bug#30820: Chunked store references in compiled code break grafting (again)

[Mark H Weaver]

address@hidden (Ludovic Courtès) writes:

> The recently added glibc grafts triggered issues that, in the end, show
> the return of <http://bugs.gnu.org/24703> (“Store references in 8-byte
> chunks in compiled code”).

I think that we should generalize our reference scanning and grafting
code to support store references broken into pieces, as long as each
piece containing part of the hash is at least 8 bytes long.

Here's my preliminary proposal:

(1) The reference scanner should recognize any 8-byte substring of a
    hash as a valid reference to that hash.

(2) To enable reliable grafting of chunked references, we should impose
    the following new restrictions: (a) the store prefix must be at
    least 6 bytes, (b) grafting can change only the hash, not the
    readable part of the store name, and (c) the readable part of the
    store name must be at least 6 bytes.

(3) The grafter should recognize and replace any 8-byte subsequence of
    the absolute store file name.

The rationale for the restrictions is to ensure that any byte that needs
to be modified by the grafter should be part of an 8-byte substring of
the absolute store file name.  This requires that there be at least 7
bytes of known text before the first changed byte and after the last
changed byte.  This is needed to provide a reasonable upper bound on the
probability of grafting a matching sequence of bytes that is not a store
reference.

I'd be willing to work on implementing this soon.

What do you think?

      Mark