NetBSD Problem Report #56559

From manphiz@gmail.com  Mon Dec 20 09:38:25 2021
Return-Path: <manphiz@gmail.com>
Received: from mail.netbsd.org (mail.netbsd.org [199.233.217.200])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))
	(Client CN "mail.NetBSD.org", Issuer "mail.NetBSD.org CA" (not verified))
	by mollari.NetBSD.org (Postfix) with ESMTPS id 836411A9239
	for <gnats-bugs@gnats.NetBSD.org>; Mon, 20 Dec 2021 09:38:25 +0000 (UTC)
Message-Id: <20211220093820.9D57B22E1AB@yeeloong-netbsd.localdomain>
Date: Mon, 20 Dec 2021 01:38:20 -0800 (PST)
From: manphiz@gmail.com
Reply-To: manphiz@gmail.com
To: gnats-bugs@NetBSD.org
Subject: sudo and gnupg2 memory fault on Loongson/evbmips
X-Send-Pr-Version: 3.95

>Number:         56559
>Category:       pkg
>Synopsis:       sudo and gnupg2 memory fault (core dumped) when run.
>Confidential:   no
>Severity:       critical
>Priority:       high
>Responsible:    pkg-manager
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Mon Dec 20 09:40:00 +0000 2021
>Last-Modified:  Fri Dec 24 04:35:00 +0000 2021
>Originator:     manphiz@gmail.com
>Release:        NetBSD 8.2
>Organization:
>Environment:
System: NetBSD yeeloong-netbsd 8.2 NetBSD 8.2 (LOONGSON) #0: Tue Mar 31 05:08:40 UTC 2020 mkrepro@mkrepro.NetBSD.org:/usr/src/sys/arch/evbmips/compile/LOONGSON evbmips
Architecture: mips64el
Machine: evbmips
>Description:

	Some binaries from packages built from pkgsrc on
	Loongson/evbmips system result in memory fault (core dumped).
	Examples include sudo, visudo, gpg2, etc.  When running in
	command line, e.g. /usr/pkg/bin/sudo, output looks like below:

,----
| yeeloong-netbsd# sudo
| Memory fault (core dumped)
`----

	I tried to run it in gdb, but it seems the stack is corrupted:

,----
| # gdb /usr/pkg/bin/sudo 
| GNU gdb (GDB) 7.12
| Copyright (C) 2016 Free Software Foundation, Inc.
| License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
| This is free software: you are free to change and redistribute it.
| There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
| and "show warranty" for details.
| This GDB was configured as "mips64el--netbsd".
| Type "show configuration" for configuration details.
| For bug reporting instructions, please see:
| <http://www.gnu.org/software/gdb/bugs/>.
| Find the GDB manual and other documentation resources online at:
| <http://www.gnu.org/software/gdb/documentation/>.
| For help, type "help".
| Type "apropos word" to search for commands related to "word"...
| Reading symbols from /usr/pkg/bin/sudo...(no debugging symbols found)...done.
| (gdb) r
| Starting program: /usr/pkg/bin/sudo 
| 
| Program received signal SIGSEGV, Segmentation fault.
| 0x786d40e8 in _rtld (sp=<optimized out>, relocbase=<optimized out>) at /usr/src/libexec/ld.elf_so/rtld.c:718
| 718                             if ((*real___progname = strrchr(argv[0], '/')) == NULL)
| (gdb) bt
| #0  0x786d40e8 in _rtld (sp=<optimized out>, relocbase=<optimized out>) at /usr/src/libexec/ld.elf_so/rtld.c:718
| #1  0x786d09a4 in rtld_start () from /usr/libexec/ld.elf_so
| Backtrace stopped: frame did not save the PC
`----

	I've searched around this issue, and found this discussion[1]
	which seemed to suggest this was due to GNU_RELRO and a
	default page size of 8KB.  Nick suggested in [2] that a larger
	page size may help fix this and I've experimented locally with
	similar results.

,----
| yeeloong-netbsd$ cat hello.c                                                                                                                                                           | #include <stdio.h>
| 
| int main()
| {
|         printf("Hello, world!\n");
| }
| yeeloong-netbsd$ gcc -g -Wall -Wl,-zrelro hello.c                                                                                                                                      | yeeloong-netbsd$ ./a.out                                                                                                                                                               | Memory fault (core dumped) 
| yeeloong-netbsd$ gcc -g -Wall -Wl,-zrelro -Wl,-zcommon-page-size=0x100000 hello.c 
| yeeloong-netbsd$ ./a.out                                                                                                                                                               | Hello, world!
`----

        The gdb session with the a.out produced above looks similar to
        the one with sudo, so it looks like it's the same issue.

