Date: Wed, 9 Mar 2016 09:12:55 +0000 From: Antoine Brodin <antoine@FreeBSD.org> To: Xin LI <delphij@gmail.com> Cc: Mathieu Arnold <mat@freebsd.org>, Jung-Uk Kim <jkim@freebsd.org>, Bryan Drewery <bdrewery@freebsd.org>, Xin LI <delphij@freebsd.org>, "src-committers@freebsd.org" <src-committers@freebsd.org>, "svn-src-all@freebsd.org" <svn-src-all@freebsd.org>, svn-src-releng@freebsd.org Subject: Re: svn commit: r296465 - in releng/9.3: . crypto/openssl crypto/openssl/apps crypto/openssl/bugs crypto/openssl/crypto crypto/openssl/crypto/aes crypto/openssl/crypto/asn1 crypto/openssl/crypto/bf cry... Message-ID: <CAALwa8mXg-eE3tZ1R=LAd9nWNAmTkqPmrSaZAmtrQ=u4-=wEeg@mail.gmail.com> In-Reply-To: <CAGMYy3tfrty-8r-Efzzd56d4AOdV0H%2BParrkUtBWR4f%2B0ZtxWw@mail.gmail.com> References: <201603071622.u27GMC4a082792@repo.freebsd.org> <9B6D673B7B15CCDC424E97A8@atuin.in.mat.cc> <56DEFD08.6050100@FreeBSD.org> <63FB9E5BBBF224CA12839457@ogg.in.absolight.net> <56DEFDF5.2040500@FreeBSD.org> <1E2DCDEE8775312979CE7D0B@ogg.in.absolight.net> <56DF0234.2090307@FreeBSD.org> <56DF025B.1090706@FreeBSD.org> <DC10EFD5F03DA877503B6C3E@ogg.in.absolight.net> <56DF0550.6000604@FreeBSD.org> <E24637388915226D9A922B8B@atuin.in.mat.cc> <CAGMYy3tfrty-8r-Efzzd56d4AOdV0H%2BParrkUtBWR4f%2B0ZtxWw@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Mar 9, 2016 at 12:47 AM, Xin LI <delphij@gmail.com> wrote: > This may be related to the BN changes (CVE-2016-0797 and/or > CVE-2016-0702). Will reverting just that portion of r296462 (stable/9 > patch would apply on 9.3 as well) help? This would help to narrow > down the root cause. > > I can't really do any debugging right now but will take a look as soon as= I can. fetch is also having Segmentation faults on some https sites after the 9.3-RELEASE-p37 update, see for instance: http://beefy2.nyi.freebsd.org/data/93amd64-default/410591/logs/errors/waifu= 2x-converter-cpp-1.0.0.410.log http://beefy2.nyi.freebsd.org/data/93amd64-default/410591/logs/errors/narci= ssu2-1.1.log Antoine > On Tue, Mar 8, 2016 at 2:45 PM, Mathieu Arnold <mat@freebsd.org> wrote: >> >> >> +--On 8 mars 2016 09:01:04 -0800 Bryan Drewery <bdrewery@FreeBSD.org> wr= ote: >> | On 3/8/2016 8:52 AM, Mathieu Arnold wrote: >> |> +--On 8 mars 2016 08:48:27 -0800 Bryan Drewery <bdrewery@FreeBSD.org> >> |> wrote: >> |> | On 3/8/2016 8:47 AM, Bryan Drewery wrote: >> |> |> On 3/8/2016 8:35 AM, Mathieu Arnold wrote: >> |> |>> +--On 8 mars 2016 08:29:41 -0800 Bryan Drewery <bdrewery@FreeBSD.