> Another one is to rebuild bash-static against libc6 2.36-9+deb12u8.
Then we need to define dependencies very carefully, e.g. bash-static
5.2.15-2+b7 requires libc6 2.36-9+deb12u7 or lower and 5.2.15-2+b8
requires 2.36-9+deb12u8 or higher. Is it possible to just drop that patch
in Debian's builds and declare libc6 2.36-9+deb12u8 bad?
On Mon, Oct 7, 2024 at 2:58 PM Aurelien Jarno <aure...@debian.org> wrote:
> control: found -1 2.36-9+deb12u8
>
> Hi,
>
> On 2024-10-01 13:25, Jingyuan Liang wrote:
> > Package: libc6
> > Version: 2.38-7+gl0
> > Severity: normal
> > X-Debbugs-Cc: jingyuanli...@google.com
> >
> > Dear Maintainer,
> >
> > The issue happened in a containerized context - the system information
> extracted below doesn't apply.
> >
> > If you speak Docker, the build below is a reproduction of the issue;
> otherwise, just skip this.
> >
> > ```
> > FROM debian:bookworm-slim AS bash
> >
> > RUN apt-get update && apt-get install -y --no-install-recommends
> --no-install-suggests bash-static
> >
> > FROM
> gcr.io/distroless/base-debian12@sha256:6ae5fe659f28c6afe9cc2903aebc78a5c6ad3aaa3d9d0369760ac6aaea2529c8
> >
> > COPY --from=bash /bin/bash-static /bin/bash
> >
> > ENTRYPOINT ["/bin/bash"]
> > ```
>
> Thanks for reporting this and for the docker reproducer. This can be
> reproduced in a simpler way by:
> - using "compat" in /etc/nsswitch.conf for the passwd database.
> - executing bash-static or this simple program compiled statically:
>
> | #include <pwd.h>
> | #include <sys/types.h>
> | #include <unistd.h>
> |
> | int main()
> | {
> | return getpwuid(getuid()) != NULL;
> | }
>
> The issue has been introduced by the following upstream commit:
>
> | commit 24de733967029fd902c34073d2ab25b900887352
> | Author: Wilco Dijkstra <wilco.dijks...@arm.com>
> | Date: Thu Mar 21 16:48:33 2024 +0000
> |
> | AArch64: Check kernel version for SVE ifuncs
> |
> | Old Linux kernels disable SVE after every system call. Calling the
> | SVE-optimized memcpy afterwards will then cause a trap to reenable
> SVE.
> | As a result, applications with a high use of syscalls may run slower
> with
> | the SVE memcpy. This is true for kernels between 4.15.0 and before
> 6.2.0,
> | except for 5.14.0 which was patched. Avoid this by checking the
> kernel
> | version and selecting the SVE ifunc on modern kernels.
> |
> | Parse the kernel version reported by uname() into a 24-bit
> kernel.major.minor
> | value without calling any library functions. If uname() is not
> supported or
> | if the version format is not recognized, assume the kernel is modern.
> |
> | Tested-by: Florian Weimer <fwei...@redhat.com>
> | Reviewed-by: Szabolcs Nagy <szabolcs.n...@arm.com>
> | (cherry picked from commit 2e94e2f5d2bf2de124c8ad7da85463355e54ccb2)
>
> A workaround is to use "compat" in /etc/nsswitch.conf if your setup
> allows that ("files" being the default). Another one is to rebuild
> bash-static against libc6 2.36-9+deb12u8.
>
> I have brought up the issue upstream:
> https://sourceware.org/pipermail/libc-alpha/2024-October/160401.html
>
> Regards
> Aurelien
>
> --
> Aurelien Jarno GPG: 4096R/1DDD8C9B
> aurel...@aurel32.net http://aurel32.net
>
