From owner-svn-src-releng@freebsd.org Tue Mar 8 22:45:07 2016 Return-Path: Delivered-To: svn-src-releng@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id CEDC1AC88C8; Tue, 8 Mar 2016 22:45:07 +0000 (UTC) (envelope-from mat@FreeBSD.org) Received: from prod2.absolight.net (prod2.absolight.net [79.143.243.136]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "plouf.absolight.net", Issuer "CAcert Class 3 Root" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 82AF06C0; Tue, 8 Mar 2016 22:45:07 +0000 (UTC) (envelope-from mat@FreeBSD.org) Received: from prod2.absolight.net (localhost [127.0.0.1]) by prod2.absolight.net (Postfix) with ESMTP id A2865BDC7F; Tue, 8 Mar 2016 23:45:05 +0100 (CET) Received: from atuin.in.mat.cc (atuin.in.mat.cc [79.143.241.205]) by prod2.absolight.net (Postfix) with ESMTPA id 9BA16BDC73; Tue, 8 Mar 2016 23:45:05 +0100 (CET) Received: from localhost (localhost [127.0.0.1]) by atuin.in.mat.cc (Postfix) with ESMTP id 7C14B55841D8; Tue, 8 Mar 2016 23:45:05 +0100 (CET) Date: Tue, 08 Mar 2016 23:45:05 +0100 From: Mathieu Arnold To: Bryan Drewery , Xin LI , src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-releng@freebsd.org Subject: Re: svn commit: r296465 - in releng/9.3: . crypto/openssl crypto/openssl/apps crypto/openssl/bugs crypto/openssl/crypto crypto/openssl/crypto/aes crypto/openssl/crypto/asn1 crypto/openssl/crypto/bf cry... Message-ID: In-Reply-To: <56DF0550.6000604@FreeBSD.org> References: <201603071622.u27GMC4a082792@repo.freebsd.org> <9B6D673B7B15CCDC424E97A8@atuin.in.mat.cc> <56DEFD08.6050100@FreeBSD.org> <63FB9E5BBBF224CA12839457@ogg.in.absolight.net> <56DEFDF5.2040500@FreeBSD.org> <1E2DCDEE8775312979CE7D0B@ogg.in.absolight.net> <56DF0234.2090307@FreeBSD.org> <56DF025B.1090706@FreeBSD.org> <56DF0550.6000604@FreeBSD.org> X-Mailer: Mulberry/4.0.8 (Mac OS X) MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="==========82237419477444479CEF==========" X-BeenThere: svn-src-releng@freebsd.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: SVN commit messages for the release engineering / security commits to the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 08 Mar 2016 22:45:07 -0000 --==========82237419477444479CEF========== Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Content-Disposition: inline +--On 8 mars 2016 09:01:04 -0800 Bryan Drewery = wrote: | On 3/8/2016 8:52 AM, Mathieu Arnold wrote: |> +--On 8 mars 2016 08:48:27 -0800 Bryan Drewery |> wrote: |> | On 3/8/2016 8:47 AM, Bryan Drewery wrote: |> |> On 3/8/2016 8:35 AM, Mathieu Arnold wrote: |> |>> +--On 8 mars 2016 08:29:41 -0800 Bryan Drewery = |> |>> wrote: |> |>> | On 3/8/2016 8:28 AM, Mathieu Arnold wrote: |> |>> |> +--On 8 mars 2016 08:25:44 -0800 Bryan Drewery |> |>> |> wrote: |> |>> |> | On 3/7/2016 4:29 PM, Mathieu Arnold wrote: |> |>> |> |> +--On 7 mars 2016 16:22:12 +0000 Xin LI |> |>> |> |> wrote: |> |>> |> |> | Author: delphij |> |>> |> |> | Date: Mon Mar 7 16:22:11 2016 |> |>> |> |> | New Revision: 296465 |> |>> |> |> | URL: https://svnweb.freebsd.org/changeset/base/296465 |> |>> |> |> |=20 |> |>> |> |> | Log: |> |>> |> |> | Fix multiple OpenSSL vulnerabilities. |> |>> |> |> | =20 |> |>> |> |> | Security: FreeBSD-SA-16:12.openssl |> |>> |> |> | Approved by: so |> |>> |> |>=20 |> |>> |> |> After that, poudriere bulk fails with: |> |>> |> |>=20 |> |>> |> |> [00:00:07] =3D=3D=3D=3D>> Creating pkgng repository |> |>> |> |> Creating repository in /tmp/packages: 100% |> |>> |> |> Packing files for repository: 0%Child process pid=3D50970 |> |>> |> |> terminated abnormally: Segmentation fault: 11 |> |>> |> |> [00:00:08] =3D=3D=3D=3D>> Cleaning up |> |>> |> |> 9amd64-pkgng-default: removed |> |>> |> |> 9amd64-pkgng-default-n: removed |> |>> |> |>=20 |> |>> |> |> pkg-static is the one doing the segfault... |> |>> |> |>=20 |> |>> |> |=20 |> |>> |> | Is QEMU involved here? |> |>> |> |=20 |> |>> |> | Do you have PKG_REPO_FROM_HOST or PKG_REPO_SIGNING_KEY set? = (Not |> |>> |> | saying you should) |> |>> |>=20 |> |>> |> No, it's a regular 9amd64 build on a 10.2 amd64 host. |> |>> |>=20 |> |>> |=20 |> |>> | Can you please rebuild pkg with debug symbols and then run your = 9.3 |> |>> | version against the repo in gdb? |> |>>=20 |> |>> I could yes, but not today, tomorrow at the earliest. How do I = build |> |>> the port with debug symbols ? |> |>>=20 |> |>=20 |> |> WITH_DEBUG=3Dyes make |> |>=20 |> |=20 |> | You might need this too: DEBUG_FLAGS=3D"-g -O0" |>=20 |> Mmmm, ok, what commands do I need to run ? |>=20 |=20 | (assuming devel/gdb installed) | gdb710 --args /usr/local/sbin/pkg-static repo |# run | |# bt full Ok, so, it's 9.3, so there's no gdb710, but: the command ran is: root@pkg:/tmp/foo # pkg repo . ../repo.key Creating repository in .: 100% Packing files for repository: 0%Child process pid=3D16312 terminated abnormally: Segmentation fault: 11 root@pkg:/tmp/foo # gdb /usr/local/sbin/pkg pkg.core GNU gdb 6.1.1 [FreeBSD] Copyright 2004 Free Software Foundation, Inc. GDB is free software, covered by the GNU General Public License, and you = are welcome to change it and/or distribute copies of it under certain conditions. Type "show copying" to see the conditions. There is absolutely no warranty for GDB. Type "show warranty" for details. This GDB was configured as "amd64-marcel-freebsd"... Core was generated by `pkg'. Program terminated with signal 11, Segmentation fault. Reading symbols from /usr/local/lib/libpkg.so.3...done. Loaded symbols for /usr/local/lib/libpkg.so.3 Reading symbols from /lib/libutil.so.9...done. Loaded symbols for /lib/libutil.so.9 Reading symbols from /usr/lib/libssl.so.6...done. Loaded symbols for /usr/lib/libssl.so.6 Reading symbols from /lib/libcrypto.so.6...done. Loaded symbols for /lib/libcrypto.so.6 Reading symbols from /lib/libm.so.5...done. Loaded symbols