Ahh I was looking in the wrong place - glibc-sources shows the fix
in 2.36-9+deb12u1:
glibc (2.36-9+deb12u1) bookworm; urgency=medium
[ Aurelien Jarno ]
* debian/patches/git-updates.diff: update from upstream stable branch:
- Affecting bookworm release architectures:
- Improve mcount overflow handling in gmon.
- Fix a buffer overflow in gmon (CVE-2023-0687).
- Fix a memory corruption when incorrectly calling gmon functions
repeatedly on in wrong order.
- Fix a deadlock in getaddrinfo (__check_pf) with deferred
cancellation.
- Fix y2038 support in strftime on 32-bit architectures.
- Fix corner case parsing of /etc/gshadow which can return bad
pointers
causing segfaults in applications.
- Fix a deadlock in system() when called concurrently from multiple
threads.
- cdefs: limit definition of fortification macros to __FORTIFY_LEVEL
> 0
to support old C90 compilers.
- Not affecting bookworm release architectures:
- Fix LFS POSIX lock constants for powerpc64.
- Fix GL(dl_phdr) and GL(dl_phnum) for static builds. Closes:
#1028200.
- Not affecting debian architectures:
- Fix LFS POSIX lock constants on 32 bit arch with 64 bit default
time_t.
- No change in the generated code:
- Fix asm constraints in amd64 version of feraiseexcept (bug not
visible
with GCC 12).
So I guess we just need a rebuild of the later glibc for the alpha cross
compiler?
On Fri, 20 Oct 2023 at 17:16, Alex Bennée <alex.ben...@linaro.org> wrote:
> Hi,
>
> While updating QEMU's debian-all-test-cross docker image to bookworm I
> found "check-tcg" broke for alpha. The docker image is essentially a
> slim debian image with minimal qemu build deps and all the cross
> compilers Debian packages that support a QEMU guest.
>
> Digging into the failure it was pretty early on in start-up code:
>
> (gdb) x/5i $pc
> => 0x12003e370 <__ctype_init+48>: ldq t0,0(t0)
> 0x12003e374 <__ctype_init+52>: ldq t4,56(t0)
> 0x12003e378 <__ctype_init+56>: ldq t2,64(t0)
> 0x12003e37c <__ctype_init+60>: ldq t0,80(t0)
> 0x12003e380 <__ctype_init+64>: lda t4,256(t4)
> (gdb) p/x $t0
> $1 = 0x0
>
> which looks like TLS is very broken on static builds. Chatting with
> Peter and Adhemerval pointed me to:
>
> https://lists.debian.org/debian-alpha/2023/01/msg00020.html
>
> which has been merged into glibc. However I can't work out if its in the
> bookwork packages. I suspect not because I ran a test where I bumped
> debian-all-test-cross to trixie (which ships 2.37-3cross1) and alpha
> passes check-tcg. However I'm not sure how to navigate the
> cross-toolchain-base-ports-62 to work out if the fix is in. The upstream
> doesn't have any stable release tags beyond glibc-2.36.
>
> In the release/2.36/master branch the fix is:
>
> d5aaece8a3 elf: Fix GL(dl_phdr) and GL(dl_phnum) for static builds [BZ
> #29864]
>
> So to summarise:
>
> - what does Debian's 2.36-8cross1 map to on the release branch?
> - if it doesn't include the above commit can we get a newer release
> with a fix?
>
> Thanks,
>
> --
> Alex Bennée
> Virtualisation Tech Lead @ Linaro
>
--
Alex Bennée
Emulation and Virtualisation Tech Lead @ Linaro
