Your message dated Fri, 01 Jan 2016 15:47:08 +0000 with message-id <[email protected]> and subject line Bug#800574: fixed in glibc 2.19-18+deb8u2 has caused the Debian Bug report #800574, regarding libc6: lock elision hazard on Intel Broadwell and Skylake to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [email protected] immediately.) -- 800574: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=800574 Debian Bug Tracking System Contact [email protected] with problems
--- Begin Message ---Package: libc6 Version: 2.19-4 Severity: grave Justification: causes non-serious data loss Intel Broadwell-H and Skylake-S/H have critical errata that causes HLE to be extremely dangerous to use on those processors, resulting in unpredictable behavior (i.e. process crashes when you are lucky, data corruption when you are not) when hardware lock-elision is enabled in glibc/libpthread. Broadwell errata BBD50 (desktop/mobile), BDW50 (server): An HLE (Hardware Lock Elision) transactional region begins with an instruction with the XACQUIRE prefix. Due to this erratum, reads from within the transactional region of the memory destination of that instruction may return the value that was in memory before the transactional region began According to the Intel errata list, a firmware fix is possible, but I have no idea whether it is done by toggling a boot-locked MSR that disables HLE, or through a microcode update. The MSR is more likely, but if it is a microcode update, it is going to be as much of a hazard as the Haswell one that disabled TSX+HLE. I recommend that we extend the HLE blacklist in glibc to also include CPU signature 0x40671. This will disable HLE on Xeon E3-1200v4, and 5th-generation Core i5/i7. These processors are supposed to already have TSX disabled (errata BBD51/BDW51). Skylake's latest public specification update still doesn't list any HLE errata, but it is not really recent. OTOH, there is a Gentoo user's report that Skylake is also unstable when HLE is enabled in glibc and that the crashes stop when glibc is compiled without lock elision. For that reason, it might be a good idea to also blacklist HLE on CPU signatures 0x506e1, 0x506e2 and 0x506e3, which would disable HLE on Skylake-S and Skylake-H (6th gen Core i5/i7). This won't cover the Skylake Xeon E3-1200v5, for which there are no reports of breakage (nor a public specification update I could find). References: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=762195 https://bbs.archlinux.org/viewtopic.php?id=202545 In hindsight, it looks like we would have been better off by disabling lock elision entirely for Debian jessie when we fixed #762195. Something to consider when the time comes to fix this bug in stable through a stable update... -- "One disk to rule them all, One disk to find them. One disk to bring them all and in the darkness grind them. In the Land of Redmond where the shadows lie." -- The Silicon Valley Tarot Henrique Holschuh
--- End Message ---
--- Begin Message ---Source: glibc Source-Version: 2.19-18+deb8u2 We believe that the bug you reported is fixed in the latest version of glibc, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [email protected], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Aurelien Jarno <[email protected]> (supplier of updated glibc package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [email protected]) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Mon, 28 Dec 2015 21:39:40 +0100 Source: glibc Binary: libc-bin libc-dev-bin glibc-doc glibc-source locales locales-all nscd multiarch-support libc6 libc6-dev libc6-dbg libc6-pic libc6-udeb libc6.1 libc6.1-dev libc6.1-dbg libc6.1-pic libc6.1-udeb libc0.3 libc0.3-dev libc0.3-dbg libc0.3-pic libc0.3-udeb libc0.1 libc0.1-dev libc0.1-dbg libc0.1-pic libc0.1-udeb libc6-i386 libc6-dev-i386 libc6-sparc libc6-dev-sparc libc6-sparc64 libc6-dev-sparc64 libc6-s390 libc6-dev-s390 