From: Chapman Flack Message-ID: <594E80F5.20605@anastigmatix.net> Date: Sat, 24 Jun 2017 11:10:45 -0400 MIME-Version: 1.0 Subject: [Pljava-dev] Recent RedHat/CentOS kernel update and PL/Java Content-Type: text/plain; charset="us-ascii" Red Hat and CentOS are rolling out kernel updates that address a possible stack-smashing exploit by increasing the size of the guard region below the stack, in a way that causes Java to crash with a SIGBUS (as reported twice now in PL/Java's issue tracker-- #128 and #129--and online for several other Java-based projects). The suggested solution according to other projects is to add -Xss2M (or larger) to the Java VM options, forcing a stack of 2 MB (or larger) to be allocated. For PL/Java, that's accomplished by adding -Xss2M to the setting of pljava.vmoptions. A simple test can be done in a new session simply by giving SET pljava.vmoptions TO '-Xss2M'; before calling a PL/Java function. If that works, the setting can be saved by ALTER DATABASE SET, ALTER SYSTEM, or editing postgresql.conf, whatever method you are already using to persist pljava settings. Per Oracle's docs, -Xss is both an initial stack size and a limit; when specified, the stack will have that initial size and be unable to grow. If whatever PL/Java is being used for could require more than 2 MB of stack (or, if stack overflow errors are seen with a setting of 2 MB) then the option may need further upward adjustment. I assume this is an interim fix and Oracle will eventually release a Java update that plays nicely with the new kernel's stack guard, and then giving an explicit stack size will no longer be needed. -Chap _______________________________________________ Pljava-dev mailing list Pljava-dev@lists.pgfoundry.org http://lists.pgfoundry.org/mailman/listinfo/pljava-dev