNU C Library: 64bit Shared libraries for AMD64
 libc6-dbg  - GNU C Library: detached debugging symbols
 libc6-dev  - GNU C Library: Development Libraries and Header Files
 libc6-dev-amd64 - GNU C Library: 64bit Development Libraries for AMD64
 libc6-dev-i386 - GNU C Library: 32-bit development libraries for AMD64
 libc6-dev-mips32 - GNU C Library: o32 Development Libraries for MIPS
 libc6-dev-mips64 - GNU C Library: 64bit Development Libraries for MIPS64
 libc6-dev-mipsn32 - GNU C Library: n32 Development Libraries for MIPS64
 libc6-dev-powerpc - GNU C Library: 32bit powerpc development libraries for ppc64
 libc6-dev-ppc64 - GNU C Library: 64bit Development Libraries for PowerPC64
 libc6-dev-s390 - GNU C Library: 32bit Development Libraries for IBM zSeries
 libc6-dev-sparc - GNU C Library: 32bit Development Libraries for SPARC
 libc6-dev-sparc64 - GNU C Library: 64bit Development Libraries for UltraSPARC
 libc6-dev-x32 - GNU C Library: X32 ABI Development Libraries for AMD64
 libc6-i386 - GNU C Library: 32-bit shared libraries for AMD64
 libc6-mips32 - GNU C Library: o32 Shared libraries for MIPS
 libc6-mips64 - GNU C Library: 64bit Shared libraries for MIPS64
 libc6-mipsn32 - GNU C Library: n32 Shared libraries for MIPS64
 libc6-pic  - GNU C Library: PIC archive library
 libc6-powerpc - GNU C Library: 32bit powerpc shared libraries for ppc64
 libc6-ppc64 - GNU C Library: 64bit Shared libraries for PowerPC64
 libc6-s390 - GNU C Library: 32bit Shared libraries for IBM zSeries
 libc6-sparc - GNU C Library: 32bit Shared libraries for SPARC
 libc6-sparc64 - GNU C Library: 64bit Shared libraries for UltraSPARC
 libc6-udeb - GNU C Library: Shared libraries - udeb (udeb)
 libc6-x32  - GNU C Library: X32 ABI Shared libraries for AMD64
 libc6-xen  - GNU C Library: Shared libraries [Xen version]
 libc6.1    - GNU C Library: Shared libraries
 libc6.1-alphaev67 - GNU C Library: Shared libraries (EV67 optimized)
 libc6.1-dbg - GNU C Library: detached debugging symbols
 libc6.1-dev - GNU C Library: Development Libraries and Header Files
 libc6.1-pic - GNU C Library: PIC archive library
 libc6.1-udeb - GNU C Library: Shared libraries - udeb (udeb)
 locales    - GNU C Library: National Language (locale) data [support]
 locales-all - GNU C Library: Precompiled locale data
 multiarch-support - Transitional package to ensure multiarch compatibility
 nscd       - GNU C Library: Name Service Cache Daemon
Closes: 879500 879501 879955 882255 882794 882874 883012 883186 883285
Changes:
 glibc (2.25-3) unstable; urgency=medium
 .
   [ Aurelien Jarno ]
   * debian/patches/git-updates.diff: update from upstream stable branch:
     - Fix assertion failure in posix_spawn().  Closes: #882794.
     - Fix missing posix_fadvise64 from static mips64el build. Closes:
       #883186.
     - Fix buffer overflow in glob with GLOB_TILDE (CVE-2017-15670).  Closes:
       #879501.
     - Fix memory leak in glob with GLOB_TILDE (CVE-2017-15671).  Closes:
       #879500.
     - Fix a buffer overflow in glob with GLOB_TILDE in unescaping
       (CVE-2017-15804).  Closes: #879955.
   * debian/patches/any/local-dlfptr.diff: remove, it's not used anymore by
     HPPA and causes issues on IA64.  Closes: #882874.
   * debian/patches/submitted-ldconfig-c-collation.diff: New patch to process
     include directives in ldconfig using the C/POSIX collation.
