Re: bin/49821: /bin/tar randomly coredumps when security.pax.aslr.enabled is set to 1

[Alexander Nasonov <alnsn%yandex.ru@localhost>]

The following reply was made to PR bin/49821; it has been noted by GNATS.

From: Alexander Nasonov <alnsn%yandex.ru@localhost>
To: gnats-bugs%NetBSD.org@localhost
Cc: gnats-admin%netbsd.org@localhost, netbsd-bugs%netbsd.org@localhost
Subject: Re: bin/49821: /bin/tar randomly coredumps when
 security.pax.aslr.enabled is set to 1
Date: Mon, 6 Apr 2015 21:20:22 +0100

 Alexander Nasonov wrote:
 > It's interesting that it crashed on a string containing "PQRVWAPAQARASH":
 > 
 > $ gdb - /var/crash/alnsn/tar.core  
 > [New process 1]
 > Core was generated by `tar'.
 > Program terminated with signal SIGSEGV, Segmentation fault.
 > #0  0x00007f7ff7c02d60 in ?? ()
 > (gdb) x/s 0x00007f7ff7c02d60
 > 0x7f7ff7c02d60: "\234PQRVWAPAQARASH\213|$PH\213t$X\350J\003"
 > (gdb) 
 
 Passing /bin/tar to gdb reveals some information:
 
  $ gdb /bin/tar /var/crash/alnsn/tar.core 
  ...
  Type "apropos word" to search for commands related to "word"...
  Reading symbols from /bin/tar...(no debugging symbols found)...done.
  [New process 1]
  Core was generated by `tar'.
  Program terminated with signal SIGSEGV, Segmentation fault.
  #0  0x00007f7ff7c02d60 in _rtld_bind_start () from /libexec/ld.elf_so
  (gdb) bt
  #0  0x00007f7ff7c02d60 in _rtld_bind_start () from /libexec/ld.elf_so
  #1  0x00007c1751c1b000 in ?? ()
  #2  0x000000000000000a in ?? ()
  #3  0x000000000040384d in ar_start_gzip ()
  #4  0x0000000000403d65 in ar_open ()
  #5  0x0000000000406f51 in rd_start ()
  #6  0x00000000004054d0 in get_arc ()
  #7  0x0000000000405e9d in list ()
  #8  0x0000000000415a0e in main ()
 
 Alex