Bug 204323

Summary:	security/libgcrypt : crash application (security/keepassx) after upgrade to 1.6.4
Product:	Ports & Packages	Reporter:	Oleg Ginzburg <olevole>
Component:	Individual Port(s)	Assignee:	Kurt Jaeger <pi>
Status:	Closed FIXED
Severity:	Affects Only Me	CC:	cjpm, eric, miwi, swills, wolfgang
Priority:	---	Keywords:	crash, needs-qa
Version:	Latest	Flags:	cjpm: maintainer-feedback+
Hardware:	Any
OS:	Any
Bug Depends on:	204600
Bug Blocks:

Description Oleg Ginzburg 2015-11-06 09:10:35 UTC

After upgrade to libcrypt 1.6.4, I've got the familiar situation in behavior of keepassx: bus error

https://www.keepassx.org/dev/issues/247
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=196674

Dowgrading to 1.6.3 resume keepassx functionality.

Comment 1 Oleg Ginzburg 2015-11-06 10:49:18 UTC

BTW, disabling of optimization doesn't help (CFLAGS=-01),

bt:
--
Program received signal SIGBUS, Bus error.
[Switching to Thread 806a15000 (LWP 101190/keepassx)]
0x0000000801dd84ec in _gcry_salsa20_amd64_encrypt_blocks () from /usr/local/lib/libgcrypt.so.20
(gdb) bt
#0  0x0000000801dd84ec in _gcry_salsa20_amd64_encrypt_blocks () from /usr/local/lib/libgcrypt.so.20
#1  0x0000000806a1518c in ?? ()
#2  0x0000000000000023 in ?? ()
#3  0x00007fffffffc470 in ?? ()
#4  0x00000008038b5bb5 in pthread_getspecific () from /lib/libthr.so.3
#5  0x0000000801dd6878 in _gcry_camellia_aesni_avx2_cfb_dec () from /usr/local/lib/libgcrypt.so.20
#6  0x0000000801dd66fb in _gcry_camellia_aesni_avx2_cfb_dec () from /usr/local/lib/libgcrypt.so.20
#7  0x0000000801d6a49e in gcry_is_secure () from /usr/local/lib/libgcrypt.so.20
#8  0x0000000801d5d821 in gcry_cipher_setkey () from /usr/local/lib/libgcrypt.so.20
#9  0x0000000000467e9a in AutoTypeExecutor::execClearField ()
#10 0x0000000000484cec in AutoTypeExecutor::execClearField ()
#11 0x00000000004858d3 in AutoTypeExecutor::execClearField ()
#12 0x0000000000476986 in AutoTypeExecutor::execClearField ()
#13 0x0000000800ba4b85 in QMetaObject::activate () from /usr/local/lib/qt4/libQtCore.so.4
#14 0x00000008015e8c34 in QDialogButtonBox::standardButton () from /usr/local/lib/qt4/libQtGui.so.4
#15 0x0000000800ba4b85 in QMetaObject::activate () from /usr/local/lib/qt4/libQtCore.so.4
#16 0x00000008018676c1 in QAbstractButton::clicked () from /usr/local/lib/qt4/libQtGui.so.4
#17 0x00000008015bae24 in QAbstractButton::isCheckable () from /usr/local/lib/qt4/libQtGui.so.4
#18 0x00000008015ba985 in QAbstractButton::click () from /usr/local/lib/qt4/libQtGui.so.4
#19 0x00000000004509cd in AutoTypeExecutor::execClearField ()
#20 0x0000000000450885 in AutoTypeExecutor::execClearField ()
#21 0x000000080125d414 in QWidget::event () from /usr/local/lib/qt4/libQtGui.so.4
#22 0x000000080120d91c in QApplicationPrivate::notify_helper () from /usr/local/lib/qt4/libQtGui.so.4
#23 0x00000008012104f0 in QApplication::notify () from /usr/local/lib/qt4/libQtGui.so.4
#24 0x0000000800b8d136 in QCoreApplication::notifyInternal () from /usr/local/lib/qt4/libQtCore.so.4
#25 0x0000000801210dcd in QApplicationPrivate::currentPlatform () from /usr/local/lib/qt4/libQtGui.so.4
#26 0x00000008012ad13c in QX11Info::isCompositingManagerRunning () from /usr/local/lib/qt4/libQtGui.so.4
#27 0x00000008012ace4d in QX11Info::isCompositingManagerRunning () from /usr/local/lib/qt4/libQtGui.so.4
#28 0x0000000801283743 in QApplication::x11ProcessEvent () from /usr/local/lib/qt4/libQtGui.so.4
#29 0x00000008012af12f in QX11Info::isCompositingManagerRunning () from /usr/local/lib/qt4/libQtGui.so.4
#30 0x00000008031d77b5 in g_main_context_dispatch () from /usr/local/lib/libglib-2.0.so.0
#31 0x00000008031d7acb in g_main_context_pending () from /usr/local/lib/libglib-2.0.so.0
#32 0x00000008031d7b54 in g_main_context_iteration () from /usr/local/lib/libglib-2.0.so.0
#33 0x0000000800bb9d6e in QEventDispatcherGlib::processEvents () from /usr/local/lib/qt4/libQtCore.so.4
#34 0x00000008012aedfd in QX11Info::isCompositingManagerRunning () from /usr/local/lib/qt4/libQtGui.so.4
#35 0x0000000800b8a7e2 in QEventLoop::exec () from /usr/local/lib/qt4/libQtCore.so.4
#36 0x0000000800b8d6dd in QCoreApplication::exec () from /usr/local/lib/qt4/libQtCore.so.4
#37 0x000000000042211f in _start ()
#38 0x00000000004215ef in _start ()
#39 0x00000008006d5000 in ?? ()
#40 0x0000000000000000 in ?? ()
--

