From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <sourceware-bugzilla@sourceware.org>
Received: by sourceware.org (Postfix, from userid 48)
	id 7E8093858D32; Sun, 13 Aug 2023 17:52:21 +0000 (GMT)
DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 7E8093858D32
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sourceware.org;
	s=default; t=1691949141;
	bh=VH1XnF7AouB4QF4rZ9qdgSS+RTFcIOmJV/m8MNdrxYE=;
	h=From:To:Subject:Date:From;
	b=DP0Wj2p24NtNYxksdvOFG+FPb+O8OONsB4z6GoKAzVLZvrIWim4RleS8pHSN7pQ+G
	 owIPpXCoCYDo35ZwfQULRcpt/NiDKd963iScfINdECQVgeP17a9jS/9W7ojGts+j4s
	 96OSO6fr7rdCttbM05w0Lm+TtCsTKwDiESmWX9KM=
From: "danglin at gcc dot gnu.org" <sourceware-bugzilla@sourceware.org>
To: glibc-bugs@sourceware.org
Subject: [Bug libc/30750] New: Unaligned accesses in resolver
Date: Sun, 13 Aug 2023 17:52:20 +0000
X-Bugzilla-Reason: CC
X-Bugzilla-Type: new
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: glibc
X-Bugzilla-Component: libc
X-Bugzilla-Version: unspecified
X-Bugzilla-Keywords: 
X-Bugzilla-Severity: normal
X-Bugzilla-Who: danglin at gcc dot gnu.org
X-Bugzilla-Status: NEW
X-Bugzilla-Resolution: 
X-Bugzilla-Priority: P2
X-Bugzilla-Assigned-To: unassigned at sourceware dot org
X-Bugzilla-Target-Milestone: ---
X-Bugzilla-Flags: 
X-Bugzilla-Changed-Fields: bug_id short_desc product version bug_status
 bug_severity priority component assigned_to reporter cc target_milestone
 cf_gcchost cf_gcctarget cf_gccbuild attachments.created
Message-ID: <bug-30750-131@http.sourceware.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: http://sourceware.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
List-Id: <glibc-bugs.sourceware.org>

https://sourceware.org/bugzilla/show_bug.cgi?id=3D30750

            Bug ID: 30750
           Summary: Unaligned accesses in resolver
           Product: glibc
           Version: unspecified
            Status: NEW
          Severity: normal
          Priority: P2
         Component: libc
          Assignee: unassigned at sourceware dot org
          Reporter: danglin at gcc dot gnu.org
                CC: deller at gmx dot de, drepper.fsp at gmail dot com
  Target Milestone: ---
              Host: hppa*-*-linux*
            Target: hppa*-*-linux*
             Build: hppa*-*-linux*

Created attachment 15053
  --> https://sourceware.org/bugzilla/attachment.cgi?id=3D15053&action=3Ded=
it
Fix for unaligned accesses in resolver

Helge wrote recently:

Hi Dave,

I'm sure you have seen such messages in dmesg as well:
[ 5073.977098] exim4(11935): unaligned access to 0xf7ebadcd at ip 0xf5f7e307
(iir 0xd481043)
[ 5074.134880] exim4(11935): unaligned access to 0xf7ebadcd at ip 0xf5f7e1cf
(iir 0xee8104d)

I got annoyed by it, and tried to find the root cause:

Runing: prctl --unaligned=3Dsignal gdb /usr/sbin/exim4

points to glibc:

Program received signal SIGBUS, Bus error.
__GI___libc_res_queriesmatch (buf1=3D0xf7e29e70 "}\031\001", eom1=3D0xf7e29=
e91 "",
buf2=3D0xf7e28e09 "}\031\205\200",
    eom2=3D0xf7e29209 "\342\220\310\367\342\221\324") at res_queriesmatch.c=
:105
105     res_queriesmatch.c: No such file or directory.
(gdb) bt
#0  __GI___libc_res_queriesmatch (buf1=3D0xf7e29e70 "}\031\001", eom1=3D0xf=
7e29e91
"", buf2=3D0xf7e28e09 "}\031\205\200",
    eom2=3D0xf7e29209 "\342\220\310\367\342\221\324") at res_queriesmatch.c=
:105
#1  0xf5f81380 in send_dg (ansp2_malloced=3D0x0, resplen2=3D0x0, anssizp2=
=3D0x0,
ansp2=3D0x0, anscp=3D0xf7e2938c, gotsomewhere=3D<synthetic pointer>,
    v_circuit=3D<synthetic pointer>, ns=3D<optimized out>, terrno=3D0xf7e2a=
088,
anssizp=3D0xf7e29fc4, ansp=3D0xf7e29fc8, buflen2=3D0, buf2=3D0x0, buflen=3D=
33,
    buf=3D0xf7e29e70 "}\031\001", statp=3D0xf5fefab0 <_res>) at res_send.c:=
1204
#2  __GI___res_context_send (ctx=3D<optimized out>, buf=3D<optimized out>,
buflen=3D<optimized out>, buf2=3D0x0, buflen2=3D<optimized out>, ans=3D<opt=
imized out>,
    anssiz=3D<optimized out>, ansp=3D<optimized out>, ansp2=3D<optimized ou=
t>,
nansp2=3D<optimized out>, resplen2=3D<optimized out>, ansp2_malloced=3D<opt=
imized
out>)
    at res_send.c:373
#3  0xf5f7e600 in __GI___res_context_query (ctx=3D0xf7e29e70, name=3D0x20035
<acl_ratelimit+2344> "\301?Q#V\340", class=3D-1062726654, type=3D-167838588,
    answer=3D<optimized out>, anslen=3D<optimized out>, answerp=3D<optimize=
d out>,
answerp2=3D<optimized out>, nanswerp2=3D<optimized out>, resplen2=3D<optimi=
zed out>,
    answerp2_malloced=3D<optimized out>) at res_query.c:221
#4  0x00000000 in ?? ()

In glibc's ./resolv/res_queriesmatch.c:

 /* Note that we initially do not convert QDCOUNT to the host byte
     order.  We can compare it with the second buffer's QDCOUNT
     value without doing this.  */
  int qdcount =3D ((HEADER *) buf1)->qdcount;
  if (qdcount !=3D ((HEADER *) buf2)->qdcount)

so, buf2 is unaligned and that breaks.

Can we do something about it?

Checking the tests in resolv, I found one more place where unaligned access=
es
occur on hppa.

I'm testing the attached patch.

--=20
You are receiving this mail because:
You are on the CC list for the bug.=