From owner-freebsd-hackers@freebsd.org Sat Oct 26 17:41:49 2019 Return-Path: Delivered-To: freebsd-hackers@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 9BEE917AEAD for ; Sat, 26 Oct 2019 17:41:49 +0000 (UTC) (envelope-from cy.schubert@cschubert.com) Received: from smtp-out-so.shaw.ca (smtp-out-so.shaw.ca [64.59.136.138]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "Client", Issuer "CA" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 470pFS0Qsxz4R3c for ; Sat, 26 Oct 2019 17:41:47 +0000 (UTC) (envelope-from cy.schubert@cschubert.com) Received: from spqr.komquats.com ([70.67.125.17]) by shaw.ca with ESMTPA id OQ4Piq35zSrVcOQ4QiwGqC; Sat, 26 Oct 2019 11:41:46 -0600 X-Authority-Analysis: v=2.3 cv=L5ZjvNb8 c=1 sm=1 tr=0 a=VFtTW3WuZNDh6VkGe7fA3g==:117 a=VFtTW3WuZNDh6VkGe7fA3g==:17 a=kj9zAlcOel0A:10 a=XobE76Q3jBoA:10 a=mDV3o1hIAAAA:8 a=s1G7sxBSAAAA:20 a=YxBL1-UpAAAA:8 a=6I5d2MoRAAAA:8 a=0b_NTBbwLU2KIO1zbe8A:9 a=CjuIK1q_8ugA:10 a=ffDdhEzIpgoA:10 a=_FVE-zBwftR9WsbkzFJk:22 a=Ia-lj3WSrqcvXOmTRaiG:22 a=IjZwj45LgO3ly-622nXo:22 Received: from slippy.cwsent.com (slippy [10.1.1.91]) by spqr.komquats.com (Postfix) with ESMTPS id EC3831F48; Sat, 26 Oct 2019 10:41:44 -0700 (PDT) Received: from slippy.cwsent.com (localhost [127.0.0.1]) by slippy.cwsent.com (8.15.2/8.15.2) with ESMTP id x9QHfi7Y001195; Sat, 26 Oct 2019 10:41:44 -0700 (PDT) (envelope-from Cy.Schubert@cschubert.com) Received: from slippy (cy@localhost) by slippy.cwsent.com (8.15.2/8.15.2/Submit) with ESMTP id x9QHfiR4001192; Sat, 26 Oct 2019 10:41:44 -0700 (PDT) (envelope-from Cy.Schubert@cschubert.com) Message-Id: <201910261741.x9QHfiR4001192@slippy.cwsent.com> X-Authentication-Warning: slippy.cwsent.com: cy owned process doing -bs X-Mailer: exmh version 2.9.0 11/07/2018 with nmh-1.7.1 Reply-to: Cy Schubert From: Cy Schubert X-os: FreeBSD X-Sender: cy@cwsent.com X-URL: http://www.cschubert.com/ To: Konstantin Belousov cc: Cy Schubert , freebsd-hackers@freebsd.org Subject: Re: ASLR and Stack Gap != 0 In-reply-to: <20191026173147.GN73312@kib.kiev.ua> References: <201910261728.x9QHS7av001087@slippy.cwsent.com> <20191026173147.GN73312@kib.kiev.ua> Comments: In-reply-to Konstantin Belousov message dated "Sat, 26 Oct 2019 20:31:47 +0300." Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Sat, 26 Oct 2019 10:41:44 -0700 X-CMAE-Envelope: MS4wfFDvacIVsl/jhN4mcW4RCq4JdrpUs8aUq6dvtX+MM6dvd5st5F3cckTWD58wqmBAnebJWS5kYcoKM6r/TV9O3xmz7jfqo/Mc+nIEke67Sxtle0ssONrb Lb4dzbome/TLfw3utBD5VsEzcfsRywDMfa4jUSU0DZiueJ2a/lxqxfJF4qKT3VMaSKBY0IrX55jjCQ== X-Rspamd-Queue-Id: 470pFS0Qsxz4R3c X-Spamd-Bar: --- Authentication-Results: mx1.freebsd.org; dkim=none; spf=none (mx1.freebsd.org: domain of cy.schubert@cschubert.com has no SPF policy when checking 64.59.136.138) smtp.mailfrom=cy.schubert@cschubert.com X-Spamd-Result: default: False [-3.89 / 