Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 456970 - app-editors/emacs-24.2 failed to emerge with a segmentation fault on hardened-sources-3.7.4-r1
Summary: app-editors/emacs-24.2 failed to emerge with a segmentation fault on hardened...
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Current packages (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Emacs project
URL:
Whiteboard:
Keywords:
: 480526 490626 (view as bug list)
Depends on:
Blocks: 427888
  Show dependency tree
 
Reported: 2013-02-12 17:46 UTC by bsod
Modified: 2014-01-05 09:37 UTC (History)
6 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments
emacs build.log (emacsbuild.log,103.19 KB, text/plain)
2013-02-12 17:48 UTC, bsod
Details
Use the shell version of pax-utils.eclass (emacs-pt_xt.patch,940 bytes, patch)
2013-12-30 17:41 UTC, Magnus Granberg
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description bsod 2013-02-12 17:46:52 UTC
I have exactly the same problem described in bug 411439 but with emacs-24.2 (latest stable on hardened profile) and sys-kernel/hardened-sources-3.7.4-r1 and sys-devel/gcc-4.6.3. 

Workaround is to disable randomize_va_space for the compile step and reenable it afterwards.

echo "0" > /proc/sys/kernel/randomize_va_space 
emerge emacs
echo "1" > /proc/sys/kernel/randomize_va_space

Reproducible: Always

Steps to Reproduce:
1.emerge emacs
Actual Results:  
Dumping under the name emacs
**************************************************
Warning: Your system has a gap between BSS and the
heap (15854248 bytes).  This usually means that exec-shield
or something similar is in effect.  The dump may
fail because of this.  See the section about
exec-shield in etc/PROBLEMS for more information.
**************************************************
/bin/sh: Zeile 6: 29064 Speicherzugriffsfehler  `/bin/pwd`/temacs --batch --load loadup bootstrap

Expected Results:  
a working emacs

mediaserv-gentoo ~ # emerge --info
Portage 2.1.11.50 (hardened/linux/amd64/selinux, gcc-4.6.3, glibc-2.15-r3, 3.7.4-hardened-r1 x86_64)
=================================================================
System uname: Linux-3.7.4-hardened-r1-x86_64-AMD_A4-3300_APU_with_Radeon-tm-_HD_Graphics-with-gentoo-2.1
KiB Mem:     3515788 total,     52832 free
KiB Swap:   16383996 total,  16345136 free
Timestamp of tree: Mon, 11 Feb 2013 22:45:01 +0000
ld GNU ld (GNU Binutils) 2.22
distcc 3.1 x86_64-pc-linux-gnu [enabled]
app-shells/bash:          4.2_p37
dev-java/java-config:     2.1.12-r1
dev-lang/python:          2.7.3-r2, 3.2.3
dev-util/cmake:           2.8.9
dev-util/pkgconfig:       0.28
sys-apps/baselayout:      2.1-r1
sys-apps/openrc:          0.11.8
sys-apps/sandbox:         2.5
sys-devel/autoconf:       2.13, 2.69
sys-devel/automake:       1.11.6
sys-devel/binutils:       2.22-r1
sys-devel/gcc:            4.6.3
sys-devel/gcc-config:     1.7.3
sys-devel/libtool:        2.4-r1
sys-devel/make:           3.82-r4
sys-kernel/linux-headers: 3.6 (virtual/os-headers)
sys-libs/glibc:           2.15-r3
Repositories: gentoo luman lua gnustep sunrise x-dragon
ACCEPT_KEYWORDS="amd64"
ACCEPT_LICENSE="* -@EULA"
CBUILD="x86_64-pc-linux-gnu"
CFLAGS="-O2 -march=amdfam10 -mcx16 -mpopcnt -pipe"
CHOST="x86_64-pc-linux-gnu"
CONFIG_PROTECT="/etc /usr/share/gnupg/qualified.txt /var/lib/redmine/config"
CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/php/apache2-php5.4/ext-active/ /etc/php/cgi-php5.4/ext-active/ /etc/php/cli-php5.4/ext-active/ /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo /var/lib/redmine/config/locales /var/lib/redmine/config/settings.yml"
CXXFLAGS="-O2 -march=amdfam10 -mcx16 -mpopcnt -pipe"
DISTDIR="/usr/portage/distfiles"
FCFLAGS="-O2 -pipe"
FEATURES="assume-digests binpkg-logs config-protect-if-modified distcc distlocks ebuild-locks fixlafiles merge-sync news parallel-fetch protect-owned sandbox selinux sesandbox sfperms strict unknown-features-warn unmerge-logs unmerge-orphans userfetch"
FFLAGS="-O2 -pipe"
GENTOO_MIRRORS="http://ftp.uni-erlangen.de/pub/mirrors/gentoo"
LANG="de_DE.UTF-8"
LDFLAGS="-Wl,-O1 -Wl,--as-needed"
MAKEOPTS="-j13"
PKGDIR="/usr/portage/packages"
PORTAGE_CONFIGROOT="/"
PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --human-readable --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR="/usr/portage"
PORTDIR_OVERLAY="/var/lib/layman/luman /var/lib/layman/lua /var/lib/layman/gnustep /var/lib/layman/sunrise /var/lib/layman/dragon"
SYNC="rsync://rsync.de.gentoo.org/gentoo-portage"
USE="3dnow 3dnowext X amd64 berkdb bindist bzip2 cli cracklib crypt cxx dbus dri gdbm gnutls gpm hardened iconv ipv6 justify ldap ldapdb memcached mmx mmxext modules mudflap multilib mysql ncurses nls nptl open_perms openldap openmp pam pax_kernel pcre readline selinux session sse sse2 sse3 sse4a ssl tcpd unicode urandom zlib" ABI_X86="64" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="authn_core authz_core socache_shmcb unixd actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache cgi cgid dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias proxy proxy_http proxy_balancer header" CALLIGRA_FEATURES="kexi words flow plan sheets stage tables krita karbon braindump" CAMERAS="ptp2" COLLECTD_PLUGINS="df interface irq load memory rrdtool swap syslog" ELIBC="glibc" GPSD_PROTOCOLS="ashtech aivdm earthmate evermore fv18 garmin garmintxt gpsclock itrax mtk3301 nmea ntrip navcom oceanserver oldstyle oncore rtcm104v2 rtcm104v3 sirf superstar2 timing tsip tripmate tnt ubx" INPUT_DEVICES="keyboard mouse evdev" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LIBREOFFICE_EXTENSIONS="presenter-console presenter-minimizer" PHP_TARGETS="php5-3" PYTHON_SINGLE_TARGET="python2_7" PYTHON_TARGETS="python2_7 python3_2" RUBY_TARGETS="ruby18 ruby19" USERLAND="GNU" VIDEO_CARDS="fbdev glint intel mach64 mga nouveau nv r128 radeon savage sis tdfx trident vesa via vmware dummy v4l" XTABLES_ADDONS="quota2 psd pknock lscan length2 ipv4options ipset ipp2p iface geoip fuzzy condition tee tarpit sysrq steal rawnat logmark ipmark dhcpmac delude chaos account"
Unset:  CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, INSTALL_MASK, LC_ALL, PORTAGE_BUNZIP2_COMMAND, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS, USE_PYTHON
Comment 1 bsod 2013-02-12 17:48:10 UTC
Created attachment 338712 [details]
emacs build.log
Comment 2 Ulrich Müller gentoo-dev 2013-02-12 18:30:25 UTC
Does building of emacs-23.4-r4 succeed?

