BusyBox 1.36.0 regression: Segfaults on i386 musl libc

Steffen Nurpmeso steffen at sdaoden.eu
Fri Jan 6 20:07:45 UTC 2023


Natanael Copa wrote in
 <20230106103415.7eec7ac8 at ncopa-desktop.lan>:
 |On Thu, 05 Jan 2023 21:39:09 +0100
 |Sören Tempel <soeren at soeren-tempel.net> wrote:
 ...
 |> Looking at the backtrace, it seems that it segfaults in musl's dynamic
 |> loader. Since BusyBox 1.35.0 worked fine on x86 I bisected this and it
 |> turns out that this is a regression introduced in commit
 |> a96ccbefe417aaac6a2ce59c788e01fc0f83902f [1]. If I disable SHA/MD5
 |> hardware acceleration then BusyBox 1.36.0 builds fine and passes all
 |> tests on Alpine Linux x86.
 ...
 |I believe this happens due to ebx is clobbered which is needed for
 |position independent code (PIC) on 32 bit x86.
 |
 |I also wonder if the asm needs to be volatile.
 |
 |Try something like this:
 |
 |diff --git a/libbb/hash_md5_sha.c b/libbb/hash_md5_sha.c
 |index 880ffab01..d2351d3e6 100644
 |--- a/libbb/hash_md5_sha.c
 |+++ b/libbb/hash_md5_sha.c
 |@@ -17,8 +17,11 @@
 | # if defined(__GNUC__) && (defined(__i386__) || defined(__x86_64__))
 | static void cpuid(unsigned *eax, unsigned *ebx, unsigned *ecx, unsigned \
 | *edx)
 | {
 |-       asm ("cpuid"
 |-               : "=a"(*eax), "=b"(*ebx), "=c"(*ecx), "=d"(*edx)
 |+       asm volatile (
 |+               "mov %%ebx, %%esi;" /* save %ebx PIC register */
 |+               "cpuid;"
 |+               "xchg %%ebx, %%esi;"
 |+               : "=a"(*eax), "=S"(*ebx), "=c"(*ecx), "=d"(*edx)
 |: "0"(*eax),  "1"(*ebx),  "2"(*ecx),  "3"(*edx)
 |        );

Shouldn't it be enough to place "%ebx" in the "third operand"?
The following surely worked twenty years ago:

               asm volatile(
                "cpuid"
                : "=&a"(i), "=&d"(nedx)
                : "0"(0x80000001)
                : "%ebx", "%ecx"
                );

--steffen
|
|Der Kragenbaer,                The moon bear,
|der holt sich munter           he cheerfully and one by one
|einen nach dem anderen runter  wa.ks himself off
|(By Robert Gernhardt)


More information about the busybox mailing list