kern/51654: wrong ps_strings breaks emacs20

To: kern-bug-people%netbsd.org@localhost,gnats-admin%netbsd.org@localhost,netbsd-bugs%netbsd.org@localhost
Subject: kern/51654: wrong ps_strings breaks emacs20
From: dholland%NetBSD.org@localhost
Date: Sat, 26 Nov 2016 04:00:00 +0000 (UTC)

>Number:         51654
>Category:       kern
>Synopsis:       wrong ps_strings breaks emacs20
>Confidential:   no
>Severity:       critical
>Priority:       high
>Responsible:    kern-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Sat Nov 26 04:00:00 +0000 2016
>Originator:     David A. Holland
>Release:        NetBSD 7.99.42 (20161125)
>Organization:
>Environment:
System: NetBSD valkyrie 7.99.42 NetBSD 7.99.42 (VALKYRIE) #20: Fri Nov 25 18:33:19 EST 2016  dholland@valkyrie:/usr/src/sys/arch/amd64/compile/VALKYRIE amd64
Architecture: x86_64
Machine: amd64
>Description:

After updating emacs dumps core. After spending a long time barking up
the wrong PaX tree, it seems that the problem is that an invalid
pointer is being provided in __ps_strings and this causes _libc_init
to segv.

I stuck some debugging code into a copy of _libc_init and inserted it
with LD_PRELOAD, and found that __ps_strings is 0x7f7fffffffe0 while
the highest valid range in the address space in /proc/pid maps is

   00007f7fffff0000-00007f7ffffff000 rw-p 0000000000000000 00:00 0

..................... 0x7f7fffffffe0 is off the end.

It looks to me like this is because the kernel is providing the wrong
ps_strings address, not because ld.elf_so is mucking about and
garbaging the value, but it's hard to tell because even at its most
verbose ktrace doesn't record this information. (That is itself a bug
and should get fixed.)

I haven't the slightest idea why this happens only with emacs but I
imagine it's a consequence of the emacs dump/undump mechanism somehow.

>How-To-Repeat:

You can build a new emacs binary that exhibits the same behavior as my
old one by building editors/emacs20-20.7nb21 (which I just committed,
with fixes for some other problems) on current amd64. Or at least, I
can. YMMV, but hopefully it's not just me.

>Fix:

Not being able to run my editor is making it rather difficult to do
stuff, so I'd appreciate help...

Follow-Ups:
- Re: kern/51654: wrong ps_strings breaks emacs20
  - From: Joerg Sonnenberger

Prev by Date: Re: bin/51652 (makefs dies due to segmentation fault)
Next by Date: Re: kern/51654: wrong ps_strings breaks emacs20
Previous by Thread: Re: bin/51652 (makefs dies due to segmentation fault)
Next by Thread: Re: kern/51654: wrong ps_strings breaks emacs20
Indexes:

Home | Main Index | Thread Index | Old Index