GNU bug report logs -
#36279
26.2.90; (process-attributes nonexistent-pid) segmentation fault
Previous Next
Reported by: Xu Chunyang <mail <at> xuchunyang.me>
Date: Tue, 18 Jun 2019 13:27:02 UTC
Severity: normal
Tags: fixed
Found in version 26.2.90
Fixed in version 26.3
Done: Robert Pluim <rpluim <at> gmail.com>
Bug is archived. No further changes may be made.
To add a comment to this bug, you must first unarchive it, by sending
a message to control AT debbugs.gnu.org, with unarchive 36279 in the body.
You can then email your comments to 36279 AT debbugs.gnu.org in the normal way.
Toggle the display of automated, internal messages from the tracker.
Report forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#36279; Package
emacs.
(Tue, 18 Jun 2019 13:27:02 GMT)
Full text and
rfc822 format available.
Acknowledgement sent
to
Xu Chunyang <mail <at> xuchunyang.me>:
New bug report received and forwarded. Copy sent to
bug-gnu-emacs <at> gnu.org.
(Tue, 18 Jun 2019 13:27:02 GMT)
Full text and
rfc822 format available.
Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):
Emacs crashes when I run the following (the PID 123456 doesn't exist)
(process-attributes 123456)
And I can reproduce it from Emacs -Q:
~ $ emacs -Q --batch --eval '(print (process-attributes 123456))'
Fatal error 11: Segmentation faultzsh: segmentation fault emacs -Q --batch --eval '(print (process-attributes 123456))'
~ $ emacs --version | head -1
GNU Emacs 26.2.90
~ $
In GNU Emacs 26.2.90 (build 1, x86_64-apple-darwin18.6.0, Carbon Version 158 AppKit 1671.5)
of 2019-06-13 built on Chunyangs-MacBook-Air.local
Repository revision: 7ba854289bd169f1e5f4fbdbc4ae2bef24b9811f
Windowing system distributor 'Apple Inc.', version 10.14.5
Recent messages:
Loading /Users/xcy/.emacs.d/xcy.el (source)...done
Loading /Users/xcy/.emacs.d/var/recentf-save.el (source)...done
Cleaning up the recentf list...done (0 removed) [2 times]
Configured using:
'configure --with-modules'
Configured features:
NOTIFY ACL GNUTLS LIBXML2 ZLIB TOOLKIT_SCROLL_BARS MODULES THREADS LCMS2
Important settings:
value of $LANG: zh-Hans_US.UTF-8
locale-coding-system: utf-8-unix
Major mode: Lisp Interaction
Minor modes in effect:
global-atomic-chrome-edit-mode: t
shell-dirtrack-mode: t
server-mode: t
minibuffer-electric-default-mode: t
rainbow-delimiters-mode: t
paredit-mode: t
hl-todo-mode: t
company-mode: t
show-paren-mode: t
region-state-mode: t
global-undo-tree-mode: t
undo-tree-mode: t
electric-pair-mode: t
winner-mode: t
global-auto-revert-mode: t
prescient-persist-mode: t
prompt-watcher-mode: t
minibuffer-depth-indicate-mode: t
save-place-mode: t
recentf-mode: t
savehist-mode: t
override-global-mode: t
tooltip-mode: t
global-eldoc-mode: t
eldoc-mode: t
electric-indent-mode: t
mac-mouse-wheel-mode: t
global-prettify-symbols-mode: t
prettify-symbols-mode: t
menu-bar-mode: t
file-name-shadow-mode: t
global-font-lock-mode: t
font-lock-mode: t
blink-cursor-mode: t
auto-composition-mode: t
auto-encryption-mode: t
auto-compression-mode: t
temp-buffer-resize-mode: t
size-indication-mode: t
line-number-mode: t
transient-mark-mode: t
Load-path shadows:
~/src/e2ansi/e2ansi hides /Users/xcy/.emacs.d/elpa-26.2.90/e2ansi-20190517.1902/e2ansi
~/src/e2ansi/e2ansi-magic hides /Users/xcy/.emacs.d/elpa-26.2.90/e2ansi-20190517.1902/e2ansi-magic
~/src/e2ansi/e2ansi-list hides /Users/xcy/.emacs.d/elpa-26.2.90/e2ansi-20190517.1902/e2ansi-list
~/src/e2ansi/e2ansi-silent hides /Users/xcy/.emacs.d/elpa-26.2.90/e2ansi-20190517.1902/e2ansi-silent
~/src/github-stars.el/github-stars hides /Users/xcy/.emacs.d/elpa-26.2.90/github-stars-20190517.1319/github-stars
~/src/grab-mac-link/grab-mac-link hides /Users/xcy/.emacs.d/elpa-26.2.90/grab-mac-link-20190419.1307/grab-mac-link
~/src/helm-lastpass/helm-lastpass hides /Users/xcy/.emacs.d/elpa-26.2.90/helm-lastpass-20180722.806/helm-lastpass
~/src/region-state.el/region-state hides /Users/xcy/.emacs.d/elpa-26.2.90/region-state-20181205.1746/region-state
~/src/swap-regions.el/swap-regions hides /Users/xcy/.emacs.d/elpa-26.2.90/swap-regions-20180915.1346/swap-regions
~/src/web-search.el/web-search hides /Users/xcy/.emacs.d/elpa-26.2.90/web-search-20181028.525/web-search
