Patch Detail
get:
Show a patch.
patch:
Update a patch.
put:
Update a patch.
GET /api/1.1/patches/2230324/?format=api
{ "id": 2230324, "url": "http://patchwork.ozlabs.org/api/1.1/patches/2230324/?format=api", "web_url": "http://patchwork.ozlabs.org/project/glibc/patch/20260429145934.278803-3-fberat@redhat.com/", "project": { "id": 41, "url": "http://patchwork.ozlabs.org/api/1.1/projects/41/?format=api", "name": "GNU C Library", "link_name": "glibc", "list_id": "libc-alpha.sourceware.org", "list_email": "libc-alpha@sourceware.org", "web_url": "", "scm_url": "", "webscm_url": "" }, "msgid": "<20260429145934.278803-3-fberat@redhat.com>", "date": "2026-04-29T14:59:34", "name": "[2/2] wcsmbs: Add gconv module ref counter overflow test", "commit_ref": null, "pull_url": null, "state": "new", "archived": false, "hash": "ce3d71b7d0ca2af12152224c2a57c7bdc3d6d7b1", "submitter": { "id": 84672, "url": "http://patchwork.ozlabs.org/api/1.1/people/84672/?format=api", "name": "Frédéric Bérat", "email": "fberat@redhat.com" }, "delegate": null, "mbox": "http://patchwork.ozlabs.org/project/glibc/patch/20260429145934.278803-3-fberat@redhat.com/mbox/", "series": [ { "id": 502092, "url": "http://patchwork.ozlabs.org/api/1.1/series/502092/?format=api", "web_url": "http://patchwork.ozlabs.org/project/glibc/list/?series=502092", "date": "2026-04-29T14:59:33", "name": "Fix gconv reference count overflow in swscanf", "version": 1, "mbox": "http://patchwork.ozlabs.org/series/502092/mbox/" } ], "comments": "http://patchwork.ozlabs.org/api/patches/2230324/comments/", "check": "pending", "checks": "http://patchwork.ozlabs.org/api/patches/2230324/checks/", "tags": {}, "headers": { "Return-Path": "<libc-alpha-bounces~incoming=patchwork.ozlabs.org@sourceware.org>", "X-Original-To": [ "incoming@patchwork.ozlabs.org", "libc-alpha@sourceware.org" ], "Delivered-To": [ "patchwork-incoming@legolas.ozlabs.org", "libc-alpha@sourceware.org" ], "Authentication-Results": [ "legolas.ozlabs.org;\n\tdkim=pass (1024-bit key;\n unprotected) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256\n header.s=mimecast20190719 header.b=I9FW8C+E;\n\tdkim-atps=neutral", "legolas.ozlabs.org;\n spf=pass (sender SPF authorized) smtp.mailfrom=sourceware.org\n (client-ip=38.145.34.32; helo=vm01.sourceware.org;\n envelope-from=libc-alpha-bounces~incoming=patchwork.ozlabs.org@sourceware.org;\n receiver=patchwork.ozlabs.org)", "sourceware.org;\n\tdkim=pass (1024-bit key,\n unprotected) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256\n header.s=mimecast20190719 header.b=I9FW8C+E", "sourceware.org; dmarc=pass (p=quarantine dis=none)\n header.from=redhat.com", "sourceware.org; spf=pass smtp.mailfrom=redhat.com", "server2.sourceware.org;\n arc=none smtp.remote-ip=170.10.129.124" ], "Received": [ "from vm01.sourceware.org (vm01.sourceware.org [38.145.34.32])\n\t(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)\n\t key-exchange x25519 server-signature ECDSA (secp384r1) server-digest SHA384)\n\t(No client certificate requested)\n\tby legolas.ozlabs.org (Postfix) with ESMTPS id 4g5L9L6kXgz1yK5\n\tfor <incoming@patchwork.ozlabs.org>; Thu, 30 Apr 2026 01:01:26 +1000 (AEST)", "from vm01.sourceware.org (localhost [127.0.0.1])\n\tby sourceware.org (Postfix) with ESMTP id 24B754BAE7FD\n\tfor <incoming@patchwork.ozlabs.org>; Wed, 29 Apr 2026 15:01:25 +0000 (GMT)", "from us-smtp-delivery-124.mimecast.com\n (us-smtp-delivery-124.mimecast.com [170.10.129.124])\n by sourceware.org (Postfix) with ESMTP id 2A7714BA23C2\n for <libc-alpha@sourceware.org>; Wed, 29 Apr 2026 14:59:52 +0000 (GMT)", "from mx-prod-mc-06.mail-002.prod.us-west-2.aws.redhat.com\n (ec2-35-165-154-97.us-west-2.compute.amazonaws.com [35.165.154.97]) by\n relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3,\n cipher=TLS_AES_256_GCM_SHA384) id us-mta-441-VNW6TWxBO_me0rZzY0i5xA-1; Wed,\n 29 Apr 2026 10:59:47 -0400", "from mx-prod-int-06.mail-002.prod.us-west-2.aws.redhat.com\n (mx-prod-int-06.mail-002.prod.us-west-2.aws.redhat.com [10.30.177.93])\n (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)\n key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest\n SHA256)\n (No client certificate requested)\n by mx-prod-mc-06.