From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <sourceware-bugzilla@sourceware.org>
Received: by sourceware.org (Postfix, from userid 48)
	id B8DFE3858D33; Tue, 24 Jan 2023 03:48:01 +0000 (GMT)
DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org B8DFE3858D33
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sourceware.org;
	s=default; t=1674532081;
	bh=POVENzxNCMQwHH7b9FMVutwOMm+rc0BGAMrLcJc+WmU=;
	h=From:To:Subject:Date:From;
	b=OWrY8IbsIAXjpf7bkkrBpUYGsenwgNrqvepfp1CxYmtWwnJv+u6GOjgZAzN1rLSmx
	 8g4+mmgiwnmySbrZHbApHuzV5xHuXzCHgrRwy3Iu1cM8PANy4/XTF0PhESoC5c3OYC
	 uH/Yc3+tc+Zg7FB3UzMZKpy54Gi5VFzS1/klWB9w=
From: "decui at microsoft dot com" <sourceware-bugzilla@sourceware.org>
To: glibc-bugs@sourceware.org
Subject: [Bug libc/30037] New: glibc 2.34 and newer segfault if CPUID leaf
 0x2 reports zero
Date: Tue, 24 Jan 2023 03:48:00 +0000
X-Bugzilla-Reason: CC
X-Bugzilla-Type: new
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: glibc
X-Bugzilla-Component: libc
X-Bugzilla-Version: 2.36
X-Bugzilla-Keywords: 
X-Bugzilla-Severity: normal
X-Bugzilla-Who: decui at microsoft dot com
X-Bugzilla-Status: UNCONFIRMED
X-Bugzilla-Resolution: 
X-Bugzilla-Priority: P2
X-Bugzilla-Assigned-To: unassigned at sourceware dot org
X-Bugzilla-Target-Milestone: ---
X-Bugzilla-Flags: 
X-Bugzilla-Changed-Fields: bug_id short_desc product version bug_status
 bug_severity priority component assigned_to reporter cc target_milestone
Message-ID: <bug-30037-131@http.sourceware.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: http://sourceware.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
List-Id: <glibc-bugs.sourceware.org>

https://sourceware.org/bugzilla/show_bug.cgi?id=3D30037

            Bug ID: 30037
           Summary: glibc 2.34 and newer segfault if CPUID leaf 0x2
                    reports zero
           Product: glibc
           Version: 2.36
            Status: UNCONFIRMED
          Severity: normal
          Priority: P2
         Component: libc
          Assignee: unassigned at sourceware dot org
          Reporter: decui at microsoft dot com
                CC: drepper.fsp at gmail dot com
  Target Milestone: ---

When I start an Intel TDX Ubuntu 22.04/22.10/23.04 (or RHEL 9.0) guest on
Hyper-V and on KVM, the guest always hits segfaults and can=E2=80=99t boot =
up:

[ 21.081453] Run /inits init process
[ 21.086896] with arguments:
[ 21.095790] /init
[ 21.100982] with environment:
[ 21.106611] HOME=3D/
[ 21.112463] TERM=3Dlinux
[ 21.119850] BOOT_IMAGE=3D/boot/vmlinuz-6.1.0-rc7-decui+
Loading, please wait...
Starting version 249.11-0ubuntu3.6
[ 21.253908] udevadm[144]: segfault at 56538d61e0c0 ip 00007f8f5899efeb sp
00007ffd08fb7648 error 6 in libc.so.6[7f8f58820000+195000] likely on CPU 0
(core 0, socket 0)
[ 21.316549] Code: 07 62 e1 7d 48 e7 4f 01 62 e1 7d 48 e7 67 40 62 e1 7d 48=
 e7
6f 41 62 61 7d 48 e7 87 00 20 00 00 62 61 7d 48 e7 8f 40 20 00 00 <62> 61 7=
d 48
e7 a7 00 30 00 00 62 61 7d 48 e7 af 40 30 00 00 48 83
Segmentation fault
[ 22.499317] setfont[153]: segfault at 55ef3b91b000 ip 00007f5899899fa4 sp
00007ffc8008f628 error 4 in libc.so.6[7f589971b000+195000] likely on CPU 0
(core 0, socket 0)
[ 22.602677] Code: 06 62 e1 fe 48 6f 4e 01 62 e1 fe 48 6f 66 40 62 e1 fe 48=
 6f
6e 41 62 61 fe 48 6f 86 00 20 00 00 62 61 fe 48 6f 8e 40 20 00 00 <62> 61 f=
e 48
6f a6 00 30 00 00 62 61 fe 48 6f ae 40 30 00 00 48 83
[ 22.732413] loadkeys[156]: segfault at 563ffe292000 ip 00007fbff957afa4 sp
00007ffe31453808 error 4 in libc.so.6[7fbff93fc000+195000] likely on CPU 0
(core 0, socket 0)
[ 22.833061] Code: 06 62 e1 fe 48 6f 4e 01 62 e1 fe 48 6f 66 40 62 e1 fe 48=
 6f
6e 41 62 61 fe 48 6f 86 00 20 00 00 62 61 fe 48 6f 8e 40 20 00 00 <62> 61 f=
e 48
6f a6 00 30 00 00 62 61 fe 48 6f ae 40 30 00 00 48 83

The segfault only happens to recent glibc versions (e.g. v2.35 in Ubuntu 22=
.04,
and v2.34 in RHEL 9.0). It doesn=E2=80=99t happens to v2.31 in Ubuntu 20.04=
, or v2.32
in Ubuntu 20.10.

At first I thought this is Bug 28784 - x86: crash in 32bit memset-sse2.s wh=
en
the cache size can not be determined
(https://sourceware.org/bugzilla/show_bug.cgi?id=3D28784), but it turns out=
 the
fix for Bug 28784 (i.e. commit a51b76b71e8190a50b0e0c0b32f313888b930108 "x8=
6:
use default cache size if it cannot be determined [BZ #28784]") is alredy
included into the Ubuntu distros.=20

The fix for Bug 28784 is in the upstream glibc 2.35, so glibc 2.36 doesn't
suffer from Bug 28784, but I'm seeting the same segfault with=20
the Ubuntu 23.04 dev build
(https://cloud-images.ubuntu.com/lunar/20230120/lunar-server-cloudimg-amd64=
-azure.vhd.tar.gz)
where glibc 2.36-0ubuntu4 is used (BTW, this file can confirm the fix for B=
ug
28784 is indeed in the glibc 2.36 code in Ubuntu 23.04:
https://git.launchpad.net/ubuntu/+source/glibc/tree/sysdeps/x86/cacheinfo.h=
?h=3Dimport/2.36-4#n64)


I suspect the segfault also exists in the upstream glibc 2.36 and probably
newer, but I can't confirm it because I don't know how to upgrade the glibc=
 in
a distro (is this even possible?) so I'm opening this bug and I hope someone
can shed some light. Thanks!

--=20
You are receiving this mail because:
You are on the CC list for the bug.=