I think I have worked around the seg faults I was getting from
util-vserver. For the benefit of others:
Firstly note that as Daniel kindly pointed out, a fairly recent
util-vserver build is required for newer kernels - however, upgrading
from 0.30.215 to 0.30.216-pre2841 gave me segfaults with most vserver utils
The reason for the segfaults seems to be hardened gcc 3.4.6 as provided
in the hardened gentoo patches
By recompiling dietlibc AND util-vserver with a vanilla compiler the
segfaults appear to have gone away
However, this is curious because previous versions kind of worked ok
under hardened, so this is a bit of a regression. I observe:
- if only dietlibc is hardened (or both hardened), then I still get the
same segfaults as previously reported
- if only util-vserver is compiled hardened then I get the following
several times while booting the server:
stack smashed in main (value 0x00000000000kpp00)
The gentoo emerge comment also has this to say about the build:
removing executable bit: usr/lib64/libvserver.la
* QA Notice: Package has poor programming practices which may compile
* fine but exhibit random runtime failures.
* python/_libvserver.c:247: warning: dereferencing type-punned
pointer will break strict-aliasing rules
* python/_libvserver.c:247: warning: dereferencing type-punned
pointer will break strict-aliasing rules
* python/_libvserver.c:249: warning: dereferencing type-punned
pointer will break strict-aliasing rules
* python/_libvserver.c:249: warning: dereferencing type-punned
pointer will break strict-aliasing rules
* python/_libvserver.c:903: warning: dereferencing type-punned
pointer will break strict-aliasing rules
* python/_libvserver.c:903: warning: dereferencing type-punned
pointer will break strict-aliasing rules
* python/_libvserver.c:905: warning: dereferencing type-punned
pointer will break strict-aliasing rules
* python/_libvserver.c:905: warning: dereferencing type-punned
pointer will break strict-aliasing rules
* python/_libvserver.c:917: warning: dereferencing type-punned
pointer will break strict-aliasing rules
* python/_libvserver.c:917: warning: dereferencing type-punned
pointer will break strict-aliasing rules
* python/_libvserver.c:919: warning: dereferencing type-punned
pointer will break strict-aliasing rules
* python/_libvserver.c:919: warning: dereferencing type-punned
pointer will break strict-aliasing rules
* python/_libvserver.c:944: warning: dereferencing type-punned
pointer will break strict-aliasing rules
* python/_libvserver.c:964: warning: dereferencing type-punned
pointer will break strict-aliasing rules
* python/_libvserver.c:984: warning: dereferencing type-punned
pointer will break strict-aliasing rules
* QA Notice: Package has poor programming practices which may compile
* fine but exhibit random runtime failures.
* src/vcontext.c:301: warning: implicit declaration of function
`pivot_root'
Disregarding the provocative wording, this may be a clue to the problem?
Daniel, do you think you might perhaps investigate the above and perhaps
also run the apps through valgrind? I wonder if you have a buffer
overflow somewhere which my hardened version catches (hardened is
wonderful for catching this kind of thing!)
I believe you can also enable SSP if you are on a "modern" compiler, eg
gcc 4.3+ (although valgrind may be more thorough?)
Thanks
Ed W
Received on Tue Jul 7 20:03:28 2009