	I tried to modify /usr/pkgsrc/mk/compiler/gcc.mk to append
	this additional linker flag to _RELRO_LDFLAGS but it didn't
	seem to work:

,----
| Index: gcc.mk
| ===================================================================
| RCS file: /cvsroot/pkgsrc/mk/compiler/gcc.mk,v
| retrieving revision 1.232
| diff -u -p -r1.232 gcc.mk
| --- gcc.mk	7 Nov 2021 11:25:33 -0000	1.232
| +++ gcc.mk	20 Dec 2021 09:23:56 -0000
| @@ -393,6 +393,10 @@ _RELRO_LDFLAGS=		-Wl,-zrelro -Wl,-znow
|  _RELRO_LDFLAGS=		-Wl,-zrelro
|  .endif
|  
| +.if !empty(MACHINE_ARCH:Mmips*)
| +_RELRO_LDFLAGS=		-Wl,-zcommon-page-size=0x800000
| +.endif
| +
|  _STACK_CHECK_CFLAGS=	-fstack-check
|  
|  .if ${_PKGSRC_USE_STACK_CHECK} == "yes"
`----

	The approach in the previous patch didn't work as expected.
	Would be great to have a real fix.


>How-To-Repeat:
	Reproducible on Loongson/evbmips.  Those programs work fine on
	an AMD64 virtual machine those.

>Fix:
	Unknown.


[1] https://mail-index.netbsd.org/port-evbmips/2016/09/11/msg000289.html
[2] https://mail-index.netbsd.org/port-evbmips/2016/09/11/msg000291.html

>Audit-Trail:
From: manphiz <manphiz@gmail.com>
To: gnats-bugs@netbsd.org
Cc: 
Subject: Re: pkg/56559: sudo and gnupg2 memory fault on Loongson/evbmips
Date: Mon, 20 Dec 2021 21:38:42 -0800

 After some more testing, it turns out only sudo can be fixed by adding
 "-Wl,-z,common-page-size=0x10000" to LDFLAGS.  An example hacky patch
 is attached.  It may be beneficial to add this flag globally so that
 other ports may also be fixed.

 On the other hand, the LDFLAGS trick doesn't work for gnupg2.  On a
 closer look, the gnupg2 doesn't have "-Wl,-z,relro" in its LDFLAGS.
 As gnats doesn't handle attachments well, I'll send a follow-up email
 to port-mips with full gnupg2 build log hoping it will be useful for
 debugging purposes.


 Index: security/sudo/Makefile
 ===================================================================
 RCS file: /cvsroot/pkgsrc/security/sudo/Makefile,v
 retrieving revision 1.187
 diff -u -p -r1.187 Makefile
 --- security/sudo/Makefile      21 Oct 2021 07:46:38 -0000      1.187
 +++ security/sudo/Makefile      21 Dec 2021 05:27:01 -0000
 @@ -48,6 +48,11 @@ CFLAGS+=     -D_OPENBSD_SOURCE=1
  CFLAGS+=       -D_INCOMPLETE_XOPEN_C063=1
  .endif

 +# Hack to work around pkg/56559.  A more generic solution may be preferred.
 +.if !empty(MACHINE_ARCH:Mmips*)
 +LDFLAGS.NetBSD+=       -Wl,-z,common-page-size=0x10000
 +.endif
 +
  .include "options.mk"

  OWN_DIRS+=             ${VARBASE}/run

From: "Nia Alarie" <nia@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc: 
Subject: PR/56559 CVS commit: pkgsrc/mk/compiler
Date: Wed, 22 Dec 2021 10:14:27 +0000

 Module Name:	pkgsrc
 Committed By:	nia
 Date:		Wed Dec 22 10:14:27 UTC 2021

 Modified Files:
 	pkgsrc/mk/compiler: gcc.mk

 Log Message:
 mk: Set the default page size when compiling with RELRO with GCC on
 NetBSD/mips.

 PR pkg/56559


 To generate a diff of this commit:
 cvs rdiff -u -r1.233 -r1.234 pkgsrc/mk/compiler/gcc.mk

 Please note that diffs are not public domain; they are subject to the
 copyright notices on the relevant files.

From: manphiz <manphiz@gmail.com>
To: gnats-bugs@netbsd.org
Cc: pkg-manager@netbsd.org, gnats-admin@netbsd.org, pkgsrc-bugs@netbsd.org
Subject: Re: PR/56559 CVS commit: pkgsrc/mk/compiler
Date: Thu, 23 Dec 2021 03:13:38 -0800

 Thanks Nia!  I have rebuilt sudo on pkgsrc current with your patches
 and verified sudo to be working fine now on Loongson/evbmips n32.

