* bug#36279: 26.2.90; (process-attributes nonexistent-pid) segmentation fault
@ 2019-06-18 13:25 Xu Chunyang
2019-06-18 13:31 ` Noam Postavsky
2019-06-18 16:07 ` Eli Zaretskii
0 siblings, 2 replies; 18+ messages in thread
From: Xu Chunyang @ 2019-06-18 13:25 UTC (permalink / raw)
To: 36279
Emacs crashes when I run the following (the PID 123456 doesn't exist)
(process-attributes 123456)
And I can reproduce it from Emacs -Q:
~ $ emacs -Q --batch --eval '(print (process-attributes 123456))'
Fatal error 11: Segmentation faultzsh: segmentation fault emacs -Q --batch --eval '(print (process-attributes 123456))'
~ $ emacs --version | head -1
GNU Emacs 26.2.90
~ $
In GNU Emacs 26.2.90 (build 1, x86_64-apple-darwin18.6.0, Carbon Version 158 AppKit 1671.5)
of 2019-06-13 built on Chunyangs-MacBook-Air.local
Repository revision: 7ba854289bd169f1e5f4fbdbc4ae2bef24b9811f
Windowing system distributor 'Apple Inc.', version 10.14.5
Recent messages:
Loading /Users/xcy/.emacs.d/xcy.el (source)...done
Loading /Users/xcy/.emacs.d/var/recentf-save.el (source)...done
Cleaning up the recentf list...done (0 removed) [2 times]
Configured using:
'configure --with-modules'
Configured features:
NOTIFY ACL GNUTLS LIBXML2 ZLIB TOOLKIT_SCROLL_BARS MODULES THREADS LCMS2
Important settings:
value of $LANG: zh-Hans_US.UTF-8
locale-coding-system: utf-8-unix
Major mode: Lisp Interaction
Minor modes in effect:
global-atomic-chrome-edit-mode: t
shell-dirtrack-mode: t
server-mode: t
minibuffer-electric-default-mode: t
rainbow-delimiters-mode: t
paredit-mode: t
hl-todo-mode: t
company-mode: t
show-paren-mode: t
region-state-mode: t
global-undo-tree-mode: t
undo-tree-mode: t
electric-pair-mode: t
winner-mode: t
global-auto-revert-mode: t
prescient-persist-mode: t
prompt-watcher-mode: t
minibuffer-depth-indicate-mode: t
save-place-mode: t
recentf-mode: t
savehist-mode: t
override-global-mode: t
tooltip-mode: t
global-eldoc-mode: t
eldoc-mode: t
electric-indent-mode: t
mac-mouse-wheel-mode: t
global-prettify-symbols-mode: t
prettify-symbols-mode: t
menu-bar-mode: t
file-name-shadow-mode: t
global-font-lock-mode: t
font-lock-mode: t
blink-cursor-mode: t
auto-composition-mode: t
auto-encryption-mode: t
auto-compression-mode: t
temp-buffer-resize-mode: t
size-indication-mode: t
line-number-mode: t
transient-mark-mode: t
Load-path shadows:
~/src/e2ansi/e2ansi hides /Users/xcy/.emacs.d/elpa-26.2.90/e2ansi-20190517.1902/e2ansi
~/src/e2ansi/e2ansi-magic hides /Users/xcy/.emacs.d/elpa-26.2.90/e2ansi-20190517.1902/e2ansi-magic
~/src/e2ansi/e2ansi-list hides /Users/xcy/.emacs.d/elpa-26.2.90/e2ansi-20190517.1902/e2ansi-list
~/src/e2ansi/e2ansi-silent hides /Users/xcy/.emacs.d/elpa-26.2.90/e2ansi-20190517.1902/e2ansi-silent
~/src/github-stars.el/github-stars hides /Users/xcy/.emacs.d/elpa-26.2.90/github-stars-20190517.1319/github-stars
~/src/grab-mac-link/grab-mac-link hides /Users/xcy/.emacs.d/elpa-26.2.90/grab-mac-link-20190419.1307/grab-mac-link
~/src/helm-lastpass/helm-lastpass hides /Users/xcy/.emacs.d/elpa-26.2.90/helm-lastpass-20180722.806/helm-lastpass
~/src/region-state.el/region-state hides /Users/xcy/.emacs.d/elpa-26.2.90/region-state-20181205.1746/region-state
~/src/swap-regions.el/swap-regions hides /Users/xcy/.emacs.d/elpa-26.2.90/swap-regions-20180915.1346/swap-regions
~/src/web-search.el/web-search hides /Users/xcy/.emacs.d/elpa-26.2.90/web-search-20181028.525/web-search
~/src/yagist.el/yagist hides /Users/xcy/.emacs.d/elpa-26.2.90/yagist-20160418.508/yagist
~/src/youdao-dictionary.el/youdao-dictionary hides /Users/xcy/.emacs.d/elpa-26.2.90/youdao-dictionary-20180714.414/youdao-dictionary
/Users/xcy/.emacs.d/elpa-26.2.90/flymake-1.0.6/flymake hides /Users/xcy/src/emacs-mac/lisp/progmodes/flymake
/Users/xcy/.emacs.d/elpa-26.2.90/soap-client-3.1.5/soap-client hides /Users/xcy/src/emacs-mac/lisp/net/soap-client
/Users/xcy/.emacs.d/elpa-26.2.90/soap-client-3.1.5/soap-inspect hides /Users/xcy/src/emacs-mac/lisp/net/soap-inspect
Features:
(shadow sort mailalias epa-mail flyspell-popup popup flyspell ispell
mail-extr emacsbug message puny dired-x dired dired-loaddefs rfc822 mml
mml-sec epa epg gnus-util rmail rmail-loaddefs mm-decode mm-bodies
mm-encode mail-parse rfc2231 mailabbrev gmm-utils mailheader sendmail
rfc2047 rfc2045 ietf-drums mm-util mail-prsvr mail-utils atomic-chrome