15.00]; ARC_NA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; RCVD_COUNT_FIVE(0.00)[5]; HAS_REPLYTO(0.00)[Cy.Schubert@cschubert.com]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[3]; TO_DN_SOME(0.00)[]; MV_CASE(0.50)[]; MIME_GOOD(-0.10)[text/plain]; HAS_XAW(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; REPLYTO_EQ_FROM(0.00)[]; TO_MATCH_ENVRCPT_SOME(0.00)[]; SUBJECT_HAS_EXCLAIM(0.00)[]; RCVD_IN_DNSWL_NONE(0.00)[138.136.59.64.list.dnswl.org : 127.0.5.0]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; R_SPF_NA(0.00)[]; FREEMAIL_TO(0.00)[gmail.com]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:6327, ipnet:64.59.128.0/20, country:CA]; RCVD_TLS_LAST(0.00)[]; IP_SCORE(-2.29)[ip: (-5.97), ipnet: 64.59.128.0/20(-3.04), asn: 6327(-2.35), country: CA(-0.09)]; RECEIVED_SPAMHAUS_PBL(0.00)[17.125.67.70.khpj7ygk5idzvmvt5x4ziurxhy.zen.dq.spamhaus.net : 127.0.0.11] X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 26 Oct 2019 17:41:49 -0000 In message <20191026173147.GN73312@kib.kiev.ua>, Konstantin Belousov writes: > On Sat, Oct 26, 2019 at 10:28:07AM -0700, Cy Schubert wrote: > > Let's try this again. This time with a subject line. > > > > Hi, > > > > The following little test case segfaults when aslr is enabled: > > > > #include > > #include > > #include > > #include > > > > int > > main(int argc, char *argv[]) > > { > > struct rlimit rl; > > int rc; > > > > rl.rlim_cur = 50 * 4096; > > rl.rlim_max = 50 * 4096; > > rc = setrlimit(RLIMIT_STACK, &rl); > > > > return(rc); > > } > > > > > > slippy# sysctl kern.elf64.aslr.enable=1 > > kern.elf64.aslr.enable: 0 -> 1 > > slippy# ./test > > Segmentation fault (core dumped) > > slippy# gdb test > > GNU gdb (GDB) 8.3.1 [GDB v8.3.1 for FreeBSD] > > Copyright (C) 2019 Free Software Foundation, Inc. > > License GPLv3+: GNU GPL version 3 or later l > > > > > This is free software: you are free to change and redistribute it. > > There is NO WARRANTY, to the extent permitted by law. > > Type "show copying" and "show warranty" for details. > > This GDB was configured as "x86_64-portbld-freebsd13.0". > > Type "show configuration" for configuration details. > > For bug reporting instructions, please see: > > . > > Find the GDB manual and other documentation resources online at: > > . > > > > For help, type "help". > > Type "apropos word" to search for commands related to "word"... > > Reading symbols from test... > > (gdb) run > > Starting program: /export/home/cy/freebsd/tests/setrlimit/test > > > > Program received signal SIGSEGV, Segmentation fault. > > setrlimit () at setrlimit.S:4 > > 4 setrlimit.S: No such file or directory. > > (gdb) bt > > #0 setrlimit () at setrlimit.S:4 > > Backtrace stopped: Cannot access memory at address 0x7fffffe372e8 > > (gdb) > > > > > > It only occurs with aslr enabled and stack gap != 0. This isn't right. > > > I already explained this, also you might find this written down one > more time at > https://github.com/freebsd/freebsd-quarterly/blob/master/2019q3/stack_gap.md Perfect. Thanks. -- Cheers, Cy Schubert FreeBSD UNIX: Web: http://www.FreeBSD.org The need of the many outweighs the greed of the few.