Page 1 of 2
GCC 5.1 compiling problems (size_overflow off)
Posted:
Mon May 18, 2015 2:52 pmby kolargol
Hi,
Recently i was trying to build kernel with gcc 5.1, and after using latest patch (3.1-3.14.43-201505171736) i got this error: (vanilla kernel builds OK)
- Code: Select all
*** WARNING *** there are active plugins, do not report this as a bug unless you can reproduce it without enabling any plugins.
Event | Plugins
PLUGIN_FINISH_TYPE | randomize_layout_plugin
PLUGIN_FINISH_DECL | randomize_layout_plugin
PLUGIN_ATTRIBUTES | latent_entropy_plugin randomize_layout_plugin
PLUGIN_START_UNIT | latent_entropy_plugin
PLUGIN_ALL_IPA_PASSES_START | randomize_layout_plugin
arch/x86/kernel/paravirt.c: In function ‘get_call_destination’:
arch/x86/kernel/paravirt.c:125:33: internal compiler error: in count_type_elements, at expr.c:5689
struct paravirt_patch_template tmpl = {
^
Please submit a full bug report,
with preprocessed source if appropriate.
See <http://gcc.gnu.org/bugs.html> for instructions.
scripts/Makefile.build:308: recipe for target 'arch/x86/kernel/paravirt.o' failed
make[2]: *** [arch/x86/kernel/paravirt.o] Error 1
scripts/Makefile.build:455: recipe for target 'arch/x86/kernel' failed
make[1]: *** [arch/x86/kernel] Error 2
Makefile:915: recipe for target 'arch/x86' failed
make: *** [arch/x86] Error 2
Plugin size_overflow is of course off.
thanks,
Re: GCC 5.1 compiling problems (size_overflow off)
Posted:
Mon May 18, 2015 3:06 pmby PaX Team
can you determine which plugin causes this?
Re: GCC 5.1 compiling problems (size_overflow off)
Posted:
Mon May 18, 2015 3:56 pmby kolargol
yes, it is randomize_layout_plugin, after disabling GRKERNSEC_RANDSTRUCT grsec compile fine. So this seems to be second plugin not compatible with 5.1 (although i saw that ephox fixed size_overflow plugin for 5.1 on github but it's not ported to patch yet)
Re: GCC 5.1 compiling problems (size_overflow off)
Posted:
Mon May 18, 2015 3:58 pmby kolargol
it seems i was too optimistic, another problem on 5.1 this time seems with acl:
- Code: Select all
CC grsecurity/gracl.o
In file included from /usr/src/linux-3.14.43/arch/x86/include/asm/processor.h:15:0,
from /usr/src/linux-3.14.43/arch/x86/include/asm/thread_info.h:23,
from include/linux/thread_info.h:54,
from /usr/src/linux-3.14.43/arch/x86/include/asm/preempt.h:6,
from include/linux/preempt.h:20,
from include/linux/spinlock.h:50,
from include/linux/seqlock.h:35,
from include/linux/time.h:5,
from include/linux/stat.h:18,
from include/linux/module.h:10,
from grsecurity/gracl.c:2:
/usr/src/linux-3.14.43/arch/x86/include/asm/current.h:17:17: error: ‘get_current’ is static but used in inline function ‘gr_acl_tpe_check’ which is not static [-Werror]
#define current get_current()
^
grsecurity/gracl.c:156:6: note: in expansion of macro ‘current’
if (current->role->roletype & GR_ROLE_TPE)
^
In file included from include/linux/linkage.h:4:0,
from include/linux/kernel.h:6,
from grsecurity/gracl.c:1:
grsecurity/gracl.c:154:17: error: ‘gr_status’ is static but used in inline function ‘gr_acl_tpe_check’ which is not static [-Werror]
if (unlikely(!(gr_status & GR_READY)))
^
include/linux/compiler.h:175:42: note: in definition of macro ‘unlikely’
# define unlikely(x) __builtin_expect(!!(x), 0)
^
cc1: all warnings being treated as errors
scripts/Makefile.build:308: recipe for target 'grsecurity/gracl.o' failed
make[1]: *** [grsecurity/gracl.o] Error 1
Makefile:915: recipe for target 'grsecurity' failed
make: *** [grsecurity] Error 2
Re: GCC 5.1 compiling problems (size_overflow off)
Posted:
Mon May 18, 2015 9:10 pmby spender
Can you try the patch just uploaded?
