Hi! During booting, I currently see dhclient abort with a stack smashing error. I understand it is built with -fstack-protector by means of the Debian hardening-wrapper package. I first observed this when upgrading (amongst other packages) glibc from Richard's 2.13-39+hurd.rbraun.6 to current debian-ports' 2.13-39+hurd.3. As »ldd /sbin/dhclient« doesn't show any other shared library dependencies and as isc-dhcp-client itself has not recently been upgraded (debian-ports' 4.2.2.dfsg.1-5+hurd.2, installed on 2012-07-13), I'm fairly sure it is some glibc change that now triggers this behavior, though not necessarily a bug in the exact diff between these two versions; might also be some unrelated change that now causes the stack frame layout to change in a way that this bug is now triggered. Or, it may be due to some other environmental changes, but unfortunately, for cross-checking, I don't have the binary packages for Richard's 2.13-39+hurd.rbraun.6 glibc version anymore (but I do have the sources; though not yet rebuilt them myself). Richard do you still have the binary packages available somewhere?
What is being run at booting time is something like »ifup --all«, and I'm able to reproduce the failure as follows. This is fine: # env TZ=Europe/Berlin /sbin/dhclient -1 -v -pf /run/dhclient./dev/eth0.pid -lf /var/lib/dhcp/dhclient./dev/eth0.leases /dev/eth0 Internet Systems Consortium DHCP Client 4.2.2 Copyright 2004-2011 Internet Systems Consortium. All rights reserved. For info, please visit https://www.isc.org/software/dhcp/ can't create /var/lib/dhcp/dhclient./dev/eth0.leases: No such file or directory Listening on Socket//dev/eth0 Sending on Socket//dev/eth0 DHCPDISCOVER on /dev/eth0 to 255.255.255.255 port 67 interval 5 DHCPREQUEST on /dev/eth0 to 255.255.255.255 port 67 DHCPOFFER from 192.168.111.2 DHCPACK from 192.168.111.2 can't create /var/lib/dhcp/dhclient./dev/eth0.leases: No such file or directory bound to 192.168.111.221 -- renewal in 16252 seconds. Likewise, a run with »env -i TZ=Europe/Berlin« also is fine. On the other hand, as soon as TZ is unset: # env -u TZ /sbin/dhclient -1 -v -pf /run/dhclient./dev/eth0.pid -lf /var/lib/dhcp/dhclient./dev/eth0.leases /dev/eth0 Internet Systems Consortium DHCP Client 4.2.2 Copyright 2004-2011 Internet Systems Consortium. All rights reserved. For info, please visit https://www.isc.org/software/dhcp/ can't create /var/lib/dhcp/dhclient./dev/eth0.leases: No such file or directory Listening on Socket//dev/eth0 Sending on Socket//dev/eth0 *** stack smashing detected ***: /sbin/dhclient terminated Aborted Likewise, a complete empty environment, »env -i«, also fails. With TZ set to an invalid value, it fails even earlier: # env TZ=iNvAlId /sbin/dhclient -1 -v -pf /run/dhclient./dev/eth0.pid -lf /var/lib/dhcp/dhclient./dev/eth0.leases /dev/eth0 Internet Systems Consortium DHCP Client 4.2.2 Copyright 2004-2011 Internet Systems Consortium. All rights reserved. For info, please visit https://www.isc.org/software/dhcp/ *** stack smashing detected ***: /sbin/dhclient terminated Aborted I don't see any direct TZ references in the isc-dhcp 4.2.2.dfsg.1-5+hurd.2 source package. Unfortunately, GDB is of no help either: # env TZ=iNvAlId gdb -q --args /sbin/dhclient -1 -v -pf /run/dhclient./dev/eth0.pid -lf /var/lib/dhcp/dhclient./dev/eth0.leases /dev/eth0 Reading symbols from /sbin/dhclient...(no debugging symbols found)...done. (gdb) r Starting program: /sbin/dhclient -1 -v -pf /run/dhclient./dev/eth0.pid -lf /var/lib/dhcp/dhclient./dev/eth0.leases /dev/eth0 Cannot access memory at address 0x140e0ad0 Cannot access memory at address 0x140e0acc Rebuilding isc-dhcp 4.2.2.dfsg.1-5+hurd.2 fails: [...] make[3]: Entering directory `/media/erich/home/thomas/tmp/isc-dhcp-client/debian/isc-dhcp-4.2.2.dfsg.1/common' gcc -DHAVE_CONFIG_H -I. -I../includes -I.. -DLOCALSTATEDIR='"/var"' -D_FORTIFY_SOURCE=2 -DLDAP_CONFIGURATION -g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Werror=format-security -Wall -D_PATH_DHCLIENT_SCRIPT='"/sbin/dhclient-script"' -D_PATH_DHCPD_CONF='"/etc/dhcp/dhcpd.conf"' -D_PATH_DHCLIENT_CONF='"/etc/dhcp/dhclient.conf"' -DNOMINUM -I../bind/include -MT alloc.o -MD -MP -MF .deps/alloc.Tpo -c -o alloc.o alloc.c In file included from ../bind/include/isc/sockaddr.h:26:0, from ../bind/include/isc/socket.h:66, from ../includes/omapip/isclib.h:57, from ../includes/dhcpd.h:95, from alloc.c:35: ../bind/include/isc/net.h:184:8: error: redefinition of ‘struct in6_pktinfo’ In file included from ../includes/dhcpd.h:39:0, from alloc.c:35: /usr/include/netinet/in.h:471:8: note: originally defined here make[3]: *** [alloc.o] Fehler 1 make[3]: Leaving directory `/media/erich/home/thomas/tmp/isc-dhcp-client/debian/isc-dhcp-4.2.2.dfsg.1/common' make[2]: *** [all-recursive] Fehler 1 make[2]: Leaving directory `/media/erich/home/thomas/tmp/isc-dhcp-client/debian/isc-dhcp-4.2.2.dfsg.1/common' make[1]: *** [all-recursive] Fehler 1 make[1]: Leaving directory `/media/erich/home/thomas/tmp/isc-dhcp-client/debian/isc-dhcp-4.2.2.dfsg.1' make: *** [build-ldap-stamp] Fehler 2 $ cat -n < bind/include/isc/net.h | grep -C 3 [\ ]*184 181 182 #ifndef ISC_PLATFORM_HAVEIN6PKTINFO 183 /*% IPv6 packet info */ 184 struct in6_pktinfo { 185 struct in6_addr ipi6_addr; /*%< src/dst IPv6 address */ 186 unsigned int ipi6_ifindex; /*%< send/recv interface index */ 187 }; $ cat -n < /usr/include/netinet/in.h | grep -C 3 [\ ]*471 468 469 #ifdef __USE_GNU 470 /* IPv6 packet information. */ 471 struct in6_pktinfo 472 { 473 struct in6_addr ipi6_addr; /* src/dst IPv6 address */ 474 unsigned int ipi6_ifindex; /* send/recv interface index */ configure:23208: checking for in6_pktinfo configure:23227: gcc -c -g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Werror=format-security -Wall -D_PATH_DHCLIENT_SCRIPT='"/sbin/dhclient-script"' -D_PATH_DHCPD_CONF='"/etc/dhcp/dhcpd.conf"' -D_PATH_DHCLIENT_CONF='"/etc/dhcp/dhclient.conf"' -DNOMINUM -I./bind/include -D_FORTIFY_SOURCE=2 conftest.c >&5 conftest.c: In function 'main': conftest.c:52:20: error: storage size of 'xyzzy' isn't known conftest.c:52:20: warning: unused variable 'xyzzy' [-Wunused-variable] configure:23227: $? = 1 configure: failed program was: [...] | #include <sys/types.h> | #include <sys/socket.h> | #include <netinet/in.h> | | | | int | main () | { | struct in6_pktinfo xyzzy; return (0); | ; | return 0; | } configure:23232: result: no -- disabling runtime ipv6 support Forcing a -D_GNU_SOURCE into debian/rules' CFLAGS "solves" this problem, and (luckily!) I can still reproduce the crash with the resulting dhclient binary (and GDB still doesn't like it...). If I manually re-do the link command of dhclient, but remove »-fstack-protector --param=ssp-buffer-size=4« from that command line (but all the object files keep it enabled), GDB is of more help (so this is to be filed as an Open Issue for GCC/GDB). # env TZ=iNvAlId gdb -q --args ~thomas/tmp/isc-dhcp-client/debian/isc-dhcp-4.2.2.dfsg.1/client/dhclient -1 -v -pf /run/dhclient./dev/eth0.pid -lf /var/lib/dhcp/dhclient./dev/eth0.leases /dev/eth0 Reading symbols from /media/erich/home/thomas/tmp/isc-dhcp-client/debian/isc-dhcp-4.2.2.dfsg.1/client/dhclient...done. (gdb) break __stack_chk_fail Breakpoint 1 at 0x804d3d0 (gdb) r Starting program: /media/erich/home/thomas/tmp/isc-dhcp-client/debian/isc-dhcp-4.2.2.dfsg.1/client/dhclient -1 -v -pf /run/dhclient./dev/eth0.pid -lf /var/lib/dhcp/dhclient./dev/eth0.leases /dev/eth0 [...] Breakpoint 1, __stack_chk_fail () at stack_chk_fail.c:29 29 stack_chk_fail.c: No such file or directory. (gdb) bt #0 __stack_chk_fail () at stack_chk_fail.c:29 #1 0x0819b514 in __stack_chk_fail_local () #2 0x08071b9b in discover_interfaces (state=state@entry=2) at discover.c:1331 #3 0x08052468 in main (argc=8, argv=0x1024e04) at dhclient.c:478 So in discover_interfaces it fails. And now I wonder if there's a coincidence between that function, right near its beginning calling getifaddrs (via begin_iface_scan), and the Debian eglibc changelog mentioning »patches/hurd-i386/tg-ifaddrs_v6.diff: New patch, fixes IPv6 addresses in getifaddrs« -- though that patch, while apparently applied to the 2.13-39+hurd.3 binary packages, does not actually seem to be present in the source package I retrieved? Am I confused or is Debian packaging? Grüße, Thomas
pgplVII0Hjk49.pgp
Description: PGP signature