~/src/yagist.el/yagist hides /Users/xcy/.emacs.d/elpa-26.2.90/yagist-20160418.508/yagist
~/src/youdao-dictionary.el/youdao-dictionary hides /Users/xcy/.emacs.d/elpa-26.2.90/youdao-dictionary-20180714.414/youdao-dictionary
/Users/xcy/.emacs.d/elpa-26.2.90/flymake-1.0.6/flymake hides /Users/xcy/src/emacs-mac/lisp/progmodes/flymake
/Users/xcy/.emacs.d/elpa-26.2.90/soap-client-3.1.5/soap-client hides /Users/xcy/src/emacs-mac/lisp/net/soap-client
/Users/xcy/.emacs.d/elpa-26.2.90/soap-client-3.1.5/soap-inspect hides /Users/xcy/src/emacs-mac/lisp/net/soap-inspect
Features:
(shadow sort mailalias epa-mail flyspell-popup popup flyspell ispell
mail-extr emacsbug message puny dired-x dired dired-loaddefs rfc822 mml
mml-sec epa epg gnus-util rmail rmail-loaddefs mm-decode mm-bodies
mm-encode mail-parse rfc2231 mailabbrev gmm-utils mailheader sendmail
rfc2047 rfc2045 ietf-drums mm-util mail-prsvr mail-utils atomic-chrome
websocket url-cookie url-domsuf url-util bindat ob-sml ob-rust org-habit
org-agenda org-protocol ob-shell shell ob-scheme ob-ruby ob-R ob-python
ob-perl ob-org ob-lua ob-lisp ob-latex ob-eshell ob-ditaa ob-C cc-mode
cc-fonts cc-guess cc-menus cc-cmds cc-styles cc-align cc-engine cc-vars
cc-defs ob-clojure ob-awk ob-racket org-eww org-element avl-tree
generator org org-macro org-footnote org-pcomplete pcomplete org-list
org-faces org-entities org-version ob-emacs-lisp ob ob-tangle org-src
ob-ref ob-lob ob-table ob-keys ob-exp ob-comint ob-core ob-eval
org-compat org-macs org-loaddefs find-func server finda json map
minibuf-eldef cal-china lunar solar cal-dst cal-menu calendar
cal-loaddefs rainbow-delimiters paredit hl-todo company-oddmuse
company-keywords company-etags etags xref project company-gtags
company-dabbrev-code company-dabbrev company-files company-capf
company-cmake company-xcode company-clang company-semantic company-eclim
company-template company-bbdb company derived let-alist gif-screencast
elisp-demos hydra lv el-search-x el-search noutline outline hideshow
help-fns radix-tree stream-x stream thunk thingatpt cl-print rmc
pdf-tools compile comint ansi-color cus-edit cus-start cus-load pdf-view
bookmark pp jka-compr pdf-cache pdf-info tq pdf-util format-spec
image-mode pdf-loader paren region-state undo-tree diff ace-link avy
elec-pair winner ring ibuf-macs autorevert filenotify prescient mb-depth
saveplace recentf tree-widget wid-edit savehist
sanityinc-tomorrow-eighties-theme color-theme-sanityinc-tomorrow color
pcase no-littering dash subr-x diminish use-package use-package-ensure
use-package-delight use-package-diminish use-package-bind-key bind-key
easy-mmode cl-extra help-mode use-package-core finder-inf edmacro kmacro
kotl-autoloads rx cl info advice package easymenu epg-config
url-handlers url-parse auth-source cl-seq eieio eieio-core cl-macs
eieio-loaddefs password-cache url-vars seq byte-opt gv bytecomp
byte-compile cconv cl-loaddefs cl-lib mule-util time-date china-util
tooltip eldoc electric uniquify ediff-hook vc-hooks lisp-float-type
mwheel term/mac-win mac-win term/common-win tool-bar dnd fontset image
regexp-opt fringe tabulated-list replace newcomment text-mode elisp-mode
lisp-mode prog-mode register page menu-bar rfn-eshadow isearch timer
select scroll-bar mouse jit-lock font-lock syntax facemenu font-core
term/tty-colors frame cl-generic cham georgian utf-8-lang misc-lang
vietnamese tibetan thai tai-viet lao korean japanese eucjp-ms cp51932
hebrew greek romanian slovak czech european ethiopic indian cyrillic
chinese composite charscript charprop case-table epa-hook jka-cmpr-hook
help simple abbrev obarray minibuffer cl-preloaded nadvice loaddefs
button faces cus-face macroexp files text-properties overlay sha1 md5
base64 format env code-pages mule custom widget hashtable-print-readable
backquote threads kqueue mac lcms2 multi-tty make-network-process emacs)
Memory information:
((conses 16 563329 9950)
(symbols 48 47679 2)
(miscs 40 3167 215)
(strings 32 163119 10977)
(string-bytes 1 5053082)
(vectors 16 49276)
(vector-slots 8 1224022 15208)
(floats 8 918 233)
(intervals 56 1006 0)
(buffers 992 11))
Information forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#36279; Package
emacs.