Thanks,
-Brad
Re: GCC 5.1 compiling problems (size_overflow off)
Posted:
Tue May 19, 2015 3:10 amby kolargol
thanks for the patch, it fixes all above problems, and kernel build is done, but on grsec buildtime i see this errors:
LD grsecurity/built-in.o
/usr/src/linux-3.14.43/grsecurity/Makefile:47: recipe for target 'grsecurity/grsec_hidesym.o' failed
make[1]: [grsecurity/grsec_hidesym.o] Error 1 (ignored)
/usr/src/linux-3.14.43/grsecurity/Makefile:47: recipe for target 'grsecurity/grsec_hidesym.o' failed
make[1]: [grsecurity/grsec_hidesym.o] Error 1 (ignored)
/usr/src/linux-3.14.43/grsecurity/Makefile:47: recipe for target 'grsecurity/grsec_hidesym.o' failed
make[1]: [grsecurity/grsec_hidesym.o] Error 1 (ignored)
grsec: protected kernel image paths
LD drivers/amba/built-in.o
Re: GCC 5.1 compiling problems (size_overflow off)
Posted:
Tue May 19, 2015 7:38 amby spender
That's fine, those errors can be ignored (as it mentions in the log). It's part of HIDESYM attempting to change the permissions of your /boot, /lib/modules*, and kernel source directories to prevent reading by unprivileged users. If these aren't already modified to do that, you should do so manually with chmod 700.
-Brad
Re: GCC 5.1 compiling problems (size_overflow off)
Posted:
Tue May 19, 2015 7:50 amby kolargol
yes, thanks. Anyway seems that system do not boot with that kernel + patch on ec2, i am trying to investigate why it hung, for now i got not much:
- Code: Select all
backend at /local/domain/0/backend/vbd/660/2128
104857600 sectors of 512 bytes
**************************
�[H�[J
GNU GRUB version 0.97 (7864320K lower / 0K upper memory)
�[m�[4;2H+-------------------------------------------------------------------------+�[5;2H|�[5;76H|�[6;2H|�[6;76H|�[7;2H|�[7;76H|�[8;2H|�[8;76H|�[9;2H|�[9;76H|�[10;2H|�[10;76H|�[11;2H|�[11;76H|�[12;2H|�[12;76H|�[13;2H|�[13;76H|�[14;2H|�[14;76H|�[15;2H|�[15;76H|�[16;2H|�[16;76H|�[17;2H+-------------------------------------------------------------------------+�[m
Use the ^ and v keys to select which entry is highlighted.
Press enter to boot the selected OS, 'e' to edit the
commands before booting, or 'c' for a command-line.�[5;78H �[m�[7m�[5;3H EC2_ESK �[5;75H�[m�[m�[6;3H �[6;75H�[m�[m�[7;3H �[7;75H�[m�[m�[8;3H �[8;75H�[m�[m�[9;3H �[9;75H�[m�[m�[10;3H �[10;75H�[m�[m�[11;3H �[11;75H�[m�[m�[12;3H �[12;75H�[m�[m�[13;3H �[13;75H�[m�[m�[14;3H �[14;75H�[m�[m�[15;3H �[15;75H�[m�[m�[16;3H �[16;75H�[m�[16;78H �[5;75H�[23;4H The highlighted entry will be booted automatically in 3 seconds. �[5;75H�[23;4H The highlighted entry will be booted automatically in 2 seconds. �[5;75H�[23;4H The highlighted entry will be booted automatically in 1 seconds. �[5;75H�[H�[J Booting 'EC2_ESK'
root (hd0)
Filesystem type is xfs, using whole disk
kernel /boot/vmlinuz-3.14.43-grsec-esk-pv root=/dev/xvda1
close blk: backend at /local/domain/0/backend/vbd/660/2049
close blk: backend at /local/domain/0/backend/vbd/660/2128
Re: GCC 5.1 compiling problems (size_overflow off)
Posted:
Tue May 19, 2015 11:05 amby PaX Team
this is probably the same bug that i fixed already for 4.0 and now 3.14 as well, should be in the next grsec.
Re: GCC 5.1 compiling problems (size_overflow off)
Posted:
Tue May 19, 2015 1:17 pmby kolargol
yes, i can confirm that reverting patch fixes problem (running vanilla on same config).
Re: GCC 5.1 compiling problems (size_overflow off)
Posted:
Wed May 20, 2015 7:48 amby kolargol
latest patch (grsecurity-3.1-3.14.43-201505191737.patch):
Starting Copy rules generated while the root was ro...
[ 1.353633] ffff8801d456fc70: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ................
[ 1.353645] ffff8801d456fc80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ................
[ 1.353654] ffff8801d456fc90: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ................
[ 1.353660] ffff8801d456fca0: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ................
