From: Ulrich Mueller <ulm@gentoo.org>
To: 900@emacsbugs.donarmstrong.com
Cc: emacs@gentoo.org
Subject: bug#900: temacs segmentation fault in unexec under Linux 2.6.26
Date: Tue, 9 Sep 2008 17:02:04 +0200 [thread overview]
Message-ID: <18630.36844.764754.85790@a1i15.kph.uni-mainz.de> (raw)
In-Reply-To: handler.900.B.122067237912078.ack@emacsbugs.donarmstrong.com
Tags: patch
I guess the issue boils down to the fact that testing for
(heap_bss_diff > MAX_HEAP_BSS_DIFF) is not a reliable method to
determine if heap randomisation is switched on. "heap_bss_diff" is
random in nature, and will therefore be smaller than MAX_HEAP_BSS_DIFF
in some cases. These lead to the observed segmentation faults.
Here is an attempt of a patch, asking the kernel (via /proc fs) for
the presence of the feature. I've also made the definition of
ADDR_NO_RANDOMIZE conditional, since it is already defined in newer
versions of personality.h.
Patch was tested with 22.3, but also applies cleanly to the CVS trunk
of today.
*** emacs-orig/src/emacs.c 2008-05-12 21:55:52.000000000 +0200
--- emacs/src/emacs.c 2008-09-09 16:26:52.000000000 +0200
***************
*** 73,78 ****
--- 73,81 ----
#ifdef HAVE_PERSONALITY_LINUX32
#include <sys/personality.h>
+ #ifndef ADDR_NO_RANDOMIZE
+ #define ADDR_NO_RANDOMIZE 0x0040000
+ #endif
#endif
#ifndef O_RDWR
***************
*** 789,794 ****
--- 792,817 ----
return count >= 3 ? REPORT_EMACS_BUG_PRETEST_ADDRESS : REPORT_EMACS_BUG_ADDRESS;
}
+ #ifdef HAVE_PERSONALITY_LINUX32
+ /* Get the `randomize_va_space' parameter. A value of 2 (introduced
+ in Linux 2.6.25) indicates that brk() randomization is switched on,
+ which will break unexec. See <http://lkml.org/lkml/2007/10/23/435>. */
+ static int
+ linux_randomize_va_space ()
+ {
+ FILE *fp;
+ int rand, count;
+
+ fp = fopen ("/proc/sys/kernel/randomize_va_space", "r");
+ if (!fp)
+ return -1;
+ count = fscanf (fp, "%d", &rand);
+ (void) fclose (fp);
+ if (count != 1)
+ return -1;
+ return rand;
+ }
+ #endif /* HAVE_PERSONALITY_LINUX32 */
/* ARGSUSED */
int
***************
*** 883,906 ****
if (!initialized
&& (strcmp (argv[argc-1], "dump") == 0
|| strcmp (argv[argc-1], "bootstrap") == 0)
! && heap_bss_diff > MAX_HEAP_BSS_DIFF)
{
! if (! getenv ("EMACS_HEAP_EXEC"))
! {
! /* Set this so we only do this once. */
! putenv("EMACS_HEAP_EXEC=true");
!
! /* A flag to turn off address randomization which is introduced
! in linux kernel shipped with fedora core 4 */
! #define ADD_NO_RANDOMIZE 0x0040000
! personality (PER_LINUX32 | ADD_NO_RANDOMIZE);
! #undef ADD_NO_RANDOMIZE
!
! execvp (argv[0], argv);
!
! /* If the exec fails, try to dump anyway. */
! perror ("execvp");
! }
}
#endif /* HAVE_PERSONALITY_LINUX32 */
--- 906,925 ----
if (!initialized
&& (strcmp (argv[argc-1], "dump") == 0
|| strcmp (argv[argc-1], "bootstrap") == 0)
! && !getenv ("EMACS_HEAP_EXEC")
! && (heap_bss_diff > MAX_HEAP_BSS_DIFF
! || linux_randomize_va_space() >= 2))
{
! /* Set this so we only do this once. */
! putenv("EMACS_HEAP_EXEC=true");
!
! /* Set personality and disable randomization of VA space. */
! personality (PER_LINUX32 | ADDR_NO_RANDOMIZE);
!
! execvp (argv[0], argv);
!
! /* If the exec fails, try to dump anyway. */
! perror ("execvp");
}
#endif /* HAVE_PERSONALITY_LINUX32 */
next prev parent reply other threads:[~2008-09-09 15:02 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <874p33rm3w.fsf@cyd.mit.edu>
2008-06-18 14:24 ` bug#443: [Fwd: emacs installation - segmentation fault during unexec] esf
2008-06-18 15:15 ` Stefan Monnier
2008-06-18 20:44 ` Nick Roberts
2008-06-19 18:14 ` Richard M Stallman
2008-06-26 7:59 ` esf
[not found] ` <mailman.13858.1214467645.18990.bug-gnu-emacs@gnu.org>
2008-06-26 16:55 ` Sven Joachim
2008-10-23 22:25 ` bug#443: marked as done ([Fwd: emacs installation - segmentation fault during unexec]) Emacs bug Tracking System
2008-09-06 3:39 ` bug#900: temacs segmentation fault in unexec under Linux 2.6.26 Ulrich Mueller
[not found] ` <handler.900.B.122067237912078.ack@emacsbugs.donarmstrong.com>
2008-09-09 15:02 ` Ulrich Mueller [this message]
2008-10-23 22:25 ` bug#900: marked as done (temacs segmentation fault in unexec under Linux 2.6.26) Emacs bug Tracking System
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://www.gnu.org/software/emacs/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=18630.36844.764754.85790@a1i15.kph.uni-mainz.de \
--to=ulm@gentoo.org \
--cc=900@emacsbugs.donarmstrong.com \
--cc=emacs@gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/emacs.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).