(Tue, 18 Jun 2019 13:32:02 GMT)
Full text and
rfc822 format available.
Message #8 received at 36279 <at> debbugs.gnu.org (full text, mbox):
Xu Chunyang <mail <at> xuchunyang.me> writes:
> Emacs crashes when I run the following (the PID 123456 doesn't exist)
>
> (process-attributes 123456)
>
> And I can reproduce it from Emacs -Q:
>
> ~ $ emacs -Q --batch --eval '(print (process-attributes 123456))'
> Fatal error 11: Segmentation faultzsh: segmentation fault emacs -Q --batch --eval '(print (process-attributes 123456))'
> ~ $ emacs --version | head -1
> GNU Emacs 26.2.90
> ~ $
>
>
> In GNU Emacs 26.2.90 (build 1, x86_64-apple-darwin18.6.0, Carbon Version 158 AppKit 1671.5)
Doesn't happen here[1], I just get nil. Can you show a backtrace with a
gdb (or lldb if that's not available)?
[1]: In GNU Emacs 26.2.90 (build 1, x86_64-pc-linux-gnu, X toolkit, Xaw scroll bars)
Information forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#36279; Package
emacs.
(Tue, 18 Jun 2019 14:06:01 GMT)
Full text and
rfc822 format available.
Message #11 received at 36279 <at> debbugs.gnu.org (full text, mbox):
On Tue, Jun 18, 2019, at 9:31 PM, Noam Postavsky wrote:
> Xu Chunyang <mail <at> xuchunyang.me> writes:
>
> > Emacs crashes when I run the following (the PID 123456 doesn't exist)
> >
> > (process-attributes 123456)
> >
> > And I can reproduce it from Emacs -Q:
> >
> > ~ $ emacs -Q --batch --eval '(print (process-attributes 123456))'
> > Fatal error 11: Segmentation faultzsh: segmentation fault emacs -Q --batch --eval '(print (process-attributes 123456))'
> > ~ $ emacs --version | head -1
> > GNU Emacs 26.2.90
> > ~ $
> >
> >
> > In GNU Emacs 26.2.90 (build 1, x86_64-apple-darwin18.6.0, Carbon Version 158 AppKit 1671.5)
>
> Doesn't happen here[1], I just get nil. Can you show a backtrace with a
> gdb (or lldb if that's not available)?
(Not sure what am I doing, never used lldb)
~/src/emacs-mac/src $ lldb ./emacs
(lldb) target create "./emacs"
Current executable set to './emacs' (x86_64).
(lldb) run -Q --batch --eval '(print (process-attributes 123456))'
Process 18581 launched: '/Users/xcy/src/emacs-mac/src/emacs' (x86_64)
emacs was compiled with optimization - stepping may behave oddly; variables may not be available.
Process 18581 stopped
* thread #2, name = 'org.gnu.Emacs.lisp-main', stop reason = EXC_BAD_ACCESS (code=1, address=0x41)
frame #0: 0x00000001000dd9aa emacs`system_process_attributes(pid=<unavailable>) at sysdep.c:3872:39 [opt]
3869 rusage = proc.kp_proc.p_ru;
3870 if (rusage)
3871 {
-> 3872 attrs = Fcons (Fcons (Qminflt, make_fixnum_or_float (rusage->ru_minflt)),
3873 attrs);
3874 attrs = Fcons (Fcons (Qmajflt, make_fixnum_or_float (rusage->ru_majflt)),
3875 attrs);
Target 0: (emacs) stopped.
(lldb) bt
* thread #2, name = 'org.gnu.Emacs.lisp-main', stop reason = EXC_BAD_ACCESS (code=1, address=0x41)
* frame #0: 0x00000001000dd9aa emacs`system_process_attributes(pid=<unavailable>) at sysdep.c:3872:39 [opt]
frame #1: 0x000000010013e854 emacs`eval_sub(form=<unavailable>) at eval.c:2247:41 [opt]
frame #2: 0x000000010013e7ea emacs`eval_sub(form=<unavailable>) at eval.c:2235:21 [opt]
frame #3: 0x0000000100141f6b emacs`Feval(form=4370835043, lexical=<unavailable>) at eval.c:2067:28 [opt]
frame #4: 0x0000000100143b27 emacs`__funcall_subr_block_invoke(.block_descriptor=<unavailable>) at eval.c:0:12 [opt]
frame #5: 0x00000001001e1a4f emacs`mac_autorelease_loop(body=0x0000000100143a60) at macappkit.m:1040:13 [opt]
frame #6: 0x0000000100142aff emacs`Ffuncall [inlined] funcall_subr(subr=<unavailable>, numargs=<unavailable>, args=<unavailable>) at eval.c:2909:3 [opt]
frame #7: 0x0000000100142a99 emacs`Ffuncall(nargs=<unavailable>, args=<unavailable>) at eval.c:2782 [opt]
frame #8: 0x0000000100186f3e emacs`exec_byte_code(bytestr=<unavailable>, vector=4298690456, maxdepth=<unavailable>, args_template=1030, nargs=1, args=<unavailable>) at bytecode.c:630:12 [opt]
