Mailinglist Archive: opensuse-bugs (4644 mails)

< Previous Next >
[Bug 1045340] groupwise segfaults on kernel-default-4.4.72-18.12.2 (regression from stack gap fix?)
  • From: bugzilla_noreply@xxxxxxxxxx
  • Date: Wed, 21 Jun 2017 17:20:03 +0000
  • Message-id: <>

--- Comment #8 from Vlastimil Babka <vbabka@xxxxxxxx> ---
(In reply to Andreas Stieger from comment #7)
(In reply to Vlastimil Babka from comment #6)
How exactly can I get the rpm?

I am using:

Thanks. I've run it under gdb and when it segfaulted, checked the

ffedd000-fffae000 rwxp 00000000 00:00 0 (this is without the gap)
Size: 1860 kB (the size however includes gap)
VmFlags: rd wr ex mr mw me gd ac (gd == grows down - a stack)
fffae000-fffb1000 ---p 00000000 00:00 0 (not r/w/x)
Size: 12 kB
VmFlags: mr mw me ac sd (doesn't have gd)
1000b1000-ffffe000 rwxp 00000000 00:00 0 (invalid reported start addr as it
adds the full gap size to real vma start) [stack]
Size: 308 kB (real size without gap:
Rss: 24 kB (we have used only this much stack
Pss: 24 kB
Shared_Clean: 0 kB
Shared_Dirty: 0 kB
Private_Clean: 0 kB
Private_Dirty: 24 kB
Referenced: 24 kB
Anonymous: 24 kB
AnonHugePages: 0 kB
Shared_Hugetlb: 0 kB
Private_Hugetlb: 0 kB
Swap: 0 kB
SwapPss: 0 kB
KernelPageSize: 4 kB
MMUPageSize: 4 kB
Locked: 0 kB
VmFlags: rd wr ex mr mw me gd ac (again grows down)

Looks like the same issue as I've seen with jsvc reproducer from debian
bugzilla, that we discussed via mail. The original stack ffedd000-ffffe000 was
split by mprotecting the area
ffedd000-fffae000 inside the stack. The remaining "upper part"
fffb1000-ffffe000 is now smaller than stack gap, and preceding vma is not a
stack, so faulting a new page in the upper part (where we only have faulted in
24 kB so far) will find this out and fail to enlarge the gap, thus segfault.

You are receiving this mail because:
You are on the CC list for the bug.
< Previous Next >