Oracle Database on Solaris: Known Issue when ASLR is enabled

(Doc ID 2297462.1)

Last updated on AUGUST 19, 2017

Applies to:

Oracle Database - Enterprise Edition - Version 11.2.0.4 and later
Oracle Solaris on x86-64 (64-bit)
Oracle Solaris on SPARC (64-bit)

Symptoms

Issues are noticed with Oracle Database which is using fixed addresses when attaching shared memory segments, which causes issues with ASLR is enabled.

Solaris has an ability to tag binaries in order to enable or disable ASLR, per binary.

localhost # elfdump /opt/Alliance/Access/database/bin/oracle | grep ASLR
/opt/Alliance/Access/database/bin/oracle: .SUNW_version: zero sh_entsize information, expected 0x1

OracleDB should make use of the tagging and disable ASLR, as this would allow for ASLR to be enabled globally otherwise.

- saa_control wakes up every 60s and runs a variety of checks

One of the test is it tries to connect to the database by running:

Each time the Oracle process starts (once a minute) it tries to attach to multiple SHM segments by calling shmat(). It usually works fine, but once or twice a day shmat() returns with errno 22. The SHM segment does exist, as after shmat() fails it calls shmctl(IPC_STAT) which confirms the SHM ID is valid.
It turned out that the issue is that the Oracle database calls shmat(48, 0x3c0000000, SHM_PAGEABLE) – notice that it explicitly specifies virtual address where it wants the SHM segment to be mapped at. But ASLR also enabled globally, so it seems from time to time, when the process starts and before it calls shmat() some other allocations might already use the portion of the address-space it will try to shmat() a moment later, so it fails with EINVAL.

Once global ASLR was disabled the problem went away.

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms