After upgrade to sys-apps/coreutils-8.7/8.8/8.9, 'sort' segfault then portage build package. Reproducible: Sometimes Steps to Reproduce: 1. use >=sys-apps/coreutils-8.7 2. emerge -e system Actual Results: $ cat kern.log Jan 7 01:31:56 zzzz kernel: [7120983.022045] sort[19314]: segfault at a9a31099 ip 002d95b2 sp b9ce8eac error 5 in libc-2.11.2.so[25f000+145000] Jan 7 01:31:56 zzzz kernel: [7120983.022061] grsec: From x.x.x.x: signal 11 sent to /bin/sort[sort:19314] uid/euid:0/0 gid/egid:0/0, parent /usr/lib/portage/bin/ebuild.sh[ebuild.sh:19311] uid/euid:0/0 gid/egid:0/0 $ cat sys-apps:memtest86+-4.10-r1:20110106-223154.log * Package: sys-apps/memtest86+-4.10-r1 * Repository: gentoo * Maintainer: spock@gentoo.org base-system@gentoo.org * USE: elibc_glibc kernel_linux userland_GNU x86 >>> Unpacking source... >>> Unpacking memtest86+-4.10.tar.gz to /var/tmp/portage/sys-apps/memtest86+-4.10-r1/work >>> Source unpacked in /var/tmp/portage/sys-apps/memtest86+-4.10-r1/work >>> Preparing source in /var/tmp/portage/sys-apps/memtest86+-4.10-r1/work/memtest86+-4.10 ... * Applying memtest86+-4.10-hardcoded_cc.patch ... [ ok ] >>> Source prepared. ACCESS DENIED open_rd: /usr/portage/profiles/base/profile.bashrc /usr/lib/portage/bin/ebuild.sh: line 43: /usr/portage/profiles/base/profile.bashrc: Permission denied ACCESS DENIED open_rd: /usr/portage/profiles/arch/x86/profile.bashrc /usr/lib/portage/bin/ebuild.sh: line 43: /usr/portage/profiles/arch/x86/profile.bashrc: Permission denied ACCESS DENIED execve: /bin/mkdir ACCESS DENIED open_rd: /bin/mkdir /usr/lib/portage/bin/ebuild.sh: line 2212: /bin/mkdir: Permission denied ACCESS DENIED execve: /bin/cp ACCESS DENIED open_rd: /bin/cp /usr/lib/portage/bin/ebuild.sh: line 2213: /bin/cp: Permission denied >>> Configuring source in /var/tmp/portage/sys-apps/memtest86+-4.10-r1/work/memtest86+-4.10 ... ACCESS DENIED execve: /usr/bin/touch ACCESS DENIED open_rd: /usr/bin/touch /usr/lib/portage/bin/ebuild.sh: line 1022: /usr/bin/touch: Permission denied >>> Source configured. --------------------------- ACCESS VIOLATION SUMMARY --------------------------- LOG FILE "/var/log/sandbox/sandbox-19289.log" VERSION 1.0 FORMAT: F - Function called FORMAT: S - Access Status FORMAT: P - Path as passed to function FORMAT: A - Absolute Path (not canonical) FORMAT: R - Canonical Path FORMAT: C - Command Line F: open_rd S: deny P: /usr/portage/profiles/base/profile.bashrc A: /usr/portage/profiles/base/profile.bashrc R: /usr/portage/profiles/base/profile.bashrc C: /bin/bash /usr/lib/portage/bin/ebuild.sh configure F: open_rd S: deny P: /usr/portage/profiles/arch/x86/profile.bashrc A: /usr/portage/profiles/arch/x86/profile.bashrc R: /usr/portage/profiles/arch/x86/profile.bashrc C: /bin/bash /usr/lib/portage/bin/ebuild.sh configure F: execve S: deny P: /bin/mkdir A: /bin/mkdir R: /bin/mkdir C: /bin/bash /usr/lib/portage/bin/ebuild.sh configure F: open_rd S: deny P: /bin/mkdir A: /bin/mkdir R: /bin/mkdir C: /bin/bash /usr/lib/portage/bin/ebuild.sh configure F: execve S: deny P: /bin/cp A: /bin/cp R: /bin/cp C: /bin/bash /usr/lib/portage/bin/ebuild.sh configure F: open_rd S: deny P: /bin/cp A: /bin/cp R: /bin/cp C: /bin/bash /usr/lib/portage/bin/ebuild.sh configure F: execve S: deny P: /usr/bin/touch A: /usr/bin/touch R: /bin/touch C: /bin/bash /usr/lib/portage/bin/ebuild.sh configure F: open_rd S: deny P: /usr/bin/touch A: /usr/bin/touch R: /bin/touch C: /bin/bash /usr/lib/portage/bin/ebuild.sh configure -------------------------------------------------------------------------------- sys-apps/coreutils-8.7 USE="gmp nls unicode xattr -acl -caps (-selinux) -static -vanilla" Portage 2.1.9.25 (hardened/linux/x86, gcc-4.3.4, glibc-2.11.2-r3, 2.6.28-hardened-r9 i686) ================================================================= System uname: Linux-2.6.28-hardened-r9-i686-Intel-R-_Core-TM-2_CPU_4300_@_1.80GHz-with-gentoo-1.12.14 Timestamp of tree: Thu, 06 Jan 2011 21:30:01 +0000 app-shells/bash: 4.1_p7 dev-lang/python: 2.6.6-r1 sys-apps/baselayout: 1.12.14-r1 sys-apps/sandbox: 2.4 sys-devel/autoconf: 2.65-r1 sys-devel/automake: 1.11.1 sys-devel/binutils: 2.20.1-r1 sys-devel/gcc: 4.3.4, 4.4.4-r2 sys-devel/gcc-config: 1.4.1 sys-devel/libtool: 2.2.10 sys-devel/make: 3.81-r2 virtual/os-headers: 2.6.30-r1 (sys-kernel/linux-headers) ACCEPT_KEYWORDS="x86" ACCEPT_LICENSE="* -@EULA" CBUILD="i686-pc-linux-gnu" CFLAGS="-O2 -pipe -march=i686" CHOST="i686-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/share/openvpn/easy-rsa /var/bind" CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/gconf /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo" CXXFLAGS="-O2 -pipe -march=i686" DISTDIR="/usr/portage/distfiles" FEATURES="assume-digests binpkg-logs buildpkg distlocks fixlafiles fixpackages news parallel-fetch protect-owned sandbox sfperms strict unknown-features-warn unmerge-logs unmerge-orphans userfetch" GENTOO_MIRRORS="http://distfiles.gentoo.org" LANG="en_US.UTF-8" LDFLAGS="-Wl,-O1 -Wl,--as-needed" LINGUAS="en" MAKEOPTS="-j3" PKGDIR="/usr/portage/packages" PORTAGE_CONFIGROOT="/" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY="/usr/local/portage" SYNC="rsync://rsync.gentoo.org/gentoo-portage" USE="bzip2 cli cracklib crypt cups cxx dri epoll gmp gpm hardened iconv iproute2 logrotate modules mudflap nls nptl nptlonly openmp pam pcre pic pppd readline session sse2 ssl sysfs threads unicode urandom x86 xattr zlib" APACHE2_MPMS="prefork" COLLECTD_PLUGINS="df interface irq load memory rrdtool swap syslog" ELIBC="glibc" GPSD_PROTOCOLS="ashtech aivdm earthmate evermore fv18 garmin garmintxt gpsclock itrax mtk3301 nmea ntrip navcom oceanserver oldstyle oncore rtcm104v2 rtcm104v3 sirf superstar2 timing tsip tripmate tnt ubx" INPUT_DEVICES="keyboard mouse" KERNEL="linux" LINGUAS="en" PHP_TARGETS="php5-3" RUBY_TARGETS="ruby18" USERLAND="GNU" Unset: CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, FFLAGS, INSTALL_MASK, LC_ALL, PORTAGE_BUNZIP2_COMMAND, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS config CONFIG_GRKERNSEC=y CONFIG_GRKERNSEC_LOW=y CONFIG_GRKERNSEC_KMEM=y CONFIG_GRKERNSEC_IO=y CONFIG_GRKERNSEC_PROC_MEMMAP=y CONFIG_GRKERNSEC_ACL_HIDEKERN=y CONFIG_GRKERNSEC_ACL_MAXTRIES=3 CONFIG_GRKERNSEC_ACL_TIMEOUT=30 CONFIG_GRKERNSEC_PROC=y CONFIG_GRKERNSEC_PROC_USERGROUP=y CONFIG_GRKERNSEC_PROC_GID=10 CONFIG_GRKERNSEC_LINK=y CONFIG_GRKERNSEC_FIFO=y CONFIG_GRKERNSEC_CHROOT=y CONFIG_GRKERNSEC_CHROOT_MOUNT=y CONFIG_GRKERNSEC_CHROOT_DOUBLE=y CONFIG_GRKERNSEC_CHROOT_PIVOT=y CONFIG_GRKERNSEC_CHROOT_CHDIR=y CONFIG_GRKERNSEC_CHROOT_CHMOD=y CONFIG_GRKERNSEC_CHROOT_FCHDIR=y