(In reply to Noah Goldstein from comment #3)
> (In reply to Noah Goldstein from comment #2)
> > (In reply to Simon Chopin from comment #0)
> > > I did some tests on master (2f39e44a84) for the upcoming 2.37 release, and I
> > > found a regression in libunistring test suite on amd64 with AVX-2
> > > instructions, more specifically on gnulib's test-strncat. It can be
> > > reproduced using these instructions:
> > >
> > > https://sourceware.org/glibc/wiki/Testing/Gnulib
> > >
> > >
> > > I bisected the issue to
> > > commit 642933158e7cf072d873231b1a9bb03291f2b989
> > > Author: Noah Goldstein <email address hidden>
> > > Date: Tue Nov 8 17:38:39 2022 -0800
> > >
> > > x86: Optimize and shrink st{r|p}{n}{cat|cpy}-avx2 functions
> > >
> > > Optimizations are:
> > > 1. Use more overlapping stores to avoid branches.
> > > 2. Reduce how unrolled the aligning copies are (this is more of a
> > > code-size save, its a negative for some sizes in terms of
> > > perf).
> > > 3. For st{r|p}n{cat|cpy} re-order the branches to minimize the
> > > number that are taken.
> > >
> > > I get the following backtrace:
> > >
> > > #0 __strncat_avx2 () at ../sysdeps/x86_64/multiarch/strncat-avx2.S:76
> >
> > Do you know what instruction its segfaulting at?
> > > #1 0x00005555555555d7 in strncat (__len=0, __src=0x7ffff7de4000 "",
> > > __dest=0x55555555c2a1 "") at
> > > /tmp/glibc-dev/include/bits/string_fortified.h:138
> > > #2 check_single (input=input@entry=0x7ffff7de4000 "", n=n@entry=0,
> > > length=90) at unistr/test-strncat.h:41
> > > #3 0x0000555555555352 in check (input=0x555555559100 <input> "Grüß Gott.
> > > Здравствуйте! x=(-b±sqrt(b²-4ac))/(2a) 日本語,中文,한글", input_length=91)
> > > at unistr/test-strncat.h:86
> > > #4 main () at test-strncat.c:58
> > >
> > > I'm out of my depth in the assembler code.
>
> Reproduced. Changed the `malloc` to mmap and put it at the end of the code.
>
> Issue is:
> ```
> test %rdx, %rdx
> jl L(zero_len)
> ```
>
> Needs to be `jle` (was `decq` at some point, when changed didn't update
> flag).
> I think the test is actually UB b.c `dst` is not a valid null-terminated
> string (even though zero length), but will fix.
`src` is not a valid null-terminated string*
(In reply to Noah Goldstein from comment #3) /sourceware. org/glibc/ wiki/Testing/ Gnulib 2d873231b1a9bb0 3291f2b989 {n}{cat| cpy}-avx2 functions x86_64/ multiarch/ strncat- avx2.S: 76 e4000 "", 0x55555555c2a1 "") at dev/include/ bits/string_ fortified. h:138 input@entry= 0x7ffff7de4000 "", n=n@entry=0, test-strncat. h:41 0x555555559100 <input> "Grüß Gott. b²-4ac) )/(2a) 日本語,中文,한글", input_length=91) test-strncat. h:86
> (In reply to Noah Goldstein from comment #2)
> > (In reply to Simon Chopin from comment #0)
> > > I did some tests on master (2f39e44a84) for the upcoming 2.37 release, and I
> > > found a regression in libunistring test suite on amd64 with AVX-2
> > > instructions, more specifically on gnulib's test-strncat. It can be
> > > reproduced using these instructions:
> > >
> > > https:/
> > >
> > >
> > > I bisected the issue to
> > > commit 642933158e7cf07
> > > Author: Noah Goldstein <email address hidden>
> > > Date: Tue Nov 8 17:38:39 2022 -0800
> > >
> > > x86: Optimize and shrink st{r|p}
> > >
> > > Optimizations are:
> > > 1. Use more overlapping stores to avoid branches.
> > > 2. Reduce how unrolled the aligning copies are (this is more of a
> > > code-size save, its a negative for some sizes in terms of
> > > perf).
> > > 3. For st{r|p}n{cat|cpy} re-order the branches to minimize the
> > > number that are taken.
> > >
> > > I get the following backtrace:
> > >
> > > #0 __strncat_avx2 () at ../sysdeps/
> >
> > Do you know what instruction its segfaulting at?
> > > #1 0x00005555555555d7 in strncat (__len=0, __src=0x7ffff7d
> > > __dest=
> > > /tmp/glibc-
> > > #2 check_single (input=
> > > length=90) at unistr/
> > > #3 0x0000555555555352 in check (input=
> > > Здравствуйте! x=(-b±sqrt(
> > > at unistr/
> > > #4 main () at test-strncat.c:58
> > >
> > > I'm out of my depth in the assembler code.
>
> Reproduced. Changed the `malloc` to mmap and put it at the end of the code.
>
> Issue is:
> ```
> test %rdx, %rdx
> jl L(zero_len)
> ```
>
> Needs to be `jle` (was `decq` at some point, when changed didn't update
> flag).
> I think the test is actually UB b.c `dst` is not a valid null-terminated
> string (even though zero length), but will fix.
`src` is not a valid null-terminated string*