Summary: | net-analyzer/sarg - crash on hardened amd64 gentoo | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | Szpak <nedyarrd> |
Component: | New packages | Assignee: | Peter Volkov (RETIRED) <pva> |
Status: | RESOLVED NEEDINFO | ||
Severity: | normal | CC: | netmon |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | AMD64 | ||
OS: | Linux | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- | |
Attachments: |
Compiled binary and coredump amd64-hardened
output from strace -f /usr/sbin/sarg |
Description
Szpak
2008-06-18 12:25:01 UTC
Thank you for report Szpak. What version of sarg do you use? Also without backtrace you report is not very useful. Please, read: http://www.gentoo.org/proj/en/qa/backtraces.xml and get it to us. Version: sarg-2.2.5 Mar-03-2008 by Pedro Lineu Orso Backtrace: Using host libthread_db library "/lib/libthread_db.so.1". Failed to read a valid object file image from memory. Core was generated by `sarg'. Program terminated with signal 11, Segmentation fault. #0 0x000036b7d8b7a3b0 in _start () from /lib64/ld-linux-x86-64.so.2 Thread 1 (process 23935): #0 0x000036b7d8b7a3b0 in _start () from /lib64/ld-linux-x86-64.so.2 No symbol table info available. #1 0x0000000000000000 in ?? () No symbol table info available. Output from gdb_get_backtrace: Using host libthread_db library "/lib/libthread_db.so.1". Failed to read a valid object file image from memory. Core was generated by `sarg'. Program terminated with signal 11, Segmentation fault. #0 0x000036b7d8b7a3b0 in _start () from /lib64/ld-linux-x86-64.so.2 Thread 1 (process 23935): #0 0x000036b7d8b7a3b0 in _start () from /lib64/ld-linux-x86-64.so.2 No symbol table info available. #1 0x0000000000000000 in ?? () No symbol table info available. Sarg version: SARG Version: 2.2.5 Mar-03-2008 also happends with 2.2.4 Additional grsecurity config from .config: CONFIG_PAX=y CONFIG_PAX_SOFTMODE=y CONFIG_PAX_EI_PAX=y CONFIG_PAX_PT_PAX_FLAGS=y # CONFIG_PAX_NO_ACL_FLAGS is not set CONFIG_PAX_HAVE_ACL_FLAGS=y # CONFIG_PAX_HOOK_ACL_FLAGS is not set CONFIG_PAX_NOEXEC=y CONFIG_PAX_PAGEEXEC=y CONFIG_PAX_EMUTRAMP=y CONFIG_PAX_MPROTECT=y # CONFIG_PAX_NOELFRELOCS is not set CONFIG_PAX_ASLR=y CONFIG_PAX_RANDUSTACK=y CONFIG_PAX_RANDMMAP=y CONFIG_PAX_MEMORY_SANITIZE=y CONFIG_GRKERNSEC=y # CONFIG_GRKERNSEC_LOW is not set # CONFIG_GRKERNSEC_MEDIUM is not set # CONFIG_GRKERNSEC_HIGH is not set CONFIG_GRKERNSEC_HARDENED=y # CONFIG_GRKERNSEC_CUSTOM is not set CONFIG_GRKERNSEC_KMEM=y # CONFIG_GRKERNSEC_IO is not set CONFIG_GRKERNSEC_PROC_MEMMAP=y CONFIG_GRKERNSEC_BRUTE=y CONFIG_GRKERNSEC_MODSTOP=y CONFIG_GRKERNSEC_HIDESYM=y CONFIG_GRKERNSEC_ACL_HIDEKERN=y CONFIG_GRKERNSEC_ACL_MAXTRIES=3 CONFIG_GRKERNSEC_ACL_TIMEOUT=30 CONFIG_GRKERNSEC_PROC=y CONFIG_GRKERNSEC_PROC_USER=y CONFIG_GRKERNSEC_PROC_ADD=y CONFIG_GRKERNSEC_LINK=y CONFIG_GRKERNSEC_FIFO=y CONFIG_GRKERNSEC_CHROOT=y CONFIG_GRKERNSEC_CHROOT_MOUNT=y CONFIG_GRKERNSEC_CHROOT_DOUBLE=y CONFIG_GRKERNSEC_CHROOT_PIVOT=y CONFIG_GRKERNSEC_CHROOT_CHDIR=y CONFIG_GRKERNSEC_CHROOT_CHMOD=y CONFIG_GRKERNSEC_CHROOT_FCHDIR=y CONFIG_GRKERNSEC_CHROOT_MKNOD=y CONFIG_GRKERNSEC_CHROOT_SHMAT=y CONFIG_GRKERNSEC_CHROOT_UNIX=y CONFIG_GRKERNSEC_CHROOT_FINDTASK=y CONFIG_GRKERNSEC_CHROOT_NICE=y CONFIG_GRKERNSEC_CHROOT_SYSCTL=y CONFIG_GRKERNSEC_CHROOT_CAPS=y # CONFIG_GRKERNSEC_AUDIT_GROUP is not set # CONFIG_GRKERNSEC_EXECLOG is not set CONFIG_GRKERNSEC_RESLOG=y # CONFIG_GRKERNSEC_CHROOT_EXECLOG is not set # CONFIG_GRKERNSEC_AUDIT_CHDIR is not set # CONFIG_GRKERNSEC_AUDIT_MOUNT is not set # CONFIG_GRKERNSEC_AUDIT_IPC is not set CONFIG_GRKERNSEC_SIGNAL=y CONFIG_GRKERNSEC_FORKFAIL=y CONFIG_GRKERNSEC_TIME=y CONFIG_GRKERNSEC_PROC_IPADDR=y # CONFIG_GRKERNSEC_AUDIT_TEXTREL is not set CONFIG_GRKERNSEC_EXECVE=y CONFIG_GRKERNSEC_SHM=y CONFIG_GRKERNSEC_DMESG=y # CONFIG_GRKERNSEC_TPE is not set CONFIG_GRKERNSEC_RANDNET=y # CONFIG_GRKERNSEC_SOCKET is not set CONFIG_GRKERNSEC_SYSCTL=y CONFIG_GRKERNSEC_SYSCTL_ON=y CONFIG_GRKERNSEC_FLOODTIME=10 CONFIG_GRKERNSEC_FLOODBURST=4 This backtrace does not helps still. Try to run (gdb) thread apply all bt from debugger. Also it's possible that strace could be useful here. There is a strace in description, and backtrace log is make with: thread apply all bt I can send core file and notstripped executable. And one more thing bug is reproductible on other amd64 systems too. I tried it under vmware and on normal pc. Created attachment 157701 [details]
Compiled binary and coredump amd64-hardened
Eh, I though I wrote you, but seems that I forgive. Please run strace with -f option. Also could you try to localize and create smallest possible access.log which allows you to reproduce the crash? Created attachment 157729 [details]
output from strace -f /usr/sbin/sarg
Simplest access.log file: 1213789032.682 658 192.168.250.93 TCP_MISS/200 2317 GET http://bugs.gentoo.org/index.cgi? - DIRECT/85.17.225.93 text/html but I think it doesn't depend on what's inside. Problem must be before reading the file. Bug is reproductible only on hardened amd64 gentoo there is no error on x86 Please try sarg-2.2.5-r1.ebuild. If it does not fixes the problem I need backtrace to investigate this issue. You last backtrace is useless and it looks like you need to rebuild glibc with debugging symbols enabled too. Closing per comment #11. |