websocket url-cookie url-domsuf url-util bindat ob-sml ob-rust org-habit
org-agenda org-protocol ob-shell shell ob-scheme ob-ruby ob-R ob-python
ob-perl ob-org ob-lua ob-lisp ob-latex ob-eshell ob-ditaa ob-C cc-mode
cc-fonts cc-guess cc-menus cc-cmds cc-styles cc-align cc-engine cc-vars
cc-defs ob-clojure ob-awk ob-racket org-eww org-element avl-tree
generator org org-macro org-footnote org-pcomplete pcomplete org-list
org-faces org-entities org-version ob-emacs-lisp ob ob-tangle org-src
ob-ref ob-lob ob-table ob-keys ob-exp ob-comint ob-core ob-eval
org-compat org-macs org-loaddefs find-func server finda json map
minibuf-eldef cal-china lunar solar cal-dst cal-menu calendar
cal-loaddefs rainbow-delimiters paredit hl-todo company-oddmuse
company-keywords company-etags etags xref project company-gtags
company-dabbrev-code company-dabbrev company-files company-capf
company-cmake company-xcode company-clang company-semantic company-eclim
company-template company-bbdb company derived let-alist gif-screencast
elisp-demos hydra lv el-search-x el-search noutline outline hideshow
help-fns radix-tree stream-x stream thunk thingatpt cl-print rmc
pdf-tools compile comint ansi-color cus-edit cus-start cus-load pdf-view
bookmark pp jka-compr pdf-cache pdf-info tq pdf-util format-spec
image-mode pdf-loader paren region-state undo-tree diff ace-link avy
elec-pair winner ring ibuf-macs autorevert filenotify prescient mb-depth
saveplace recentf tree-widget wid-edit savehist
sanityinc-tomorrow-eighties-theme color-theme-sanityinc-tomorrow color
pcase no-littering dash subr-x diminish use-package use-package-ensure
use-package-delight use-package-diminish use-package-bind-key bind-key
easy-mmode cl-extra help-mode use-package-core finder-inf edmacro kmacro
kotl-autoloads rx cl info advice package easymenu epg-config
url-handlers url-parse auth-source cl-seq eieio eieio-core cl-macs
eieio-loaddefs password-cache url-vars seq byte-opt gv bytecomp
byte-compile cconv cl-loaddefs cl-lib mule-util time-date china-util
tooltip eldoc electric uniquify ediff-hook vc-hooks lisp-float-type
mwheel term/mac-win mac-win term/common-win tool-bar dnd fontset image
regexp-opt fringe tabulated-list replace newcomment text-mode elisp-mode
lisp-mode prog-mode register page menu-bar rfn-eshadow isearch timer
select scroll-bar mouse jit-lock font-lock syntax facemenu font-core
term/tty-colors frame cl-generic cham georgian utf-8-lang misc-lang
vietnamese tibetan thai tai-viet lao korean japanese eucjp-ms cp51932
hebrew greek romanian slovak czech european ethiopic indian cyrillic
chinese composite charscript charprop case-table epa-hook jka-cmpr-hook
help simple abbrev obarray minibuffer cl-preloaded nadvice loaddefs
button faces cus-face macroexp files text-properties overlay sha1 md5
base64 format env code-pages mule custom widget hashtable-print-readable
backquote threads kqueue mac lcms2 multi-tty make-network-process emacs)
Memory information:
((conses 16 563329 9950)
(symbols 48 47679 2)
(miscs 40 3167 215)
(strings 32 163119 10977)
(string-bytes 1 5053082)
(vectors 16 49276)
(vector-slots 8 1224022 15208)
(floats 8 918 233)
(intervals 56 1006 0)
(buffers 992 11))
^ permalink raw reply [flat|nested] 18+ messages in thread
* bug#36279: 26.2.90; (process-attributes nonexistent-pid) segmentation fault
2019-06-18 13:25 bug#36279: 26.2.90; (process-attributes nonexistent-pid) segmentation fault Xu Chunyang
@ 2019-06-18 13:31 ` Noam Postavsky
2019-06-18 14:05 ` xuchunyang
2019-06-18 16:07 ` Eli Zaretskii
1 sibling, 1 reply; 18+ messages in thread
From: Noam Postavsky @ 2019-06-18 13:31 UTC (permalink / raw)
To: Xu Chunyang; +Cc: 36279
Xu Chunyang <mail@xuchunyang.me> writes:
> Emacs crashes when I run the following (the PID 123456 doesn't exist)
>
> (process-attributes 123456)
>
> And I can reproduce it from Emacs -Q:
>
> ~ $ emacs -Q --batch --eval '(print (process-attributes 123456))'
> Fatal error 11: Segmentation faultzsh: segmentation fault emacs -Q --batch --eval '(print (process-attributes 123456))'
> ~ $ emacs --version | head -1
> GNU Emacs 26.2.90
> ~ $
>
>
> In GNU Emacs 26.2.90 (build 1, x86_64-apple-darwin18.6.0, Carbon Version 158 AppKit 1671.5)
Doesn't happen here[1], I just get nil. Can you show a backtrace with a
gdb (or lldb if that's not available)?
