[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Introducing the hardening-wrapper package (was: Exim4 problems)



On Tue, 2011-05-17 at 19:47 +0200, Thomas Schwinge wrote:

> > 
> > (gdb) run
> > Starting program: exim4-4.75/build-tree/build-exim4-daemon-light/exim 
> > Cannot access memory at address 0x726f2030
> > Cannot access memory at address 0x726f2030
> > [...]
> 
> I can reproduce all of this.  The ``problem'':
> 
>     $ grep HARDENING debian/rules 
>     export DEB_BUILD_HARDENING=1
>     #export DEB_BUILD_HARDENING_FORTIFY=0
> 
...
> 
> Apparently there's something going very wrong for us, for some of the
> hardening flags, such that GDB gets confused, SEGFAULTs arise, and all
> what we've seen.  Svante, sorry, I really didn't expect something like
> that...  (Welcome to the wonderful world of debugging.)  The reason I
> don't know yet.  Perhaps some GCC specs oddity.  Or something in glibc/in
> the dynamic linker.

I saw that hardening-wrapper was installed but did not react on that.
Have not seen anything in debian-devel about this. Should have saved me
a lot of time. 

> Change that flag to DEB_BUILD_HARDENING=0, and exim4's mini-testsuite
> will pass.

Will try that.

> I can also tell you why the build didn't SEGFAULT on the Debian buildd:
> the testsuite is only run if the Debian-exim user exists (in
> /etc/passwd), and that one only exists if the exim4-config package is
> installed -- which it probably isn't on the buildd.

But it did segfault during install, though. And buildd was using
gcc-4.4? I got a successful build with that, but gdb was getting
confused.

> Next step, I: Upload a thusly-fixed exim4 to debian-ports?  (So that the
> Debian Installer is usable again.)

Wouldn't be difficult.

> Next step, II: Figure out what's going wrong.  Svante, interested?  I
> would begin as follows.

Ill take a look. Thanks for discovering this mess. I should have seen it
too :-(



Reply to: