Project

General

Profile

Actions
Copy link

Bug #12757

closed

lz4 hash table does not start zeroed

Added by Andy Fiddaman 12 months ago. Updated 12 months ago.

Status:
Closed
Priority:
High
Assignee:
Andy Fiddaman
Category:
tools - gate/build tools
Start date:
Due date:
% Done:

100%

Estimated time:
Difficulty:
Medium
Tags:
Gerrit CR:

Description

I experienced a reproducible gate build failure on a box with an Atom CPU.

The physical processor has 8 virtual processors (0-7)
  x86 (GenuineIntel 406D8 family 6 model 77 step 8 clock 2400 MHz)
        Intel(r) Atom(tm) CPU  C2750  @ 2.40GHz

debugging core file of vtfontcvt (32-bit) from theeo
initial argv: ./vtfontcvt -f compressed-source -o /dev/null ter-u16n.bdf
threading model: native threads
status: process terminated by SIGSEGV (Segmentation Fault), addr=8101049

0803f898 LZ4_compress64kCtx+0x286(80e1008, 80fc008, 80ff00c, 6c0, 6bc)
0803f8d8 real_LZ4_compress+0x3f(80fc008, 80ff00c, 6c0, 6bc)
0803f908 lz4_compress+0x28(80fc008, 80ff008, 6c0, 6c0, 0)
0803f958 write_fnt_source+0x1b1(1, 803fc4c)
0803f998 main+0x254(803f99c, fedc85e8)
0803f9d8 _start_crt+0x96(6, 803fa04, fefd0d2f, 0, 0, 0)
0803f9f8 _start+0x1a(6, 803fc28, 803fc34, 803fc37, 803fc49, 803fc4c)

This turns out to be because usr/src/common/lz4/lz4.c does not zero the initial hash table for compression in userland (although it does in the kernel, thankfully).

The memory area for the hash table is full of old data, hence the crash:

> 860a008::dump -l 4096
           0 1 2 3  4 5 6 7 \/ 9 a b  c d e f  01234567v9abcdef
860a000:  08400000 f87f103a 30300a30 300a3030  .@.....:00.00.00
860a010:  0a30300a 30300a30 300a3430 0a34300a  .00.00.00.40.40.
860a020:  30300a30 300a3434 0a34340a 30300a45  00.00.44.44.00.E
860a030:  4e444348 41520a53 54415254 43484152  NDCHAR.STARTCHAR
860a040:  20756e69 32384336 0a454e43 4f44494e   uni28C6.ENCODIN
860a050:  47203130 3433380a 53574944 54482035  G 10438.SWIDTH 5
860a060:  30302030 0a445749 44544820 3820300a  00 0.DWIDTH 8 0.
860a070:  42425820 38203136 2030202d 340a4249  BBX 8 16 0 -4.BI
860a080:  544d4150 0a30300a 30300a30 300a3030  TMAP.00.00.00.00
860a090:  0a30300a 34300a34 300a3030 0a30300a  .00.40.40.00.00.
860a0a0:  34300a34 300a3030 0a30300a 34340a34  40.40.00.00.44.4
860a0b0:  340a3030 0a454e44 43484152 0a535441  4.00.ENDCHAR.STA
860a0c0:  52544348 41522075 6e693238 43370a45  RTCHAR uni28C7.E
860a0d0:  4e434f44 494e4720 31303433 390a5357  NCODING 10439.SW
860a0e0:  49445448 20353030 20300a44 57494454  IDTH 500 0.DWIDT
860a0f0:  48203820 300a4242 58203820 31362030  H 8 0.BBX 8 16 0
...
Actions
Copy link
 #1

Updated by Andy Fiddaman 12 months ago

  • Description updated (diff)
Actions
Copy link
 #2

Updated by Electric Monk 12 months ago

  • Status changed from In Progress to Closed
  • % Done changed from 0 to 100

git commit cab7c30c9587a8c7b5dd94af5f688dc5b8e8add7

commit  cab7c30c9587a8c7b5dd94af5f688dc5b8e8add7
Author: Andy Fiddaman <omnios@citrus-it.co.uk>
Date:   2020-05-20T20:05:47.000Z

    12757 lz4 hash table does not start zeroed
    Reviewed by: Dan McDonald <danmcd@joyent.com>
    Reviewed by: Robert Mustacchi <rm@fingolfin.org>
    Reviewed by: Toomas Soome <tsoome@me.com>
    Reviewed by: Gergő Mihály Doma <domag02@gmail.com>
    Approved by: Gordon Ross <gordon.w.ross@gmail.com>

Actions
Copy link

Also available in: Atom PDF