From b74db6347cf5cac1ebd4c604fd5691c588fd8e32 Mon Sep 17 00:00:00 2001 From: Paul Eggert Date: Tue, 24 Feb 2015 16:34:13 -0800 Subject: [PATCH] Backtrace after malloc arena is corrupted Without this change, if the malloc arena is corrupted and then 'backtrace' is called, the backtrace can crash because 'backtrace' calls 'malloc'. For more, please see: https://sourceware.org/ml/libc-alpha/2015-02/msg00678.html * emacs.c (main): Initialize tables used by 'backtrace'. * sysdep.c (emacs_backtrace): Document the newly used part of the API. --- src/ChangeLog | 10 ++++++++++ src/emacs.c | 2 ++ src/sysdep.c | 12 +++++++++++- 3 files changed, 23 insertions(+), 1 deletion(-) diff --git a/src/ChangeLog b/src/ChangeLog index 6ef5746daa2..1f0781fef10 100644 --- a/src/ChangeLog +++ b/src/ChangeLog @@ -1,3 +1,13 @@ +2015-02-25 Paul Eggert + + Backtrace after malloc arena is corrupted + Without this change, if the malloc arena is corrupted and then + 'backtrace' is called, the backtrace can crash because 'backtrace' + calls 'malloc'. For more, please see: + https://sourceware.org/ml/libc-alpha/2015-02/msg00678.html + * emacs.c (main): Initialize tables used by 'backtrace'. + * sysdep.c (emacs_backtrace): Document the newly used part of the API. + 2015-02-22 Jan Djärv * nsfns.m (Fx_frame_geometry): New function. diff --git a/src/emacs.c b/src/emacs.c index 4a6d6badf28..c2b698ba50b 100644 --- a/src/emacs.c +++ b/src/emacs.c @@ -884,6 +884,8 @@ main (int argc, char **argv) clearerr (stdin); + emacs_backtrace (-1); + #if !defined SYSTEM_MALLOC && !defined HYBRID_MALLOC /* Arrange to get warning messages as memory fills up. */ memory_warnings (0, malloc_warning); diff --git a/src/sysdep.c b/src/sysdep.c index a2bda96192f..cb361ec2dc5 100644 --- a/src/sysdep.c +++ b/src/sysdep.c @@ -2147,7 +2147,17 @@ snprintf (char *buf, size_t bufsize, char const *format, ...) /* If a backtrace is available, output the top lines of it to stderr. Do not output more than BACKTRACE_LIMIT or BACKTRACE_LIMIT_MAX lines. This function may be called from a signal handler, so it should - not invoke async-unsafe functions like malloc. */ + not invoke async-unsafe functions like malloc. + + If BACKTRACE_LIMIT is -1, initialize tables that 'backtrace' uses + but do not output anything. This avoids some problems that can + otherwise occur if the malloc arena is corrupted before 'backtrace' + is called, since 'backtrace' may call malloc if the tables are not + initialized. + + If the static variable THREAD_BACKTRACE_NPOINTERS is nonzero, a + fatal error has occurred in some other thread; generate a thread + backtrace instead, ignoring BACKTRACE_LIMIT. */ void emacs_backtrace (int backtrace_limit) { -- 2.39.2