On Fri, Jul 01, 2022 at 02:20:02PM +0200, Edgar Fuß wrote:
> > Ktrace it
> As mentioned, that doesn't work (well, it works, which is the problem).
>
> > there are 3 err() calls in pthread__init()
>
> Starting with
> #8 0x000071b551460ac0 in err () from /usr/lib/libc.so.12
> #9 0x000071b55240c47b in pthread__init () from /usr/lib/libpthread.so.1
> I disassembled a bit before 0x000071b55240c47b, the relevant part being
> 0x71b55240c468 <pthread__init+1265>: lea 0x56a(%rip),%rsi #
> 0x71b55240c9d9
> 0x71b55240c46f <pthread__init+1272>: mov $0x1,%edi
> 0x71b55240c474 <pthread__init+1277>: xor %eax,%eax
> 0x71b55240c476 <pthread__init+1279>: callq 0x71b552405eb0 <err@plt>
> 0x71b55240c47b <pthread__hashlock>: mov %rdi,%rax
> and x/s 0x71b55240c9d9 says
> 0x71b55240c9d9: "mprotect stack"
>
> So what's going wrong?
Ah - probably inlining of the pthread__initmain() call, which does
base = (void *)(pthread__sp() & pthread__threadmask);
if ((pthread__sp() - (uintptr_t)base) < 4 * pagesize) {
pthread__mainbase = (vaddr_t)base;
base = STACK_GROW(base, pthread__stacksize);
pthread__mainstruct = (vaddr_t)base;
if (mprotect(base, pthread__stacksize,
PROT_READ|PROT_WRITE) == -1)
err(1, "mprotect stack");
}
size = pthread__stacksize;
and your ktrace shows:
23687 1 cmake CALL mprotect(0x7f7fff800000,0x400000,3)
23687 1 cmake RET mprotect -1 errno 13 Permission denied
and this sounds like PaX mprotect at work - you could test with paxctl
on the cmake file (or see below). It seems we did not enable
PAX_MPROTECT by default on amd64 before netbsd-8, so the old userland
might not be fully ready for it.
Maybe you should set sysctl security.pax.mprotect.global=0 while building
the old pkgs?
Martin