[1]: In GNU Emacs 26.2.90 (build 1, x86_64-pc-linux-gnu, X toolkit, Xaw scroll bars)
^ permalink raw reply [flat|nested] 18+ messages in thread
* bug#36279: 26.2.90; (process-attributes nonexistent-pid) segmentation fault
2019-06-18 13:31 ` Noam Postavsky
@ 2019-06-18 14:05 ` xuchunyang
2019-06-18 15:23 ` Robert Pluim
2019-06-18 16:10 ` Eli Zaretskii
0 siblings, 2 replies; 18+ messages in thread
From: xuchunyang @ 2019-06-18 14:05 UTC (permalink / raw)
To: Noam Postavsky; +Cc: 36279
On Tue, Jun 18, 2019, at 9:31 PM, Noam Postavsky wrote:
> Xu Chunyang <mail@xuchunyang.me> writes:
>
> > Emacs crashes when I run the following (the PID 123456 doesn't exist)
> >
> > (process-attributes 123456)
> >
> > And I can reproduce it from Emacs -Q:
> >
> > ~ $ emacs -Q --batch --eval '(print (process-attributes 123456))'
> > Fatal error 11: Segmentation faultzsh: segmentation fault emacs -Q --batch --eval '(print (process-attributes 123456))'
> > ~ $ emacs --version | head -1
> > GNU Emacs 26.2.90
> > ~ $
> >
> >
> > In GNU Emacs 26.2.90 (build 1, x86_64-apple-darwin18.6.0, Carbon Version 158 AppKit 1671.5)
>
> Doesn't happen here[1], I just get nil. Can you show a backtrace with a
> gdb (or lldb if that's not available)?
(Not sure what am I doing, never used lldb)
~/src/emacs-mac/src $ lldb ./emacs
(lldb) target create "./emacs"
Current executable set to './emacs' (x86_64).
(lldb) run -Q --batch --eval '(print (process-attributes 123456))'
Process 18581 launched: '/Users/xcy/src/emacs-mac/src/emacs' (x86_64)
emacs was compiled with optimization - stepping may behave oddly; variables may not be available.
Process 18581 stopped
* thread #2, name = 'org.gnu.Emacs.lisp-main', stop reason = EXC_BAD_ACCESS (code=1, address=0x41)
frame #0: 0x00000001000dd9aa emacs`system_process_attributes(pid=<unavailable>) at sysdep.c:3872:39 [opt]
3869 rusage = proc.kp_proc.p_ru;
3870 if (rusage)
3871 {
-> 3872 attrs = Fcons (Fcons (Qminflt, make_fixnum_or_float (rusage->ru_minflt)),
3873 attrs);
3874 attrs = Fcons (Fcons (Qmajflt, make_fixnum_or_float (rusage->ru_majflt)),
3875 attrs);
Target 0: (emacs) stopped.
(lldb) bt
* thread #2, name = 'org.gnu.Emacs.lisp-main', stop reason = EXC_BAD_ACCESS (code=1, address=0x41)
* frame #0: 0x00000001000dd9aa emacs`system_process_attributes(pid=<unavailable>) at sysdep.c:3872:39 [opt]
frame #1: 0x000000010013e854 emacs`eval_sub(form=<unavailable>) at eval.c:2247:41 [opt]
frame #2: 0x000000010013e7ea emacs`eval_sub(form=<unavailable>) at eval.c:2235:21 [opt]
frame #3: 0x0000000100141f6b emacs`Feval(form=4370835043, lexical=<unavailable>) at eval.c:2067:28 [opt]
frame #4: 0x0000000100143b27 emacs`__funcall_subr_block_invoke(.block_descriptor=<unavailable>) at eval.c:0:12 [opt]
frame #5: 0x00000001001e1a4f emacs`mac_autorelease_loop(body=0x0000000100143a60) at macappkit.m:1040:13 [opt]
frame #6: 0x0000000100142aff emacs`Ffuncall [inlined] funcall_subr(subr=<unavailable>, numargs=<unavailable>, args=<unavailable>) at eval.c:2909:3 [opt]
frame #7: 0x0000000100142a99 emacs`Ffuncall(nargs=<unavailable>, args=<unavailable>) at eval.c:2782 [opt]
frame #8: 0x0000000100186f3e emacs`exec_byte_code(bytestr=<unavailable>, vector=4298690456, maxdepth=<unavailable>, args_template=1030, nargs=1, args=<unavailable>) at bytecode.c:630:12 [opt]
frame #9: 0x0000000100142a3d emacs`Ffuncall(nargs=<unavailable>, args=<unavailable>) at eval.c:0:4 [opt]
frame #10: 0x0000000100186f3e emacs`exec_byte_code(bytestr=<unavailable>, vector=4298667856, maxdepth=<unavailable>, args_template=2, nargs=0, args=<unavailable>) at bytecode.c:630:12 [opt]
frame #11: 0x0000000100142a3d emacs`Ffuncall(nargs=<unavailable>, args=<unavailable>) at eval.c:0:4 [opt]
frame #12: 0x0000000100186f3e emacs`exec_byte_code(bytestr=<unavailable>, vector=4298664256, maxdepth=<unavailable>, args_template=2, nargs=0, args=<unavailable>) at bytecode.c:630:12 [opt]
frame #13: 0x0000000100142214 emacs`apply_lambda(fun=4298664181, args=<unavailable>, count=4) at eval.c:2948:9 [opt]
frame #14: 0x000000010013e610 emacs`eval_sub(form=<unavailable>) at eval.c:0:11 [opt]
frame #15: 0x0000000100141f6b emacs`Feval(form=4362606819, lexical=<unavailable>) at eval.c:2067:28 [opt]
frame #16: 0x00000001001410dc emacs`internal_condition_case(bfun=(emacs`top_level_2 at keyboard.c:1118), handlers=22128, hfun=(emacs`cmd_error at keyboard.c:938)) at eval.c:1336:25 [opt]
frame #17: 0x00000001000d102d emacs`top_level_1(ignore=<unavailable>) at keyboard.c:1127:5 [opt]
frame #18: 0x00000001001406d0 emacs`internal_catch(tag=53568, func=(emacs`top_level_1 at keyboard.c:1124), arg=0) at eval.c:1101:25 [opt]
frame #19: 0x00000001000c06ef emacs`command_loop at keyboard.c:1088:2 [opt]
frame #20: 0x00000001000c060f emacs`recursive_edit_1 at keyboard.c:695:9 [opt]
frame #21: 0x00000001000c08f6 emacs`Frecursive_edit at keyboard.c:766:3 [opt]
frame #22: 0x00000001000bf209 emacs`emacs_main(argc=<unavailable>, argv=0x00007ffeefbff7c8) at emacs.c:1759:3 [opt]
frame #23: 0x000000010020d534 emacs`mac_start_lisp_main(arg=0x00007ffeefbff7c8) at macappkit.m:16723:3 [opt]
frame #24: 0x00007fff7a9e52eb libsystem_pthread.dylib`_pthread_body + 126
frame #25: 0x00007fff7a9e8249 libsystem_pthread.dylib`_pthread_start + 66
frame #26: 0x00007fff7a9e440d libsystem_pthread.dylib`thread_start + 13
(lldb)
> [1]: In GNU Emacs 26.2.90 (build 1, x86_64-pc-linux-gnu, X toolkit, Xaw
> scroll bars)
>
>
^ permalink raw reply [flat|nested] 18+ messages in thread
* bug#36279: 26.2.90; (process-attributes nonexistent-pid) segmentation fault
2019-06-18 14:05 ` xuchunyang
@ 2019-06-18 15:23 ` Robert Pluim
2019-06-18 16:23 ` xuchunyang
2019-06-18 16:10 ` Eli Zaretskii
1 sibling, 1 reply; 18+ messages in thread
From: Robert Pluim @ 2019-06-18 15:23 UTC (permalink / raw)
To: xuchunyang; +Cc: 36279, Noam Postavsky
>>>>> On Tue, 18 Jun 2019 22:05:38 +0800, xuchunyang <mail@xuchunyang.me> said:
xuchunyang> On Tue, Jun 18, 2019, at 9:31 PM, Noam Postavsky wrote:
>> Xu Chunyang <mail@xuchunyang.me> writes:
>>
>> > Emacs crashes when I run the following (the PID 123456 doesn't exist)
>> >
>> > (process-attributes 123456)
>> >
>> > And I can reproduce it from Emacs -Q:
>> >
>> > ~ $ emacs -Q --batch --eval '(print (process-attributes 123456))'
>> > Fatal error 11: Segmentation faultzsh: segmentation fault emacs -Q --batch --eval '(print (process-attributes 123456))'
>> > ~ $ emacs --version | head -1
>> > GNU Emacs 26.2.90
>> > ~ $
>> >
>> >
>> > In GNU Emacs 26.2.90 (build 1, x86_64-apple-darwin18.6.0, Carbon Version 158 AppKit 1671.5)
>>
>> Doesn't happen here[1], I just get nil. Can you show a backtrace with a
>> gdb (or lldb if that's not available)?
I get the same crash here. You'd expect sysctl to return an error when
requesting info about a non-existent process, but instead it
passive-agressively sets proclen to 0. This fixes it for me here, can
you try it?
diff --git a/src/sysdep.c b/src/sysdep.c
index 1e35e06b63..518ecebcf6 100644
--- a/src/sysdep.c
+++ b/src/sysdep.c
@@ -3798,7 +3798,7 @@ system_process_attributes (Lisp_Object pid)
CONS_TO_INTEGER (pid, int, proc_id);
mib[3] = proc_id;
- if (sysctl (mib, 4, &proc, &proclen, NULL, 0) != 0)
+ if (sysctl (mib, 4, &proc, &proclen, NULL, 0) != 0 || proclen == 0)
return attrs;
uid = proc.kp_eproc.e_ucred.cr_uid;
^ permalink raw reply related [flat|nested] 18+ messages in thread
* bug#36279: 26.2.90; (process-attributes nonexistent-pid) segmentation fault
2019-06-18 13:25 bug#36279: 26.2.90; (process-attributes nonexistent-pid) segmentation fault Xu Chunyang
2019-06-18 13:31 ` Noam Postavsky
@ 2019-06-18 16:07 ` Eli Zaretskii
1 sibling, 0 replies; 18+ messages in thread
From: Eli Zaretskii @ 2019-06-18 16:07 UTC (permalink / raw)
To: Xu Chunyang; +Cc: 36279
> From: Xu Chunyang <mail@xuchunyang.me>
> Date: Tue, 18 Jun 2019 21:25:40 +0800
>
> Emacs crashes when I run the following (the PID 123456 doesn't exist)
>
> (process-attributes 123456)
>
> And I can reproduce it from Emacs -Q:
>
> ~ $ emacs -Q --batch --eval '(print (process-attributes 123456))'
> Fatal error 11: Segmentation faultzsh: segmentation fault emacs -Q --batch --eval '(print (process-attributes 123456))'
This seems to be Darwin-specific.
^ permalink raw reply [flat|nested] 18+ messages in thread
* bug#36279: 26.2.90; (process-attributes nonexistent-pid) segmentation fault
2019-06-18 14:05 ` xuchunyang
2019-06-18 15:23 ` Robert Pluim
@ 2019-06-18 16:10 ` Eli Zaretskii
1 sibling, 0 replies; 18+ messages in thread
From: Eli Zaretskii @ 2019-06-18 16:10 UTC (permalink / raw)
To: xuchunyang; +Cc: 36279, npostavs
> Date: Tue, 18 Jun 2019 22:05:38 +0800
> From: xuchunyang <mail@xuchunyang.me>
> Cc: 36279@debbugs.gnu.org
>
> 3869 rusage = proc.kp_proc.p_ru;
> 3870 if (rusage)
> 3871 {
> -> 3872 attrs = Fcons (Fcons (Qminflt, make_fixnum_or_float (rusage->ru_minflt)),
> 3873 attrs);
> 3874 attrs = Fcons (Fcons (Qmajflt, make_fixnum_or_float (rusage->ru_majflt)),
> 3875 attrs);
So 'rusage' is not a NULL pointer, but it's garbled?
^ permalink raw reply [flat|nested] 18+ messages in thread
* bug#36279: 26.2.90; (process-attributes nonexistent-pid) segmentation fault
2019-06-18 15:23 ` Robert Pluim
@ 2019-06-18 16:23 ` xuchunyang
2019-06-18 17:44 ` Eli Zaretskii
0 siblings, 1 reply; 18+ messages in thread
From: xuchunyang @ 2019-06-18 16:23 UTC (permalink / raw)
To: Robert Pluim; +Cc: 36279, Noam Postavsky
On Tue, Jun 18, 2019, at 11:23 PM, Robert Pluim wrote:
> >>>>> On Tue, 18 Jun 2019 22:05:38 +0800, xuchunyang <mail@xuchunyang.me> said:
>
> xuchunyang> On Tue, Jun 18, 2019, at 9:31 PM, Noam Postavsky wrote:
> >> Xu Chunyang <mail@xuchunyang.me> writes:
> >>
> >> > Emacs crashes when I run the following (the PID 123456 doesn't
> exist)
> >> >
> >> > (process-attributes 123456)
> >> >
> >> > And I can reproduce it from Emacs -Q:
> >> >
> >> > ~ $ emacs -Q --batch --eval '(print (process-attributes
> 123456))'
> >> > Fatal error 11: Segmentation faultzsh: segmentation fault
> emacs -Q --batch --eval '(print (process-attributes 123456))'
> >> > ~ $ emacs --version | head -1
> >> > GNU Emacs 26.2.90
> >> > ~ $
> >> >
> >> >
> >> > In GNU Emacs 26.2.90 (build 1, x86_64-apple-darwin18.6.0,
> Carbon Version 158 AppKit 1671.5)
> >>
> >> Doesn't happen here[1], I just get nil. Can you show a
> backtrace with a
> >> gdb (or lldb if that's not available)?
>
> I get the same crash here. You'd expect sysctl to return an error when
> requesting info about a non-existent process, but instead it
> passive-agressively sets proclen to 0. This fixes it for me here, can
> you try it?
It fixes the issue for me too. (process-attributes 123456) returns nil instead of crashing Emacs.
>
> diff --git a/src/sysdep.c b/src/sysdep.c
> index 1e35e06b63..518ecebcf6 100644
> --- a/src/sysdep.c
> +++ b/src/sysdep.c
> @@ -3798,7 +3798,7 @@ system_process_attributes (Lisp_Object pid)
> CONS_TO_INTEGER (pid, int, proc_id);
> mib[3] = proc_id;
>
> - if (sysctl (mib, 4, &proc, &proclen, NULL, 0) != 0)
> + if (sysctl (mib, 4, &proc, &proclen, NULL, 0) != 0 || proclen == 0)
> return attrs;
>
> uid = proc.kp_eproc.e_ucred.cr_uid;
>
^ permalink raw reply [flat|nested] 18+ messages in thread
* bug#36279: 26.2.90; (process-attributes nonexistent-pid) segmentation fault
2019-06-18 16:23 ` xuchunyang
@ 2019-06-18 17:44 ` Eli Zaretskii
2019-06-18 17:53 ` Robert Pluim
0 siblings, 1 reply; 18+ messages in thread
From: Eli Zaretskii @ 2019-06-18 17:44 UTC (permalink / raw)
To: xuchunyang; +Cc: 36279, rpluim, npostavs
> Date: Wed, 19 Jun 2019 00:23:20 +0800
> From: xuchunyang <mail@xuchunyang.me>
> Cc: 36279@debbugs.gnu.org, Noam Postavsky <npostavs@gmail.com>
>
> It fixes the issue for me too. (process-attributes 123456) returns nil instead of crashing Emacs.
>
> >
> > diff --git a/src/sysdep.c b/src/sysdep.c
> > index 1e35e06b63..518ecebcf6 100644
> > --- a/src/sysdep.c
> > +++ b/src/sysdep.c
> > @@ -3798,7 +3798,7 @@ system_process_attributes (Lisp_Object pid)
> > CONS_TO_INTEGER (pid, int, proc_id);
> > mib[3] = proc_id;
> >
> > - if (sysctl (mib, 4, &proc, &proclen, NULL, 0) != 0)
> > + if (sysctl (mib, 4, &proc, &proclen, NULL, 0) != 0 || proclen == 0)
> > return attrs;
> >
> > uid = proc.kp_eproc.e_ucred.cr_uid;
> >
Thanks. Robert, please push to the emacs-26 branch.
(I understand this problem is quite old, is that right?)
^ permalink raw reply [flat|nested] 18+ messages in thread
* bug#36279: 26.2.90; (process-attributes nonexistent-pid) segmentation fault
2019-06-18 17:44 ` Eli Zaretskii
@ 2019-06-18 17:53 ` Robert Pluim
2019-06-18 18:06 ` Eli Zaretskii
0 siblings, 1 reply; 18+ messages in thread
From: Robert Pluim @ 2019-06-18 17:53 UTC (permalink / raw)
To: Eli Zaretskii; +Cc: 36279, xuchunyang, npostavs
>>>>> On Tue, 18 Jun 2019 20:44:41 +0300, Eli Zaretskii <eliz@gnu.org> said:
>> Date: Wed, 19 Jun 2019 00:23:20 +0800
>> From: xuchunyang <mail@xuchunyang.me>
>> Cc: 36279@debbugs.gnu.org, Noam Postavsky <npostavs@gmail.com>
>>
>> It fixes the issue for me too. (process-attributes 123456) returns nil instead of crashing Emacs.
>>
>> >
>> > diff --git a/src/sysdep.c b/src/sysdep.c
>> > index 1e35e06b63..518ecebcf6 100644
>> > --- a/src/sysdep.c
>> > +++ b/src/sysdep.c
>> > @@ -3798,7 +3798,7 @@ system_process_attributes (Lisp_Object pid)
>> > CONS_TO_INTEGER (pid, int, proc_id);
>> > mib[3] = proc_id;
>> >
>> > - if (sysctl (mib, 4, &proc, &proclen, NULL, 0) != 0)
>> > + if (sysctl (mib, 4, &proc, &proclen, NULL, 0) != 0 || proclen == 0)
>> > return attrs;
>> >
>> > uid = proc.kp_eproc.e_ucred.cr_uid;
>> >
Eli> Thanks. Robert, please push to the emacs-26 branch.
Will do.
Eli> (I understand this problem is quite old, is that right?)
commit ef4ed84e72a323b3d29dc34df92d3f89ad4fc322
Date: Sun Apr 24 14:33:05 2016 +0200
introduced the macOS version of system_process_attributes.
list_system_processes (on macOS and FreeBSD) and
system_process_attributes(on FreeBSD) potentially have similar issues
with sysctl. Would you like a defensive patch for those? (I donʼt have
a FreeBSD system to test on)
Robert
^ permalink raw reply [flat|nested] 18+ messages in thread
* bug#36279: 26.2.90; (process-attributes nonexistent-pid) segmentation fault
2019-06-18 17:53 ` Robert Pluim
@ 2019-06-18 18:06 ` Eli Zaretskii
2019-06-18 18:14 ` Robert Pluim
0 siblings, 1 reply; 18+ messages in thread
From: Eli Zaretskii @ 2019-06-18 18:06 UTC (permalink / raw)
To: Robert Pluim; +Cc: 36279, mail, npostavs
> From: Robert Pluim <rpluim@gmail.com>
> Cc: xuchunyang <mail@xuchunyang.me>, 36279@debbugs.gnu.org, npostavs@gmail.com
> Date: Tue, 18 Jun 2019 19:53:06 +0200
>
> list_system_processes (on macOS and FreeBSD) and
> system_process_attributes(on FreeBSD) potentially have similar issues
> with sysctl. Would you like a defensive patch for those?
Yes, I think so.
^ permalink raw reply [flat|nested] 18+ messages in thread
* bug#36279: 26.2.90; (process-attributes nonexistent-pid) segmentation fault
2019-06-18 18:06 ` Eli Zaretskii
@ 2019-06-18 18:14 ` Robert Pluim
2019-06-19 7:06 ` Robert Pluim
0 siblings, 1 reply; 18+ messages in thread
From: Robert Pluim @ 2019-06-18 18:14 UTC (permalink / raw)
To: Eli Zaretskii; +Cc: 36279, mail, npostavs
>>>>> On Tue, 18 Jun 2019 21:06:31 +0300, Eli Zaretskii <eliz@gnu.org> said:
>> From: Robert Pluim <rpluim@gmail.com>
>> Cc: xuchunyang <mail@xuchunyang.me>, 36279@debbugs.gnu.org, npostavs@gmail.com
>> Date: Tue, 18 Jun 2019 19:53:06 +0200
>>
>> list_system_processes (on macOS and FreeBSD) and
>> system_process_attributes(on FreeBSD) potentially have similar issues
>> with sysctl. Would you like a defensive patch for those?
Eli> Yes, I think so.
OK, sometime tomorrow (and perhaps for 'get_boot_time' in filelock.c
as well)
Robert
^ permalink raw reply [flat|nested] 18+ messages in thread
* bug#36279: 26.2.90; (process-attributes nonexistent-pid) segmentation fault
2019-06-18 18:14 ` Robert Pluim
@ 2019-06-19 7:06 ` Robert Pluim
2019-06-19 8:01 ` Andreas Schwab
2019-06-19 15:15 ` Eli Zaretskii
0 siblings, 2 replies; 18+ messages in thread
From: Robert Pluim @ 2019-06-19 7:06 UTC (permalink / raw)
To: Eli Zaretskii; +Cc: 36279, mail, npostavs
[-- Attachment #1: Type: text/plain, Size: 775 bytes --]
>>>>> On Tue, 18 Jun 2019 20:14:31 +0200, Robert Pluim <rpluim@gmail.com> said:
>>>>> On Tue, 18 Jun 2019 21:06:31 +0300, Eli Zaretskii <eliz@gnu.org> said:
>>> From: Robert Pluim <rpluim@gmail.com>
>>> Cc: xuchunyang <mail@xuchunyang.me>, 36279@debbugs.gnu.org, npostavs@gmail.com
>>> Date: Tue, 18 Jun 2019 19:53:06 +0200
>>>
>>> list_system_processes (on macOS and FreeBSD) and
>>> system_process_attributes(on FreeBSD) potentially have similar issues
>>> with sysctl. Would you like a defensive patch for those?
Eli> Yes, I think so.
Robert> OK, sometime tomorrow (and perhaps for 'get_boot_time' in filelock.c
Robert> as well)
I think I got all the ChangeLog syntax right. Patch against emacs-26
attached, not yet pushed.
[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: 0001-Check-length-returned-by-sysctl.patch --]
[-- Type: text/x-patch, Size: 2779 bytes --]
From a70ac9f644660a16fa871a9f6933c1344ffae083 Mon Sep 17 00:00:00 2001
From: Robert Pluim <rpluim@gmail.com>
Date: Wed, 19 Jun 2019 08:52:50 +0200
Subject: [PATCH] Check length returned by sysctl
To: emacs-devel@gnu.org
sysctl sometimes returns successfully even when it returns no data,
such as when querying non-existent processes, which can cause crashes.
