[Bug 1572613] Re: GCC stack access scheduled after stack deallocation

Wed May 11 08:23:38 UTC 2016

@Andreas.Krebbel

right, I did copy paste the wrong version numbers, but the package list
was correct. Thanks for confirming that newer ones are fixed and that
there are some false positives. Now that mariadb is built and migrated
in yakkety, the next step is to push out gcc-5 SRU into xenial.

-- 
You received this bug notification because you are a member of Ubuntu
OpenStack, which is subscribed to ceph in Ubuntu.
https://bugs.launchpad.net/bugs/1572613

Title:
  GCC stack access scheduled after stack deallocation

Status in gcc:
  Unknown
Status in Ubuntu on IBM z Systems:
  New
Status in ceph package in Ubuntu:
  Fix Released
Status in fpgatools package in Ubuntu:
  Fix Released
Status in gambas3 package in Ubuntu:
  Fix Released
Status in gcc-4.9 package in Ubuntu:
  Triaged
Status in gcc-5 package in Ubuntu:
  Fix Released
Status in gcc-5-cross package in Ubuntu:
  Triaged
Status in gcc-arm-none-eabi package in Ubuntu:
  Triaged
Status in gcc-avr package in Ubuntu:
  Triaged
Status in gcc-mingw-w64 package in Ubuntu:
  Triaged
Status in higan package in Ubuntu:
  Fix Released
Status in insighttoolkit4 package in Ubuntu:
  Fix Released
Status in ivtools package in Ubuntu:
  Fix Released
Status in juju-mongodb3.2 package in Ubuntu:
  Fix Released
Status in libtsm package in Ubuntu:
  Fix Released
Status in mariadb-10.0 package in Ubuntu:
  Fix Released
Status in mysql-5.7 package in Ubuntu:
  Fix Released
Status in nodejs package in Ubuntu:
  Fix Released
Status in percona-server-5.6 package in Ubuntu:
  Fix Released
Status in percona-xtrabackup package in Ubuntu:
  Fix Released
Status in percona-xtradb-cluster-5.6 package in Ubuntu:
  Fix Released
Status in valgrind package in Ubuntu:
  Fix Released
Status in webkitgtk package in Ubuntu:
  Fix Released
Status in ceph source package in Xenial:
  New
Status in fpgatools source package in Xenial:
  New
Status in gambas3 source package in Xenial:
  New
Status in gcc-5 source package in Xenial:
  New
Status in higan source package in Xenial:
  Invalid
Status in insighttoolkit4 source package in Xenial:
  New
Status in ivtools source package in Xenial:
  Invalid
Status in juju-mongodb3.2 source package in Xenial:
  New
Status in libtsm source package in Xenial:
  New
Status in mariadb-10.0 source package in Xenial:
  New
Status in mysql-5.7 source package in Xenial:
  New
Status in nodejs source package in Xenial:
  New
Status in percona-server-5.6 source package in Xenial:
  New
Status in percona-xtrabackup source package in Xenial:
  New
Status in percona-xtradb-cluster-5.6 source package in Xenial:
  New
Status in valgrind source package in Xenial:
  New
Status in webkitgtk source package in Xenial:
  New
Status in ceph source package in Yakkety:
  Fix Released
Status in fpgatools source package in Yakkety:
  Fix Released
Status in gambas3 source package in Yakkety:
  Fix Released
Status in gcc-5 source package in Yakkety:
  Fix Released
Status in higan source package in Yakkety:
  Fix Released
Status in insighttoolkit4 source package in Yakkety:
  Fix Released
Status in ivtools source package in Yakkety:
  Fix Released
Status in juju-mongodb3.2 source package in Yakkety:
  Fix Released
Status in libtsm source package in Yakkety:
  Fix Released
Status in mariadb-10.0 source package in Yakkety:
  Fix Released
Status in mysql-5.7 source package in Yakkety:
  Fix Released
Status in nodejs source package in Yakkety:
  Fix Released
Status in percona-server-5.6 source package in Yakkety:
  Fix Released
Status in percona-xtrabackup source package in Yakkety:
  Fix Released
Status in percona-xtradb-cluster-5.6 source package in Yakkety:
  Fix Released
Status in valgrind source package in Yakkety:
  Fix Released
Status in webkitgtk source package in Yakkety:
  Fix Released

Bug description:
  == Comment: #0 - Andreas Krebbel - 2016-04-19 05:22:12 ==

  The following miscompilation was found in the Valgrind memcheck
  preload library.