Can you build emacs-24.2 with a previous hardened kernel version?
Comment 3 bsod 2013-02-12 18:52:46 UTC
No emacs-23.4-r4 doesn't work either.
I can't test another kernel because I can't restart this (server)machine all the time. The only reason I'm not using the stable hardened-sources is because they failed to build with an error. Maybe I can test it with another (older) hardened-kernel in some days...
Comment 4 Ulrich Müller gentoo-dev 2013-02-12 19:07:50 UTC
@hardened-kernel team: Can you reproduce this?

It can be seen in the build.log that a "/sbin/paxctl -r temacs" is done, but temacs fails in unexec in spite of this.
Comment 5 bsod 2013-02-12 22:17:52 UTC
The kernel seems to be the problem. I updated to 3.7.6-hardened and emacs is emerging without error. 3.7.4 seems to be making a lot of problems as some other problems disappeared as well. Thanks for the hint.
Comment 6 Khumba 2013-02-24 18:36:28 UTC
hardened-sources-3.7.5 and 3.7.6 both break emacs-24.2 here, unless I set randomize_va_space=0 (1 doesn't work, and my default is 2).  Maybe there's some other PaX parameter I have that's causing it to fail?

emacs-23.4-r4 didn't work for me either.  I'm on stable amd64 with the hardened profile.
Comment 7 bsod 2013-02-24 18:44:01 UTC
Just an idea and a setting I changed from 3.7.4 to 3.7.6 ...
do you use PAX_KERNEXEC_PLUGIN_METHOD_BTS or PAX_KERNEXEC_PLUGIN_METHOD_OR?
I had the problems with 3.7.4 and PAX_KERNEXEC_PLUGIN_METHOD_OR, the problems disappeared when I switched to 3.7.6 and PAX_KERNEXEC_PLUGIN_METHOD_BTS.
I had no opportunity to test this any futher though.
Comment 8 PaX Team 2013-02-24 20:22:19 UTC
(In reply to comment #7)
> I had the problems with 3.7.4 and PAX_KERNEXEC_PLUGIN_METHOD_OR

what problems exactly? that setting is for a kernel self-protection feature, it should not affect userland in any way...
Comment 9 bsod 2013-02-24 20:48:11 UTC
For example the bug this thread is all about.