frame #9: 0x0000000100142a3d emacs`Ffuncall(nargs=<unavailable>, args=<unavailable>) at eval.c:0:4 [opt]
frame #10: 0x0000000100186f3e emacs`exec_byte_code(bytestr=<unavailable>, vector=4298667856, maxdepth=<unavailable>, args_template=2, nargs=0, args=<unavailable>) at bytecode.c:630:12 [opt]
frame #11: 0x0000000100142a3d emacs`Ffuncall(nargs=<unavailable>, args=<unavailable>) at eval.c:0:4 [opt]
frame #12: 0x0000000100186f3e emacs`exec_byte_code(bytestr=<unavailable>, vector=4298664256, maxdepth=<unavailable>, args_template=2, nargs=0, args=<unavailable>) at bytecode.c:630:12 [opt]
frame #13: 0x0000000100142214 emacs`apply_lambda(fun=4298664181, args=<unavailable>, count=4) at eval.c:2948:9 [opt]
frame #14: 0x000000010013e610 emacs`eval_sub(form=<unavailable>) at eval.c:0:11 [opt]
frame #15: 0x0000000100141f6b emacs`Feval(form=4362606819, lexical=<unavailable>) at eval.c:2067:28 [opt]
frame #16: 0x00000001001410dc emacs`internal_condition_case(bfun=(emacs`top_level_2 at keyboard.c:1118), handlers=22128, hfun=(emacs`cmd_error at keyboard.c:938)) at eval.c:1336:25 [opt]
frame #17: 0x00000001000d102d emacs`top_level_1(ignore=<unavailable>) at keyboard.c:1127:5 [opt]
frame #18: 0x00000001001406d0 emacs`internal_catch(tag=53568, func=(emacs`top_level_1 at keyboard.c:1124), arg=0) at eval.c:1101:25 [opt]
frame #19: 0x00000001000c06ef emacs`command_loop at keyboard.c:1088:2 [opt]
frame #20: 0x00000001000c060f emacs`recursive_edit_1 at keyboard.c:695:9 [opt]
frame #21: 0x00000001000c08f6 emacs`Frecursive_edit at keyboard.c:766:3 [opt]
frame #22: 0x00000001000bf209 emacs`emacs_main(argc=<unavailable>, argv=0x00007ffeefbff7c8) at emacs.c:1759:3 [opt]
frame #23: 0x000000010020d534 emacs`mac_start_lisp_main(arg=0x00007ffeefbff7c8) at macappkit.m:16723:3 [opt]
frame #24: 0x00007fff7a9e52eb libsystem_pthread.dylib`_pthread_body + 126
frame #25: 0x00007fff7a9e8249 libsystem_pthread.dylib`_pthread_start + 66
frame #26: 0x00007fff7a9e440d libsystem_pthread.dylib`thread_start + 13
(lldb)
> [1]: In GNU Emacs 26.2.90 (build 1, x86_64-pc-linux-gnu, X toolkit, Xaw
> scroll bars)
>
>
Information forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#36279; Package
emacs.
(Tue, 18 Jun 2019 15:24:02 GMT)
Full text and
rfc822 format available.
Message #14 received at 36279 <at> debbugs.gnu.org (full text, mbox):
>>>>> On Tue, 18 Jun 2019 22:05:38 +0800, xuchunyang <mail <at> xuchunyang.me> said:
xuchunyang> On Tue, Jun 18, 2019, at 9:31 PM, Noam Postavsky wrote:
>> Xu Chunyang <mail <at> xuchunyang.me> writes:
>>
>> > Emacs crashes when I run the following (the PID 123456 doesn't exist)
>> >
>> > (process-attributes 123456)
>> >
>> > And I can reproduce it from Emacs -Q:
>> >
>> > ~ $ emacs -Q --batch --eval '(print (process-attributes 123456))'
>> > Fatal error 11: Segmentation faultzsh: segmentation fault emacs -Q --batch --eval '(print (process-attributes 123456))'
>> > ~ $ emacs --version | head -1
>> > GNU Emacs 26.2.90
>> > ~ $
>> >
>> >
>> > In GNU Emacs 26.2.90 (build 1, x86_64-apple-darwin18.6.0, Carbon Version 158 AppKit 1671.5)
>>
>> Doesn't happen here[1], I just get nil. Can you show a backtrace with a
>> gdb (or lldb if that's not available)?
I get the same crash here. You'd expect sysctl to return an error when
requesting info about a non-existent process, but instead it
passive-agressively sets proclen to 0. This fixes it for me here, can
you try it?
diff --git a/src/sysdep.c b/src/sysdep.c
index 1e35e06b63..518ecebcf6 100644
--- a/src/sysdep.c
+++ b/src/sysdep.c
@@ -3798,7 +3798,7 @@ system_process_attributes (Lisp_Object pid)
CONS_TO_INTEGER (pid, int, proc_id);
mib[3] = proc_id;
- if (sysctl (mib, 4, &proc, &proclen, NULL, 0) != 0)
+ if (sysctl (mib, 4, &proc, &proclen, NULL, 0) != 0 || proclen == 0)
return attrs;
uid = proc.kp_eproc.e_ucred.cr_uid;
Information forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#36279; Package
emacs.
