Bug#843826: marked as done (PIE specs file leads to segfaults on sparc64)

[Debian Bug Tracking System]

Your message dated Fri, 11 Nov 2016 03:03:50 +0000
with message-id <e1c5286-000clw...@fasolo.debian.org>
and subject line Bug#843826: fixed in dpkg 1.18.14
has caused the Debian Bug report #843826,
regarding PIE specs file leads to segfaults on sparc64
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
843826: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=843826
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

--- Begin Message ---

Package: dpkg-dev
Version: 1.18.13
Severity: important
User: debian-sp...@lists.debian.org
Usertags: sparc64
X-Debbugs-Cc: debian-sp...@lists.debian.org

Hi Guillem,
Unfortunately, your new specs files lead to segfaults on sparc64:

> $ cat exit.c
> #include <stdlib.h>
>
> int main(int argc, char **argv) {
>     exit(1);
>     return 2;
> }
> $ gcc -specs=/usr/share/dpkg/pie-compile.specs -c exit.c -o exit.o
> $ gcc -specs=/usr/share/dpkg/pie-link.specs exit.o -o exit
> $ ./exit
> Segmentation fault

This is because, while cc1 is given -fPIE, as is not given anything. For
most architectures, this is actually fine, but on SPARC, as *must* be
given -K PIC. When looking at strace, this is the only difference
between gcc -specs=... and gcc -fPIE for compiling. Otherwise, what
happens is the assembler does not emit a PLT call, instead leaving the
call address as an immediate to be filled in by a 30-bit relocation,
which doesn't fit at runtime (with this particular example, libc was
loaded such that exit was at 0xfff80001001624e0) and gets truncated.
Note that the linker invocation itself is fine; it was just given bad
input (although perhaps this is something it could have caught and given
an error message?).

As far as I can tell, changing the cc1_options to self_spec in
(no-)pie-compile.specs should work fine. It certainly fixes the problem
here, and off the top of my head, I can't think of any issues this would
cause.

James

--- End Message ---

--- Begin Message ---

Source: dpkg
Source-Version: 1.18.14

We believe that the bug you reported is fixed in the latest version of
dpkg, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 843...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Guillem Jover <guil...@debian.org> (supplier of updated dpkg package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 11 Nov 2016 02:26:08 +0100
Source: dpkg
Binary: dpkg libdpkg-dev dpkg-dev libdpkg-perl dselect
Architecture: source
Version: 1.18.14
Distribution: unstable
Urgency: medium
Maintainer: Dpkg Developers <debian-d...@lists.debian.org>
Changed-By: Guillem Jover <guil...@debian.org>
Description:
 dpkg       - Debian package management system
 dpkg-dev   - Debian package development tools
 dselect    - Debian package management front-end
 libdpkg-dev - Debian package management static library
 libdpkg-perl - Dpkg perl modules
Closes: 843791 843826 843829 843874
Changes:
 dpkg (1.18.14) unstable; urgency=medium
 .
   [ Guillem Jover ]
   * Improve PIE flags support:
     - Rename the spec name cc1_options to self_spec.
       Suggested by James Clarke <jrt...@jrtc27.com>
     - Do not set PIE options if they have been negated, and do not reset
       them if they have been requested.
     Closes: #843791, #843826
   * Fix use after free error in dpkg. It was trying to print messages that
     had already been freed as part of the database memory pool, causing in
     some cases segfaults when reporting the error summary at the end.
     Regression introduced in dpkg 1.18.11. Closes: #843874
   * Change default color behavior to auto.
   * Perl modules:
     - Fix confusing date parse error message in Dpkg::Changelog::Entry::Debian
       when the date contains “May”. Closes: #843829
       Thanks to Nishanth Aravamudan <nish.aravamu...@canonical.com>.
     - New module Dpkg::Build::Info module refactored from dpkg-genbuildinfo.
       Requested by Johannes Schauer <jo...@debian.org>.
   * Documentation:
     - Improve the DEB_BUILD_OPTIONS description in dpkg-buildpackage(1).
       And mention the parallel option there.
     - Explicitly mention in dpkg-buildpackage(1) that setting the number
       of parallel jobs to 1, restores the serial behavior.
       Prompted by Thorsten Glaser <t.gla...@tarent.de>.
   * Packaging:
     - List public Dpkg::Control::Tests module in libdpkg-perl description.
   * Test suite:
     - Do not fail tests on missing fakeroot, just skip them.
   * Build system:
     - Fix inversion logic in libmd configure check when requested explicitly.
     - Do not consider the compressor libraries available in configure if the
       headers are not usable.
     - Fix DPKG_BUILD_RELEASE_DATE to require DPKG_PROG_PERL, as it uses perl.
     - Change DPKG_BUILD_RELEASE_DATE to use perl instead of date(1) to
       format the timestamp, as the former is more portable.
 .
   [ Updated man pages translations ]
   * German (Helge Kreutzmann).
Checksums-Sha1:
 6525f0885e2ddb34c1fcb227e5ce57a3f4ba126c 2032 dpkg_1.18.14.dsc
 3e4e6799ee50a3a3215d84813482ca5f50d15bb1 4492628 dpkg_1.18.14.tar.xz
Checksums-Sha256:
 4a99c85a57fec5892f91ddfce65858f8d37bbc3f4afa6e63cf456183530f2982 2032 
dpkg_1.18.14.dsc
 1788e418526049097fb3d8f68d5a75053c19693ab1fa47a506a7ef80db454d5a 4492628 
dpkg_1.18.14.tar.xz
Files:
 3adcbd0ff4b1d1cc5bb6deb519978bba 2032 admin required dpkg_1.18.14.dsc
 f8f86236d9c52785b26b0f831d09975e 4492628 admin required dpkg_1.18.14.tar.xz

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEETz509DYFDBD1aWV0uXK/PqSuV6MFAlglLv4ACgkQuXK/PqSu
V6Oe0w/9EA0Z+71Orpgsj4Fo3W9gqbcYkCllPcusD7aeOHW1CvXN12d2PRLAqZ5+
Kg7yqkbxrNG77THSd93Lf9sEAd8fZX4Idas0Hgyd+FK0ElQVUW+F70HYl+oGs/xd
BB+viQ82aoWgpQlYuQsy7b+GYeVK5JWHpdmFVv9Ens6JLGWNSnkDmYTke1WWSgk/
VJ/+lIcFa78O27gh6AHL+zK3tIVtdTQToQxNYyvavQHR7fpg5Y52UhxqUFc8pGd/
TPjhWq8j7Ax/b9Y7WfIfJj8i4oknRxS2zK3dYcb7XEQxxjiMDJFqBwa8UGMm9phL
9Vt6eTDjQJ0OwOyuYYtKgJMU5zlSEKn1WLRdDVGihjU4trrSaQhDnJ1DQYTjiu40
E98Spa+LPmDclditG2KHm1UzZCkazExX8XN716Y26gVCoPnY1zfFOI6pIZrTOZo7
ONwlI5AsJ2Z788boV3vt/wvXoMHwK7UQAozWafUVgS/uAHmymmBSs+RpAvxGWTqN
MNviRl5LhCh3bLCMx+Qy3dHPRRs5o7N2uKxVZzmptFiIGeDTKi1IEmGYRaCotRT7
q0XXdKEfhNmCu+tfRK0A/5OCgZ5X5sTrbjyowTM9AEG48W0Okcgq4yyrTUU91HQk
NZWof9vtGgE7eOQT4IMpm/9TsqLbfr9wu3n3pED1BiCihKwt8sg=
=a9+4
-----END PGP SIGNATURE-----

--- End Message ---