Bug is fixed in upstream kernel 4.2.0 rc3, with the heap getting roughly 800Mb to use and the stack 135.
80085000-8008a000 r-xp 00000000 fd:01 58216 /usr/bin/xsltproc 8008a000-8008b000 r--p 00004000 fd:01 58216 /usr/bin/xsltproc 8008b000-8008c000 rw-p 00005000 fd:01 58216 /usr/bin/xsltproc 81432000-9176b000 rw-p 00000000 00:00 0 [heap] b56e7000-b5747000 rw-p 00000000 00:00 0 b57a8000-b58df000 rw-p 00000000 00:00 0 b58df000-b58fb000 r-xp 00000000 fd:01 2095 /lib/i386-linux-gnu/libgcc_s.so.1 [...etc...] b771c000-b771d000 rw-p 00043000 fd:01 67414 /usr/lib/i386-linux-gnu/libxslt.so.1.1.28 b7726000-b7728000 rw-p 00000000 00:00 0 b7728000-b772a000 r--p 00000000 00:00 0 [vvar] b772a000-b772b000 r-xp 00000000 00:00 0 [vdso] b772b000-b774d000 r-xp 00000000 fd:01 2083 /lib/i386-linux-gnu/ld-2.21.so b774d000-b774e000 r--p 00021000 fd:01 2083 /lib/i386-linux-gnu/ld-2.21.so b774e000-b774f000 rw-p 00022000 fd:01 2083 /lib/i386-linux-gnu/ld-2.21.so bfe18000-bff04000 rw-p 00000000 00:00 0 [stack] I am suspicious of fs/binfmt_elf.c, and in particular [upstream a87938b2e/ ubuntu b51621abb] "fs/binfmt_elf.c: fix bug in loading of PIE binaries" , but I have no proof yet. -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to libxslt in Ubuntu. https://bugs.launchpad.net/bugs/1471029 Title: ELF programs with R_386_RELATIVE blocks are badly mapped into memory Status in glibc package in Ubuntu: New Status in libxslt package in Ubuntu: Triaged Bug description: Running the Samba autobuild tests on a 15.04 openstack image results in a segfault in this command: /usr/bin/xsltproc --nonet -o default/docs-xml/manpages/smb.conf.5 /home/ubuntu/autobuild/b22271/samba/docs-xml/xslt/man.xsl default /docs-xml/manpages/smb.conf.5.xml I reported this upstream as a bug in xsltproc, but it was found to be impossible to reproduce using upstream source on the openstack instance: https://bugzilla.gnome.org/show_bug.cgi?id=751764 Comment 8 (https://bugzilla.gnome.org/show_bug.cgi?id=751764#c8) is particularly informative. The stack trace below shows the segfault actually occurs in libxml's xpath evaluation functions. I see no difference between xpath.c in upstream 2.9.2 and Ubuntu's version. (gdb) bt 12 #0 0xb760f874 in xmlXPathCompOpEval (ctxt=0xba25d3e8, op=0xb86bc818) at ../../xpath.c:13606 #1 0xb760f82e in xmlXPathCompOpEval (ctxt=0xba25d3e8, op=0xb86bc890) at ../../xpath.c:13598 #2 0xb7610244 in xmlXPathCompOpEval (ctxt=0xba25d3e8, op=0xb86bc8b8) at ../../xpath.c:13529 #3 0xb760f9d6 in xmlXPathCompOpEval (ctxt=0xba25d3e8, op=0xb86bc8e0) at ../../xpath.c:13977 #4 0xb7612735 in xmlXPathCompOpEval (op=<optimized out>, ctxt=0xba25d3e8) at ../../xpath.c:14552 #5 xmlXPathRunEval (ctxt=0xba25d3e8, toBool=<optimized out>) at ../../xpath.c:14552 #6 0xb76171ed in xmlXPathCompiledEvalInternal (toBool=0, resObj=<synthetic pointer>, ctxt=<optimized out>, comp=<optimized out>) at ../../xpath.c:14915 #7 xmlXPathCompiledEval__internal_alias (comp=0xb866a948, ctx=0xb99bd308) at ../../xpath.c:14978 #8 0xb7787260 in xsltEvalVariable (ctxt=ctxt@entry=0xb9836560, variable=variable@entry=0xba25d3b0, castedComp=0xb86a4238) at ../../../libxslt/variables.c:903 #9 0xb778759a in xsltBuildVariable (ctxt=0xb9836560, castedComp=0xb86a4238, tree=0xb86a6978) at ../../../libxslt/variables.c:1759 #10 0xb7788bfa in xsltParseStylesheetCallerParam (ctxt=0xb86a6978, inst=0xb86a6978) at ../../../libxslt/variables.c:1975 #11 0xb779b9db in xsltCallTemplate (ctxt=0xb9836560, node=0xb85efed8, inst=0xb86a6880, castedComp=0xb86a4148) at ../../../libxslt/transform.c:4739 (More stack frames follow...) (gdb) bt -5 #3311 0xb779a7de in xsltProcessOneNode (ctxt=0xb9836560, contextNode=0xb97586a0, withParams=0x0) at ../../../libxslt/transform.c:2097 #3312 0xb779d818 in xsltApplyStylesheetInternal (style=0xba25d3e8, style@entry=0xb85ee200, doc=0xb86bc7f0, doc@entry=0xb97586a0, params=0xb77ed340 <params>, output=0xb85e13e0 "default/docs-xml/manpages/smb.conf.5", profile=0x0, userCtxt=0xb9836560) at ../../../libxslt/transform.c:6159 #3313 0xb779df8d in xsltRunStylesheetUser (style=0xb85ee200, doc=0xb97586a0, params=0xb77ed340 <params>, output=0xb85e13e0 "default/docs-xml/manpages/smb.conf.5", SAX=0x0, IObuf=0x0, profile=0x0, userCtxt=0xb9836560) at ../../../libxslt/transform.c:6449 #3314 0xb77ea12c in xsltProcess (doc=0xb97586a0, cur=0xb85ee200, filename=0xbfd59812 "default/docs-xml/manpages/smb.conf.5.xml") at ../../../xsltproc/xsltproc.c:483 #3315 0xb77e9298 in main (argc=6, argv=0xbfd58f94) at ../../../xsltproc/xsltproc.c:903 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/glibc/+bug/1471029/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