(Tue, 18 Jun 2019 16:08:02 GMT)
Full text and
rfc822 format available.
Message #17 received at 36279 <at> debbugs.gnu.org (full text, mbox):
> From: Xu Chunyang <mail <at> xuchunyang.me>
> Date: Tue, 18 Jun 2019 21:25:40 +0800
>
> Emacs crashes when I run the following (the PID 123456 doesn't exist)
>
> (process-attributes 123456)
>
> And I can reproduce it from Emacs -Q:
>
> ~ $ emacs -Q --batch --eval '(print (process-attributes 123456))'
> Fatal error 11: Segmentation faultzsh: segmentation fault emacs -Q --batch --eval '(print (process-attributes 123456))'
This seems to be Darwin-specific.
Information forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#36279; Package
emacs.
(Tue, 18 Jun 2019 16:11:02 GMT)
Full text and
rfc822 format available.
Message #20 received at 36279 <at> debbugs.gnu.org (full text, mbox):
> Date: Tue, 18 Jun 2019 22:05:38 +0800
> From: xuchunyang <mail <at> xuchunyang.me>
> Cc: 36279 <at> debbugs.gnu.org
>
> 3869 rusage = proc.kp_proc.p_ru;
> 3870 if (rusage)
> 3871 {
> -> 3872 attrs = Fcons (Fcons (Qminflt, make_fixnum_or_float (rusage->ru_minflt)),
> 3873 attrs);
> 3874 attrs = Fcons (Fcons (Qmajflt, make_fixnum_or_float (rusage->ru_majflt)),
> 3875 attrs);
So 'rusage' is not a NULL pointer, but it's garbled?
Information forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#36279; Package
emacs.
(Tue, 18 Jun 2019 16:24:02 GMT)
Full text and
rfc822 format available.
Message #23 received at 36279 <at> debbugs.gnu.org (full text, mbox):
On Tue, Jun 18, 2019, at 11:23 PM, Robert Pluim wrote:
> >>>>> On Tue, 18 Jun 2019 22:05:38 +0800, xuchunyang <mail <at> xuchunyang.me> said:
>
> xuchunyang> On Tue, Jun 18, 2019, at 9:31 PM, Noam Postavsky wrote:
> >> Xu Chunyang <mail <at> xuchunyang.me> writes:
> >>
> >> > Emacs crashes when I run the following (the PID 123456 doesn't
> exist)
> >> >
> >> > (process-attributes 123456)
> >> >
> >> > And I can reproduce it from Emacs -Q:
> >> >
> >> > ~ $ emacs -Q --batch --eval '(print (process-attributes
> 123456))'
> >> > Fatal error 11: Segmentation faultzsh: segmentation fault
> emacs -Q --batch --eval '(print (process-attributes 123456))'
> >> > ~ $ emacs --version | head -1
> >> > GNU Emacs 26.2.90
> >> > ~ $
> >> >
> >> >
> >> > In GNU Emacs 26.2.90 (build 1, x86_64-apple-darwin18.6.0,
> Carbon Version 158 AppKit 1671.5)
> >>
> >> Doesn't happen here[1], I just get nil. Can you show a
> backtrace with a
> >> gdb (or lldb if that's not available)?
>
> I get the same crash here. You'd expect sysctl to return an error when
> requesting info about a non-existent process, but instead it
> passive-agressively sets proclen to 0. This fixes it for me here, can
> you try it?
It fixes the issue for me too. (process-attributes 123456) returns nil instead of crashing Emacs.
>
> diff --git a/src/sysdep.c b/src/sysdep.c
> index 1e35e06b63..518ecebcf6 100644
> --- a/src/sysdep.c
> +++ b/src/sysdep.c
> @@ -3798,7 +3798,7 @@ system_process_attributes (Lisp_Object pid)
> CONS_TO_INTEGER (pid, int, proc_id);
> mib[3] = proc_id;
>
> - if (sysctl (mib, 4, &proc, &proclen, NULL, 0) != 0)
> + if (sysctl (mib, 4, &proc, &proclen, NULL, 0) != 0 || proclen == 0)
> return attrs;
>
> uid = proc.kp_eproc.e_ucred.cr_uid;
>
Information forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#36279; Package
emacs.
(Tue, 18 Jun 2019 17:45:01 GMT)
Full text and
rfc822 format available.
Message #26 received at 36279 <at> debbugs.gnu.org (full text, mbox):
> Date: Wed, 19 Jun 2019 00:23:20 +0800
> From: xuchunyang <mail <at> xuchunyang.me>
> Cc: 36279 <at> debbugs.gnu.org, Noam Postavsky <npostavs <at> gmail.com>
>
> It fixes the issue for me too. (process-attributes 123456) returns nil instead of crashing Emacs.
>
> >
> > diff --git a/src/sysdep.c b/src/sysdep.c
> > index 1e35e06b63..518ecebcf6 100644
> > --- a/src/sysdep.c
> > +++ b/src/sysdep.c
> > @@ -3798,7 +3798,7 @@ system_process_attributes (Lisp_Object pid)
> > CONS_TO_INTEGER (pid, int, proc_id);
> > mib[3] = proc_id;
> >
> > - if (sysctl (mib, 4, &proc, &proclen, NULL, 0) != 0)
> > + if (sysctl (mib, 4, &proc, &proclen, NULL, 0) != 0 || proclen == 0)
> > return attrs;
> >
> > uid = proc.kp_eproc.e_ucred.cr_uid;
> >
Thanks. Robert, please push to the emacs-26 branch.
