From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: by sourceware.org (Postfix, from userid 48) id 7ECA33857B8D; Fri, 23 Sep 2022 15:39:26 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 7ECA33857B8D DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sourceware.org; s=default; t=1663947566; bh=OXzwbUujeMbCgp2lGY/Gu3JGzwjeXdi7xy2nGx8I9ho=; h=From:To:Subject:Date:From; b=nuDahzOpdVkyuGx7KDOAHJFiupTLNbUdAmpzq29lZr8k/CbZYHHi9583MCeXz9RZc ZSQX+eoxprrFkBCANWojxspufL8Vq+Ftr2RK7kGLcqMH1OoAGILxXpa1r5NEqnsMw+ +bJOIRV5sMB2ZL1c5+okoy6dR5vHmLBXqGTaZ3RY= From: "holger@applied-asynchrony.com" To: glibc-bugs@sourceware.org Subject: [Bug nscd/29607] New: nscd repeatably crashes calling __strlen_avx2 when hosts cache is enabled Date: Fri, 23 Sep 2022 15:39:25 +0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: new X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: glibc X-Bugzilla-Component: nscd X-Bugzilla-Version: 2.36 X-Bugzilla-Keywords: X-Bugzilla-Severity: critical X-Bugzilla-Who: holger@applied-asynchrony.com X-Bugzilla-Status: UNCONFIRMED X-Bugzilla-Resolution: X-Bugzilla-Priority: P2 X-Bugzilla-Assigned-To: unassigned at sourceware dot org X-Bugzilla-Target-Milestone: --- X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: bug_id short_desc product version bug_status bug_severity priority component assigned_to reporter cc target_milestone Message-ID: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: http://sourceware.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 List-Id: https://sourceware.org/bugzilla/show_bug.cgi?id=3D29607 Bug ID: 29607 Summary: nscd repeatably crashes calling __strlen_avx2 when hosts cache is enabled Product: glibc Version: 2.36 Status: UNCONFIRMED Severity: critical Priority: P2 Component: nscd Assignee: unassigned at sourceware dot org Reporter: holger@applied-asynchrony.com CC: drepper.fsp at gmail dot com Target Milestone: --- Gentoo Linux recently enabled use of glibc-2.36 and I quickly found a repeatable crashing regression with nscd, which was rock-solid reliable with glibc-2.35. Initial analysis of the bug is at: https://bugs.gentoo.org/872401 The bug does not occur with hosts cache disabled. Reducing the number of threads does not help, i.e. it also crashes when run with a single thread a= nd in -d mode, e.g. in gdb. With enabled hosts cache nscd quickly crashes, repeatably so with a quick series of requests which happens e.g. when using mtr (multi-trace-route). Initial analysis points to aicache:153 being passed a NULL value; this theo= ry seems to have merit because the crash also happens also on a different plat= form where it crashes in __strlen_sse2 - pointing to the same pattern. The NULL value seems to originate from nss's file-hosts.c:459. A quick-fix attempt at checking for NULL and using 0 as value for strlen (l= ike in aicache.c:324) did not help; instead nscd returns odd results (e.g. mtr says: Packet type unsupported: Invalid argument) and still crashes, so the = NULL pointer being passed to strlen() just seems to be the messenger. A quick check of the nscd tree shows no major changes recently, so the real problem is likely somewhere else (nss?). Unfortunately I do not know enough about glibc's resolver internals to go on a hunt, and can therefore only report. I can however gladly and easily test patches. --=20 You are receiving this mail because: You are on the CC list for the bug.=