Re: [LTP] mmapstress07/08 segv

[John C. <jcl...@vi...>]

On Tue, 4 Oct 2005, Robert Williamson wrote:

>> In mmapstress08, the program maps small 4k chunks spaced out over the
>> entire lower 1GB of the virtual address space, and then unmaps everything
>
>> from then end of the binary (sbrk(0) space) to 1GB.  This causes a
> problem
>> when dynamically linking on some of our systems because sometimes the
>> loader maps glibc below 1GB, but not in any of the 4k spaces we happen to
>
>> use.  So, when the program blindly munmaps everything from sbrk(0) - 1GB,
>
>> it also unmaps glibc....  It should be noted that it also doesn't
>> unmap any of its mappings that are in the address space below the sbrk(0)
>
>> point.
>>
>
> Need to think on this one...I'll get back to you.

Just some actual numbers:

From our system (SLES9 root, standard GCC, our custom kernel):

vs012:~ # ldd ./mmapstress08
         linux-gate.so.1 =>  (0xbebfe000)
         libc.so.6 => /lib/tls/libc.so.6 (0x2aad0000)
         /lib/ld-linux.so.2 (0x2aaab000)

note that libc mapped below 0x40000000 (1GB).  Using crash to look at 
the VMAs, and printf, i can tell you that the sbrk space startes at about 
0x0804b000.  So the final unmap call that munmaps everything from 
0x0804b000 to 0x40000000 also unmaps libc.

lest it be thought that this is something funky with our kernel, here's 
the output from my ibook running ubuntu breezy:

john@augusta:~$ ldd mmapstress08-mod
         libc.so.6 => /lib/libc.so.6 (0x0fea0000)
         /lib/ld.so.1 (0x30000000)
john@augusta:~$ uname -a
Linux augusta 2.6.12-8-powerpc #1 Thu Sep 15 22:26:24 BST 2005 ppc 
GNU/Linux

Again, libc gets mapped at under 1GB. It also segfaults there.

hope that helps.
john.c