CONFIG_GRKERNSEC_CHROOT_MKNOD=y CONFIG_GRKERNSEC_CHROOT_SHMAT=y CONFIG_GRKERNSEC_CHROOT_UNIX=y CONFIG_GRKERNSEC_CHROOT_FINDTASK=y CONFIG_GRKERNSEC_CHROOT_NICE=y CONFIG_GRKERNSEC_CHROOT_SYSCTL=y CONFIG_GRKERNSEC_RESLOG=y CONFIG_GRKERNSEC_AUDIT_MOUNT=y CONFIG_GRKERNSEC_SIGNAL=y CONFIG_GRKERNSEC_FORKFAIL=y CONFIG_GRKERNSEC_TIME=y CONFIG_GRKERNSEC_PROC_IPADDR=y CONFIG_GRKERNSEC_EXECVE=y CONFIG_GRKERNSEC_DMESG=y CONFIG_GRKERNSEC_RANDNET=y CONFIG_GRKERNSEC_SYSCTL=y CONFIG_GRKERNSEC_SYSCTL_ON=y CONFIG_GRKERNSEC_FLOODTIME=10 CONFIG_GRKERNSEC_FLOODBURST=4 CONFIG_PAX=y CONFIG_PAX_PT_PAX_FLAGS=y CONFIG_PAX_NO_ACL_FLAGS=y CONFIG_PAX_NOEXEC=y CONFIG_PAX_PAGEEXEC=y CONFIG_PAX_MPROTECT=y CONFIG_PAX_ASLR=y CONFIG_PAX_RANDKSTACK=y CONFIG_PAX_RANDUSTACK=y CONFIG_PAX_RANDMMAP=y CONFIG_PAX_MEMORY_UDEREF=y CONFIG_PAX_REFCOUNT=y CONFIG_SECURITY=y CONFIG_SECURITY_NETWORK=y CONFIG_SECURITY_FILE_CAPABILITIES=y CONFIG_SECURITY_DEFAULT_MMAP_MIN_ADDR=0 CONFIG_CRYPTO=y
There seems to be some stuff going on here: did those sandbox errors appear with the upgrade of coreutils, or are they unrelated? Cold you also try to crash sort outside of portage and maybe even attach a backtrace of said segfault? Does downgrading to coreutils-8.5 make the problems go away? For me said versions of coreutils works fine on hardened, and at this stage I am unsure about if sort really is the culprit or if there is something more serious going on.
what does `sort` misbehavior have to do with the sandbox output ?
I have the same problem (but reproducible while building proprietary software) here on my machine since coreutils was upgraded. If I use coreutils < 8.7 I have no problems.
Created attachment 259796 [details] core
(In reply to comment #1) > Cold you also try to crash sort outside of portage and maybe even attach a > backtrace of said segfault? A can't reproduce crash sort outside of portage. > Does downgrading to coreutils-8.5 make the problems go away? Downgrading to coreutils-8.5 solve the proble (or compile coreutils-8.7 without optimization CFLAGS="-g -pipe" CXXFLAGS="${CFLAGS}"). # gdb sort -c core -d /var/tmp/portage/sys-apps/coreutils-8.7/work/coreutils-8.7/src/ GNU gdb (Gentoo 7.2 p1) 7.2 Copyright (C) 2010 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html> This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "i686-pc-linux-gnu". For bug reporting instructions, please see: <http://bugs.gentoo.org/>... Reading symbols from /var/tmp/portage/sys-apps/coreutils-8.7/work/coreutils-8.7/src/sort...done. [New Thread 3824] [New Thread 3823] warning: Can't read pathname for load map: Input/output error. Reading symbols from /usr/lib/libsandbox.so...(no debugging symbols found)...done. Loaded symbols for /usr/lib/libsandbox.so Reading symbols from /lib/libpthread.so.0...(no debugging symbols found)...done. Loaded symbols for /lib/libpthread.so.0 Reading symbols from /lib/libc.so.6...(no debugging symbols found)...done. Loaded symbols for /lib/libc.so.6 Reading symbols from /lib/libdl.so.2...(no debugging symbols found)...done. Loaded symbols for /lib/libdl.so.2 Reading symbols from /lib/ld-linux.so.2...