Bug#1102495: marked as done (dpkg-dev: -fstack-clash-protection breaks valgrind on armhf Raspberry Pi)

Wed, 09 Apr 2025 11:19:33 -0700 

Your message dated Wed, 9 Apr 2025 20:05:27 +0200
with message-id <[email protected]>
and subject line Re: Bug#1102495: dpkg-dev: -fstack-clash-protection breaks 
valgrind on armhf Raspberry Pi
has caused the Debian Bug report #1102495,
regarding dpkg-dev: -fstack-clash-protection breaks valgrind on armhf Raspberry 
Pi
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
1102495: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1102495
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message --- 
Package: dpkg-dev
Version: 1.22.18
Severity: normal
X-Debbugs-Cc: [email protected]
User: [email protected]
Usertags: armhf

You're listed as the maintainers for this package on Raspberry Pi OS.
gcc lets you set `-fstack-clash-protection` on Pi armhf bookworm,
but doing so causes valgrind errors even in trivial programs:

$ gcc -fstack-clash-protection -x c - <<EOF
void empty_function() {}
int main() {
  empty_function();
  return 0;
}
EOF
$ valgrind ./a.out
==19138== Memcheck, a memory error detector
==19138== Copyright (C) 2002-2022, and GNU GPL'd, by Julian Seward et al.
==19138== Using Valgrind-3.19.0 and LibVEX; rerun with -h for copyright info
==19138== Command: ./a.out
==19138==
==19138== Invalid write of size 4
==19138==    at 0x1041C: main (in /home/andrew/a.out)
==19138==  Address 0x7db5f2a0 is on thread 1's stack
==19138==  8 bytes below stack pointer
==19138==
==19138==
==19138== HEAP SUMMARY:
==19138==     in use at exit: 0 bytes in 0 blocks
==19138==   total heap usage: 0 allocs, 0 frees, 0 bytes allocated
==19138==
==19138== All heap blocks were freed -- no leaks are possible
==19138==
==19138== For lists of detected and suppressed errors, rerun with: -s
==19138== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 0 from 0)

The above may not be reproducible on Debian armhf, because Debian's "armhf"
builds use ARMv7, while Raspberry Pi OS builds use ARMv6.

dpkg-dev passes `-fstack-clash-protection` by default on Raspberry Pi armhf,
creating binaries that fail valgrind tests.

Please disable `-fstack-clash-protection` on Pi armhf (and Debian armhf if
the issue can be replicated there).

Could you also let me know whether `HARDENING=+all` should enable unsupported
features like this?  dpkg-dev(1) implies it would, and the option is therefore
harmful.  But it's featured prominently on the "Hardening" wiki page, which
implies that option should do something useful?


-- System Information:
Debian Release: trixie/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 6.12.17-amd64 (SMP w/4 CPU threads; PREEMPT)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_GB:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages dpkg-dev depends on:
ii  binutils      2.44-3
ii  bzip2         1.0.8-6
ii  libdpkg-perl  1.22.18
ii  make          4.4.1-1
ii  patch         2.7.6-7
ii  perl          5.40.1-2
ii  tar           1.35+dfsg-3.1
ii  xz-utils      5.6.4-1

Versions of packages dpkg-dev recommends:
ii  build-essential          12.12
ii  clang-16 [c-compiler]    1:16.0.6-27+b1
ii  clang-17 [c-compiler]    1:17.0.6-21+b1
ii  clang-19 [c-compiler]    1:19.1.7-3
ii  fakeroot                 1.37.1-1
ii  gcc [c-compiler]         4:14.2.0-1
ii  gcc-12 [c-compiler]      12.4.0-5
ii  gcc-13 [c-compiler]      13.3.0-13
ii  gcc-14 [c-compiler]      14.2.0-19
ii  gnupg                    2.2.46-5
ii  gpgv                     2.2.46-5
ii  libalgorithm-merge-perl  0.08-5

Versions of packages dpkg-dev suggests:
ii  debian-keyring  2024.09.22

-- no debconf information

--- End Message ---
--- Begin Message --- 
Hi!

On Wed, 2025-04-09 at 18:05:21 +0100, Andrew Sayers wrote:
> Package: dpkg-dev
> Version: 1.22.18
> Severity: normal
> X-Debbugs-Cc: [email protected]
> User: [email protected]
> Usertags: armhf

> You're listed as the maintainers for this package on Raspberry Pi OS.
> gcc lets you set `-fstack-clash-protection` on Pi armhf bookworm,
> but doing so causes valgrind errors even in trivial programs:

> $ gcc -fstack-clash-protection -x c - <<EOF
> void empty_function() {}
> int main() {
>   empty_function();
>   return 0;
> }
> EOF
> $ valgrind ./a.out
> ==19138== Memcheck, a memory error detector
> ==19138== Copyright (C) 2002-2022, and GNU GPL'd, by Julian Seward et al.
> ==19138== Using Valgrind-3.19.0 and LibVEX; rerun with -h for copyright info
> ==19138== Command: ./a.out
> ==19138==
> ==19138== Invalid write of size 4
> ==19138==    at 0x1041C: main (in /home/andrew/a.out)
> ==19138==  Address 0x7db5f2a0 is on thread 1's stack
> ==19138==  8 bytes below stack pointer
> ==19138==
> ==19138==
> ==19138== HEAP SUMMARY:
> ==19138==     in use at exit: 0 bytes in 0 blocks
> ==19138==   total heap usage: 0 allocs, 0 frees, 0 bytes allocated
> ==19138==
> ==19138== All heap blocks were freed -- no leaks are possible
> ==19138==
> ==19138== For lists of detected and suppressed errors, rerun with: -s
> ==19138== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 0 from 0)
> 
> The above may not be reproducible on Debian armhf, because Debian's "armhf"
> builds use ARMv7, while Raspberry Pi OS builds use ARMv6.

I cannot reproduce this in a Debian armhf sid chroot, and I assume
this would have been reported earlier if it had affected Debian there,
even on bookworm.

> dpkg-dev passes `-fstack-clash-protection` by default on Raspberry Pi armhf,
> creating binaries that fail valgrind tests.
> 
> Please disable `-fstack-clash-protection` on Pi armhf (and Debian armhf if
> the issue can be replicated there).

dpkg upstream has no knowledge or support for Raspberry Pi OS, and
thus it cannot be disabled for it. So I think you'd need to contact
the Raspberry Pi OS project and ask them to either do any appropriate
changes there, or try to upstream any required changes.

I'm thus for now going to close this.

> Could you also let me know whether `HARDENING=+all` should enable unsupported
> features like this?  dpkg-dev(1) implies it would, and the option is therefore
> harmful.  But it's featured prominently on the "Hardening" wiki page, which
> implies that option should do something useful?

Any features it enables are vendor specific, and should thus be in
theory be working as expected on those vendors. If a vendor derives
from any other vendor but does not tune those defaults, then that
needs to be modified for their specific vendor, or their vendor support
needs to be upstreamed. I honestly have no idea what toolchain versions,
default flags, hardware baselines, etc Raspberry Pi OS assumes, so don't
think I can give you any answer here.

The Hardening wiki page in the Debian wiki also assumes a Debian
system (in the same way a similar Ubuntu page will document the
settings on an Ubuntu system), so you might want to look for matching
documentation for your OS vendor (which I'm not sure it exists).

Thanks,
Guillem

--- End Message ---

Reply via email to