Check for this condition by validating the length of the returned
data. (Bug#36279)
* src/sysdep.c (list_system_processes) [DARWIN_OS || __FreeBSD__]:
(system_process_attributes) [__FreeBSD__]:
(system_process_attributes) [DARWIN_OS]:
* src/filelock.c (get_boot_time) [CTL_KERN && KERN_BOOTTIME]: Check
length of data returned by sysctl.
---
src/filelock.c | 3 +--
src/sysdep.c | 10 +++++-----
2 files changed, 6 insertions(+), 7 deletions(-)
diff --git a/src/filelock.c b/src/filelock.c
index 81d98f36fa..0865450936 100644
--- a/src/filelock.c
+++ b/src/filelock.c
@@ -151,8 +151,7 @@ get_boot_time (void)
mib[0] = CTL_KERN;
mib[1] = KERN_BOOTTIME;
size = sizeof (boottime_val);
-
- if (sysctl (mib, 2, &boottime_val, &size, NULL, 0) >= 0)
+ if (sysctl (mib, 2, &boottime_val, &size, NULL, 0) >= 0 && size != 0)
{
boot_time = boottime_val.tv_sec;
return boot_time;
diff --git a/src/sysdep.c b/src/sysdep.c
index 1e35e06b63..b2aecc0dda 100644
--- a/src/sysdep.c
+++ b/src/sysdep.c
@@ -3014,11 +3014,11 @@ list_system_processes (void)
Lisp_Object proclist = Qnil;
- if (sysctl (mib, 3, NULL, &len, NULL, 0) != 0)
+ if (sysctl (mib, 3, NULL, &len, NULL, 0) != 0 || len == 0)
return proclist;
procs = xmalloc (len);
- if (sysctl (mib, 3, procs, &len, NULL, 0) != 0)
+ if (sysctl (mib, 3, procs, &len, NULL, 0) != 0 || len == 0)
{
xfree (procs);
return proclist;
@@ -3618,7 +3618,7 @@ system_process_attributes (Lisp_Object pid)
CONS_TO_INTEGER (pid, int, proc_id);
mib[3] = proc_id;
- if (sysctl (mib, 4, &proc, &proclen, NULL, 0) != 0)
+ if (sysctl (mib, 4, &proc, &proclen, NULL, 0) != 0 || proclen == 0)
return attrs;
attrs = Fcons (Fcons (Qeuid, make_fixnum_or_float (proc.ki_uid)), attrs);
@@ -3740,7 +3740,7 @@ system_process_attributes (Lisp_Object pid)
mib[2] = KERN_PROC_ARGS;
len = MAXPATHLEN;
- if (sysctl (mib, 4, args, &len, NULL, 0) == 0)
+ if (sysctl (mib, 4, args, &len, NULL, 0) == 0 && len != 0)
{
int i;
for (i = 0; i < len; i++)
@@ -3798,7 +3798,7 @@ system_process_attributes (Lisp_Object pid)
CONS_TO_INTEGER (pid, int, proc_id);
mib[3] = proc_id;
- if (sysctl (mib, 4, &proc, &proclen, NULL, 0) != 0)
+ if (sysctl (mib, 4, &proc, &proclen, NULL, 0) != 0 || proclen == 0)
return attrs;
uid = proc.kp_eproc.e_ucred.cr_uid;
--
2.21.0.419.gffac537e6c
^ permalink raw reply related [flat|nested] 18+ messages in thread
* bug#36279: 26.2.90; (process-attributes nonexistent-pid) segmentation fault
2019-06-19 7:06 ` Robert Pluim
@ 2019-06-19 8:01 ` Andreas Schwab
2019-06-19 10:21 ` Robert Pluim
2019-06-19 15:15 ` Eli Zaretskii
1 sibling, 1 reply; 18+ messages in thread
From: Andreas Schwab @ 2019-06-19 8:01 UTC (permalink / raw)
To: Eli Zaretskii; +Cc: 36279, mail, npostavs
On Jun 19 2019, Robert Pluim <rpluim@gmail.com> wrote:
> From a70ac9f644660a16fa871a9f6933c1344ffae083 Mon Sep 17 00:00:00 2001
> From: Robert Pluim <rpluim@gmail.com>
> Date: Wed, 19 Jun 2019 08:52:50 +0200
> Subject: [PATCH] Check length returned by sysctl
> To: emacs-devel@gnu.org
>
> sysctl sometimes returns successfully even when it returns no data,
> such as when querying non-existent processes, which can cause crashes.
I thinks that's not a sometimes, but how it is documented to work.
Andreas.
--
Andreas Schwab, SUSE Labs, schwab@suse.de
GPG Key fingerprint = 0196 BAD8 1CE9 1970 F4BE 1748 E4D4 88E3 0EEA B9D7
"And now for something completely different."
^ permalink raw reply [flat|nested] 18+ messages in thread
* bug#36279: 26.2.90; (process-attributes nonexistent-pid) segmentation fault
2019-06-19 8:01 ` Andreas Schwab
@ 2019-06-19 10:21 ` Robert Pluim
2019-06-19 10:29 ` Andreas Schwab
0 siblings, 1 reply; 18+ messages in thread
From: Robert Pluim @ 2019-06-19 10:21 UTC (permalink / raw)
To: Andreas Schwab; +Cc: 36279, mail, npostavs
>>>>> On Wed, 19 Jun 2019 10:01:22 +0200, Andreas Schwab <schwab@suse.de> said:
Andreas> On Jun 19 2019, Robert Pluim <rpluim@gmail.com> wrote:
>> From a70ac9f644660a16fa871a9f6933c1344ffae083 Mon Sep 17 00:00:00 2001
>> From: Robert Pluim <rpluim@gmail.com>
>> Date: Wed, 19 Jun 2019 08:52:50 +0200
>> Subject: [PATCH] Check length returned by sysctl
>> To: emacs-devel@gnu.org
>>
>> sysctl sometimes returns successfully even when it returns no data,
>> such as when querying non-existent processes, which can cause crashes.
