Date: Tue, 8 Mar 2016 16:47:35 -0800 From: Xin LI <delphij@gmail.com> To: Mathieu Arnold <mat@freebsd.org>, Jung-Uk Kim <jkim@FreeBSD.org> Cc: Bryan Drewery <bdrewery@freebsd.org>, Xin LI <delphij@freebsd.org>, "src-committers@freebsd.org" <src-committers@freebsd.org>, "svn-src-all@freebsd.org" <svn-src-all@freebsd.org>, svn-src-releng@freebsd.org Subject: Re: svn commit: r296465 - in releng/9.3: . crypto/openssl crypto/openssl/apps crypto/openssl/bugs crypto/openssl/crypto crypto/openssl/crypto/aes crypto/openssl/crypto/asn1 crypto/openssl/crypto/bf cry... Message-ID: <CAGMYy3tfrty-8r-Efzzd56d4AOdV0H%2BParrkUtBWR4f%2B0ZtxWw@mail.gmail.com> In-Reply-To: <E24637388915226D9A922B8B@atuin.in.mat.cc> References: <201603071622.u27GMC4a082792@repo.freebsd.org> <9B6D673B7B15CCDC424E97A8@atuin.in.mat.cc> <56DEFD08.6050100@FreeBSD.org> <63FB9E5BBBF224CA12839457@ogg.in.absolight.net> <56DEFDF5.2040500@FreeBSD.org> <1E2DCDEE8775312979CE7D0B@ogg.in.absolight.net> <56DF0234.2090307@FreeBSD.org> <56DF025B.1090706@FreeBSD.org> <DC10EFD5F03DA877503B6C3E@ogg.in.absolight.net> <56DF0550.6000604@FreeBSD.org> <E24637388915226D9A922B8B@atuin.in.mat.cc>
next in thread | previous in thread | raw e-mail | index | archive | help
This may be related to the BN changes (CVE-2016-0797 and/or CVE-2016-0702). Will reverting just that portion of r296462 (stable/9 patch would apply on 9.3 as well) help? This would help to narrow down the root cause. I can't really do any debugging right now but will take a look as soon as I= can. On Tue, Mar 8, 2016 at 2:45 PM, Mathieu Arnold <mat@freebsd.org> wrote: > > > +--On 8 mars 2016 09:01:04 -0800 Bryan Drewery <bdrewery@FreeBSD.org> wro= te: > | On 3/8/2016 8:52 AM, Mathieu Arnold wrote: > |> +--On 8 mars 2016 08:48:27 -0800 Bryan Drewery <bdrewery@FreeBSD.org> > |> wrote: > |> | On 3/8/2016 8:47 AM, Bryan Drewery wrote: > |> |> On 3/8/2016 8:35 AM, Mathieu Arnold wrote: > |> |>> +--On 8 mars 2016 08:29:41 -0800 Bryan Drewery <bdrewery@FreeBSD.o= rg> > |> |>> wrote: > |> |>> | On 3/8/2016 8:28 AM, Mathieu Arnold wrote: > |> |>> |> +--On 8 mars 2016 08:25:44 -0800 Bryan Drewery > |> |>> |> <bdrewery@FreeBSD.org> wrote: > |> |>> |> | On 3/7/2016 4:29 PM, Mathieu Arnold wrote: > |> |>> |> |> +--On 7 mars 2016 16:22:12 +0000 Xin LI <delphij@FreeBSD.org= > > |> |>> |> |> wrote: > |> |>> |> |> | Author: delphij > |> |>> |> |> | Date: Mon Mar 7 16:22:11 2016 > |> |>> |> |> | New Revision: 296465 > |> |>> |> |> | URL: https://svnweb.freebsd.org/changeset/base/296465 > |> |>> |> |> | > |> |>> |> |> | Log: > |> |>> |> |> | Fix multiple OpenSSL vulnerabilities. > |> |>> |> |> | > |> |>> |> |> | Security: FreeBSD-SA-16:12.openssl > |> |>> |> |> | Approved by: so > |> |>> |> |> > |> |>> |> |> After that, poudriere bulk fails with: > |> |>> |> |> > |> |>> |> |> [00:00:07] =3D=3D=3D=3D>> Creating pkgng repository > |> |>> |> |> Creating repository in /tmp/packages: 100% > |> |>> |> |> Packing files for repository: 0%Child process pid=3D50970 > |> |>> |> |> terminated abnormally: Segmentation fault: 11 > |> |>> |> |> [00:00:08] =3D=3D=3D=3D>> Cleaning up > |> |>> |> |> 9amd64-pkgng-default: removed > |> |>> |> |> 9amd64-pkgng-default-n: removed > |> |>> |> |> > |> |>> |> |> pkg-static is the one doing the segfault... > |> |>> |> |> > |> |>> |> | > |> |>> |> | Is QEMU involved here? > |> |>> |> | > |> |>> |> | Do you have PKG_REPO_FROM_HOST or PKG_REPO_SIGNING_KEY set? (= Not > |> |>> |> | saying you should) > |> |>> |> > |> |>> |> No, it's a regular 9amd64 build on a 10.2 amd64 host. > |> |>> |> > |> |>> | > |> |>> | Can you please rebuild pkg with debug symbols and then run your = 9.3 > |> |>> | version against the repo in gdb? > |> |>> > |> |>> I could yes, but not today, tomorrow at the earliest. How do I bu= ild > |> |>> the port with debug symbols ? > |> |>> > |> |> > |> |> WITH_DEBUG=3Dyes make > |> |> > |> | > |> | You might need this too: DEBUG_FLAGS=3D"-g -O0" > |> > |> Mmmm, ok, what commands do I need to run ? > |> > | > | (assuming devel/gdb installed) > | gdb710 --args /usr/local/sbin/pkg-static repo <path to repo> > |# run > | <crash> > |# bt full > > Ok, so, it's 9.3, so there's no gdb710, but: > > > the command ran is: > > root@pkg:/tmp/foo # pkg repo . ../repo.key > Creating repository in .: 100% > Packing files for repository: 0%Child process pid=3D16312 terminated > abnormally: Segmentation fault: 11 > root@pkg:/tmp/foo # gdb /usr/local/sbin/pkg pkg.core > GNU gdb 6.1.1 [FreeBSD] > Copyright 2004 Free Software Foundation, Inc. > GDB is free software, covered by the GNU General Public License, and you = are > welcome to change it and/or distribute copies of it under certain > conditions. > Type "show copying" to see the conditions. > There is absolutely no warranty for GDB. Type "show warranty" for detail= s. > This GDB was configured as "amd64-marcel-freebsd"... > Core was generated by `pkg'. > Program terminated with signal 11, Segmentation fault. > Reading symbols from /usr/local/lib/libpkg.so.3...done. > Loaded symbols for /usr/local/lib/libpkg.so.3 > Reading symbols from /lib/libutil.so.9...done. > Loaded symbols for /lib/libutil.so.9 > Reading symbols from /usr/lib/libssl.so.6...done. > Loaded symbols for /usr/lib/libssl.so.6 > Reading symbols from /lib/libcrypto.so.6...done. > Loaded symbols for /lib/libcrypto.so.6 > Reading symbols from /lib/libm.so.5...done. > Loaded symbols for /lib/libm.so.5 > Reading symbols from /usr/lib/libelf.so.1...done. > Loaded symbols for /usr/lib/libelf.so.1 > Reading symbols from /lib/libjail.so.1...done. > Loaded symbols for /lib/libjail.so.1 > Reading symbols from /usr/lib/libarchive.so.5...done. > Loaded symbols for /usr/lib/libarchive.so.5 > Reading symbols from /lib/libz.so.6...done. > Loaded symbols for /lib/libz.so.6 > Reading symbols from /usr/lib/libbz2.so.4...done. > Loaded symbols for /usr/lib/libbz2.so.4 > Reading symbols from /usr/lib/liblzma.so.5...done. > Loaded symbols for /usr/lib/liblzma.so.5 > Reading symbols from /lib/libc.so.7...done. > Loaded symbols for /lib/libc.so.7 > Reading symbols from /lib/libbsdxml.so.4...done. > Loaded symbols for /lib/libbsdxml.so.4 > Reading symbols from /libexec/ld-elf.so.1...done. > Loaded symbols for /libexec/ld-elf.so.1 > #0 0x0000000801219438 in BN_mod_exp_mont_consttime () from > /lib/libcrypto.so.6 > (gdb) bt full > #0 0x0000000801219438 in BN_mod_exp_mont_consttime () from > /lib/libcrypto.so.6 > No symbol table info available. > #1 0x00000008011f735f in RSA_PKCS1_SSLeay () from /lib/libcrypto.so.6 > No symbol table info available. > #2 0x00000008011f82fd in RSA_PKCS1_SSLeay () from /lib/libcrypto.so.6 > No symbol table info available. > #3 0x00000008011d28d9 in RSA_sign () from /lib/libcrypto.so.6 > No symbol table info available. > #4 0x00000008008dc73b in rsa_sign (path=3D0x7fffffffe3c0 "./meta", > rsa=3D0x802c19260, sigret=3D0x7fffffffda78, siglen=3D0x7fffffffda8c) at r= sa.c:287 > errbuf =3D > "./meta.txz\000\000\b\000\000\000\001\000\000\000\001\000\000\000\004\000= \000\000\000\000\000\000 > =EF=BF=BD=EF=BF=BD\177\000\000=EF=BF=BD=EF=BF=BD=EF=BF=BD\177\000\000=EF= =BF=BD=EF=BF=BD=EF=BF=BD\177\000\000T\203\220\000\b\000\000\000\020\000\000= \000\000\000\000\000WU\000\000\000\000-\v=EF=BF=BD\004=EF=BF=BD@=EF=BF=BD~= =3D=EF=BF=BD=EF=BF=BDU\000\000\000\000212\000\00 > 0\000\000filesite_archiveeo002\b\000\000\000\200o002\b\000\000\000\020\00= 0\000\000\b\000\000\000=EF=BF=BDG\220\000\b\000\000\000\000\000\000\000\b\0= 00\000\000\003\000\000\000\000\000\000\000=EF=BF=BD=EF=BF=BD=EF=BF=BD\177\0= 00\000\204=EF=BF=BD=EF=BF=BD\177\000\0000=EF=BF=BD=EF=BF=BD\177\000\000"... > max_len =3D 512 > ret =3D 10591143 > sha256 =3D 0x802c2d1f0 > "fd24852c468ef31bd675129fd02b676ce7cffae895089292fa513784873689a6" > #5 0x00000008008c2295 in pkg_repo_pack_db (name=3D0x800a20ec8 "meta", > archive=3D0x7fffffffe3c0 "./meta", path=3D0x7fffffffe3c0 "./meta", > rsa=3D0x802c19260, meta=3D0x802c68600, argv=3D0x7fffffffeb88, argc=3D1) a= t > pkg_repo_create.c:939 > pack =3D (struct packing *) 0x802c79be0 > sigret =3D (unsigned char *) 0x802ca4900 "" > siglen =3D 0 > fname =3D > "\001\000\000\000\001\000\000\000\001\000\000\000\001\000\000\000@=EF=BF= =BD=EF=BF=BD\177\000\000\216\000\b\000\000\000=EF=BF=BD=EF=BF=BD\000\000\00= 0\000=EF=BF=BD=EF=BF=BD=EF=BF=BD\177\000\000\004\000\000\000\000\000\000\00= 0WU\000\000\000\000-\v=EF=BF=BD\004=EF=BF=BD@=EF=BF=BD~=3D=EF=BF=BD=EF=BF= =BDU\000\000\000\000212N\206cert=EF=BF=BD\177\000\000\230=EF=BF=BD=EF=BF=BD= \177\000\000p=EF=BF=BD > =EF=BF=BD\177\000\000\000\000\000\000\000\000\000\000\004\000\000\000\000= \000\000\000E\030=EF=BF=BD\000\b\000\000\000\000\000\000\000=EF=BF=BD\177\0= 00\000\020=EF=BF=BD\001\000\000\000\004\000\000\000\004\000\000\000\000\000= \000\000\004\000\000\000\220=EF=BF=BD=EF=BF=BD\177\000\000:\006\217\000\b\0= 00\000\000=EF=BF=BD5002\b\000\000\00 > 0"... > sig =3D (struct sbuf *) 0x0 > pub =3D (struct sbuf *) 0x0 > #6 0x00000008008c2797 in pkg_finish_repo (output_dir=3D0x7fffffffedd1 ".= ", > password_cb=3D0x415ba0 <password_cb>, argv=3D0x7fffffffeb88, argc=3D1, > filelist=3Dfalse) at pkg_repo_create.c:1038 > repo_path =3D > "./meta\000gesite.yaml\000\002\b\000\000\000\213Yc\000\b\000\000\0008204\= 000\b", > '\0' <repeats 15 times>, > "=EF=BF=BD\177\000\000\000\000\b\000\000\000`=EF=BF=BD=EF=BF=BD\177\000\0= 00=EF=BF=BD=EF=BF=BDd\000\b\000\000\000=EF=BF=BD=EF=BF=BD=EF=BF=BD\177\000\= 000=EF=BF=BD=EF=BF=BD=EF=BF=BD\177\000\000\000\000\000\000\000\000\000\000= =EF=BF=BD=EF=BF=BD=EF=BF=BD\177\000\000g{c > \000\b\000\000\000=EF=BF=BD&@\000\000\000\000\000\177\030\232\004\000\000= \000\000207\2013\000\000\000\0000=EF=BF=BDd\000\b\000\000\000\001\000\000\0= 00\b\000\000\000\000\000\b\000\000\0008204\000\b\000\000\000=EF=BF=BD=EF=BF= =BD=EF=BF=BD\177\000\000@=EF=BF=BD=EF=BF=BD\177\000\000\000=EF=BF=BDd\000\b= "... > repo_archive =3D > "\225\003\000\000\000\000\000\000\230\003\000\000\000\000\000\000\225\003= \000\000\001\000\000\000=EF=BF=BD\000\217\000\b\000\000\000\000=EF=BF=BD=EF= =BF=BD\177\000\000Z\000\217\000\001\000\000\000\200=EF=BF=BD=EF=BF=BD\177\0= 00\000@,002\b\000\000\000PKG_PLUGPKG_PLUGc\000\000\000\000\000PLUGPLUG\2 > 00=EF=BF=BD=EF=BF=BD\177\000\000p0002\b", '\0' <repeats 11 times>, > "\234}>\002\000\000\000\000\177\000\000\000:\000\000\000:\000\000\000:\23= 7=EF=BF=BD=EF=BF=BD=EF=BF=BD=EF=BF=BD\177\000\000=EF=BF=BD\005\217\000\b\00= 0\000\000@,002\b\000\000\000\t\000\000\000\n\000\000\000=DC=B1=EF=BF=BD\000= \b\000\000\000@0002\b\000\000\000p=EF=BF=BD=EF=BF=BD\177\000\000... > rsa =3D (struct rsa_key *) 0x802c19260 > meta =3D (struct pkg_repo_meta *) 0x802c68600 > st =3D {st_dev =3D 4294959664, st_ino =3D 32767, st_mode =3D 2593= 8, > st_nlink =3D 14234, st_uid =3D 2842729777, st_gid =3D 274432, st_rdev =3D= 0, > st_atim =3D {tv_sec =3D 1457476951, tv_nsec =3D 6}, st_mtim =3D {tv_sec = =3D > 34370333240, tv_nsec =3D 0}, st_ctim =3D {tv_sec =3D -7355152794736877766= , > tv_nsec =3D 34370335206}, st_size =3D 34370335206, st_blocks =3D 1457= 476951, > st_blksize =3D 10, st_flags =3D 0, st_gen =3D 10596828, st_lspare =3D 8, > st_birthtim =3D {tv_sec =3D 34370335951, tv_nsec =3D 1457476951}} > ret =3D 0 > nfile =3D 1 > files_to_pack =3D 4 > legacy =3D false > #7 0x0000000000415eea in exec_repo (argc=3D2, argv=3D0x7fffffffeb80) at > repo.c:155 > ret =3D 0 > ch =3D -1 > filelist =3D false > output_dir =3D 0x7fffffffedd1 "." > meta_file =3D 0x0 > legacy =3D false > longopts =3D {{name =3D 0x429c1f "list-files", has_arg =3D 0, fla= g =3D 0x0, > val =3D 108}, {name =3D 0x429c2a "output-dir", has_arg =3D 1, flag =3D 0x= 0, val =3D > 111}, {name =3D 0x429c35 "quiet", has_arg =3D 0, flag =3D 0x0, val =3D 11= 3}, {name > =3D 0x429c3b "meta-file", has_arg =3D 1, flag =3D 0x0, > val =3D 109}, {name =3D 0x429c45 "legacy", has_arg =3D 0, flag =3D 0x= 0, val =3D > 76}, {name =3D 0x0, has_arg =3D 0, flag =3D 0x0, val =3D 0}} > #8 0x0000000000412b9e in main (argc=3D3, argv=3D0x7fffffffeb78) at main.= c:852 > i =3D 21 > command =3D (struct commands *) 0x630f40 > ambiguous =3D 0 > chroot_path =3D 0x0 > rootdir =3D 0x0 > jid =3D 0 > jail_str =3D 0x0 > len =3D 4 > ch =3D -1 '=EF=BF=BD' > debug =3D 0 > version =3D 0 > ret =3D 0 > plugins_enabled =3D true > plugin_found =3D false > show_commands =3D false > activation_test =3D false > init_flags =3D 0 > c =3D (struct plugcmd *) 0x246 > conffile =3D 0x0 > reposdir =3D 0x0 > save_argv =3D (char **) 0x7fffffffeb78 > j =3D 8 > longopts =3D {{name =3D 0x4276f7 "debug", has_arg =3D 0, flag =3D= 0x0, val > =3D 100}, {name =3D 0x4276fd "jail", has_arg =3D 1, flag =3D 0x0, val =3D= 106}, {name > =3D 0x427702 "chroot", has_arg =3D 1, flag =3D 0x0, val =3D 99}, {name = =3D 0x426a33 > "config", has_arg =3D 1, flag =3D 0x0, val =3D 67}, { > name =3D 0x427709 "repo-conf-dir", has_arg =3D 1, flag =3D 0x0, val = =3D 82}, > {name =3D 0x427717 "rootdir", has_arg =3D 1, flag =3D 0x0, val =3D 114}, = {name =3D > 0x42771f "list", has_arg =3D 0, flag =3D 0x0, val =3D 108}, {name =3D 0x4= 26f45 > "version", has_arg =3D 0, flag =3D 0x0, val =3D 118}, { > name =3D 0x427724 "option", has_arg =3D 1, flag =3D 0x0, val =3D 111}= , {name =3D > 0x42772b "only-ipv4", has_arg =3D 0, flag =3D 0x0, val =3D 52}, {name =3D= 0x427735 > "only-ipv6", has_arg =3D 0, flag =3D 0x0, val =3D 54}, {name =3D 0x0, has= _arg =3D 0, > flag =3D 0x0, val =3D 0}} > __func__ =3D "main" > > > > > -- > Mathieu Arnold --=20 Xin LI <delphij@delphij.net> https://www.delphij.net/ FreeBSD - The Power to Serve! Live free or die
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAGMYy3tfrty-8r-Efzzd56d4AOdV0H%2BParrkUtBWR4f%2B0ZtxWw>