This was the only setting I was playing around with, everything else was from the gentoo hardening handbook. Everything is working for me since the upgrade to 3.7.6. Thats why I asked for that settings. It is very well possible that I'm on the wrong track.
Comment 10 Khumba 2013-02-24 21:05:12 UTC
I figured out what the issue is for me.  I'd switched over to XATTR_PAX_FLAGS=y, PT_PAX_FLAGS=n...  And of course the patch for #411439 uses paxctl which only sets PT flags.  Would it be possible to have the emacs build system prefer paxctl-ng to paxctl, if installed?  Is paxctl-ng "standard" now?

(No problems with PAX_KERNEXEC_PLUGIN_METHOD_OR here.)
Comment 11 Ulrich Müller gentoo-dev 2013-02-25 07:31:15 UTC
(In reply to comment #10)
> Would it be possible to have the emacs build system prefer paxctl-ng
> to paxctl, if installed?

Sure. Prepare a patch and submit it to Emacs upstream. It's already too late for Emacs 24.3, but you may convince them to include it in 24.4. We can backport the changes to existing versions once they've been accepted upstream.


(Thinking about it, our previous paxctl changes for Emacs submitted at http://debbugs.gnu.org/11398 will appear only in the next upstream release, namely 24.3. Extrapolating this, we'll likely be reiterating for paxctl-ds9 or paxctl-voy at the time of the 24.4 release. ;-)
Comment 12 Anthony Basile gentoo-dev 2013-03-17 13:52:12 UTC
(In reply to comment #10)
> I figured out what the issue is for me.  I'd switched over to
> XATTR_PAX_FLAGS=y, PT_PAX_FLAGS=n...  And of course the patch for #411439
> uses paxctl which only sets PT flags.  Would it be possible to have the
> emacs build system prefer paxctl-ng to paxctl, if installed?  Is paxctl-ng
> "standard" now?
> 
> (No problems with PAX_KERNEXEC_PLUGIN_METHOD_OR here.)

Once the new eclass is in place, this bug will not happen.  See bug #431092.
Comment 13 Ulrich Müller gentoo-dev 2013-03-25 12:52:06 UTC
(In reply to comment #12)
> Once the new eclass is in place, this bug will not happen.  See bug #431092.

That's not right, since paxctl is called by the upstream build system. The emacs ebuilds don't inherit pax-utils.eclass.
Comment 14 Ulrich Müller gentoo-dev 2013-08-11 14:00:24 UTC
*** Bug 480526 has been marked as a duplicate of this bug. ***
Comment 15 Ulrich Müller gentoo-dev 2013-12-11 17:02:07 UTC
*** Bug 490626 has been marked as a duplicate of this bug. ***
Comment 16 Jorge Manuel B. S. Vicetto (RETIRED) Gentoo Infrastructure gentoo-dev 2013-12-30 15:54:16 UTC
This is affecting the build of the admin-cd, ever since I switched my host to use XATTR_PAX_FLAGS.
Comment 17 Magnus Granberg 2013-12-30 17:41:42 UTC
Created attachment 366582 [details, diff]
Use the shell version of pax-utils.eclass

It use the shell version of pax-utils.eclass instead of paxctl
it depend on sys-apps/elfix
Comment 18 Ulrich Müller gentoo-dev 2013-12-30 17:57:16 UTC
(In reply to Magnus Granberg from comment #17)
> Created attachment 366582 [details, diff] [details, diff]
> Use the shell version of pax-utils.eclass
> 
> It use the shell version of pax-utils.eclass instead of paxctl
> it depend on sys-apps/elfix

Can you submit this to Emacs upstream, please?
Comment 19 Ulrich Müller gentoo-dev 2013-12-30 18:09:26 UTC
Also, from the logic in paxmark.sh, the final emacs binary would end up with some extended attributes? (The Makefile does "$(PAXCTL) -zex emacs", with the intention to remove any previously set flags.)
Comment 20 Ulrich Müller gentoo-dev 2013-12-31 00:09:16 UTC
Hopefully fixed in emacs-24.3-r2 and emacs-23.4-r6. No revbump, because it is a build failure and installed files are unchanged.

Please test.


For reference, patches are here:
http://git.overlays.gentoo.org/gitweb/?p=proj/emacs-tools.git;a=commit;h=88a257278a1a85b82884b84d634f73f65c40b9c2
Comment 21 Ulrich Müller gentoo-dev 2014-01-03 13:42:58 UTC
(In reply to Ulrich Müller from comment #20)
> Please test.

<jmbsvicetto> ulm: >>> Installing (136 of 269) app-editors/emacs-24.3-r2
<jmbsvicetto> ulm: :)
Comment 22 Ulrich Müller gentoo-dev 2014-01-04 22:02:14 UTC
Reported upstream: http://debbugs.gnu.org/cgi/bugreport.cgi?bug=16343
Comment 23 Ulrich Müller gentoo-dev 2014-01-05 09:37:28 UTC
Fixed in bzr upstream:
http://bzr.savannah.gnu.org/lh/emacs/trunk/revision/115867?compare_revid=115865