[ 1.353667] XFS (xvda1): Internal error xfs_agi_read_verify at line 1580 of file fs/xfs/xfs_ialloc.c. Caller 0xffffffff812ec87d
[ 1.353676] CPU: 0 PID: 126 Comm: kworker/0:1H Not tainted 3.14.43-grsec-esk-pv #1
[ 1.353682] Workqueue: xfslogd ffffffff812ec810
[ 1.353687] 0000000000000000 1c114c0c536bc810 0000000000000000 0000000000000001
[ 1.353695] ffffffff81722154 ffff8801d4981010 ffffffff812ef24f ffffffff812ec87d
[ 1.353703] ffff8801d456fc70 ffff8801d44ee600 ffff8801d4981010 ffff8801dee0db40
[ 1.353710] Call Trace:
[ 1.353720] [<ffffffff81722154>] ? dump_stack+0x41/0x51
[ 1.353729] [<ffffffff812ef24f>] ? xfs_corruption_error+0x8f/0xa0
[ 1.353735] [<ffffffff812ec87d>] ? xfs_buf_iodone_work+0x6d/0x90
[ 1.353743] [<ffffffff813316d0>] ? xfs_agi_read_verify+0xf0/0x110
[ 1.353749] [<ffffffff812ec87d>] ? xfs_buf_iodone_work+0x6d/0x90
[ 1.353755] [<ffffffff812ec87d>] ? xfs_buf_iodone_work+0x6d/0x90
[ 1.353763] [<ffffffff81092fd5>] ? process_one_work+0x135/0x420
[ 1.353769] [<ffffffff810933d8>] ? worker_thread+0x118/0x490
[ 1.353778] [<ffffffff810932c0>] ? process_one_work+0x420/0x420
[ 1.353784] [<ffffffff8109ae8c>] ? kthread+0xcc/0xf0
[ 1.353789] [<ffffffff8109adc0>] ? insert_kthread_work+0x40/0x40
[ 1.353796] [<ffffffff81728509>] ? ret_from_fork+0x49/0x80
[ 1.353802] [<ffffffff8109adc0>] ? insert_kthread_work+0x40/0x40
[ 1.353807] XFS (xvda1): Corruption detected. Unmount and run xfs_repair
[ 1.353825] XFS (xvda1): metadata I/O error: block 0x2 ("xfs_trans_read_buf_map") error 117 numblks 1
[ 1.353835] XFS (xvda1): xfs_do_force_shutdown(0x1) called from line 376 of file fs/xfs/xfs_trans_buf.c. Return address = 0xffffffff8134bea8
[ 1.354377] XFS (xvda1): I/O Error Detected. Shutting down filesystem
[ 1.354386] XFS (xvda1): Please umount the filesystem and rectify the problem(s)
[�[32m OK �[0m] Started Load/Save Random Seed.
[�[32m OK �[0m] Started Create Volatile Files and Directories.
[�[1;31mFAILED�[0m] Failed to start Copy rules generated while the root was ro.
See 'systemctl status udev-finish.service' for details.
[ 1.374982] grsec: Invalid alignment/Bus error occurred at 00006cdd93664e48 in /bin/systemctl[systemctl:169] uid/euid:0/0 gid/egid:0/0, parent /lib/systemd/systemd[systemd:1] uid/euid:0/0 gid/egid:0/0
[ 1.375004] grsec: denied resource overstep by requesting 4096 for RLIMIT_CORE against limit 0 for /bin/systemctl[systemctl:169] uid/euid:0/0 gid/egid:0/0, parent /lib/systemd/systemd[systemd:1] uid/euid:0/0 gid/egid:0/0
[ 1.375163] systemd-journald[153]: Received request to flush runtime journal from PID 1
[�[1;31mFAILED�[0m] Failed to start Trigger Flushing of Journal to Persistent Storage.
...
...
...
Re: GCC 5.1 compiling problems (size_overflow off)
Posted:
Wed May 20, 2015 8:11 amby spender
This bug had been reported before:
viewtopic.php?f=3&t=4187 but the reporter didn't follow up with our steps to track down the source of the problem.
Since PaX had been ruled out previously, can you first try disabling KSTACKOVERFLOW to see if that solves the problem? If not, can you try a binary search approach to disabling grsecurity features to determine the culprit?
Thanks!
-Brad
Re: GCC 5.1 compiling problems (size_overflow off)
Posted:
Wed May 20, 2015 9:23 amby kolargol
disabling KSTACKOVERFLOW do not improve situation. What should i disable next? Actually i can replace kernel and build it quite fast on ec2.
Re: GCC 5.1 compiling problems (size_overflow off)
Posted:
Wed May 20, 2015 9:48 amby kolargol
update: setting grsec to automatic and "performance" fixes issue, this narrows things a bit...
Re: GCC 5.1 compiling problems (size_overflow off)
Posted:
Wed May 20, 2015 11:31 amby kolargol
ok after few builds and testing i have found reason for this xfs crash, it is PAX_MEMORY_SANITIZE , i hope that helps :)