for /lib/libm.so.5 Reading symbols from /usr/lib/libelf.so.1...done. Loaded symbols for /usr/lib/libelf.so.1 Reading symbols from /lib/libjail.so.1...done. Loaded symbols for /lib/libjail.so.1 Reading symbols from /usr/lib/libarchive.so.5...done. Loaded symbols for /usr/lib/libarchive.so.5 Reading symbols from /lib/libz.so.6...done. Loaded symbols for /lib/libz.so.6 Reading symbols from /usr/lib/libbz2.so.4...done. Loaded symbols for /usr/lib/libbz2.so.4 Reading symbols from /usr/lib/liblzma.so.5...done. Loaded symbols for /usr/lib/liblzma.so.5 Reading symbols from /lib/libc.so.7...done. Loaded symbols for /lib/libc.so.7 Reading symbols from /lib/libbsdxml.so.4...done. Loaded symbols for /lib/libbsdxml.so.4 Reading symbols from /libexec/ld-elf.so.1...done. Loaded symbols for /libexec/ld-elf.so.1 #0 0x0000000801219438 in BN_mod_exp_mont_consttime () from /lib/libcrypto.so.6 (gdb) bt full #0 0x0000000801219438 in BN_mod_exp_mont_consttime () from /lib/libcrypto.so.6 No symbol table info available. #1 0x00000008011f735f in RSA_PKCS1_SSLeay () from /lib/libcrypto.so.6 No symbol table info available. #2 0x00000008011f82fd in RSA_PKCS1_SSLeay () from /lib/libcrypto.so.6 No symbol table info available. #3 0x00000008011d28d9 in RSA_sign () from /lib/libcrypto.so.6 No symbol table info available. #4 0x00000008008dc73b in rsa_sign (path=3D0x7fffffffe3c0 "./meta", rsa=3D0x802c19260, sigret=3D0x7fffffffda78, siglen=3D0x7fffffffda8c) at = rsa.c:287 errbuf =3D "./meta.txz\000\000\b\000\000\000\001\000\000\000\001\000\000\000\004\000\00= 0\000\000\000\000\000 =EF=BF=BD=EF=BF=BD\177\000\000=EF=BF=BD=EF=BF=BD=EF=BF=BD\177\000\000=EF=BF=BD= =EF=BF=BD=EF=BF=BD\177\000\000T\203\220\000\b\000\000\000\020\000\000\000\00= 0\000\000\000WU\000\000\000\000-\v=EF=BF=BD\004=EF=BF=BD@=EF=BF=BD~=3D=EF=BF= =BD=EF=BF=BDU\000\000\000\000212\000\00 0\000\000filesite_archiveeo002\b\000\000\000\200o002\b\000\000\000\020\000\0= 00\000\b\000\000\000=EF=BF=BDG\220\000\b\000\000\000\000\000\000\000\b\000\0= 00\000\003\000\000\000\000\000\000\000=EF=BF=BD=EF=BF=BD=EF=BF=BD\177\000\00= 0\204=EF=BF=BD=EF=BF=BD\177\000\0000=EF=BF=BD=EF=BF=BD\177\000\000"... max_len =3D 512 ret =3D 10591143 sha256 =3D 0x802c2d1f0 "fd24852c468ef31bd675129fd02b676ce7cffae895089292fa513784873689a6" #5 0x00000008008c2295 in pkg_repo_pack_db (name=3D0x800a20ec8 "meta", archive=3D0x7fffffffe3c0 "./meta", path=3D0x7fffffffe3c0 "./meta", rsa=3D0x802c19260, meta=3D0x802c68600, argv=3D0x7fffffffeb88, argc=3D1) at pkg_repo_create.c:939 pack =3D (struct packing *) 0x802c79be0 sigret =3D (unsigned char *) 0x802ca4900 "" siglen =3D 0 fname =3D "\001\000\000\000\001\000\000\000\001\000\000\000\001\000\000\000@=EF=BF=BD=EF= =BF=BD\177\000\000\216\000\b\000\000\000=EF=BF=BD=EF=BF=BD\000\000\000\000=EF= =BF=BD=EF=BF=BD=EF=BF=BD\177\000\000\004\000\000\000\000\000\000\000WU\000\0= 