   * debian/patches/ia64/git-ia64-crash-thread-exit.diff: Fix crash on thread
     exit on IA64.  Closes: #883285.
   * debian/sysdeps/x32.mk: set the minimum kernel version to 2.6.32 for the
     libc6-amd64:x32 and libc6-i386:x32 flavours, to match libc6:amd64 and
     libc6:i386.  Closes: #882255.
   * debian/sysdeps/linux.mk: note that all builds for a given gnu triplet
     have the same minimum kernel version.
 .
   [ Samuel Thibault ]
   * libc0.3.symbols.hurd-i386: Update against newer hurd definitions.
   * control: Bump dependency accordingly.
 .
   [ Jason Duerstock ]
   * debian/control.in/libc, debian/control.in/main, debian/rules.d/control.mk:
     Add support for IA64.  Closes: #883012.
Checksums-Sha1:
 6975a163c1c5515b3dfc70033c4b82de375fd2fe 8788 glibc_2.25-3.dsc
 86dc90eb5a3cb068ec07038d3da0eaea67a3354a 1038528 glibc_2.25-3.debian.tar.xz
 4591850d2b15bd352d2666e9ecc3eb1a250f8089 7498 glibc_2.25-3_source.buildinfo
Checksums-Sha256:
 2e201c23c968b7fad1e431c789bf0bb80675f7a2f2ea6032edb29c3ceadd114f 8788 glibc_2.25-3.dsc
 307057c235aef50baaa464a8ef4fab71158434fa88bbeaed38581aee69f58bad 1038528 glibc_2.25-3.debian.tar.xz
 efa91ce059300d692edf54ff01fb4f0830b9f090e97b668e86285d5b6a754d48 7498 glibc_2.25-3_source.buildinfo
Files:
 3b3f24fb097fab7fb76f330f52c55d28 8788 libs required glibc_2.25-3.dsc
 87916b29d45ad65fb206d95656a2dccd 1038528 libs required glibc_2.25-3.debian.tar.xz
 4ddc5c5e7eb78c2c522a8a3d96df74bb 7498 libs required glibc_2.25-3_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEd0YmQqnvlP0Pdxltupx4Bh3djJsFAloij2sACgkQupx4Bh3d
jJt0TA//VCquE18kjKcF682x52rcqtF4/Ud4NdBVv9hJC/w0EusnH042DgPLVg3T
hKNJx1GAApgdcALXlMCbFibMURQlPfsPUSEsROwBHIy3dpuLsaeW5UUVYPEcbVLE
5dzaI8vMnJxuOoncsX6EqcHOL5juh3XgGHJsbycH9pb8s71pG0hoNmpub+tuxQEE
CrapFVoRJ13ZLTIPpT7lyVIkga9tMNrBFmDFIeFnbCdQegkztLi4XkrrpM3j+dX3
08BfkMw2gdbBYcscAF/y3nJYUaVKN6A+RXtwhhEvM2S8lj20gPe4szbkdA0LmOJR
QVGd6NTueYt+1ltioy+v7r7pcjoeDtINHMYhfFQOToa8f5hmGgVRvRE13wf2eG6b
el17hu1Z0yfM+Goa++GtaU/NkPJ515ps1bYMHiKe/3MyOv3Wfy3GcfjDR7d6kGdg
OsG05TnWUoa8S1crGdUCuxf7BwQlqgGJZQYvPv7VORZHCQXihFN8yDP83vUQfKJs
8p+VQR0SIT0SHEBWsTi+/Iya//Mt2fMQN2kCFkh26Wd7NyXuXa1B4DtlCyCfYrTr
EwTKMpSr5P15c9sQL93XcceUxEZI7drvilT+IfCsru/yku3O91KpLo2uYxuMooNW
zm7LF06SgJe3pt3GKaxfbPpZkrrRH3+5rLhnR9pnHPr3zVQ3JyQ=
=s4yi
-----END PGP SIGNATURE-----

--- End Message ---