From owner-freebsd-stable@FreeBSD.ORG  Thu Jan 17 13:07:40 2013
Return-Path: <owner-freebsd-stable@FreeBSD.ORG>
Delivered-To: freebsd-stable@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by hub.freebsd.org (Postfix) with ESMTP id A1EFF4B2;
 Thu, 17 Jan 2013 13:07:40 +0000 (UTC)
 (envelope-from kpaasial@gmail.com)
Received: from mail-wi0-x229.google.com (mail-wi0-x229.google.com
 [IPv6:2a00:1450:400c:c05::229])
 by mx1.freebsd.org (Postfix) with ESMTP id D7D10C39;
 Thu, 17 Jan 2013 13:07:39 +0000 (UTC)
Received: by mail-wi0-f169.google.com with SMTP id hq12so4569358wib.2
 for <multiple recipients>; Thu, 17 Jan 2013 05:07:39 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
 h=mime-version:x-received:in-reply-to:references:date:message-id
 :subject:from:to:cc:content-type;
 bh=66bvptgCDYa7PgOs9ezN2njp4PGbIi/J3SGApBZajBs=;
 b=esY7qoyo4OE8fAqxedaFKy833IgKzmfdgsAmnXBaEXsXbK605lhHnL7H7UZ/k7SOIy
 wzX7w1CNbBOTgmSEgq0b+xj5mW4k73sb5sphtyWcL8aqIacWGufwYva9MSkCwxrKr2ld
 LvvRIpDIL6c67ABK2drVvHjlX3RH93deuuqN6kmFyytURe4P0226fXtSaabW6ZwRGTWk
 lmjmBHDudZpxjxjOPXrZxi7Qj7B5N9nA7JHnodCfUzqvsVhIhVqeLb4644y8i+6gcHgl
 X1H3mKLdpKoSFVO2Wd6Chby1UVxKi69aJwimynKGZbQ8F6p++JIz9h5lDu7Ini68fOE6
 0pLA==
MIME-Version: 1.0
X-Received: by 10.180.80.170 with SMTP id s10mr15692760wix.27.1358428059041;
 Thu, 17 Jan 2013 05:07:39 -0800 (PST)
Received: by 10.216.172.197 with HTTP; Thu, 17 Jan 2013 05:07:38 -0800 (PST)
In-Reply-To: <20130117001116.GD29437@lor.one-eyed-alien.net>
References: <CA+7WWSeOpuAv9PL2_G6Z1Q_SLv5xcTjcujiw6Rs8tdBsrLO7wQ@mail.gmail.com>
 <50F6D20A.6070306@FreeBSD.org>
 <CA+7WWSfE1bAr7GriRGAKBVpkiNE+tn-+d0cO3vpNPY-SWxfghg@mail.gmail.com>
 <20130117001116.GD29437@lor.one-eyed-alien.net>
Date: Thu, 17 Jan 2013 15:07:38 +0200
Message-ID: <CA+7WWSdW95=qBthPKWtn1uT_FTD2ka-oQXLo-owFEn=kO4GYRg@mail.gmail.com>
Subject: Re: CLANG 3.2 breaks security/pam_ssh_agent_auth on stable/9
From: Kimmo Paasiala <kpaasial@gmail.com>
To: Brooks Davis <brooks@freebsd.org>
Content-Type: text/plain; charset=UTF-8
Cc: freebsd-stable@freebsd.org, Dimitry Andric <dim@freebsd.org>
X-BeenThere: freebsd-stable@freebsd.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: Production branch of FreeBSD source code <freebsd-stable.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-stable>,
 <mailto:freebsd-stable-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-stable>
List-Post: <mailto:freebsd-stable@freebsd.org>
List-Help: <mailto:freebsd-stable-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>,
 <mailto:freebsd-stable-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 17 Jan 2013 13:07:40 -0000

On Thu, Jan 17, 2013 at 2:11 AM, Brooks Davis <brooks@freebsd.org> wrote:
> On Wed, Jan 16, 2013 at 08:01:00PM +0200, Kimmo Paasiala wrote:
>> On Wed, Jan 16, 2013 at 6:15 PM, Dimitry Andric <dim@freebsd.org> wrote:
>> > On 2013-01-16 13:05, Kimmo Paasiala wrote:
>> >>
>> >> I just updated my stable/9 system after clang3.2 was added. My system
>> >> is amd64, both world and kernel are compiled with clang3.2 and the
>> >> default compiler is clang. I'm tracking the sources with GIT and the
>> >> version I have corresponds to SVN revision r245451.
>> >>
>> >> Everything else seems to work but the pam authentication module
>> >> security/pam_ssh_agent_auth segfaults immediately.
>> >
>> > ...
>> >
>> >> #0  0x0000000800ef2070 in strsvis () from /lib/libc.so.7
>> >> #1  0x0000000800ef2584 in strvis () from /lib/libc.so.7
>> >> #2  0x0000000800ef25e5 in strnvis () from /lib/libc.so.7
>> >> #3  0x0000000801c0e2e7 in do_log () from
>> >> /usr/local/lib/pam_ssh_agent_auth.so
>> >> #4  0x0000000801c0e4ff in logit () from
>> >> /usr/local/lib/pam_ssh_agent_auth.so
>> >
>> > ...
>> >
>> >> The str*vis() calls suggest that it's something in the libc maybe?
>> >
>> >
>> > Brooks merged the new strvis implementations in r245439, so you may have
>> > run into a bug with them.  I don't think this is caused specifically by
>> > clang, at least not without more proof. :-)
>> >
>> > Can you try reverting to the revision just before r245439, rebuilding
>> > and reinstalling at least libc, and see if the pam_ssh_agent_auth crash
>> > goes away?
>>
>> I'm rebuilding world now. Took me some time to figure out how to
>> revert the commits in git. I'll report back once finished.
>
> NetBSD and OpenBSD use different signatures for strnvis(). :(
> pam_ssh_agent_auth assumes that if the system has one it is the OpenBSD
> one but ours is the NetBSD one.  The port will need to be patched to use
> the openbsd version like it was doing or to swap the second and third
> arguments when build on newer versions of FreeBSD.
>
> -- Brooks

It turns out that security/pam_ssh_agent_auth compiles its own version
of strnvis() when HAVE_STRNVIS is not defined. This in turn results in
an exported dynamic strnvis symbol in the plugin binary. I guess
that's what is breaking things when the plugin binary is loaded on
post r245439 world.

First thing that comes to my mind for a fix is renaming the local
strnvis() to something else conditionally based on HAVE_STRNVIS.

-Kimmo