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS\n id C8BC7180060C; Wed, 29 Apr 2026 14:59:46 +0000 (UTC)", "from Nymeria-redhat.redhat.com (unknown [10.44.32.149])\n by mx-prod-int-06.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with\n ESMTPS\n id 3213B1800348; Wed, 29 Apr 2026 14:59:44 +0000 (UTC)" ], "DKIM-Filter": [ "OpenDKIM Filter v2.11.0 sourceware.org 24B754BAE7FD", "OpenDKIM Filter v2.11.0 sourceware.org 2A7714BA23C2" ], "DMARC-Filter": "OpenDMARC Filter v1.4.2 sourceware.org 2A7714BA23C2", "ARC-Filter": "OpenARC Filter v1.0.0 sourceware.org 2A7714BA23C2", "ARC-Seal": "i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1777474792; cv=none;\n b=Awvx7X9qPP6VrFjhZHLAF+Uugq82ton32veaB++Py8sSscUK5YM6CKPgv3CZx8C7aYC33CjEyfqGy/836dj/EG6kO5sfCMm/DGVdIDkdPuWioTrlN6huYVzrf30KMVyCGM+KCLL1T+7rIx5lZg6KrGgmQtd18wfU+3KXstl0tJ4=", "ARC-Message-Signature": "i=1; a=rsa-sha256; d=sourceware.org; s=key;\n t=1777474792; c=relaxed/simple;\n bh=fO4CQJrV00KIcoP6v4dnLXaLUhMMon3LQY/Yf7NQ7b0=;\n h=DKIM-Signature:From:To:Subject:Date:Message-ID:MIME-Version;\n b=uOqT2tuIn4OWqGiNnxc4XlL07UNX7gTFWYX1LxeTz9yVyEaNwfRN78MYcBZW2uXVjWhs3vTXqAqksS1xmAX58V6i0XSh/B/hVmxlzzS1XgeqMXHi7sQSw8pgf+J9tCBPBuBufbJ41kg6jUbV0ybKxNc8O5p8H63JmFDDrSrn3Ow=", "ARC-Authentication-Results": "i=1; server2.sourceware.org", "DKIM-Signature": "v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;\n s=mimecast20190719; t=1777474791;\n h=from:from:reply-to:subject:subject:date:date:message-id:message-id:\n to:to:cc:mime-version:mime-version:content-type:content-type:\n content-transfer-encoding:content-transfer-encoding:\n in-reply-to:in-reply-to:references:references;\n bh=xuaY+eeHNFAAd8kRQK6GH0Mj7YEQns7r6yuC35b7zbA=;\n b=I9FW8C+E4LDJA1j9eDoe4HhK3WLAuP1K3Kwn1LzITnJLstBsP5sgClHjIf9vkRzoYZ0rc8\n FcXqGEi+yzarXs7x+V4urskygMuCVaxZXwWIDqrCNPJkim0Vs5s0XByHWrY/87VsQLq0BP\n DYC3pQ+X307LoNlEqB9ES2awuFsLRAY=", "X-MC-Unique": "VNW6TWxBO_me0rZzY0i5xA-1", "X-Mimecast-MFC-AGG-ID": "VNW6TWxBO_me0rZzY0i5xA_1777474786", "From": "=?utf-8?b?RnLDqWTDqXJpYyBCw6lyYXQ=?= <fberat@redhat.com>", "To": "libc-alpha@sourceware.org, dj@redhat.com, fweimer@redhat.com,\n adhemerval.zanella@linaro.org", "Subject": "[PATCH 2/2] wcsmbs: Add gconv module ref counter overflow test", "Date": "Wed, 29 Apr 2026 16:59:34 +0200", "Message-ID": "<20260429145934.278803-3-fberat@redhat.com>", "In-Reply-To": "<20260429145934.278803-1-fberat@redhat.com>", "References": "<20260429145934.278803-1-fberat@redhat.com>", "MIME-Version": "1.0", "X-Scanned-By": "MIMEDefang 3.4.1 on 10.30.177.93", "X-Mimecast-Spam-Score": "0", "X-Mimecast-MFC-PROC-ID": "VHjiVKT9pxQ16ieTF4zfA5pGGHWjcZuh0bguDWihTIY_1777474786", "X-Mimecast-Originator": "redhat.com", "Content-Transfer-Encoding": "8bit", "content-type": "text/plain; charset=\"US-ASCII\"; x-default=true", "X-BeenThere": "libc-alpha@sourceware.org", "X-Mailman-Version": "2.1.30", "Precedence": "list", "List-Id": "Libc-alpha mailing list <libc-alpha.sourceware.org>", "List-Unsubscribe": "<https://sourceware.org/mailman/options/libc-alpha>,\n <mailto:libc-alpha-request@sourceware.org?subject=unsubscribe>", "List-Archive": "<https://sourceware.org/pipermail/libc-alpha/>", "List-Post": "<mailto:libc-alpha@sourceware.org>", "List-Help": "<mailto:libc-alpha-request@sourceware.org?subject=help>", "List-Subscribe": "<https://sourceware.org/mailman/listinfo/libc-alpha>,\n <mailto:libc-alpha-request@sourceware.org?subject=subscribe>", "Errors-To": "libc-alpha-bounces~incoming=patchwork.ozlabs.org@sourceware.org" }, "content": "Adds a new xtest, tst-wcsmbs-clone-overflow, to detect reference count\nleaks in gconv modules.