From: Sean Whitton Date: Thu, 27 Oct 2022 22:37:07 +0000 (-0700) Subject: Avoid fork bomb caused by native compilation trampolines X-Git-Tag: archive/raspbian/1%29.2+1-2+rpi1~1^2~78 X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=e3720837f6cc99944bef17dd779ff50970856d0d;p=emacs.git Avoid fork bomb caused by native compilation trampolines Add 0011-Avoid-fork-bomb-caused-by-native-compilation-trampol.patch to fix the problem. --- e3720837f6cc99944bef17dd779ff50970856d0d diff --cc debian/.git-dpm index fa9e7e9c3bf,00000000000..d37afb18234 mode 100644,000000..100644 --- a/debian/.git-dpm +++ b/debian/.git-dpm @@@ -1,8 -1,0 +1,8 @@@ +# see git-dpm(1) from git-dpm package - d2f60a22a18dfbee11eeec5b597c80705a807e7f - d2f60a22a18dfbee11eeec5b597c80705a807e7f ++65845dea9568b38a45bca7fbcc0e41e2b21e5c1f ++65845dea9568b38a45bca7fbcc0e41e2b21e5c1f +279b82e64e15b5e2df3cb522636c6db85a8ee659 +279b82e64e15b5e2df3cb522636c6db85a8ee659 +emacs_28.2+1.orig.tar.xz +d7f49858bdec2d47110c2ed7b1d0005f157e20c3 +26988304 diff --cc debian/patches/0011-Avoid-fork-bomb-caused-by-native-compilation-trampol.patch index 00000000000,00000000000..f9e8800f3e1 new file mode 100644 --- /dev/null +++ b/debian/patches/0011-Avoid-fork-bomb-caused-by-native-compilation-trampol.patch @@@ -1,0 -1,0 +1,103 @@@ ++From 65845dea9568b38a45bca7fbcc0e41e2b21e5c1f Mon Sep 17 00:00:00 2001 ++From: Andrea Corallo ++Date: Tue, 18 Oct 2022 15:14:32 +0200 ++Subject: Avoid fork bomb caused by native compilation trampolines ++ ++This upstream patch has been incorporated to fix the problem: ++ ++ Set `comp-no-spawn' earlier using -no-comp-spawn ++ ++ * src/emacs.c (standard_args): Add '-no-comp-spawn' cmd line option. ++ * lisp/startup.el (command-line): Parse '-no-comp-spawn' cmd line ++ option. ++ * lisp/emacs-lisp/comp.el (comp-run-async-workers, comp-final): ++ Use '-no-comp-spawn'. ++ ++Origin: upstream, commit: 5ad5b797f78dacb9c901d3c63bee05b1762fa94f ++Bug-Debian: https://bugs.debian.org/1017817 ++Bug-Debian: https://bugs.debian.org/1017845 ++Forwarded: not-needed ++--- ++ lisp/emacs-lisp/comp.el | 10 +++++----- ++ lisp/startup.el | 6 +++++- ++ src/emacs.c | 1 + ++ 3 files changed, 11 insertions(+), 6 deletions(-) ++ ++diff --git a/lisp/emacs-lisp/comp.el b/lisp/emacs-lisp/comp.el ++index dc94b907cfb..fb0d3805da4 100644 ++--- a/lisp/emacs-lisp/comp.el +++++ b/lisp/emacs-lisp/comp.el ++@@ -3680,8 +3680,7 @@ comp-final ++ (print-circle t) ++ (print-escape-multibyte t) ++ (expr `((require 'comp) ++- (setf comp-no-spawn t ++- native-comp-verbose ,native-comp-verbose +++ (setf native-comp-verbose ,native-comp-verbose ++ comp-libgccjit-reproducer ,comp-libgccjit-reproducer ++ comp-ctxt ,comp-ctxt ++ native-comp-eln-load-path ',native-comp-eln-load-path ++@@ -3707,7 +3706,8 @@ comp-final ++ (if (zerop ++ (call-process (expand-file-name invocation-name ++ invocation-directory) ++- nil t t "--batch" "-l" temp-file)) +++ nil t t "-no-comp-spawn" "--batch" "-l" +++ temp-file)) ++ (progn ++ (delete-file temp-file) ++ output) ++@@ -3943,7 +3943,6 @@ comp-run-async-workers ++ native-comp-verbose ,native-comp-verbose ++ comp-libgccjit-reproducer ,comp-libgccjit-reproducer ++ comp-async-compilation t ++- comp-no-spawn t ++ native-comp-eln-load-path ',native-comp-eln-load-path ++ native-comp-compiler-options ++ ',native-comp-compiler-options ++@@ -3978,7 +3977,8 @@ comp-run-async-workers ++ :command (list ++ (expand-file-name invocation-name ++ invocation-directory) ++- "--batch" "-l" temp-file) +++ "-no-comp-spawn" "--batch" "-l" +++ temp-file) ++ :sentinel ++ (lambda (process _event) ++ (run-hook-with-args ++diff --git a/lisp/startup.el b/lisp/startup.el ++index 052ba7b2c66..0f5de5affc3 100644 ++--- a/lisp/startup.el +++++ b/lisp/startup.el ++@@ -1143,7 +1143,8 @@ command-line ++ ("--no-x-resources") ("--debug-init") ++ ("--user") ("--iconic") ("--icon-type") ("--quick") ++ ("--no-blinking-cursor") ("--basic-display") ++- ("--dump-file") ("--temacs") ("--seccomp"))) +++ ("--dump-file") ("--temacs") ("--seccomp") +++ ("--no-comp-spawn"))) ++ (argi (pop args)) ++ (orig-argi argi) ++ argval) ++@@ -1189,6 +1190,9 @@ command-line ++ ((equal argi "-no-site-file") ++ (setq site-run-file nil) ++ (put 'site-run-file 'standard-value '(nil))) +++ ((equal argi "-no-comp-spawn") +++ (defvar comp-no-spawn) +++ (setq comp-no-spawn t)) ++ ((equal argi "-debug-init") ++ (setq init-file-debug t)) ++ ((equal argi "-iconic") ++diff --git a/src/emacs.c b/src/emacs.c ++index 0a90b0913be..3e75cd3622e 100644 ++--- a/src/emacs.c +++++ b/src/emacs.c ++@@ -2402,6 +2402,7 @@ main (int argc, char **argv) ++ { "-no-init-file", 0, 50, 0 }, ++ { "-no-x-resources", "--no-x-resources", 40, 0 }, ++ { "-no-site-file", "--no-site-file", 40, 0 }, +++ { "-no-comp-spawn", "--no-comp-spawn", 60, 0 }, ++ { "-u", "--user", 30, 1 }, ++ { "-user", 0, 30, 1 }, ++ { "-debug-init", "--debug-init", 20, 0 }, diff --cc debian/patches/series index 352148753c6,00000000000..e876e14c5b9 mode 100644,000000..100644 --- a/debian/patches/series +++ b/debian/patches/series @@@ -1,10 -1,0 +1,11 @@@ +0001-Prefer-usr-share-info-emacs.patch +0002-Run-debian-startup-and-set-debian-emacs-flavor.patch +0003-Remove-files-that-appear-to-be-incompatible-with-the.patch +0004-Adjust-documentation-references-for-Debian.patch +0005-Modify-the-output-of-version-to-indicate-Debian-modi.patch +0006-Don-t-try-to-build-src-macuvs.h-via-IVD_Sequences.tx.patch +0007-Kill-gpg-agent-in-package-test.el-to-avoid-a-race.patch +0008-Mark-vc-bzr-test-fauilt-bzr-autoloads-as-unstable-fo.patch +0009-pdumper-set-DUMP_RELOC_ALIGNMENT_BITS-1-for-m68k.patch +0010-Avoid-fork-bomb-caused-by-native-compilation.patch ++0011-Avoid-fork-bomb-caused-by-native-compilation-trampol.patch