= org> >> |> |>> wrote: >> |> |>> | On 3/8/2016 8:28 AM, Mathieu Arnold wrote: >> |> |>> |> +--On 8 mars 2016 08:25:44 -0800 Bryan Drewery >> |> |>> |> <bdrewery@FreeBSD.org> wrote: >> |> |>> |> | On 3/7/2016 4:29 PM, Mathieu Arnold wrote: >> |> |>> |> |> +--On 7 mars 2016 16:22:12 +0000 Xin LI <delphij@FreeBSD.or= g> >> |> |>> |> |> wrote: >> |> |>> |> |> | Author: delphij >> |> |>> |> |> | Date: Mon Mar 7 16:22:11 2016 >> |> |>> |> |> | New Revision: 296465 >> |> |>> |> |> | URL: https://svnweb.freebsd.org/changeset/base/296465 >> |> |>> |> |> | >> |> |>> |> |> | Log: >> |> |>> |> |> | Fix multiple OpenSSL vulnerabilities. >> |> |>> |> |> | >> |> |>> |> |> | Security: FreeBSD-SA-16:12.openssl >> |> |>> |> |> | Approved by: so >> |> |>> |> |> >> |> |>> |> |> After that, poudriere bulk fails with: >> |> |>> |> |> >> |> |>> |> |> [00:00:07] =3D=3D=3D=3D>> Creating pkgng repository >> |> |>> |> |> Creating repository in /tmp/packages: 100% >> |> |>> |> |> Packing files for repository: 0%Child process pid=3D50970 >> |> |>> |> |> terminated abnormally: Segmentation fault: 11 >> |> |>> |> |> [00:00:08] =3D=3D=3D=3D>> Cleaning up >> |> |>> |> |> 9amd64-pkgng-default: removed >> |> |>> |> |> 9amd64-pkgng-default-n: removed >> |> |>> |> |> >> |> |>> |> |> pkg-static is the one doing the segfault... >> |> |>> |> |> >> |> |>> |> | >> |> |>> |> | Is QEMU involved here? >> |> |>> |> | >> |> |>> |> | Do you have PKG_REPO_FROM_HOST or PKG_REPO_SIGNING_KEY set? = (Not >> |> |>> |> | saying you should) >> |> |>> |> >> |> |>> |> No, it's a regular 9amd64 build on a 10.2 amd64 host. >> |> |>> |> >> |> |>> | >> |> |>> | Can you please rebuild pkg with debug symbols and then run your= 9.3 >> |> |>> | version against the repo in gdb? >> |> |>> >> |> |>> I could yes, but not today, tomorrow at the earliest. How do I b= uild >> |> |>> the port with debug symbols ? >> |> |>> >> |> |> >> |> |> WITH_DEBUG=3Dyes make >> |> |> >> |> | >> |> | You might need this too: DEBUG_FLAGS=3D"-g -O0" >> |> >> |> Mmmm, ok, what commands do I need to run ? >> |> >> | >> | (assuming devel/gdb installed) >> | gdb710 --args /usr/local/sbin/pkg-static repo <path to repo> >> |# run >> | <crash> >> |# bt full >> >> Ok, so, it's 9.3, so there's no gdb710, but: >> >> >> the command ran is: >> >> root@pkg:/tmp/foo # pkg repo . ../repo.key >> Creating repository in .: 100% >> Packing files for repository: 0%Child process pid=3D16312 terminated >> abnormally: Segmentation fault: 11 >> root@pkg:/tmp/foo # gdb /usr/local/sbin/pkg pkg.core >> GNU gdb 6.1.1 [FreeBSD] >> Copyright 2004 Free Software Foundation, Inc. >> GDB is free software, covered by the GNU General Public License, and you= are >> welcome to change it and/or distribute copies of it under certain >> conditions. >> Type "show copying" to see the conditions. >> There is absolutely no warranty for GDB. Type "show warranty" for detai= ls. >> This GDB was configured as "amd64-marcel-freebsd"... >> Core was generated by `pkg'. >> Program terminated with signal 11, Segmentation fault. >> Reading symbols from /usr/local/lib/libpkg.so.3...done. >> Loaded symbols for /usr/local/lib/libpkg.so.3 >> Reading symbols from /lib/libutil.so.9...done. >> Loaded symbols for /lib/libutil.so.9 >> Reading