 I'll open another PR regarding the gnupg2 issue with more info.  Feel
 free to close this one.

From: manphiz <manphiz@gmail.com>
To: pkg-manager@netbsd.org, gnats-admin@netbsd.org, pkgsrc-bugs@netbsd.org, 
	gnats-bugs@netbsd.org
Cc: 
Subject: Re: PR/56559 CVS commit: pkgsrc/mk/compiler
Date: Thu, 23 Dec 2021 06:33:43 -0800

 Actually I replied too early.  It looks like my locally changed
 Makefile of sudo was still in place when I built the working sudo.
 Once I reverted that Makefile to the HEAD version, the newly built
 sudo still crashed with the same memory fault issue.  So it looks like
 the previous change was not effective, and to make it work my patch to
 sudo's Makefile is still needed for now.  I'll try to grab a full
 build log next for a closer look.

 On Thu, Dec 23, 2021 at 3:15 AM manphiz <manphiz@gmail.com> wrote:
 >
 > The following reply was made to PR pkg/56559; it has been noted by GNATS.
 >
 > From: manphiz <manphiz@gmail.com>
 > To: gnats-bugs@netbsd.org
 > Cc: pkg-manager@netbsd.org, gnats-admin@netbsd.org, pkgsrc-bugs@netbsd.org
 > Subject: Re: PR/56559 CVS commit: pkgsrc/mk/compiler
 > Date: Thu, 23 Dec 2021 03:13:38 -0800
 >
 >  Thanks Nia!  I have rebuilt sudo on pkgsrc current with your patches
 >  and verified sudo to be working fine now on Loongson/evbmips n32.
 >
 >  I'll open another PR regarding the gnupg2 issue with more info.  Feel
 >  free to close this one.
 >

From: manphiz <manphiz@gmail.com>
To: pkg-manager@netbsd.org, gnats-admin@netbsd.org, pkgsrc-bugs@netbsd.org, 
	gnats-bugs@netbsd.org
Cc: 
Subject: Re: PR/56559 CVS commit: pkgsrc/mk/compiler
Date: Thu, 23 Dec 2021 20:29:20 -0800

 On Thu, Dec 23, 2021 at 6:33 AM manphiz <manphiz@gmail.com> wrote:
 >
 > Actually I replied too early.  It looks like my locally changed
 > Makefile of sudo was still in place when I built the working sudo.
 > Once I reverted that Makefile to the HEAD version, the newly built
 > sudo still crashed with the same memory fault issue.  So it looks like
 > the previous change was not effective, and to make it work my patch to
 > sudo's Makefile is still needed for now.  I'll try to grab a full
 > build log next for a closer look.

 Spent some more time on this.  It turns out sudo tries to add RELRO
 related flags on its own[1] which is independent of the general RELRO
 handling provided by pkgsrc.  So I guess my hacky patch for sudo may
 be the way to go in this case as it is specifically needed for mips*
 ports because its default stack size is insufficient.  A more
 full-fledged fix may involve patching GCC to increase default stack
 size for affected archs but that's beyond my understanding.

 [1] https://github.com/sudo-project/sudo/blob/main/configure.ac#L4867

 >
 > On Thu, Dec 23, 2021 at 3:15 AM manphiz <manphiz@gmail.com> wrote:
 > >
 > > The following reply was made to PR pkg/56559; it has been noted by GNATS.
 > >
 > > From: manphiz <manphiz@gmail.com>
 > > To: gnats-bugs@netbsd.org
 > > Cc: pkg-manager@netbsd.org, gnats-admin@netbsd.org, pkgsrc-bugs@netbsd.org
 > > Subject: Re: PR/56559 CVS commit: pkgsrc/mk/compiler
 > > Date: Thu, 23 Dec 2021 03:13:38 -0800
 > >
 > >  Thanks Nia!  I have rebuilt sudo on pkgsrc current with your patches
 > >  and verified sudo to be working fine now on Loongson/evbmips n32.
 > >
 > >  I'll open another PR regarding the gnupg2 issue with more info.  Feel
 > >  free to close this one.
 > >

NetBSD Home
NetBSD PR Database Search

(Contact us) $NetBSD: query-full-pr,v 1.46 2020/01/03 16:35:01 leot Exp $
$NetBSD: gnats_config.sh,v 1.9 2014/08/02 14:16:04 spz Exp $
Copyright © 1994-2020 The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.