From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <aurelien@aurel32.net>
Received: from hall.aurel32.net (hall.aurel32.net [IPv6:2001:bc8:30d7:100::1])
 by sourceware.org (Postfix) with ESMTPS id 254E33858D3C
 for <libc-stable@sourceware.org>; Mon, 17 Jan 2022 18:48:33 +0000 (GMT)
DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org 254E33858D3C
Authentication-Results: sourceware.org;
 dmarc=none (p=none dis=none) header.from=aurel32.net
Authentication-Results: sourceware.org; spf=none smtp.mailfrom=aurel32.net
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=aurel32.net
 ; s=202004.hall;
 h=Content-Transfer-Encoding:MIME-Version:Message-Id:Date:
 Subject:Cc:To:From:Content-Type:From:Reply-To:Subject:Content-ID:
 Content-Description:In-Reply-To:References:X-Debbugs-Cc;
 bh=/p7bvg03J7PkYNyOKJSwB3JugsOSzpVuqYcPXP3zJvQ=; b=Ipa/JLqHUSFOSZCr6sAUmS216j
 L/WeNfIBBLHYn04M4Ilr23UhKlr/EiXAsYFj6dFOAlZMBwAjwM0VmPp4ZJMgH59g+DLyth3ssXlqh
 kEXFrPXpXeNX1sk0tt6pYRtT6QPeFf81FLhiXV9qApRyD67JzuboTjp0TjjnaHH3GvC3Ix8i1+z6H
 QEJ2hPa+u527QYlGgHJN5UjnRLJ7NDRihxiMvs3eVkNjfRRjc0YmPBQZFMsgCWWUO4AzqPBVaCZGB
 EPfgcd09TmY2JU+pN0LnuRfrM1yIBzXH9dRSEMMt00x56oSG6qd5fxuc70lvnaJSbp/EcYyINBjSf
 fa/ST/SQ==;
Received: from [2a01:e34:ec5d:a741:8a4c:7c4e:dc4c:1787] (helo=ohm.rr44.fr)
 by hall.aurel32.net with esmtpsa (TLS1.3) tls
 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2)
 (envelope-from <aurelien@aurel32.net>)
 id 1n9X3P-00AQfL-H4; Mon, 17 Jan 2022 19:48:31 +0100
Received: from aurel32 by ohm.rr44.fr with local (Exim 4.95)
 (envelope-from <aurelien@aurel32.net>) id 1n9X3P-00ABPq-40;
 Mon, 17 Jan 2022 19:48:31 +0100
From: Aurelien Jarno <aurelien@aurel32.net>
To: libc-stable@sourceware.org
Cc: Aurelien Jarno <aurelien@aurel32.net>, "H . J . Lu" <hjl.tools@gmail.com>
Subject: [COMMITTED 2.34] x86: use default cache size if it cannot be
 determined [BZ #28784]
Date: Mon, 17 Jan 2022 19:48:26 +0100
Message-Id: <20220117184826.2426247-1-aurelien@aurel32.net>
X-Mailer: git-send-email 2.34.1
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Spam-Status: No, score=-13.1 required=5.0 tests=BAYES_00, DKIM_SIGNED,
 DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, GIT_PATCH_0, SPF_HELO_PASS, SPF_NONE,
 TXREP autolearn=ham autolearn_force=no version=3.4.4
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on
 server2.sourceware.org
X-BeenThere: libc-stable@sourceware.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Libc-stable mailing list <libc-stable.sourceware.org>
List-Unsubscribe: <https://sourceware.org/mailman/options/libc-stable>,
 <mailto:libc-stable-request@sourceware.org?subject=unsubscribe>
List-Archive: <https://sourceware.org/pipermail/libc-stable/>
List-Help: <mailto:libc-stable-request@sourceware.org?subject=help>
List-Subscribe: <https://sourceware.org/mailman/listinfo/libc-stable>,
 <mailto:libc-stable-request@sourceware.org?subject=subscribe>
X-List-Received-Date: Mon, 17 Jan 2022 18:48:34 -0000

In some cases (e.g QEMU, non-Intel/AMD CPU) the cache information can
not be retrieved and the corresponding values are set to 0.

Commit 2d651eb9265d ("x86: Move x86 processor cache info to
cpu_features") changed the behaviour in such case by defining the
__x86_shared_cache_size and __x86_data_cache_size variables to 0 instead
of using the default values. This cause an issue with the i686 SSE2
optimized bzero/routine which assumes that the cache size is at least
128 bytes, and otherwise tries to zero/set the whole address space minus
128 bytes.

Fix that by restoring the original code to only update
__x86_shared_cache_size and __x86_data_cache_size variables if the
corresponding cache sizes are not zero.

Fixes bug 28784
Fixes commit 2d651eb9265d

Reviewed-by: H.J. Lu <hjl.tools@gmail.com>
(cherry picked from commit c242fcce06e3102ca663b2f992611d0bda4f2668)
---
 NEWS                    |  1 +
 sysdeps/x86/cacheinfo.h | 14 ++++++++++----
 2 files changed, 11 insertions(+), 4 deletions(-)

diff --git a/NEWS b/NEWS
index 58c6ae84fb..7e773bd005 100644
--- a/NEWS
+++ b/NEWS
@@ -42,6 +42,7 @@ The following bugs are resolved with this release:
   [28744] A64FX string functions are selected without SVE HWCAP
   [28771] %ebx optimization macros are incompatible with .altmacro
   [28768] CVE-2022-23218: Buffer overflow in sunrpc svcunix_create
+  [28784] x86: crash in 32bit memset-sse2.s when the cache size can not be determined
 
 
 Version 2.34
diff --git a/sysdeps/x86/cacheinfo.h b/sysdeps/x86/cacheinfo.h
index 41d2c81369..63f36877e3 100644
--- a/sysdeps/x86/cacheinfo.h
+++ b/sysdeps/x86/cacheinfo.h
@@ -61,14 +61,20 @@ init_cacheinfo (void)
   long int data = cpu_features->data_cache_size;
   /* Round data cache size to multiple of 256 bytes.  */
   data = data & ~255L;
-  __x86_data_cache_size_half = data / 2;
-  __x86_data_cache_size = data;
+  if (data > 0)
+    {
+      __x86_data_cache_size_half = data / 2;
+      __x86_data_cache_size = data;
+    }
 
   long int shared = cpu_features->shared_cache_size;
   /* Round shared cache size to multiple of 256 bytes.  */
   shared = shared & ~255L;
-  __x86_shared_cache_size_half = shared / 2;
-  __x86_shared_cache_size = shared;
+  if (shared > 0)
+    {
+      __x86_shared_cache_size_half = shared / 2;
+      __x86_shared_cache_size = shared;
+    }
 
   __x86_shared_non_temporal_threshold
     = cpu_features->non_temporal_threshold;
-- 
2.34.1