(no debugging symbols found)...done. Loaded symbols for /lib/ld-linux.so.2 Core was generated by `sort -z -u'. Program terminated with signal 11, Segmentation fault. #0 0x01a445b2 in strcoll_l () from /lib/libc.so.6 (gdb) where #0 0x01a445b2 in strcoll_l () from /lib/libc.so.6 #1 0x01a3e331 in strcoll () from /lib/libc.so.6 #2 0x17491023 in strcoll_loop (s1=0xa58a500a "/dev/stdin", s1size=11, s2=0xa58a5015 "/", s2size=2) at memcoll.c:39 #3 memcoll0 (s1=0xa58a500a "/dev/stdin", s1size=11, s2=0xa58a5015 "/", s2size=2) at memcoll.c:110 #4 0x1748e4ba in xmemcoll0 (s1=0xa58a500a "/dev/stdin", s1size=11, s2=0xa58a5015 "/", s2size=2) at xmemcoll.c:71 #5 0x17485be0 in compare (a=0xa79a5018, b=0xa79a5008) at sort.c:2653 #6 0x17485d9a in sequential_sort (lines=<value optimized out>, nlines=<value optimized out>, temp=0xa79a4fc8, to_temp=false) at sort.c:3095 #7 0x17486c72 in sortlines (lines=0xa79a5038, dest=<value optimized out>, nthreads=1, total_lines=7, parent=0xb93b0bf4, lo_child=true, merge_queue=0xb93b0f8c, tfp=0x1b124a0, temp_output=0x0) at sort.c:3470 #8 0x174872c4 in sortlines_thread (data=0xb93b0c20) at sort.c:3404 #9 0x019b767f in start_thread () from /lib/libpthread.so.0 #10 0x01a9bd2e in clone () from /lib/libc.so.6
# gcc --version gcc (Gentoo Hardened 4.3.4 p1.2, pie-10.1.5) 4.3.4 Copyright (C) 2008 Free Software Foundation, Inc. This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. # gcc-config -l [1] i686-pc-linux-gnu-4.3.4 * [2] i686-pc-linux-gnu-4.3.4-hardenednopie [3] i686-pc-linux-gnu-4.3.4-vanilla [4] i686-pc-linux-gnu-4.4.4 [5] i686-pc-linux-gnu-4.4.4-hardenednopie [6] i686-pc-linux-gnu-4.4.4-hardenednopiessp [7] i686-pc-linux-gnu-4.4.4-hardenednossp [8] i686-pc-linux-gnu-4.4.4-vanilla # emerge -e system # cat virtual:libintl-0:20110114-093604.log * Package: virtual/libintl-0 * Repository: gentoo * Maintainer: alt@gentoo.org * USE: elibc_glibc kernel_linux userland_GNU x86 >>> Unpacking source... >>> Source unpacked in /var/tmp/portage/virtual/libintl-0/work >>> Compiling source in /var/tmp/portage/virtual/libintl-0/work ... >>> Source compiled. ACCESS DENIED open_rd: /usr/portage/profiles/base/profile.bashrc /usr/lib/portage/bin/ebuild.sh: line 43: /usr/portage/profiles/base/profile.bashrc: Permission denied ACCESS DENIED open_rd: /usr/portage/profiles/arch/x86/profile.bashrc /usr/lib/portage/bin/ebuild.sh: line 43: /usr/portage/profiles/arch/x86/profile.bashrc: Permission denied >>> Test phase [not enabled]: virtual/libintl-0 --------------------------- ACCESS VIOLATION SUMMARY --------------------------- LOG FILE "/var/log/sandbox/sandbox-27043.log" VERSION 1.0 FORMAT: F - Function called FORMAT: S - Access Status FORMAT: P - Path as passed to function FORMAT: A - Absolute Path (not canonical) FORMAT: R - Canonical Path FORMAT: C - Command Line F: open_rd S: deny P: /usr/portage/profiles/base/profile.bashrc A: /usr/portage/profiles/base/profile.bashrc R: /usr/portage/profiles/base/profile.bashrc C: /bin/bash /usr/lib/portage/bin/ebuild.sh test F: open_rd S: deny P: /usr/portage/profiles/arch/x86/profile.bashrc A: /usr/portage/profiles/arch/x86/profile.bashrc R: /usr/portage/profiles/arch/x86/profile.bashrc C: /bin/bash /usr/lib/portage/bin/ebuild.sh test -------------------------------------------------------------------------------- Press any key to continue... Portage 2.1.9.25 (hardened/linux/x86, gcc-4.3.4, glibc-2.11.2-r3, 2.6.28-hardened-r9 i686) ================================================================= System