[Bug 1572613] Re: GCC stack access scheduled after stack deallocation

Dimitri John Ledkov launchpad at surgut.co.uk
Mon Jun 27 16:50:40 UTC 2016


mariadb-10.0 10.0.25-0ubuntu0.16.04.1 is published as a security update.

** Changed in: mariadb-10.0 (Ubuntu Xenial)
       Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
OpenStack, which is subscribed to ceph in Ubuntu.
https://bugs.launchpad.net/bugs/1572613

Title:
  GCC stack access scheduled after stack deallocation

Status in gcc:
  Unknown
Status in Ubuntu on IBM z Systems:
  Fix Committed
Status in ceph package in Ubuntu:
  Fix Released
Status in fpgatools package in Ubuntu:
  Fix Released
Status in gambas3 package in Ubuntu:
  Fix Released
Status in gcc-4.9 package in Ubuntu:
  Triaged
Status in gcc-5 package in Ubuntu:
  Fix Released
Status in gcc-5-cross package in Ubuntu:
  Triaged
Status in gcc-arm-none-eabi package in Ubuntu:
  Triaged
Status in gcc-avr package in Ubuntu:
  Triaged
Status in gcc-mingw-w64 package in Ubuntu:
  Triaged
Status in higan package in Ubuntu:
  Fix Released
Status in insighttoolkit4 package in Ubuntu:
  Fix Released
Status in ivtools package in Ubuntu:
  Fix Released
Status in juju-mongodb3.2 package in Ubuntu:
  Fix Released
Status in libtsm package in Ubuntu:
  Fix Released
Status in mariadb-10.0 package in Ubuntu:
  Fix Released
Status in mysql-5.7 package in Ubuntu:
  Fix Released
Status in nodejs package in Ubuntu:
  Fix Released
Status in percona-server-5.6 package in Ubuntu:
  Fix Released
Status in percona-xtrabackup package in Ubuntu:
  Fix Released
Status in percona-xtradb-cluster-5.6 package in Ubuntu:
  Fix Released
Status in valgrind package in Ubuntu:
  Fix Released
Status in webkitgtk package in Ubuntu:
  Fix Released
Status in ceph source package in Xenial:
  Fix Released
Status in fpgatools source package in Xenial:
  Fix Committed
Status in gambas3 source package in Xenial:
  Fix Committed
Status in gcc-5 source package in Xenial:
  Fix Released
Status in higan source package in Xenial:
  Invalid
Status in insighttoolkit4 source package in Xenial:
  Fix Committed
Status in ivtools source package in Xenial:
  Invalid
Status in juju-mongodb3.2 source package in Xenial:
  Fix Released
Status in libtsm source package in Xenial:
  Fix Committed
Status in mariadb-10.0 source package in Xenial:
  Fix Released
Status in mysql-5.7 source package in Xenial:
  Fix Released
Status in nodejs source package in Xenial:
  Fix Released
Status in percona-server-5.6 source package in Xenial:
  Fix Committed
Status in percona-xtrabackup source package in Xenial:
  Fix Committed
Status in percona-xtradb-cluster-5.6 source package in Xenial:
  Fix Committed
Status in valgrind source package in Xenial:
  Fix Released
Status in webkitgtk source package in Xenial:
  Fix Committed
Status in ceph source package in Yakkety:
  Fix Released
Status in fpgatools source package in Yakkety:
  Fix Released
Status in gambas3 source package in Yakkety:
  Fix Released
Status in gcc-5 source package in Yakkety:
  Fix Released
Status in higan source package in Yakkety:
  Fix Released
Status in insighttoolkit4 source package in Yakkety:
  Fix Released
Status in ivtools source package in Yakkety:
  Fix Released
Status in juju-mongodb3.2 source package in Yakkety:
  Fix Released
Status in libtsm source package in Yakkety:
  Fix Released
Status in mariadb-10.0 source package in Yakkety:
  Fix Released
Status in mysql-5.7 source package in Yakkety:
  Fix Released
Status in nodejs source package in Yakkety:
  Fix Released
Status in percona-server-5.6 source package in Yakkety:
  Fix Released
Status in percona-xtrabackup source package in Yakkety:
  Fix Released
Status in percona-xtradb-cluster-5.6 source package in Yakkety:
  Fix Released
Status in valgrind source package in Yakkety:
  Fix Released
Status in webkitgtk source package in Yakkety:
  Fix Released

Bug description:
  = Validation =
  For gcc-5, check that code generation is correct as per small C test case below.

  == fpgatools ==

  * compile autotest.c and strip chrpath
  * change path in autotest_diff.sh from ./ to /usr/bin
  * execute autotest and check error codes

  == gambas3 ==

  * execute gambas.test

  == inisghttoolkit4 ==
  $ apt install insighttoolkit4-python insighttoolkit4-examples

  Run attached insightoolkit4.py script against an image file, e.g.
  Circle.png from -examples package.

  == libtsm ==

  Nothing in the archive uses this... No idea why we have this package,
  either release the update, or remove it from proposed.

  == mariadb-10.0 ==

  Run mariadb.sh

  == percona-server-5.6 ==

  == percona-xtrabackup ==

  == Comment: #0 - Andreas Krebbel - 2016-04-19 05:22:12 ==

  The following miscompilation was found in the Valgrind memcheck
  preload library.

