Anonymous mmap crashes with SIGSEGV
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| linux (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Bug Description
This (possible) bug is not related to any package but to the libc itself maybe (or the kernel or whatever).
When executing this program on Kubuntu 9.10:
#include <signal.h>
#include <stdio.h>
#include <stdlib.h>
#include <sys/mman.h>
void segfault_
{
fprintf(stderr, "Segfault happened, exiting.\n");
exit(
}
int main(void)
{
signal(SIGSEGV, &segfault_handler);
for (int i = 0; i < 0x8048000; i += 4096)
{
}
return EXIT_SUCCESS;
}
(compiled it with "gcc mmap.c -Wall -Wextra -std=gnu99 -pedantic -Xlinker -Ttext -Xlinker 0x70000000 -m32 -o mmap")
I get the message "Segmentation Fault.", the position varies. I tried it under openSuSE 11.2 and it works. I tried it under Linux from Scratch 6.5 (kernel 2.6.30.9) and it works, too. Note that the segfault is not handled: The message is not "Segfault happened, exiting" but simply "Segmentation Fault.".
I think this behavior is incorrect, because the mmap manpage says: "On success, mmap() returns a pointer to the mapped area. On error, the value MAP_FAILED (that is, (void *) -1) is returned, and errno is set appropriately." So I expect something like this:
"Mapping 0x0011C000... Mapped to: 0xFFFFFFFF" and not "Mapping 0x0011C000... Segmentation Fault."
Though the manpage also tells me: "Use of a mapped region can result in these signals: SIGSEGV - Attempted write into a region mapped as read-only." But that's about the use of a mmap'ed region and not about the call itself. Furthermore this SIGSEGV should be at least catchable.
OK, the manpage also says: "By default, any process can be killed at any moment when the system runs out of memory." But first of all a SIGKILL ("killing a process" sounds like "sending SIGKILL" to me) is in my opinion not equal to a SIGSEGV and second, the system doesn't run out of memory (because first of all mmap shouldn't really allocate the memory (as far as I know) and second the addresses are below the size of free memory available (the program never stops for example at 10 MB and "free" tells me there are still 50 MB of free memory).
By the way: You may remove the "-Xlinker -Ttext -Xlinker 0x70000000" part, but I need it for another program hence I compiled this test program with those parameters (it also dies without these parameters).
| affects: | ubuntu → linux (Ubuntu) |
| tags: | added: kernel-series-unknown |
| tags: |
added: karmic removed: kernel-series-unknown |
| Jeremy Foshee (jeremyfoshee) wrote | #1 |
| tags: | added: needs-kernel-logs |
| tags: | added: needs-upstream-testing |
| tags: | added: kj-triage |
| Changed in linux (Ubuntu): | |
| status: | New → Incomplete |
| Max Reitz (xanclic) wrote | #2 |
| Changed in linux (Ubuntu): | |
| status: | Incomplete → Fix Released |
Hi Max,
This bug was reported a while ago and there hasn't been any activity in it recently. We were wondering if this is still an issue? Can you try with the latest development release of Ubuntu? ISO CD images are available from http://
If it remains an issue, could you run the following command from a Terminal (Applications-
apport-collect -p linux 495101
Also, if you could test the latest upstream kernel available that would be great. It will allow additional upstream developers to examine the issue. Refer to https:/
Thanks in advance.
[This is an automated message. Apologies if it has reached you inappropriately; please just reply to this message indicating so.]