uname: Linux-2.6.28-hardened-r9-i686-Intel-R-_Core-TM-2_CPU_4300_@_1.80GHz-with-gentoo-1.12.14 Timestamp of tree: Thu, 13 Jan 2011 17:30:01 +0000 app-shells/bash: 4.1_p7 dev-lang/python: 2.6.6-r1 sys-apps/baselayout: 1.12.14-r1 sys-apps/sandbox: 2.4 sys-devel/autoconf: 2.65-r1 sys-devel/automake: 1.11.1 sys-devel/binutils: 2.20.1-r1 sys-devel/gcc: 4.3.4, 4.4.4-r2 sys-devel/gcc-config: 1.4.1 sys-devel/libtool: 2.2.10 sys-devel/make: 3.81-r2 virtual/os-headers: 2.6.30-r1 (sys-kernel/linux-headers) CBUILD="i686-pc-linux-gnu" CFLAGS="-O2 -g -pipe -march=i686" CHOST="i686-pc-linux-gnu" CXXFLAGS="-O2 -g -pipe -march=i686" LANG="en_US.UTF-8" LDFLAGS="-Wl,-O1 -Wl,--as-needed" LINGUAS="en" MAKEOPTS="-j3" # cat kern.log Jan 14 12:36:06 zzzz kernel: [7765633.295068] sort[27069]: segfault at ac742099 ip 0147a5b2 sp aa5abff0 error 5 in libc-2.11.2.so[1400000+145000] # db sort -c core -d /var/tmp/portage/sys-apps/coreutils-8.7/work/coreutils-8.7/src/ GNU gdb (Gentoo 7.2 p1) 7.2 Copyright (C) 2010 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html> This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "i686-pc-linux-gnu". For bug reporting instructions, please see: <http://bugs.gentoo.org/>... Reading symbols from /var/tmp/portage/sys-apps/coreutils-8.7/work/coreutils-8.7/src/sort...done. [New Thread 27069] [New Thread 27068] warning: Can't read pathname for load map: Input/output error. Reading symbols from /usr/lib/libsandbox.so...(no debugging symbols found)...done. Loaded symbols for /usr/lib/libsandbox.so Reading symbols from /lib/libpthread.so.0...(no debugging symbols found)...done. Loaded symbols for /lib/libpthread.so.0 Reading symbols from /lib/libc.so.6...(no debugging symbols found)...done. Loaded symbols for /lib/libc.so.6 Reading symbols from /lib/libdl.so.2...(no debugging symbols found)...done. Loaded symbols for /lib/libdl.so.2 Reading symbols from /lib/ld-linux.so.2...(no debugging symbols found)...done. Loaded symbols for /lib/ld-linux.so.2 Core was generated by `sort -z -u'. Program terminated with signal 11, Segmentation fault. #0 0x0147a5b2 in strcoll_l () from /lib/libc.so.6 (gdb) bt #0 0x0147a5b2 in strcoll_l () from /lib/libc.so.6 #1 0x01474331 in strcoll () from /lib/libc.so.6 #2 0x17e06023 in strcoll_loop (s1=0xaa5ad00a "/dev/stdin", s1size=11, s2=0xaa5ad015 "/", s2size=2) at memcoll.c:39 #3 memcoll0 (s1=0xaa5ad00a "/dev/stdin", s1size=11, s2=0xaa5ad015 "/", s2size=2) at memcoll.c:110 #4 0x17e034ba in xmemcoll0 (s1=0xaa5ad00a "/dev/stdin", s1size=11, s2=0xaa5ad015 "/", s2size=2) at xmemcoll.c:71 #5 0x17dfabe0 in compare (a=0xac6ad018, b=0xac6ad008) at sort.c:2653 #6 0x17dfad9a in sequential_sort (lines=<value optimized out>, nlines=<value optimized out>, temp=0xac6acfc8, to_temp=false) at sort.c:3095 #7 0x17dfbc72 in sortlines (lines=0xac6ad038, dest=<value optimized out>, nthreads=1, total_lines=7, parent=0xb9b2da94, lo_child=true, merge_queue=0xb9b2de2c, tfp=0x15484a0, temp_output=0x0) at sort.c:3470 #8 0x17dfc2c4 in sortlines_thread (data=0xb9b2dac0) at sort.c:3404 #9 0x013ed67f in start_thread () from /lib/libpthread.so.0 #10 0x014d1d2e in clone () from /lib/libc.so.6
Created attachment 259805 [details] core2
A can't reproduce crash sort after upgrade kernel from 2.6.28-hardened-r9 to 2.6.32-hardened-r31