(I understand this problem is quite old, is that right?)
Information forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#36279; Package
emacs.
(Tue, 18 Jun 2019 17:54:02 GMT)
Full text and
rfc822 format available.
Message #29 received at 36279 <at> debbugs.gnu.org (full text, mbox):
>>>>> On Tue, 18 Jun 2019 20:44:41 +0300, Eli Zaretskii <eliz <at> gnu.org> said:
>> Date: Wed, 19 Jun 2019 00:23:20 +0800
>> From: xuchunyang <mail <at> xuchunyang.me>
>> Cc: 36279 <at> debbugs.gnu.org, Noam Postavsky <npostavs <at> gmail.com>
>>
>> It fixes the issue for me too. (process-attributes 123456) returns nil instead of crashing Emacs.
>>
>> >
>> > diff --git a/src/sysdep.c b/src/sysdep.c
>> > index 1e35e06b63..518ecebcf6 100644
>> > --- a/src/sysdep.c
>> > +++ b/src/sysdep.c
>> > @@ -3798,7 +3798,7 @@ system_process_attributes (Lisp_Object pid)
>> > CONS_TO_INTEGER (pid, int, proc_id);
>> > mib[3] = proc_id;
>> >
>> > - if (sysctl (mib, 4, &proc, &proclen, NULL, 0) != 0)
>> > + if (sysctl (mib, 4, &proc, &proclen, NULL, 0) != 0 || proclen == 0)
>> > return attrs;
>> >
>> > uid = proc.kp_eproc.e_ucred.cr_uid;
>> >
Eli> Thanks. Robert, please push to the emacs-26 branch.
Will do.
Eli> (I understand this problem is quite old, is that right?)
commit ef4ed84e72a323b3d29dc34df92d3f89ad4fc322
Date: Sun Apr 24 14:33:05 2016 +0200
introduced the macOS version of system_process_attributes.
list_system_processes (on macOS and FreeBSD) and
system_process_attributes(on FreeBSD) potentially have similar issues
with sysctl. Would you like a defensive patch for those? (I donʼt have
a FreeBSD system to test on)
Robert
Information forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#36279; Package
emacs.
(Tue, 18 Jun 2019 18:08:02 GMT)
Full text and
rfc822 format available.
Message #32 received at 36279 <at> debbugs.gnu.org (full text, mbox):
> From: Robert Pluim <rpluim <at> gmail.com>
> Cc: xuchunyang <mail <at> xuchunyang.me>, 36279 <at> debbugs.gnu.org, npostavs <at> gmail.com
> Date: Tue, 18 Jun 2019 19:53:06 +0200
>
> list_system_processes (on macOS and FreeBSD) and
> system_process_attributes(on FreeBSD) potentially have similar issues
> with sysctl. Would you like a defensive patch for those?
Yes, I think so.
Information forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#36279; Package
emacs.
(Tue, 18 Jun 2019 18:15:02 GMT)
Full text and
rfc822 format available.
Message #35 received at 36279 <at> debbugs.gnu.org (full text, mbox):
>>>>> On Tue, 18 Jun 2019 21:06:31 +0300, Eli Zaretskii <eliz <at> gnu.org> said:
>> From: Robert Pluim <rpluim <at> gmail.com>
>> Cc: xuchunyang <mail <at> xuchunyang.me>, 36279 <at> debbugs.gnu.org, npostavs <at> gmail.com
>> Date: Tue, 18 Jun 2019 19:53:06 +0200
>>
>> list_system_processes (on macOS and FreeBSD) and
>> system_process_attributes(on FreeBSD) potentially have similar issues
>> with sysctl. Would you like a defensive patch for those?
Eli> Yes, I think so.
OK, sometime tomorrow (and perhaps for 'get_boot_time' in filelock.c
as well)
Robert
Information forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#36279; Package
emacs.
(Wed, 19 Jun 2019 07:08:01 GMT)
Full text and
rfc822 format available.
Message #38 received at 36279 <at> debbugs.gnu.org (full text, mbox):
[Message part 1 (text/plain, inline)]
>>>>> On Tue, 18 Jun 2019 20:14:31 +0200, Robert Pluim <rpluim <at> gmail.com> said:
>>>>> On Tue, 18 Jun 2019 21:06:31 +0300, Eli Zaretskii <eliz <at> gnu.org> said:
>>> From: Robert Pluim <rpluim <at> gmail.com>
>>> Cc: xuchunyang <mail <at> xuchunyang.me>, 36279 <at> debbugs.gnu.org, npostavs <at> gmail.com
>>> Date: Tue, 18 Jun 2019 19:53:06 +0200
>>>
>>> list_system_processes (on macOS and FreeBSD) and
>>> system_process_attributes(on FreeBSD) potentially have similar issues
>>> with sysctl. Would you like a defensive patch for those?
Eli> Yes, I think so.