  This compiler behavior can be reproduced with a small test case:

  $ echo 'void foo (void) { volatile int a = 5; (void) a; }' | \
    gcc -O2 -fno-omit-frame-pointer -o foo.o -c -x c - && objdump -d foo.o

  foo.o:     file format elf64-s390

  Disassembly of section .text:

  0000000000000000 <foo>:
     0:	b3 c1 00 2b       	ldgr	%f2,%r11
     4:	b3 c1 00 0f       	ldgr	%f0,%r15
     8:	e3 f0 ff 58 ff 71 	lay	%r15,-168(%r15)
     e:	b9 04 00 bf       	lgr	%r11,%r15
    12:	b3 cd 00 f0       	lgdr	%r15,%f0
    16:	e5 4c b0 a4 00 05 	mvhi	164(%r11),5     <---- stack variable access after stack pointer restore
    1c:	58 10 b0 a4       	l	%r1,164(%r11) <----
    20:	b3 cd 00 b2       	lgdr	%r11,%f2
    24:	07 fe             	br	%r14
    26:	07 07             	nopr	%r7

  A patch for upstream GCC has been posted on the mailing list. Backports will go into 4.9/5/6 branches after the upstream patch is applied.
  https://gcc.gnu.org/ml/gcc-patches/2016-04/msg00910.html

  This patch needs to be included in the Ubuntu 16.04 GCC 5 packages.

  We have scanned the entire xenial universe repo for suspicious
  sequences. Unfortunately several packages need to be rebuild after
  including the patch. We recommend rebuilding at least the following
  packages:

  ceph-test_10.1.1-0ubuntu1_s390x.deb
  g++-mingw-w64-i686_5.3.1-8ubuntu3+17_s390x.deb
  g++-mingw-w64-x86-64_5.3.1-8ubuntu3+17_s390x.deb
  gambas3-gb-qt4_3.8.4-2ubuntu3_s390x.deb
  gcc-arm-none-eabi_4.9.3+svn231177-1_s390x.deb
  gcc-avr_4.9.2+Atmel3.5.0-1_s390x.deb
  gcc-mingw-w64-i686_5.3.1-8ubuntu3+17_s390x.deb
  gcc-mingw-w64-x86-64_5.3.1-8ubuntu3+17_s390x.deb
  gcc-snapshot_20160320-1ubuntu1_s390x.deb
  gfortran-mingw-w64-i686_5.3.1-8ubuntu3+17_s390x.deb
  gfortran-mingw-w64-x86-64_5.3.1-8ubuntu3+17_s390x.deb
  gnat-mingw-w64-i686_5.3.1-3ubuntu1+16_s390x.deb
  gnat-mingw-w64-x86-64_5.3.1-3ubuntu1+16_s390x.deb
  gobjc++-mingw-w64-i686_5.3.1-8ubuntu3+17_s390x.deb
  gobjc++-mingw-w64-x86-64_5.3.1-8ubuntu3+17_s390x.deb
  gobjc-mingw-w64-i686_5.3.1-8ubuntu3+17_s390x.deb
  gobjc-mingw-w64-x86-64_5.3.1-8ubuntu3+17_s390x.deb
  higan_094-6_s390x.deb
  juju-mongodb3.2_3.2.4-0ubuntu1_s390x.deb
  libfpga0_0.0+201212-1_s390x.deb
  libgnatvsn5_5.3.1-14ubuntu2_s390x.deb
  libgnatvsn5-s390x-cross_5.3.1-14ubuntu2cross1_all.deb
  libinsighttoolkit4.9_4.9.0-4ubuntu1_s390x.deb
  libiv-unidraw1_1.2.11a1-6_s390x.deb
  libjavascriptcoregtk-1.0-0_2.4.10-0ubuntu1_s390x.deb
  libjavascriptcoregtk-3.0-0_2.4.10-0ubuntu1_s390x.deb
  libmariadbd18_10.0.24-7_s390x.deb
  libtsm3_3-1_s390x.deb
  libwebkit2gtk-3.0-25_2.4.10-0ubuntu1_s390x.deb
  mariadb-client-core-10.0_10.0.24-7_s390x.deb
  mariadb-plugin-oqgraph_10.0.24-7_s390x.deb
  mariadb-plugin-spider_10.0.24-7_s390x.deb
  mariadb-server-10.0_10.0.24-7_s390x.deb
  mariadb-server-core-10.0_10.0.24-7_s390x.deb
  mariadb-test_10.0.24-7_s390x.deb
  mysql-client-5.6_5.6.28-1ubuntu3_s390x.deb
  mysql-client-core-5.6_5.6.28-1ubuntu3_s390x.deb
  mysql-server-5.6_5.6.28-1ubuntu3_s390x.deb
  mysql-server-core-5.6_5.6.28-1ubuntu3_s390x.deb
  mysql-testsuite-5.7_5.7.11-0ubuntu6_s390x.deb
  nodejs_4.2.6~dfsg-1ubuntu4_s390x.deb
  percona-server-server-5.6_5.6.22-rel71.0-0ubuntu2_s390x.deb
  percona-xtrabackup_2.2.3-2.1build1_s390x.deb
  percona-xtradb-cluster-server-5.6_5.6.21-25.8-0ubuntu2_s390x.deb

  == Comment: #2 - Andreas Krebbel - 2016-04-20 03:22:27 ==
  Patch is upstream committed to head, gcc-6, and gcc-5 branches.

To manage notifications about this bug go to:
https://bugs.launchpad.net/gcc/+bug/1572613/+subscriptions



More information about the Ubuntu-openstack-bugs mailing list