00\000\000-\v=EF=BF=BD\004=EF=BF=BD@=EF=BF=BD~=3D=EF=BF=BD=EF=BF=BDU\000\000= \000\000212N\206cert=EF=BF=BD\177\000\000\230=EF=BF=BD=EF=BF=BD\177\000\000p= =EF=BF=BD =EF=BF=BD\177\000\000\000\000\000\000\000\000\000\000\004\000\000\000\000\00= 0\000\000E\030=EF=BF=BD\000\b\000\000\000\000\000\000\000=EF=BF=BD\177\000\0= 00\020=EF=BF=BD\001\000\000\000\004\000\000\000\004\000\000\000\000\000\000\= 000\004\000\000\000\220=EF=BF=BD=EF=BF=BD\177\000\000:\006\217\000\b\000\000= \000=EF=BF=BD5002\b\000\000\00 0"... sig =3D (struct sbuf *) 0x0 pub =3D (struct sbuf *) 0x0 #6 0x00000008008c2797 in pkg_finish_repo (output_dir=3D0x7fffffffedd1 ".", password_cb=3D0x415ba0 , argv=3D0x7fffffffeb88, argc=3D1, filelist=3Dfalse) at pkg_repo_create.c:1038 repo_path =3D "./meta\000gesite.yaml\000\002\b\000\000\000\213Yc\000\b\000\000\0008204\000= \b", '\0' , "=EF=BF=BD\177\000\000\000\000\b\000\000\000`=EF=BF=BD=EF=BF=BD\177\000\000=EF= =BF=BD=EF=BF=BDd\000\b\000\000\000=EF=BF=BD=EF=BF=BD=EF=BF=BD\177\000\000=EF= =BF=BD=EF=BF=BD=EF=BF=BD\177\000\000\000\000\000\000\000\000\000\000=EF=BF=BD= =EF=BF=BD=EF=BF=BD\177\000\000g{c \000\b\000\000\000=EF=BF=BD&@\000\000\000\000\000\177\030\232\004\000\000\00= 0\000207\2013\000\000\000\0000=EF=BF=BDd\000\b\000\000\000\001\000\000\000\b= \000\000\000\000\000\b\000\000\0008204\000\b\000\000\000=EF=BF=BD=EF=BF=BD=EF= =BF=BD\177\000\000@=EF=BF=BD=EF=BF=BD\177\000\000\000=EF=BF=BDd\000\b"... repo_archive =3D "\225\003\000\000\000\000\000\000\230\003\000\000\000\000\000\000\225\003\00= 0\000\001\000\000\000=EF=BF=BD\000\217\000\b\000\000\000\000=EF=BF=BD=EF=BF=BD= \177\000\000Z\000\217\000\001\000\000\000\200=EF=BF=BD=EF=BF=BD\177\000\000@= ,002\b\000\000\000PKG_PLUGPKG_PLUGc\000\000\000\000\000PLUGPLUG\2 00=EF=BF=BD=EF=BF=BD\177\000\000p0002\b", '\0' , "\234}>\002\000\000\000\000\177\000\000\000:\000\000\000:\000\000\000:\237=EF= =BF=BD=EF=BF=BD=EF=BF=BD=EF=BF=BD\177\000\000=EF=BF=BD\005\217\000\b\000\000= \000@,002\b\000\000\000\t\000\000\000\n\000\000\000=DC=B1=EF=BF=BD\000\b\000= \000\000@0002\b\000\000\000p=EF=BF=BD=EF=BF=BD\177\000\000... rsa =3D (struct rsa_key *) 0x802c19260 meta =3D (struct pkg_repo_meta *) 0x802c68600 st =3D {st_dev =3D 4294959664, st_ino =3D 32767, st_mode =3D 25938, st_nlink =3D 14234, st_uid =3D 2842729777, st_gid =3D 274432, st_rdev =3D = 0, st_atim =3D {tv_sec =3D 1457476951, tv_nsec =3D 6}, st_mtim =3D {tv_sec =3D 34370333240, tv_nsec =3D 0}, st_ctim =3D {tv_sec =3D -7355152794736877766, tv_nsec =3D 34370335206}, st_size =3D 34370335206, st_blocks =3D = 1457476951, st_blksize =3D 10, st_flags =3D 0, st_gen =3D 10596828, st_lspare =3D 8, st_birthtim =3D {tv_sec =3D 34370335951, tv_nsec =3D 1457476951}} ret =3D 0 nfile =3D 1 files_to_pack =3D 4 legacy =3D false #7 0x0000000000415eea in exec_repo (argc=3D2, argv=3D0x7fffffffeb80) at repo.c:155 ret =3D 0 ch =3D -1 filelist =3D false output_dir =3D 0x7fffffffedd1 "." meta_file =3D 0x0 legacy =3D false longopts =3D {{name =3D 