| Summary: | sys-auth/polkit-0.113-r2::gentoo segfault and error 4 in libpthread-2.23.so when enabled PAX_NOEXEC(linux hardened) | ||
|---|---|---|---|
| Product: | PolicyKit | Reporter: | xdev52 |
| Component: | daemon | Assignee: | David Zeuthen (not reading bugmail) <zeuthen> |
| Status: | RESOLVED MOVED | QA Contact: | David Zeuthen (not reading bugmail) <zeuthen> |
| Severity: | major | ||
| Priority: | medium | CC: | xdev52 |
| Version: | unspecified | ||
| Hardware: | x86-64 (AMD64) | ||
| OS: | Linux (All) | ||
| Whiteboard: | |||
| i915 platform: | i915 features: | ||
|
Description
xdev52
2017-03-03 18:06:05 UTC
(In reply to xdev52 from comment #0) > # gdb -q /usr/bin/pkaction It is polkitd that is crashing, not pkaction, so you will need to attach gdb to polkitd (not pkaction) to get a useful backtrace. polkit uses mozjs (the Mozilla JavaScript engine) to interpret its domain-specific language, and JavaScript interpreters typically use JIT which relies on generating executable code in memory and running it. This makes me speculate that the version of mozjs you have might not be compatible with the PAX kernel. I notice you have configured "-jit" which suggests that your kernel is known not to work well with JIT. Perhaps that setting has not actually been effective in preventing mozjs from using JIT? You might get better results by talking to the Hardened Gentoo maintainers - I would guess that they see this sort of thing a lot. If so, please respond here with any more information you/they can provide. (In reply to Simon McVittie from comment #1) > (In reply to xdev52 from comment #0) > > # gdb -q /usr/bin/pkaction > > It is polkitd that is crashing, not pkaction, so you will need to attach gdb > to polkitd (not pkaction) to get a useful backtrace. > > polkit uses mozjs (the Mozilla JavaScript engine) to interpret its > domain-specific language, and JavaScript interpreters typically use JIT > which relies on generating executable code in memory and running it. This > makes me speculate that the version of mozjs you have might not be > compatible with the PAX kernel. > > I notice you have configured "-jit" which suggests that your kernel is known > not to work well with JIT. Perhaps that setting has not actually been > effective in preventing mozjs from using JIT? > > You might get better results by talking to the Hardened Gentoo maintainers - > I would guess that they see this sort of thing a lot. If so, please respond > here with any more information you/they can provide. here: # gdb -q /usr/lib/polkit-1/polkitd Reading symbols from /usr/lib/polkit-1/polkitd...(no debugging symbols found)...done. (gdb) run Starting program: /usr/lib64/polkit-1/polkitd warning: Cannot call inferior functions, Linux kernel PaX protection forbids return to non-executable pages! Successfully changed to user polkitd [New LWP 16284] [New LWP 16285] Thread 1 "polkitd" received signal SIGSEGV, Segmentation fault. 0x000003556bf5ba93 in ?? () dmesg: [34060.196688] PAX: execution attempt in: <anonymous mapping>, 35f60a57000-35f60a58000 35f60a57000 [34060.196693] PAX: terminating task: /usr/bin/gdb(gdb):16274, uid/euid: 0/0, PC: 0000035f60a57000, SP: 000003a625e87570 [34060.196695] PAX: bytes at PC: cc 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [34060.196709] PAX: bytes at SP-8: 0000035f60a57000 0000035f5f152788 0000000000000000 0000000000000018 00000002e30cc45f 000003a625e87598 a28b850286a0fd00 0000000000003f90 0000000000003f90 000003a625e875d4 0000000000003f90 -- GitLab Migration Automatic Message -- This bug has been migrated to freedesktop.org's GitLab instance and has been closed from further activity. You can subscribe and participate further through the new bug through this link to our GitLab instance: https://gitlab.freedesktop.org/polkit/polkit/issues/1. |
Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.