NetBSD Problem Report #48490

From imre@vdsz.com  Thu Jan  2 18:50:28 2014
Return-Path: <imre@vdsz.com>
Received: from mail.netbsd.org (mail.netbsd.org [149.20.53.66])
	(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
	(Client CN "mail.NetBSD.org", Issuer "Postmaster NetBSD.org" (not verified))
	by mollari.NetBSD.org (Postfix) with ESMTPS id 0EDB6A61B7
	for <gnats-bugs@gnats.NetBSD.org>; Thu,  2 Jan 2014 18:50:28 +0000 (UTC)
Message-Id: <20140102185021.7CA7CC97D@deneb.fritz.box>
Date: Thu,  2 Jan 2014 19:50:21 +0100 (CET)
From: imre@vdsz.com
Reply-To: imre@vdsz.com
To: gnats-bugs@NetBSD.org
Subject: Opera-12.16 segfaults on NetBSD-6.99.28/i386
X-Send-Pr-Version: 3.95

>Number:         48490
>Category:       kern
>Synopsis:       Opera-12.16 segfaults on NetBSD-6.99.28/i386
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    kern-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Thu Jan 02 18:55:00 +0000 2014
>Originator:     Imre Vadasz
>Release:        NetBSD 6.99.28
>Organization:

>Environment:


System: NetBSD deneb.fritz.box 6.99.28 NetBSD 6.99.28 (CF29MK3_GENFB) #6: Thu Jan 2 16:55:17 CET 2014 root@deneb.fritz.box:/usr/obj/sys/arch/i386/compile/CF29MK3_GENFB i386
Architecture: i386
Machine: i386
>Description:
Opera-12.16 (linux binary) from pkgsrc segfaults on NetBSD-6.99.28/i386,
whereas the opera binary works fine when booting a 6.99.24/i386 kernel instead.

>How-To-Repeat:
Try to run opera-12.16 on NetBSD-6.99.28/i386.

>Fix:
With this patch opera works again (and other linux binaries still work).

The first part (regarding linux_exec.h) adds the 16 byte of the random numbers
to the LINUX_ELF_AUX_ARGSIZ, as is implicitly done in the corresponding code
for amd64 (in "sys/compat/linux/arch/amd64/linux_exec.h" line 62).

I'm not sure if the second part is really necessary. It's supposed to put the
random numbers for the LINUX_AT_RANDOM argument below (meaning at higher
addresses on x86) the arguments vector.

The code for 64bit architectures and amd64 specifically, that corresponds to
the i386/linux_exec.h and common/linux_exec_elf32.c files seems much more
organized, so it might make sense to copy some code from there.

--- sys/compat/linux/arch/i386/linux_exec.h.orig
+++ sys/compat/linux/arch/i386/linux_exec.h
@@ -35,9 +35,11 @@
 #define LINUX_M_I386		100
 #define LINUX_MID_MACHINE	LINUX_M_I386
 #define LINUX_USRSTACK		0xC0000000
+#define LINUX_RANDOM_BYTES	16

 #define LINUX_ELF_AUX_ARGSIZ 	\
-	(howmany(LINUX_ELF_AUX_ENTRIES * sizeof(Aux32Info), sizeof(Elf32_Addr)))
+	(howmany(LINUX_ELF_AUX_ENTRIES * sizeof(Aux32Info) + \
+	         LINUX_RANDOM_BYTES, sizeof(Elf32_Addr)))

 #define LINUX_DEBUGLINK_SIGNATURE

############################
--- sys/compat/linux/common/linux_exec_elf32.c.orig
+++ sys/compat/linux/common/linux_exec_elf32.c
@@ -475,8 +475,9 @@ ELFNAME2(linux,copyargs)(struct lwp *l, struct exec_package *pack,
 		a->a_v = kauth_cred_getegid(l->l_cred);
 	a++;

+	len = (a - ai) * sizeof(AuxInfo) + 2 * sizeof(AuxInfo);
 	a->a_type = LINUX_AT_RANDOM;
-	a->a_v = (Elf_Addr)*stackp;
+	a->a_v = (Elf_Addr)((*stackp) + len);
 	a++;

 	a->a_type = AT_NULL;
@@ -488,13 +489,13 @@ ELFNAME2(linux,copyargs)(struct lwp *l, struct exec_package *pack,
 	randbytes[2] = random();
 	randbytes[3] = random();

-	len = sizeof(randbytes);
-	if ((error = copyout(randbytes, *stackp, len)) != 0)
+	len = (a - ai) * sizeof(AuxInfo);
+	if ((error = copyout(ai, *stackp, len)) != 0)
 		return error;
 	*stackp += len;

-	len = (a - ai) * sizeof(AuxInfo);
-	if ((error = copyout(ai, *stackp, len)) != 0)
+	len = sizeof(randbytes);
+	if ((error = copyout(randbytes, *stackp, len)) != 0)
 		return error;
 	*stackp += len;

############################

>Unformatted:

NetBSD Home
NetBSD PR Database Search

(Contact us) $NetBSD: query-full-pr,v 1.39 2013/11/01 18:47:49 spz Exp $
$NetBSD: gnats_config.sh,v 1.8 2006/05/07 09:23:38 tsutsui Exp $
Copyright © 1994-2007 The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.