libc6-amd64 libc6-dev-amd64 libc6-powerpc libc6-dev-powerpc libc6-ppc64 libc6-dev-ppc64 libc6-mips32 libc6-dev-mips32 libc6-mipsn32 libc6-dev-mipsn32 libc6-mips64 libc6-dev-mips64 libc0.1-i386 libc0.1-dev-i386 libc6-x32 libc6-dev-x32 libc6-i686 libc6-xen libc0.1-i686 libc0.3-i686 libc0.3-xen libc6.1-alphaev67 libc6-loongson2f libnss-dns-udeb libnss-files-udeb Architecture: source all Version: 2.19-18+deb8u2 Distribution: stable Urgency: medium Maintainer: Aurelien Jarno <[email protected]> Changed-By: Aurelien Jarno <[email protected]> Description: glibc-doc - GNU C Library: Documentation glibc-source - GNU C Library: sources libc-bin - GNU C Library: Binaries libc-dev-bin - GNU C Library: Development binaries libc0.1 - GNU C Library: Shared libraries libc0.1-dbg - GNU C Library: detached debugging symbols libc0.1-dev - GNU C Library: Development Libraries and Header Files libc0.1-dev-i386 - GNU C Library: 32bit development libraries for AMD64 libc0.1-i386 - GNU C Library: 32bit shared libraries for AMD64 libc0.1-i686 - GNU C Library: Shared libraries [i686 optimized] libc0.1-pic - GNU C Library: PIC archive library libc0.1-udeb - GNU C Library: Shared libraries - udeb (udeb) libc0.3 - GNU C Library: Shared libraries libc0.3-dbg - GNU C Library: detached debugging symbols libc0.3-dev - GNU C Library: Development Libraries and Header Files libc0.3-i686 - GNU C Library: Shared libraries [i686 optimized] libc0.3-pic - GNU C Library: PIC archive library libc0.3-udeb - GNU C Library: Shared libraries - udeb (udeb) libc0.3-xen - GNU C Library: Shared libraries [Xen version] libc6 - GNU C Library: Shared libraries libc6-amd64 - GNU C Library: 64bit Shared libraries for AMD64 libc6-dbg - GNU C Library: detached debugging symbols libc6-dev - GNU C Library: Development Libraries and Header Files libc6-dev-amd64 - GNU C Library: 64bit Development Libraries for AMD64 libc6-dev-i386 - GNU C Library: 32-bit development libraries for AMD64 libc6-dev-mips32 - GNU C Library: o32 Development Libraries for MIPS libc6-dev-mips64 - GNU C Library: 64bit Development Libraries for MIPS64 libc6-dev-mipsn32 - GNU C Library: n32 Development Libraries for MIPS64 libc6-dev-powerpc - GNU C Library: 32bit powerpc development libraries for ppc64 libc6-dev-ppc64 - GNU C Library: 64bit Development Libraries for PowerPC64 libc6-dev-s390 - GNU C Library: 32bit Development Libraries for IBM zSeries libc6-dev-sparc - GNU C Library: 32bit Development Libraries for SPARC libc6-dev-sparc64 - GNU C Library: 64bit Development Libraries for UltraSPARC libc6-dev-x32 - GNU C Library: X32 ABI Development Libraries for AMD64 libc6-i386 - GNU C Library: 32-bit shared libraries for AMD64 libc6-i686 - GNU C Library: Shared libraries [i686 optimized] libc6-loongson2f - GNU C Library: Shared libraries (Loongson 2F optimized) libc6-mips32 - GNU C Library: o32 Shared libraries for MIPS libc6-mips64 - GNU C Library: 64bit Shared libraries for MIPS64 libc6-mipsn32 - GNU C Library: n32 Shared libraries for MIPS64 libc6-pic - GNU C Library: PIC archive library libc6-powerpc - GNU C Library: 32bit powerpc shared libraries for ppc64 libc6-ppc64 - GNU C Library: 64bit Shared libraries for PowerPC64 libc6-s390 - GNU C Library: 32bit Shared libraries for IBM zSeries libc6-sparc - GNU C Library: 32bit Shared libraries for SPARC libc6-sparc64 - GNU C Library: 64bit Shared libraries for UltraSPARC libc6-udeb - GNU C Library: Shared libraries - udeb (udeb) libc6-x32 - GNU C Library: X32 ABI Shared libraries for AMD64 libc6-xen - GNU C Library: Shared libraries [Xen version] libc6.1 - GNU C Library: Shared libraries libc6.1-alphaev67 - GNU C Library: Shared libraries (EV67 optimized) libc6.1-dbg - GNU C Library: detached debugging symbols libc6.1-dev - GNU C Library: Development Libraries and Header Files libc6.1-pic - GNU C Library: PIC archive library libc6.1-udeb - GNU C Library: Shared libraries - udeb (udeb) libnss-dns-udeb - GNU C Library: NSS helper for DNS - udeb (udeb) libnss-files-udeb - GNU C Library: NSS helper for files - udeb (udeb) locales - GNU C Library: National Language (locale) data [support] locales-all - GNU C Library: Precompiled locale data multiarch-support - Transitional package to ensure multiarch compatibility nscd - GNU C Library: Name Service Cache Daemon Closes: 779587 798316 798515 799966 800523 800574 801691 802256 803927 Changes: glibc (2.19-18+deb8u2) stable; urgency=medium . [ Aurelien Jarno ] * Update from upstream stable branch: - Fix getaddrinfo sometimes returning uninitialized data with nscd. Closes: #798515. - Fix data corruption while reading the NSS files database (CVE-2015-5277). Closes: #799966. - Fix buffer overflow (read past end of buffer) in internal_fnmatch. - Fix _IO_wstr_overflow integer overflow. - Fix unexpected closing of nss_files databases after lookups, causing denial of service (CVE-2014-8121). Closes: #779587. - Fix NSCD netgroup cache. Closes: #800523. * patches/any/cvs-ld_pointer_guard.diff: new patch from upstream to unconditionally disable LD_POINTER_GUARD. Closes: #798316, #801691. * patches/any/cvs-mangle-tls_dtor_list.diff: new patch from upstream to mangle function pointers in tls_dtor_list. Closes: #802256. * patches/any/cvs-strxfrm-buffer-overflows.diff: new patch from upstream to fix memory allocations issues that can lead to buffer overflows on the stack. Closes: #803927. . [ Henrique de Moraes Holschuh ] * Replace patches/amd64/local-blacklist-on-TSX-Haswell.diff by local-blacklist-for-Intel-TSX.diff also blacklisting some Broadwell models. Closes: #800574. Checksums-Sha1: e4386b9b316fb3366323a25c5626df580b3dd100 8236 glibc_2.19-18+deb8u2.dsc 9a766804327f12ab4424afab959c97d930421f1a 1040948 glibc_2.19-18+deb8u2.debian.tar.xz bbf48a19e71e8c9367d8514ff2e1131d34f0134e 2267136 glibc-doc_2.19-18+deb8u2_all.deb 35528d07531cc05b48fe0a3405de48e2ab91491b 13976542 glibc-source_2.19-18+deb8u2_all.deb 0b0f9e53d313deb1965e7994c386b5384be66bc2 3954372 locales_2.19-18+deb8u2_all.deb Checksums-Sha256: f87e7448c2e460aac9b1a420469b7848b057a5d4e9f716b26d0277446eabac13 8236 glibc_2.19-18+deb8u2.dsc 0e407d1610ba95adfe641d7030ddac13105682f638cf8ff1286dfd1c44d24aa3 1040948 glibc_2.19-18+deb8u2.debian.tar.xz 24366700536fe92feb1570b5ce733d09fac4d1956a5904e330ad7bb642a2a167 2267136 glibc-doc_2.19-18+deb8u2_all.deb b940f7c54a40513b5915ff6534b89d5f6b2154c2e78980bfe37b08264f55f90d 13976542 glibc-source_2.19-18+deb8u2_all.deb e7694d8bfafffbf78b3ebb79f9e3218d699f0e13b761e1f4c7848705eebc9fe2 3954372 locales_2.19-18+deb8u2_all.deb Files: 645a3775c11f5c216a25683b37db0f80 8236 libs required glibc_2.19-18+deb8u2.dsc f7c75b3bdf661a84abf51420f15b6933 1040948 libs required glibc_2.19-18+deb8u2.debian.tar.xz 80e5c2d6537a71b13c549f628e2fdf71 2267136 doc optional glibc-doc_2.19-18+deb8u2_all.deb fa2a8d49a5d97782a4f17aaea6edb642 13976542 devel optional glibc-source_2.19-18+deb8u2_all.deb f3090452ea4d882d1891f265b90a5979 3954372 localization standard locales_2.19-18+deb8u2_all.deb Package-Type: udeb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBAgAGBQJWgb0OAAoJELqceAYd3Yyb8FcP/3FJ4wWofgVMLI/u8Po9Iq2e s3YRCwQNyCR7yGPiQS4Ow5OX3z/McXAG9MptMrWJUPetlFYttMqJJ7oW6Sgx5gZq oZqbU2bI3pvH3qzy/VJfhJSD9r9qYoDRg+5N1LJtpF8D42CbEnKZDNT0KEAFo2qB 5lQcesVhfOGJt8GywiI8W+E10qSaAioWE/qD+D5QSpzoO25suB+9b8spGRZKIT/9 5B36o0DZFfcooPWjjkzab245TKu4SSSmC721whR2HcS4u3mcx9ZdqTEpsEk0DNWm Hq25r0UJ8nvBffrgBY23odYRWgWeSNQcVml07RFY0dkNyz6FaX1x0917wnBzLvgX 0QAM+gSNs07e6QQV1AnrGzpXRUXsD3KTVklMrkKrKlZ0qmVZjKwzIm3COrIdEXUD 2FU/nSO49zLAvH+kUGMSeDQRDg4pgG2A/uhIq+ty8oBzkDiQvOpZNO8XZ8x2f43O g1l/RcUF46yzu3WJjKOGoyukKvLMnhywppTHkD4S7fVL+p1mtpBr6p+lNQ9wZuHk lxYJH4VcmcN1r2mEG6NcR8vdnSWueFIANaFRb/gSiz+oFo0inGLVFgC82a7moD05 yKXLR5BQo5fBNu0upLIrPHK1td9+bAaCyl2O5KlER2YzLtEqVJWcj2J5W/8itYaV 3XIC0DPL18g5+v9LXDpC =+T4w -----END PGP SIGNATURE-----
--- End Message ---