Also, looks like libgcrypt can not be configured in FreeBSD, in truss i've see Linuxism:
--
open("/proc/sys/crypto/fips_enabled",O_RDONLY,0666) ERR#2 'No such file or directory'

access("/etc/gcrypt/fips_enabled",F_OK)          ERR#2 'No such file or directory'
open("/etc/gcrypt/hwf.deny",O_RDONLY,0666)       ERR#2 'No such file or directory'
--

We can't use default FreeBSD location $PREFIX/etc/gcrypt for hwf.deny: https://gnupg.org/documentation/manuals/gcrypt/Hardware-features.html

Comment 2 Carlos J Puga Medina 2015-11-07 10:15:21 UTC

Hi olevole,

I'll take a look to this issue :)

Thanks for reporting!

Comment 3 wolfgang 2015-11-09 07:21:37 UTC

The bus eror happens after (trying to) read /etc/gcrypt/hwf.deny so this might have to do with checking hardware features. I have added a hwf.deny file listing all possible features, but unfortunately this doesn't help.

The CPU that I use here is:

CPU: Intel(R) Core(TM)2 Duo CPU     T9600  @ 2.80GHz (2793.06-MHz K8-class CPU)
  Origin="GenuineIntel"  Id=0x1067a  Family=0x6  Model=0x17  Stepping=10
  Features=0xbfebfbff<FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CLFLUSH,DTS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE>
  Features2=0xc08e3fd<SSE3,DTES64,MON,DS_CPL,VMX,SMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,SSE4.1,XSAVE,OSXSAVE>
  AMD Features=0x20100800<SYSCALL,NX,LM>
  AMD Features2=0x1<LAHF>
  VT-x: (disabled in BIOS) HLT,PAUSE

Comment 4 Carlos J Puga Medina 2015-11-09 09:54:09 UTC

I CC'ed to swills@ (keepassx port maintainer) in order to investigate the issue.

Comment 5 wolfgang 2015-11-25 23:09:46 UTC

Update to libgcrypt 1.6.4_2 fixes the issue for me

Comment 6 Kubilay Kocak freebsd_committer

2015-11-27 03:02:27 UTC

Assign to committer that resolved bug 204600, as it appears to fix this issue as per comment 5