symbols from /usr/lib/libssl.so.6...done. >> Loaded symbols for /usr/lib/libssl.so.6 >> Reading symbols from /lib/libcrypto.so.6...done. >> Loaded symbols for /lib/libcrypto.so.6 >> Reading symbols from /lib/libm.so.5...done. >> Loaded symbols for /lib/libm.so.5 >> Reading symbols from /usr/lib/libelf.so.1...done. >> Loaded symbols for /usr/lib/libelf.so.1 >> Reading symbols from /lib/libjail.so.1...done. >> Loaded symbols for /lib/libjail.so.1 >> Reading symbols from /usr/lib/libarchive.so.5...done. >> Loaded symbols for /usr/lib/libarchive.so.5 >> Reading symbols from /lib/libz.so.6...done. >> Loaded symbols for /lib/libz.so.6 >> Reading symbols from /usr/lib/libbz2.so.4...done. >> Loaded symbols for /usr/lib/libbz2.so.4 >> Reading symbols from /usr/lib/liblzma.so.5...done. >> Loaded symbols for /usr/lib/liblzma.so.5 >> Reading symbols from /lib/libc.so.7...done. >> Loaded symbols for /lib/libc.so.7 >> Reading symbols from /lib/libbsdxml.so.4...done. >> Loaded symbols for /lib/libbsdxml.so.4 >> Reading symbols from /libexec/ld-elf.so.1...done. >> Loaded symbols for /libexec/ld-elf.so.1 >> #0 0x0000000801219438 in BN_mod_exp_mont_consttime () from >> /lib/libcrypto.so.6 >> (gdb) bt full >> #0 0x0000000801219438 in BN_mod_exp_mont_consttime () from >> /lib/libcrypto.so.6 >> No symbol table info available. >> #1 0x00000008011f735f in RSA_PKCS1_SSLeay () from /lib/libcrypto.so.6 >> No symbol table info available. >> #2 0x00000008011f82fd in RSA_PKCS1_SSLeay () from /lib/libcrypto.so.6 >> No symbol table info available. >> #3 0x00000008011d28d9 in RSA_sign () from /lib/libcrypto.so.6 >> No symbol table info available. >> #4 0x00000008008dc73b in rsa_sign (path=3D0x7fffffffe3c0 "./meta", >> rsa=3D0x802c19260, sigret=3D0x7fffffffda78, siglen=3D0x7fffffffda8c) at = rsa.c:287 >> errbuf =3D >> "./meta.txz\000\000\b\000\000\000\001\000\000\000\001\000\000\000\004\00= 0\000\000\000\000\000\000 >> =EF=BF=BD=EF=BF=BD\177\000\000=EF=BF=BD=EF=BF=BD=EF=BF=BD\177\000\000=EF= =BF=BD=EF=BF=BD=EF=BF=BD\177\000\000T\203\220\000\b\000\000\000\020\000\000= \000\000\000\000\000WU\000\000\000\000-\v=EF=BF=BD\004=EF=BF=BD@=EF=BF=BD~= =3D=EF=BF=BD=EF=BF=BDU\000\000\000\000212\000\00 >> 0\000\000filesite_archiveeo002\b\000\000\000\200o002\b\000\000\000\020\0= 00\000\000\b\000\000\000=EF=BF=BDG\220\000\b\000\000\000\000\000\000\000\b\= 000\000\000\003\000\000\000\000\000\000\000=EF=BF=BD=EF=BF=BD=EF=BF=BD\177\= 000\000\204=EF=BF=BD=EF=BF=BD\177\000\0000=EF=BF=BD=EF=BF=BD\177\000\000"..