Andreas> I thinks that's not a sometimes, but how it is documented to work.
I guess itʼs a matter of how you describe success:
Me: Kernel, please tell me about process <x>
Kernel: (process <x> does not exist). Success! Have some zero length
data.
Me: <crash>
But whatever, I can adjust the commit message.
Robert
^ permalink raw reply [flat|nested] 18+ messages in thread
* bug#36279: 26.2.90; (process-attributes nonexistent-pid) segmentation fault
2019-06-19 10:21 ` Robert Pluim
@ 2019-06-19 10:29 ` Andreas Schwab
2019-06-19 13:40 ` Robert Pluim
0 siblings, 1 reply; 18+ messages in thread
From: Andreas Schwab @ 2019-06-19 10:29 UTC (permalink / raw)
To: Eli Zaretskii; +Cc: 36279, mail, npostavs
On Jun 19 2019, Robert Pluim <rpluim@gmail.com> wrote:
> I guess itʼs a matter of how you describe success:
>
> Me: Kernel, please tell me about process <x>
> Kernel: (process <x> does not exist). Success! Have some zero length
> data.
> Me: <crash>
The crash is because you are accessing the data outside of its bounds.
That has nothing to do with success.
Andreas.
--
Andreas Schwab, SUSE Labs, schwab@suse.de
GPG Key fingerprint = 0196 BAD8 1CE9 1970 F4BE 1748 E4D4 88E3 0EEA B9D7
"And now for something completely different."
^ permalink raw reply [flat|nested] 18+ messages in thread
* bug#36279: 26.2.90; (process-attributes nonexistent-pid) segmentation fault
2019-06-19 10:29 ` Andreas Schwab
@ 2019-06-19 13:40 ` Robert Pluim
0 siblings, 0 replies; 18+ messages in thread
From: Robert Pluim @ 2019-06-19 13:40 UTC (permalink / raw)
To: Andreas Schwab; +Cc: 36279, mail, npostavs
>>>>> On Wed, 19 Jun 2019 12:29:52 +0200, Andreas Schwab <schwab@suse.de> said:
Andreas> On Jun 19 2019, Robert Pluim <rpluim@gmail.com> wrote:
>> I guess itʼs a matter of how you describe success:
>>
>> Me: Kernel, please tell me about process <x>
>> Kernel: (process <x> does not exist). Success! Have some zero length
>> data.
>> Me: <crash>
Andreas> The crash is because you are accessing the data outside of its bounds.
Andreas> That has nothing to do with success.
Iʼm going to repeat my previous "whatever", since Iʼm not here to
convince you :-)
Robert
^ permalink raw reply [flat|nested] 18+ messages in thread
* bug#36279: 26.2.90; (process-attributes nonexistent-pid) segmentation fault
2019-06-19 7:06 ` Robert Pluim
2019-06-19 8:01 ` Andreas Schwab
@ 2019-06-19 15:15 ` Eli Zaretskii
2019-06-20 8:46 ` Robert Pluim
1 sibling, 1 reply; 18+ messages in thread
From: Eli Zaretskii @ 2019-06-19 15:15 UTC (permalink / raw)
To: Robert Pluim; +Cc: 36279, mail, npostavs
> From: Robert Pluim <rpluim@gmail.com>
> Cc: 36279@debbugs.gnu.org, mail@xuchunyang.me, npostavs@gmail.com
> Date: Wed, 19 Jun 2019 09:06:53 +0200
>
> >>> list_system_processes (on macOS and FreeBSD) and
> >>> system_process_attributes(on FreeBSD) potentially have similar issues
> >>> with sysctl. Would you like a defensive patch for those?
>
> Eli> Yes, I think so.
>
> Robert> OK, sometime tomorrow (and perhaps for 'get_boot_time' in filelock.c
> Robert> as well)
>
> I think I got all the ChangeLog syntax right. Patch against emacs-26
> attached, not yet pushed.
LGTM, thanks.
^ permalink raw reply [flat|nested] 18+ messages in thread
* bug#36279: 26.2.90; (process-attributes nonexistent-pid) segmentation fault
2019-06-19 15:15 ` Eli Zaretskii
@ 2019-06-20 8:46 ` Robert Pluim
0 siblings, 0 replies; 18+ messages in thread
From: Robert Pluim @ 2019-06-20 8:46 UTC (permalink / raw)
To: Eli Zaretskii; +Cc: 36279, mail, npostavs
tags 36279 fixed
close 36279 26.3
quit
Eli> LGTM, thanks.
Closing.
Committed as 04477adedc
Robert
^ permalink raw reply [flat|nested] 18+ messages in thread
end of thread, other threads:[~2019-06-20 8:46 UTC | newest]
Thread overview: 18+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2019-06-18 13:25 bug#36279: 26.2.90; (process-attributes nonexistent-pid) segmentation fault Xu Chunyang
2019-06-18 13:31 ` Noam Postavsky
2019-06-18 14:05 ` xuchunyang
2019-06-18 15:23 ` Robert Pluim
2019-06-18 16:23 ` xuchunyang
2019-06-18 17:44 ` Eli Zaretskii
2019-06-18 17:53 ` Robert Pluim
2019-06-18 18:06 ` Eli Zaretskii
2019-06-18 18:14 ` Robert Pluim
2019-06-19 7:06 ` Robert Pluim
2019-06-19 8:01 ` Andreas Schwab
2019-06-19 10:21 ` Robert Pluim
2019-06-19 10:29 ` Andreas Schwab
2019-06-19 13:40 ` Robert Pluim
2019-06-19 15:15 ` Eli Zaretskii
2019-06-20 8:46 ` Robert Pluim
2019-06-18 16:10 ` Eli Zaretskii
2019-06-18 16:07 ` Eli Zaretskii
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/emacs.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).