Robert> OK, sometime tomorrow (and perhaps for 'get_boot_time' in filelock.c
Robert> as well)
I think I got all the ChangeLog syntax right. Patch against emacs-26
attached, not yet pushed.
[0001-Check-length-returned-by-sysctl.patch (text/x-patch, inline)]
From a70ac9f644660a16fa871a9f6933c1344ffae083 Mon Sep 17 00:00:00 2001
From: Robert Pluim <rpluim <at> gmail.com>
Date: Wed, 19 Jun 2019 08:52:50 +0200
Subject: [PATCH] Check length returned by sysctl
To: emacs-devel <at> gnu.org
sysctl sometimes returns successfully even when it returns no data,
such as when querying non-existent processes, which can cause crashes.
Check for this condition by validating the length of the returned
data. (Bug#36279)
* src/sysdep.c (list_system_processes) [DARWIN_OS || __FreeBSD__]:
(system_process_attributes) [__FreeBSD__]:
(system_process_attributes) [DARWIN_OS]:
* src/filelock.c (get_boot_time) [CTL_KERN && KERN_BOOTTIME]: Check
length of data returned by sysctl.
---
src/filelock.c | 3 +--
src/sysdep.c | 10 +++++-----
2 files changed, 6 insertions(+), 7 deletions(-)
diff --git a/src/filelock.c b/src/filelock.c
index 81d98f36fa..0865450936 100644
--- a/src/filelock.c
+++ b/src/filelock.c
@@ -151,8 +151,7 @@ get_boot_time (void)
mib[0] = CTL_KERN;
mib[1] = KERN_BOOTTIME;
size = sizeof (boottime_val);
-
- if (sysctl (mib, 2, &boottime_val, &size, NULL, 0) >= 0)
+ if (sysctl (mib, 2, &boottime_val, &size, NULL, 0) >= 0 && size != 0)
{
boot_time = boottime_val.tv_sec;
return boot_time;
diff --git a/src/sysdep.c b/src/sysdep.c
index 1e35e06b63..b2aecc0dda 100644
--- a/src/sysdep.c
+++ b/src/sysdep.c
@@ -3014,11 +3014,11 @@ list_system_processes (void)
Lisp_Object proclist = Qnil;
- if (sysctl (mib, 3, NULL, &len, NULL, 0) != 0)
+ if (sysctl (mib, 3, NULL, &len, NULL, 0) != 0 || len == 0)
return proclist;
procs = xmalloc (len);
- if (sysctl (mib, 3, procs, &len, NULL, 0) != 0)
+ if (sysctl (mib, 3, procs, &len, NULL, 0) != 0 || len == 0)
{
xfree (procs);
return proclist;
@@ -3618,7 +3618,7 @@ system_process_attributes (Lisp_Object pid)
CONS_TO_INTEGER (pid, int, proc_id);
mib[3] = proc_id;
- if (sysctl (mib, 4, &proc, &proclen, NULL, 0) != 0)
+ if (sysctl (mib, 4, &proc, &proclen, NULL, 0) != 0 || proclen == 0)
return attrs;
attrs = Fcons (Fcons (Qeuid, make_fixnum_or_float (proc.ki_uid)), attrs);
@@ -3740,7 +3740,7 @@ system_process_attributes (Lisp_Object pid)
mib[2] = KERN_PROC_ARGS;
len = MAXPATHLEN;
- if (sysctl (mib, 4, args, &len, NULL, 0) == 0)
+ if (sysctl (mib, 4, args, &len, NULL, 0) == 0 && len != 0)
{
int i;
for (i = 0; i < len; i++)
@@ -3798,7 +3798,7 @@ system_process_attributes (Lisp_Object pid)
CONS_TO_INTEGER (pid, int, proc_id);
mib[3] = proc_id;
- if (sysctl (mib, 4, &proc, &proclen, NULL, 0) != 0)
+ if (sysctl (mib, 4, &proc, &proclen, NULL, 0) != 0 || proclen == 0)
return attrs;
uid = proc.kp_eproc.e_ucred.cr_uid;
--
2.21.0.419.gffac537e6c
Information forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#36279; Package
emacs.
(Wed, 19 Jun 2019 08:02:02 GMT)
Full text and
rfc822 format available.
Message #41 received at 36279 <at> debbugs.gnu.org (full text, mbox):
On Jun 19 2019, Robert Pluim <rpluim <at> gmail.com> wrote:
> From a70ac9f644660a16fa871a9f6933c1344ffae083 Mon Sep 17 00:00:00 2001
> From: Robert Pluim <rpluim <at> gmail.com>
> Date: Wed, 19 Jun 2019 08:52:50 +0200
> Subject: [PATCH] Check length returned by sysctl
> To: emacs-devel <at> gnu.org
>
> sysctl sometimes returns successfully even when it returns no data,
> such as when querying non-existent processes, which can cause crashes.
I thinks that's not a sometimes, but how it is documented to work.
Andreas.
--
Andreas Schwab, SUSE Labs, schwab <at> suse.de
GPG Key fingerprint = 0196 BAD8 1CE9 1970 F4BE 1748 E4D4 88E3 0EEA B9D7
"And now for something completely different."
Information forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#36279; Package
emacs.
(Wed, 19 Jun 2019 10:23:01 GMT)
Full text and
rfc822 format available.