= . >> max_len =3D 512 >> ret =3D 10591143 >> sha256 =3D 0x802c2d1f0 >> "fd24852c468ef31bd675129fd02b676ce7cffae895089292fa513784873689a6" >> #5 0x00000008008c2295 in pkg_repo_pack_db (name=3D0x800a20ec8 "meta", >> archive=3D0x7fffffffe3c0 "./meta", path=3D0x7fffffffe3c0 "./meta", >> rsa=3D0x802c19260, meta=3D0x802c68600, argv=3D0x7fffffffeb88, argc=3D1) = at >> pkg_repo_create.c:939 >> pack =3D (struct packing *) 0x802c79be0 >> sigret =3D (unsigned char *) 0x802ca4900 "" >> siglen =3D 0 >> fname =3D >> "\001\000\000\000\001\000\000\000\001\000\000\000\001\000\000\000@=EF=BF= =BD=EF=BF=BD\177\000\000\216\000\b\000\000\000=EF=BF=BD=EF=BF=BD\000\000\00= 0\000=EF=BF=BD=EF=BF=BD=EF=BF=BD\177\000\000\004\000\000\000\000\000\000\00= 0WU\000\000\000\000-\v=EF=BF=BD\004=EF=BF=BD@=EF=BF=BD~=3D=EF=BF=BD=EF=BF= =BDU\000\000\000\000212N\206cert=EF=BF=BD\177\000\000\230=EF=BF=BD=EF=BF=BD= \177\000\000p=EF=BF=BD >> =EF=BF=BD\177\000\000\000\000\000\000\000\000\000\000\004\000\000\000\00= 0\000\000\000E\030=EF=BF=BD\000\b\000\000\000\000\000\000\000=EF=BF=BD\177\= 000\000\020=EF=BF=BD\001\000\000\000\004\000\000\000\004\000\000\000\000\00= 0\000\000\004\000\000\000\220=EF=BF=BD=EF=BF=BD\177\000\000:\006\217\000\b\= 000\000\000=EF=BF=BD5002\b\000\000\00 >> 0"... >> sig =3D (struct sbuf *) 0x0 >> pub =3D (struct sbuf *) 0x0 >> #6 0x00000008008c2797 in pkg_finish_repo (output_dir=3D0x7fffffffedd1 "= .", >> password_cb=3D0x415ba0 <password_cb>, argv=3D0x7fffffffeb88, argc=3D1, >> filelist=3Dfalse) at pkg_repo_create.c:1038 >> repo_path =3D >> "./meta\000gesite.yaml\000\002\b\000\000\000\213Yc\000\b\000\000\0008204= \000\b", >> '\0' <repeats 15 times>, >> "=EF=BF=BD\177\000\000\000\000\b\000\000\000`=EF=BF=BD=EF=BF=BD\177\000\= 000=EF=BF=BD=EF=BF=BDd\000\b\000\000\000=EF=BF=BD=EF=BF=BD=EF=BF=BD\177\000= \000=EF=BF=BD=EF=BF=BD=EF=BF=BD\177\000\000\000\000\000\000\000\000\000\000= =EF=BF=BD=EF=BF=BD=EF=BF=BD\177\000\000g{c >> \000\b\000\000\000=EF=BF=BD&@\000\000\000\000\000\177\030\232\004\000\00= 0\000\000207\2013\000\000\000\0000=EF=BF=BDd\000\b\000\000\000\001\000\000\= 000\b\000\000\000\000\000\b\000\000\0008204\000\b\000\000\000=EF=BF=BD=EF= =BF=BD=EF=BF=BD\177\000\000@=EF=BF=BD=EF=BF=BD\177\000\000\000=EF=BF=BDd\00= 0\b"... >> repo_archive =3D >> "\225\003\000\000\000\000\000\000\230\003\000\000\000\000\000\000\225\00= 3\000\000\001\000\000\000=EF=BF=BD\000\217\000\b\000\000\000\000=EF=BF=BD= =EF=BF=BD\177\000\000Z\000\217\000\001\000\000\000\200=EF=BF=BD=EF=BF=BD\17= 7\000\000@,002\b\000\000\000PKG_PLUGPKG_PLUGc\000\000\000\000\000PLUGPLUG\2 >> 00=EF=BF=BD=EF=BF=BD\177\000\000p0002\b", '\0' <repeats 11 times>, >> "\234}>\002\000\000\000\000\177\000\000\000:\000\000\000:\000\000\000:\2= 37=EF=BF=BD=EF=BF=BD=EF=BF=BD=EF=BF=BD\177\000\000=EF=BF=BD\005\217\000\b\0= 00\000\000@,002\b\000\000\000\t\000\000\000\n\000\000\000=DC=B1=EF=BF=BD\00= 0\b\000\000\000@0002\b\000\000\000p=EF=BF=BD=EF=BF=BD\177\000\000... >> rsa =3D (struct rsa_key *) 0x802c19260 >> meta =3D (struct pkg_repo_meta *) 0x802c68600 >> st =3D {st_dev =3D 4294959664, st_ino =3D 32767, st_mode =3D 259= 38, >> st_nlink =3D 14234, st_uid =3D 2842729777, st_gid =3D 274432, st_rdev = =3D 0, >> st_atim =3D {tv_sec =3D 1457476951, tv_nsec =3D 6}, st_mtim =3D {tv_sec = =3D >> 34370333240, tv_nsec =3D 0}, st_ctim =3D {tv_sec =3D -735515279473687776= 6, >> tv_nsec =3D 34370335206}, st_size =3D 34370335206, st_blocks =3D 145= 7476951, >> st_blksize =3D 10, st_flags =3D 0, st_gen =3D 10596828, st_lspare =3D 8, >> st_birthtim =3D {tv_sec =3D 34370335951, tv_nsec =3D 1457476951}} >> ret =3D 0 >> nfile =3D 1 >> files_to_pack =3D 4 >> legacy =3D false >> #7 0x0000000000415eea in exec_repo (argc=3D2, argv=3D0x7fffffffeb80) at >> repo.c:155 >> ret =3D 0 >> ch =3D -1 >> filelist =3D false >> output_dir =3D 0x7fffffffedd1 "." >> meta_file =3D 0x0 >> legacy =3D false >> longopts =3D {{name =3D 0x429c1f "list-files", has_arg =3D 0, fl= ag =3D 0x0, >> val =3D 108}, {name =3D 0x429c2a "output-dir", has_arg =3D 1, flag =3D 0= x0, val =3D >> 111}, {name =3D 0x429c35 "quiet", has_arg =3D 0, flag =3D 0x0, val =3D 1= 13}, {name >> =3D 0x429c3b "meta-file", has_arg =3D 1, flag =3D 0x0, >> val =3D 109}, {name =3D 0x429c45 "legacy", has_arg =3D 0, flag =3D 0= x0, val =3D >> 76}, {name =3D 0x0, has_arg =3D 0, flag =3D 0x0, val =3D 0}} >> #8 0x0000000000412b9e in main (argc=3D3, argv=3D0x7fffffffeb78) at main= .c:852 >> i =3D 21 >> command =3D (struct commands *) 0x630f40 >> ambiguous =3D 0 >> chroot_path =3D 0x0 >> rootdir =3D 0x0 >> jid =3D 0 >> jail_str =3D 0x0 >> len =3D 4 >> ch =3D -1 '=EF=BF=BD' >> debug =3D 0 >> version =3D 0 >> ret =3D 0 >> plugins_enabled =3D true >> plugin_found =3D false >> show_commands =3D false >> activation_test =3D false >> init_flags =3D 0 >> c =3D (struct plugcmd *) 0x246 >> conffile =3D 0x0 >> reposdir =3D 0x0 >> save_argv =3D (char **) 0x7fffffffeb78 >> j =3D 8 >> longopts =3D {{name =3D 0x4276f7 "debug", has_arg =3D 0, flag = =3D 0x0, val >> =3D 100}, {name =3D 0x4276fd "jail", has_arg =3D 1, flag =3D 0x0, val = =3D 106}, {name >> =3D 0x427702 "chroot", has_arg =3D 1, flag =3D 0x0, val =3D 99}, {name = =3D 0x426a33 >> "config", has_arg =3D 1, flag =3D 0x0, val =3D 67}, { >> name =3D 0x427709 "repo-conf-dir", has_arg =3D 1, flag =3D 0x0, val = =3D 82}, >> {name =3D 0x427717 "rootdir", has_arg =3D 1, flag =3D 0x0, val =3D 114},= {name =3D >> 0x42771f "list", has_arg =3D 0, flag =3D 0x0, val =3D 108}, {name =3D 0x= 426f45 >> "version", has_arg =3D 0, flag =3D 0x0, val =3D 118}, { >> name =3D 0x427724 "option", has_arg =3D 1, flag =3D 0x0, val =3D 111= }, {name =3D >> 0x42772b "only-ipv4", has_arg =3D 0, flag =3D 0x0, val =3D 52}, {name = =3D 0x427735 >> "only-ipv6", has_arg =3D 0, flag =3D 0x0, val =3D 54}, {name =3D 0x0, ha= s_arg =3D 0, >> flag =3D 0x0, val =3D 0}} >> __func__ =3D "main" >> >> >> >> >> -- >> Mathieu Arnold > > > > -- > Xin LI <delphij@delphij.net> https://www.delphij.net/ > FreeBSD - The Power to Serve! Live free or die >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAALwa8mXg-eE3tZ1R=LAd9nWNAmTkqPmrSaZAmtrQ=u4-=wEeg>