crash on debian i386 in krb5_plugin_register(hdb_samba4_interface) (Re: waf, PYTHONHASHSEED & -I order on other architectures)
Michael Tokarev
mjt at tls.msk.ru
Tue May 10 18:18:50 UTC 2022
10.05.2022 19:48, Stefan Metzmacher via samba-technical wrote:
>
> Hi Michael,
>
>> As I already wrote in another email, it is not "just" the link order.
>> Well, it is, but sometimes it even produces an executable (or a library)
>> which starts but crashes later. We have such a broken build of samba in
>> debian i386 stable right now.
>
> Today I found a crash problem on i386 in:
>
> ret = krb5_plugin_register(kdc->smb_krb5_context->krb5_context,
> PLUGIN_TYPE_DATA, "hdb_samba4_interface",
> &hdb_samba4_interface);
>
> This is because krb5_plugin_register => heim_plugin_register casts:
>
> struct hdb_method {
> int version;
> unsigned int is_file_based:1;
> unsigned int can_taste:1;
> krb5_error_code (*init)(krb5_context, void **);
> void (*fini)(void *);
> const char *prefix;
> krb5_error_code (*create)(krb5_context, HDB **, const char *filename);
> };
>
> into:
>
> struct heim_plugin_common_ftable_desc {
> int version;
> int (HEIM_LIB_CALL *init)(heim_pcontext, void **);
> void (HEIM_LIB_CALL *fini)(void *);
> };
Oh lovely :)
Well, that definitely is not the right thing to cast one to another :)
> This seems to work on x86_64 as we have 4 padding bytes after 'int version',
> so that the 'init' function pointer is at offset 8.
>
> But on i386 hdb_method has 'init' at offset 8 while
> heim_plugin_common_ftable_desc has it at offset 4.
>
> So is_file_based and can_tast need to move behind the 'fini' function
> pointer.
>
> Is that the crash you are seeing?
No. Because the crash we're seeing comes from the *order* of
the link of some of the libraries. Yes, that's right, the
*order* in which you link things matter. I weren't able to
reproduce the crash up until I learned about this PYTHONHASHSEED
thing and tried to do the link in the same *order* as seen in
the debian build log. Before that, we didn't set PYTHONHASHSEED
at all and the order was random. smbd crashed at startup
regardless of krb5 stuff.
I didn't try to investigate further as it is pointless now, -
since the thing depend on particular "random" order, since
the affected version is old (4.13) and new one is already
available and since whole thing - "random" order of everything -
is what must be addressed, instead of finding which "random"
is sufficiently random to give the wrong results. I just
did quite some ad-hoc grep/sed stuff to extract the link
lines and repeated the build, the result crashed.
https://bugs.debian.org/1009855 is the bug report in question.
https://bugs.debian.org/1006935 is of the same theme.
Neither of which is krb5-related.
But this krb5 thing is.. lovely :)
Thank you for sharing!
/mjt
More information about the samba-technical
mailing list