[exim-dev] [Bug 927] segfault around group_list

Top Page
Delete this message
Reply to this message
Author: Phil Pennock
Date:  
To: exim-dev
Old-Topics: [exim-dev] [Bug 927] New: segfault around group_list
Subject: [exim-dev] [Bug 927] segfault around group_list
------- You are receiving this mail because: -------
You are on the CC list for the bug.

http://bugs.exim.org/show_bug.cgi?id=927

Nigel Metheringham <nigel@???> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
   Target Milestone|Exim 4.72                   |Exim 4.73


Phil Pennock <pdp@???> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|RESOLVED                    |CLOSED





--- Comment #17 from Phil Pennock <pdp@???> 2010-07-25 09:16:55 ---
Florian Weimer confirms that this is a Linux kernel bug, fixed for Debian/amd64
by linux-2.6_2.6.26-22 (March 2010). Debian BTS 559035 and fixed in mainline
Linux kernel with:

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=80938332d8cf652f6b16e0788cf0ca136befe0b5

from September 2009. Commit note: """
Currently we are not including randomized stack size when calculating
mmap_base address in arch_pick_mmap_layout for topdown case. This might
cause that mmap_base starts in the stack reserved area because stack is
randomized by 1GB for 64b (8MB for 32b) and the minimum gap is 128MB.

If the stack really grows down to mmap_base then we can get silent mmap
region overwrite by the stack values.

Let's include maximum stack randomization size into MIN_GAP which is
used as the low bound for the gap in mmap.
"""

So, not an Exim bug, just a bug which frequent queue-runners can cause Exim to
trip most often.


--
Configure bugmail: http://bugs.exim.org/userprefs.cgi?tab=email