From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <sourceware-bugzilla@sourceware.org>
Received: by sourceware.org (Postfix, from userid 48)
 id CE47C385840F; Tue,  9 Nov 2021 20:56:40 +0000 (GMT)
DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org CE47C385840F
From: "dave.anglin at bell dot net" <sourceware-bugzilla@sourceware.org>
To: glibc-bugs@sourceware.org
Subject: [Bug libc/28572] Misaligned accesses in test-memcpy and test-mempcpy
 on hppa
Date: Tue, 09 Nov 2021 20:56:40 +0000
X-Bugzilla-Reason: CC
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: glibc
X-Bugzilla-Component: libc
X-Bugzilla-Version: unspecified
X-Bugzilla-Keywords: 
X-Bugzilla-Severity: normal
X-Bugzilla-Who: dave.anglin at bell dot net
X-Bugzilla-Status: NEW
X-Bugzilla-Resolution: 
X-Bugzilla-Priority: P2
X-Bugzilla-Assigned-To: unassigned at sourceware dot org
X-Bugzilla-Target-Milestone: ---
X-Bugzilla-Flags: 
X-Bugzilla-Changed-Fields: 
Message-ID: <bug-28572-131-LaNX6gDCO4@http.sourceware.org/bugzilla/>
In-Reply-To: <bug-28572-131@http.sourceware.org/bugzilla/>
References: <bug-28572-131@http.sourceware.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: http://sourceware.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
X-BeenThere: glibc-bugs@sourceware.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Glibc-bugs mailing list <glibc-bugs.sourceware.org>
List-Unsubscribe: <https://sourceware.org/mailman/options/glibc-bugs>,
 <mailto:glibc-bugs-request@sourceware.org?subject=unsubscribe>
List-Archive: <https://sourceware.org/pipermail/glibc-bugs/>
List-Help: <mailto:glibc-bugs-request@sourceware.org?subject=help>
List-Subscribe: <https://sourceware.org/mailman/listinfo/glibc-bugs>,
 <mailto:glibc-bugs-request@sourceware.org?subject=subscribe>
X-List-Received-Date: Tue, 09 Nov 2021 20:56:40 -0000

https://sourceware.org/bugzilla/show_bug.cgi?id=3D28572

--- Comment #2 from dave.anglin at bell dot net ---
On 2021-11-09 12:42 p.m., adhemerval.zanella at linaro dot org wrote:
> https://sourceware.org/bugzilla/show_bug.cgi?id=3D28572
>
> Adhemerval Zanella <adhemerval.zanella at linaro dot org> changed:
>
>             What    |Removed                     |Added
> -------------------------------------------------------------------------=
---
>                   CC|                            |adhemerval.zanella at l=
inaro dot o
>                     |                            |rg
>
> --- Comment #1 from Adhemerval Zanella <adhemerval.zanella at linaro dot =
org> ---
> I think the recent change of test-memcpy.c
> (d585ba47fcda99fdf228e3e45a01b11a15efbc5a) might have triggered an hidden=
 bug
> on generic implementation.  Could we get the input parameters that trigge=
red
> the first fault?
I suspect the unaligned accesses are in the test code:
ld.so.1(9795): unaligned access to 0x00000000f9a39001 at ip=3D0x00000000000=
11e33

(gdb) r
Starting program: /home/dave/gnu/glibc/objdir/elf/ld.so.1 --library-path=20
/home/dave/gnu/glibc/objdir:/home/dave/gnu/glibc/objdir/math:/home/dave/gnu=
/glibc/objdir/elf:/home/dave/gnu/glibc/objdir/dlfcn:/home/dave/gnu/glibc/ob=
jdir/nss:/home/dave/gnu/glibc/objdir/nis:/home/dave/gnu/glibc/objdir/rt:/ho=
me/dave/gnu/glibc/objdir/resolv:/home/dave/gnu/glibc/objdir/mathvec:/home/d=
ave/gnu/glibc/objdir/support:/home/dave/gnu/glibc/objdir/crypt:/home/dave/g=
nu/glibc/objdir/nptl=20
/home/dave/gnu/glibc/objdir/string/test-memcpy
[Attaching after process 9792 fork to child process 9795]
[New inferior 2 (process 9795)]
[Detaching after fork from parent process 9792]
[Inferior 1 (process 9792) detached]
 =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=
=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 memcpy=
=C2=A0 builtin_memcpy=C2=A0 simple_memcpy

Thread 2.1 "ld.so.1" received signal SIGBUS, Bus error.
[Switching to process 9795]
0x00011e30 in ?? ()
(gdb) disass $pc-16,$pc+16
Dump of assembler code from 0x11e20 to 0x11e40:
 =C2=A0=C2=A0 0x00011e20:=C2=A0 ldo 2d0(r15),r15
 =C2=A0=C2=A0 0x00011e24:=C2=A0 ldi 0,ret0
 =C2=A0=C2=A0 0x00011e28:=C2=A0 cmpb,=3D ret0,r11,0x11e40
 =C2=A0=C2=A0 0x00011e2c:=C2=A0 shladd,l ret0,2,r10,r22
=3D> 0x00011e30:=C2=A0 stw ret0,0(r22)
 =C2=A0=C2=A0 0x00011e34:=C2=A0 ldo 1(ret0),ret0
 =C2=A0=C2=A0 0x00011e38:=C2=A0 cmpb,<> ret0,r11,0x11e30
 =C2=A0=C2=A0 0x00011e3c:=C2=A0 shladd,l ret0,2,r10,r22
End of assembler dump.
(gdb) p/x $r22
$1 =3D 0xf9a39001
(gdb) p/x $ret0
$2 =3D 0x0
(gdb) p/x $r10
$3 =3D 0xf9a39001

This is in do_test1:
(gdb) break *0x00011e30
Breakpoint 1 at 0x11e30: file test-memcpy.c, line 253.
(gdb) list test-memcpy.c:253
248=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 size_t i;
249=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 size_t repeats;
250=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 for(repeats =3D 0; repeats < 2; rep=
eats++)
251=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 {
252=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 for (i =3D =
0; i < array_size; i++)
253=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=
 src[i] =3D (uint32_t) i;
254=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 FOR_EACH_IM=
PL (impl, 0)
255=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=
 {
256=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=
=C2=A0=C2=A0 memset (dest, -1, size);
257=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=
=C2=A0=C2=A0 CALL (impl, (char *) dest, (char *) src, size);

It looks like src is misaligned.

So far, I haven't been able to run test directly.=C2=A0 When I try to run it
directly, I get a divide by 0 trap in
__nptl_tls_static_size_for_stack():

/* Compute the size of the static TLS area based on data from the
 =C2=A0=C2=A0 dynamic loader.=C2=A0 */
static inline size_t
__nptl_tls_static_size_for_stack (void)
{
 =C2=A0 return roundup (GLRO (dl_tls_static_size), GLRO (dl_tls_static_alig=
n));
}

--=20
You are receiving this mail because:
You are on the CC list for the bug.=