\n\nThe test specifically targets an issue where functions like swscanf\ntrigger __wcsmbs_clone_conv without a corresponding release when\nprocessing wide character strings from stack-allocated buffers. This\nresults in a leaked reference count for the gconv module.\n\nThe test performs 0x80000000 iterations to ensure a 32-bit signed\ninteger reference counter overflows, thus reliably reproducing and\nverifying the leak. It is marked as an xtest due to its long runtime.\n\nAssisted-by: LLM\n---\n wcsmbs/Makefile | 3 +-\n wcsmbs/tst-wcsmbs-clone-overflow.c | 50 ++++++++++++++++++++++++++++++\n 2 files changed, 52 insertions(+), 1 deletion(-)\n create mode 100644 wcsmbs/tst-wcsmbs-clone-overflow.c", "diff": "diff --git a/wcsmbs/Makefile b/wcsmbs/Makefile\nindex 849a47971e..e9db577220 100644\n--- a/wcsmbs/Makefile\n+++ b/wcsmbs/Makefile\n@@ -208,7 +208,7 @@ tests := \\\n # tests\n \n # This test runs for a long time.\n-xtests += test-wcsncmp-nonarray\n+xtests += test-wcsncmp-nonarray tst-wcsmbs-clone-overflow\n \n \n include ../Rules\n@@ -241,6 +241,7 @@ $(objpfx)tst-c32-state.out: $(gen-locales)\n $(objpfx)test-c8rtomb.out: $(gen-locales)\n $(objpfx)test-mbrtoc8.out: $(gen-locales)\n $(objpfx)tst-wscanf-to_inpunct.out: $(gen-locales)\n+$(objpfx)tst-wcsmbs-clone-overflow.out: $(gen-locales)\n endif\n \n $(objpfx)tst-wcstod-round: $(libm)\ndiff --git a/wcsmbs/tst-wcsmbs-clone-overflow.c b/wcsmbs/tst-wcsmbs-clone-overflow.c\nnew file mode 100644\nindex 0000000000..a6f0a25685\n--- /dev/null\n+++ b/wcsmbs/tst-wcsmbs-clone-overflow.c\n@@ -0,0 +1,50 @@\n+/* Test for gconv module reference counter overflow.\n+ Copyright (C) 2026 Free Software Foundation, Inc.\n+ This file is part of the GNU C Library.\n+\n+ The GNU C Library is free software; you can redistribute it and/or\n+ modify it under the terms of the GNU Lesser General Public\n+ License as published by the Free Software Foundation; either\n+ version 2.1 of the License, or (at your option) any later version.\n+\n+ The GNU C Library is distributed in the hope that it will be useful,\n+ but WITHOUT ANY WARRANTY; without even the implied warranty of\n+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU\n+ Lesser General Public License for more details.\n+\n+ You should have received a copy of the GNU Lesser General Public\n+ License along with the GNU C Library; if not, see\n+ <https://www.gnu.org/licenses/>. */\n+\n+#include <stdio.h>\n+#include <wchar.h>\n+#include <locale.h>\n+#include <support/check.h>\n+#include <support/support.h>\n+\n+static int\n+do_test (int argc, char **argv)\n+{\n+ if (setlocale (LC_ALL, \"de_DE.ISO-8859-1\") == NULL)\n+ FAIL_EXIT1 (\"setlocale failed, check if de_DE.ISO-8859-1 is generated\");\n+\n+ /* The reproduction loop. 0x80000000 iterations are required to overflow\n+ a 32-bit signed integer. This typically takes 3-5 minutes. */\n+ wchar_t buf[32] = L\"123\";\n+ int j;\n+ for (long long i = 0; i < 0x80000000LL; i++)\n+ {\n+ /* swscanf on a stack-allocated buffer triggers __wcsmbs_clone_conv\n+ without a corresponding release, leaking a reference count. */\n+ if (swscanf (buf, L\"%d\", &j) < 1)\n+ FAIL_EXIT1 (\"swscanf failed at iteration %lld\", i);\n+ /* Prevent compiler from optimizing the loop away. */\n+ __asm__ volatile (\"\" : : \"g\" (j) : \"memory\");\n+ }\n+\n+ return 0;\n+}\n+\n+/* This test is slow because it requires billions of iterations. */\n+#define TIMEOUT 600\n+#include \"../test-skeleton.c\"\n", "prefixes": [ "2/2" ] }