  This compiler behavior can be reproduced with a small test case:

  $ echo 'void foo (void) { volatile int a = 5; (void) a; }' | \
    gcc -O2 -fno-omit-frame-pointer -o foo.o -c -x c - && objdump -d foo.o

  foo.o:     file format elf64-s390

  Disassembly of section .text:

  0000000000000000 <foo>:
     0:	b3 c1 00 2b       	ldgr	%f2,%r11
     4:	b3 c1 00 0f       	ldgr	%f0,%r15
     8:	e3 f0 ff 58 ff 71 	lay	%r15,-168(%r15)
     e:	b9 04 00 bf       	lgr	%r11,%r15
    12:	b3 cd 00 f0       	lgdr	%r15,%f0
    16:	e5 4c b0 a4 00 05 	mvhi	164(%r11),5     <---- stack variable access after stack pointer restore
    1c:	58 10 b0 a4       	l	%r1,164(%r11) <----
    20:	b3 cd 00 b2       	lgdr	%r11,%f2
    24:	07 fe             	br	%r14
    26:	07 07             	nopr	%r7

  A patch for upstream GCC has been posted on the mailing list. Backports will go into 4.9/5/6 branches after the upstream patch is applied.
  https://gcc.gnu.org/ml/gcc-patches/2016-04/msg00910.html

  This patch needs to be included in the Ubuntu 16.04 GCC 5 packages.

  We have scanned the entire xenial universe repo for suspicious
  sequences. Unfortunately several packages need to be rebuild after
  including the patch. We recommend rebuilding at least the following
  packages:

  ceph-test_10.1.1-0ubuntu1_s390x.deb
  g++-mingw-w64-i686_5.3.1-8ubuntu3+17_s390x.deb
  g++-mingw-w64-x86-64_5.3.1-8ubuntu3+17_s390x.deb
  gambas3-gb-qt4_3.8.4-2ubuntu3_s390x.deb
  gcc-arm-none-eabi_4.9.3+svn231177-1_s390x.deb
  gcc-avr_4.9.2+Atmel3.5.0-1_s390x.deb
  gcc-mingw-w64-i686_5.3.1-8ubuntu3+17_s390x.deb
  gcc-mingw-w64-x86-64_5.3.1-8ubuntu3+17_s390x.deb
  gcc-snapshot_20160320-1ubuntu1_s390x.deb
  gfortran-mingw-w64-i686_5.3.1-8ubuntu3+17_s390x.deb
  gfortran-mingw-w64-x86-64_5.3.1-8ubuntu3+17_s390x.deb
  gnat-mingw-w64-i686_5.3.1-3ubuntu1+16_s390x.deb
  gnat-mingw-w64-x86-64_5.3.1-3ubuntu1+16_s390x.deb
  gobjc++-mingw-w64-i686_5.3.1-8ubuntu3+17_s390x.deb
  gobjc++-mingw-w64-x86-64_5.3.1-8ubuntu3+17_s390x.deb
  gobjc-mingw-w64-i686_5.3.1-8ubuntu3+17_s390x.deb
  gobjc-mingw-w64-x86-64_5.3.1-8ubuntu3+17_s390x.deb
  higan_094-6_s390x.deb
  juju-mongodb3.2_3.2.4-0ubuntu1_s390x.deb
  libfpga0_0.0+201212-1_s390x.deb
  libgnatvsn5_5.3.1-14ubuntu2_s390x.deb
  libgnatvsn5-s390x-cross_5.3.1-14ubuntu2cross1_all.deb
  libinsighttoolkit4.9_4.9.0-4ubuntu1_s390x.deb
  libiv-unidraw1_1.2.11a1-6_s390x.deb
  libjavascriptcoregtk-1.0-0_2.4.10-0ubuntu1_s390x.deb
  libjavascriptcoregtk-3.0-0_2.4.10-0ubuntu1_s390x.deb
  libmariadbd18_10.0.24-7_s390x.deb
  libtsm3_3-1_s390x.deb
  libwebkit2gtk-3.0-25_2.4.10-0ubuntu1_s390x.deb
  mariadb-client-core-10.0_10.0.24-7_s390x.deb
  mariadb-plugin-oqgraph_10.0.24-7_s390x.deb
  mariadb-plugin-spider_10.0.24-7_s390x.deb
  mariadb-server-10.0_10.0.24-7_s390x.deb
  mariadb-server-core-10.0_10.0.24-7_s390x.deb
  mariadb-test_10.0.24-7_s390x.deb
  mysql-client-5.6_5.6.28-1ubuntu3_s390x.deb
  mysql-client-core-5.6_5.6.28-1ubuntu3_s390x.deb
  mysql-server-5.6_5.6.28-1ubuntu3_s390x.deb
  mysql-server-core-5.6_5.6.28-1ubuntu3_s390x.deb
  mysql-testsuite-5.7_5.7.11-0ubuntu6_s390x.deb
  nodejs_4.2.6~dfsg-1ubuntu4_s390x.deb
  percona-server-server-5.6_5.6.22-rel71.0-0ubuntu2_s390x.deb
  percona-xtrabackup_2.2.3-2.1build1_s390x.deb
  percona-xtradb-cluster-server-5.6_5.6.21-25.8-0ubuntu2_s390x.deb

  == Comment: #2 - Andreas Krebbel - 2016-04-20 03:22:27 ==
  Patch is upstream committed to head, gcc-6, and gcc-5 branches.

To manage notifications about this bug go to:
https://bugs.launchpad.net/gcc/+bug/1572613/+subscriptions