------- Comment From <email address hidden> 2016-05-03 04:46 EDT-------
(In reply to comment #31)
> Similarally these are flagged up as bad in yakkety, yet were built with good
> toolchain already (complete list):
> ceph-test_10.1.2-0ubuntu1_s390x.deb
This one is from April 14th and still appears to have a problem. Are you sure that it has been compiled with the fixed toolchain?
The package ceph-test_10.2.0-0ubuntu0.16.04.1_s390x.deb also has a hit.
However, ceph-test_10.2.0-0ubuntu1_s390x.deb appears to be clean. Perhaps that one is the new package?
> higan_094-6build1_s390x.deb
False positive. The tool detects a stack pointer restore operation in a C++ finally block. But the restored stack pointer at that point is already the decremented one so the accesses appearing afterwards do access valid stack space.
> juju-mongodb3.2_3.2.4-0ubuntu1_s390x.deb
That package is from April 12th. There is a more recent version which appears to be fine:
juju-mongodb3.2_3.2.4-0ubuntu3_s390x.deb
> libiv-unidraw1_1.2.11a1-6build1_s390x.deb
False positive. Same problem as with higan.
> Could you double check them in case we are missing fixes in toolchains,
> and/or false positives. It could be that these link a static libgcc1 from
> gcc-6 which is unfixed. And if we have this bug in libgcc.a the scope for
> this bug is much larger.
Agreed, a hit in libgcc would require massive rebuilds. Fortunately I didn't find anything in libgcc so far. It should be rather unlikely since it does not build with -fno-omit-framepointer. So far I've only seen problems in binaries built with that option.
------- Comment From <email address hidden> 2016-05-03 04:46 EDT-------
(In reply to comment #31)
> Similarally these are flagged up as bad in yakkety, yet were built with good
> toolchain already (complete list):
> ceph-test_ 10.1.2- 0ubuntu1_ s390x.deb 10.2.0- 0ubuntu0. 16.04.1_ s390x.deb also has a hit. 10.2.0- 0ubuntu1_ s390x.deb appears to be clean. Perhaps that one is the new package?
This one is from April 14th and still appears to have a problem. Are you sure that it has been compiled with the fixed toolchain?
The package ceph-test_
However, ceph-test_
> higan_094- 6build1_ s390x.deb
False positive. The tool detects a stack pointer restore operation in a C++ finally block. But the restored stack pointer at that point is already the decremented one so the accesses appearing afterwards do access valid stack space.
> juju-mongodb3. 2_3.2.4- 0ubuntu1_ s390x.deb 2_3.2.4- 0ubuntu3_ s390x.deb
That package is from April 12th. There is a more recent version which appears to be fine:
juju-mongodb3.
> libiv-unidraw1_ 1.2.11a1- 6build1_ s390x.deb
False positive. Same problem as with higan.
> Could you double check them in case we are missing fixes in toolchains, framepointer. So far I've only seen problems in binaries built with that option.
> and/or false positives. It could be that these link a static libgcc1 from
> gcc-6 which is unfixed. And if we have this bug in libgcc.a the scope for
> this bug is much larger.
Agreed, a hit in libgcc would require massive rebuilds. Fortunately I didn't find anything in libgcc so far. It should be rather unlikely since it does not build with -fno-omit-