Disable linux madvise MADV_GUARD_INSTALL

glibc 2.42+ (with linux 6.13+) uses MADV_GUARD_INSTALL to setup stack guard pages. valgrind currently isn't able to track this and such guard pages also don't show up in /proc maps (only in /proc pagemap since linux 6.14). For now valgrind fails a madvise MADV_GUARD_INSTALL syscall with EINVAL. This causes glibc to fall back to mprotect PROT_NONE which valgrind is able to track. https://bugs.kde.org/show_bug.cgi?id=511717 (cherry picked from commit 19a34d1d93)
2026-01-12 00:19:31 +08:00 · 2026-01-07 22:20:49 +01:00
parent c080f583dc
commit dbdfc2b452
3 changed files with 31 additions and 0 deletions
--- a/14
+++ b/14
@@ -1,6 +1,18 @@
 Branch 3.26
 ~~~~~~~~~~~

+* ==================== CORE CHANGES ===================
+
+* linux madvise MADV_GUARD_INSTALL unsupported
+
+  glibc 2.42+ (with linux 6.13+) uses MADV_GUARD_INSTALL to setup
+  stack guard pages. valgrind currently isn't able to track this and
+  such guard pages also don't show up in /proc maps (only in /proc
+  pagemap since linux 6.14). For now valgrind fails a madvise
+  MADV_GUARD_INSTALL syscall with EINVAL. This causes glibc to fall
+  back to mprotect PROT_NONE which valgrind is able to track.
+  See also https://bugs.kde.org/show_bug.cgi?id=514297
+
 * ==================== FIXED BUGS ====================

 The following bugs have been fixed or resolved on this branch.
@@ -8,6 +20,8 @@ The following bugs have been fixed or resolved on this branch.
 511972  valgrind-3.26.0 tests fail to build on upcomig gcc-16:
        unrecognized command-line option
        '-Wno-alloc-size-larger-than=18446744073709551615'
+511717  gdbserver (valgrind_read_memory) the 'impossible' happened:
+        Killed by fatal signal (SIGSEGV)
 514094  readlink("/proc/self/exe") overwrites buffer beyond its return value

 To see details of a given bug, visit
--- a/coregrind/m_syswrap/syswrap-generic.c
+++ b/coregrind/m_syswrap/syswrap-generic.c
@@ -3112,6 +3112,16 @@ PRE(sys_madvise)
                        ARG1, ARG2, SARG3);
   PRE_REG_READ3(long, "madvise",
                 unsigned long, start, vki_size_t, length, int, advice);
+   /* Ugly hack to try to bypass the problem of guard pages not being
+      understood by valgrind aspace manager.
+      By making the syscall fail, we expect glibc to fallback
+      on implementing guard pages with mprotect PROT_NONE to ensure
+      the valgrind address space manager is not confused wrongly
+      believing the guard page is rw. */
+#ifdef VKI_MADV_GUARD_INSTALL
+   if (ARG3 == VKI_MADV_GUARD_INSTALL)
+      SET_STATUS_Failure( VKI_EINVAL );
+#endif
 }

 #if HAVE_MREMAP
--- a/include/vki/vki-linux.h
+++ b/include/vki/vki-linux.h
@@ -1364,6 +1364,13 @@ struct  vki_seminfo {
 #define VKI_MREMAP_MAYMOVE	1
 #define VKI_MREMAP_FIXED	2

+//----------------------------------------------------------------------
+// Common madvise flags mman-common.h
+//----------------------------------------------------------------------
+
+#define VKI_MADV_GUARD_INSTALL 102
+#define VKI_MADV_GUARD_REMOVE  103
+
 //----------------------------------------------------------------------
 // From linux-2.6.31-rc4/include/linux/futex.h
 //----------------------------------------------------------------------