Message #44 received at 36279 <at> debbugs.gnu.org (full text, mbox):
>>>>> On Wed, 19 Jun 2019 10:01:22 +0200, Andreas Schwab <schwab <at> suse.de> said:
Andreas> On Jun 19 2019, Robert Pluim <rpluim <at> gmail.com> wrote:
>> From a70ac9f644660a16fa871a9f6933c1344ffae083 Mon Sep 17 00:00:00 2001
>> From: Robert Pluim <rpluim <at> gmail.com>
>> Date: Wed, 19 Jun 2019 08:52:50 +0200
>> Subject: [PATCH] Check length returned by sysctl
>> To: emacs-devel <at> gnu.org
>>
>> sysctl sometimes returns successfully even when it returns no data,
>> such as when querying non-existent processes, which can cause crashes.
Andreas> I thinks that's not a sometimes, but how it is documented to work.
I guess itʼs a matter of how you describe success:
Me: Kernel, please tell me about process <x>
Kernel: (process <x> does not exist). Success! Have some zero length
data.
Me: <crash>
But whatever, I can adjust the commit message.
Robert
Information forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#36279; Package
emacs.
(Wed, 19 Jun 2019 10:30:02 GMT)
Full text and
rfc822 format available.
Message #47 received at 36279 <at> debbugs.gnu.org (full text, mbox):
On Jun 19 2019, Robert Pluim <rpluim <at> gmail.com> wrote:
> I guess itʼs a matter of how you describe success:
>
> Me: Kernel, please tell me about process <x>
> Kernel: (process <x> does not exist). Success! Have some zero length
> data.
> Me: <crash>
The crash is because you are accessing the data outside of its bounds.
That has nothing to do with success.
Andreas.
--
Andreas Schwab, SUSE Labs, schwab <at> suse.de
GPG Key fingerprint = 0196 BAD8 1CE9 1970 F4BE 1748 E4D4 88E3 0EEA B9D7
"And now for something completely different."
Information forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#36279; Package
emacs.
(Wed, 19 Jun 2019 13:41:02 GMT)
Full text and
rfc822 format available.
Message #50 received at 36279 <at> debbugs.gnu.org (full text, mbox):
>>>>> On Wed, 19 Jun 2019 12:29:52 +0200, Andreas Schwab <schwab <at> suse.de> said:
Andreas> On Jun 19 2019, Robert Pluim <rpluim <at> gmail.com> wrote:
>> I guess itʼs a matter of how you describe success:
>>
>> Me: Kernel, please tell me about process <x>
>> Kernel: (process <x> does not exist). Success! Have some zero length
>> data.
>> Me: <crash>
Andreas> The crash is because you are accessing the data outside of its bounds.
Andreas> That has nothing to do with success.
Iʼm going to repeat my previous "whatever", since Iʼm not here to
convince you :-)
Robert
Information forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#36279; Package
emacs.
(Wed, 19 Jun 2019 15:16:01 GMT)
Full text and
rfc822 format available.
Message #53 received at 36279 <at> debbugs.gnu.org (full text, mbox):
> From: Robert Pluim <rpluim <at> gmail.com>
> Cc: 36279 <at> debbugs.gnu.org, mail <at> xuchunyang.me, npostavs <at> gmail.com
> Date: Wed, 19 Jun 2019 09:06:53 +0200
>
> >>> list_system_processes (on macOS and FreeBSD) and
> >>> system_process_attributes(on FreeBSD) potentially have similar issues
> >>> with sysctl. Would you like a defensive patch for those?
>
> Eli> Yes, I think so.
>
> Robert> OK, sometime tomorrow (and perhaps for 'get_boot_time' in filelock.c
> Robert> as well)
>
> I think I got all the ChangeLog syntax right. Patch against emacs-26
> attached, not yet pushed.
LGTM, thanks.
Information forwarded
to
bug-gnu-emacs <at> gnu.org:
bug#36279; Package
emacs.
(Thu, 20 Jun 2019 08:47:02 GMT)
Full text and
rfc822 format available.
Message #56 received at 36279 <at> debbugs.gnu.org (full text, mbox):
tags 36279 fixed
close 36279 26.3
quit
Eli> LGTM, thanks.
Closing.
Committed as 04477adedc
Robert
Added tag(s) fixed.
Request was from
Robert Pluim <rpluim <at> gmail.com>
to
control <at> debbugs.gnu.org.
(Thu, 20 Jun 2019 08:47:03 GMT)
Full text and
rfc822 format available.
bug marked as fixed in version 26.3, send any further explanations to
36279 <at> debbugs.gnu.org and Xu Chunyang <mail <at> xuchunyang.me>
Request was from
Robert Pluim <rpluim <at> gmail.com>
to
control <at> debbugs.gnu.org.
(Thu, 20 Jun 2019 08:47:03 GMT)
Full text and
rfc822 format available.
bug archived.
Request was from
Debbugs Internal Request <help-debbugs <at> gnu.org>
to
internal_control <at> debbugs.gnu.org.
(Thu, 18 Jul 2019 11:24:05 GMT)
Full text and
rfc822 format available.
This bug report was last modified 5 years and 341 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.