0x429c1f "list-files", has_arg =3D 0, flag = =3D 0x0, val =3D 108}, {name =3D 0x429c2a "output-dir", has_arg =3D 1, flag =3D 0x0, = val =3D 111}, {name =3D 0x429c35 "quiet", has_arg =3D 0, flag =3D 0x0, val =3D = 113}, {name =3D 0x429c3b "meta-file", has_arg =3D 1, flag =3D 0x0, val =3D 109}, {name =3D 0x429c45 "legacy", has_arg =3D 0, flag =3D 0x0, = val =3D 76}, {name =3D 0x0, has_arg =3D 0, flag =3D 0x0, val =3D 0}} #8 0x0000000000412b9e in main (argc=3D3, argv=3D0x7fffffffeb78) at = main.c:852 i =3D 21 command =3D (struct commands *) 0x630f40 ambiguous =3D 0 chroot_path =3D 0x0 rootdir =3D 0x0 jid =3D 0 jail_str =3D 0x0 len =3D 4 ch =3D -1 '=EF=BF=BD' debug =3D 0 version =3D 0 ret =3D 0 plugins_enabled =3D true plugin_found =3D false show_commands =3D false activation_test =3D false init_flags =3D 0 c =3D (struct plugcmd *) 0x246 conffile =3D 0x0 reposdir =3D 0x0 save_argv =3D (char **) 0x7fffffffeb78 j =3D 8 longopts =3D {{name =3D 0x4276f7 "debug", has_arg =3D 0, flag =3D = 0x0, val =3D 100}, {name =3D 0x4276fd "jail", has_arg =3D 1, flag =3D 0x0, val =3D = 106}, {name =3D 0x427702 "chroot", has_arg =3D 1, flag =3D 0x0, val =3D 99}, {name =3D = 0x426a33 "config", has_arg =3D 1, flag =3D 0x0, val =3D 67}, { name =3D 0x427709 "repo-conf-dir", has_arg =3D 1, flag =3D 0x0, val =3D = 82}, {name =3D 0x427717 "rootdir", has_arg =3D 1, flag =3D 0x0, val =3D 114}, = {name =3D 0x42771f "list", has_arg =3D 0, flag =3D 0x0, val =3D 108}, {name =3D = 0x426f45 "version", has_arg =3D 0, flag =3D 0x0, val =3D 118}, { name =3D 0x427724 "option", has_arg =3D 1, flag =3D 0x0, val =3D 111}, = {name =3D 0x42772b "only-ipv4", has_arg =3D 0, flag =3D 0x0, val =3D 52}, {name =3D = 0x427735 "only-ipv6", has_arg =3D 0, flag =3D 0x0, val =3D 54}, {name =3D 0x0, = has_arg =3D 0, flag =3D 0x0, val =3D 0}} __func__ =3D "main" --=20 Mathieu Arnold --==========82237419477444479CEF========== Content-Type: application/pgp-signature Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQJ8BAEBCgBmBQJW31XxXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQzQUI2OTc4OUQyRUQxMjEwNjQ0MEJBNUIz QTQ1MTZGMzUxODNDRTQ4AAoJEDpFFvNRg85ILZMP+gPmoW5ekC15dSlHd+Agl7Fz WRghF3h0HTK5yx5vsK30obBCliglTZZOc6QEb/yLJDbekkplZVz51wTQamSxv6Xf 6hnPOY125RdSZ/pA74GSZgQgnzgkB0JMIa3PZs6tYxHigoOB1Yl7WbbmgYBRPe78 +yIShiNFq/dnU3uciOOWtRigpdWTE/ER9GC5s46tlLixp8C4cCRWZQeq8af6oXBb IZDLO7v235e/qaZLqPtPXF2Eaj8L0XMEIjI6DV8JfKVr4ZjUz3TD+3DUb/hOM5En 9DUyKlzr4qBPNuzejA1VwwdbIFRqPntSgpNQBJ9CaMQnjDYxay1YCy8LGNKeucVc cFUrXQmAOC132jeUN9CLI3SCiAGTfOovoA0RuVwUr0AWIYBaV3MxKVOgzzy/qElG vrHOwjOCTDZcfORZ+htbq0CiS3aLmw5zHUWAlwpKCMQ0ahlul8+v32+cvOkap4Ya ZD6I8GeeUK1kOcrBTXYJYK3Csz/NVjba7u+sFuuj7NDU1EXAl2EDqWpBWHUnhcri M+rj78uCWwoflUvBRr7rVE8DcIPmjo9VNm47R5vhnlL9Ni8Hve7QsOS8Z3VowSL+ r4Ef0oIdaIxWbab2kTagkL4JhhR5wx0L1vsSz8Ug6mVCb5w2JqrApeBqlOo+8VTG hkpKsJixTPGcuVPo8agc =zf3b -----END PGP SIGNATURE----- --==========82237419477444479CEF==========--