[klibc] signal handlers segfault on Fedora kernels

Kay Sievers kay.sievers at vrfy.org
Mon Mar 21 11:45:25 PST 2005 

On Mon, 2005-03-21 at 10:55 -0800, H. Peter Anvin wrote:
> Kay Sievers wrote:
> > Signal handlers in a klibc compiled program are not working with
> > Fedora-Devel shipped kernels. Therefore a klibc udev does simply
> > nothing on that boxes.
> > 
> > This simple program segfaults if Ctrl-C is pressed. The same compiled
> > with glibc works as expected. Any idea what the reason for that may be?
> 
> I traced it, and when it invokes the target function, the stack pointer 
> is most definitely *NOT* pointing to a return address like it should; it 
> points to a word 0x00000420.
> 
> > (gdb) x/45wx $esp
> > 0xbffff178:     0x00000420      0x00000002      0x00000000      0x00000000
> > 0xbffff188:     0x0000007b      0x0000007b      0x00000000      0x080480a0
> > 0xbffff198:     0x10000000      0xbffff454      0x00006639      0x00000000
> > 0xbffff1a8:     0xbffff468      0xfffffdfe      0x00000001      0x00000000
> > 0xbffff1b8:     0x0804836f      0x00000073      0x00200206      0xbffff454
> > 0xbffff1c8:     0x0000007b      0x00000000      0x00000000      0x00000000
> > 0xbffff1d8:     0x00000000      0x00000000      0x00000000      0x00000000
> > 0xbffff1e8:     0x00000000      0x00000000      0x00000000      0x00000000
> > 0xbffff1f8:     0x00000000      0x00000000      0x00000000      0x00000000
> > 0xbffff208:     0x00000000      0x00000000      0x00000000      0x00000000
> > 0xbffff218:     0x00000000      0x00000000      0x00000000      0x00000000
> > 0xbffff228:     0x00000000
> 
> This is not even close to sane (there are at least 6 words on the stack 
> before anything that looks like an address), and I have absolutely no 
> idea what they have done to the kernel or glibc to "accomplish" this...

Ah nice, good to have an idea now. I've looked over the patches they
apply and is seems the execshield-patch that is causing it and the "vDSO
randomisation" does not play well with us.

If I switch on the /proc/sys/kernel/print-fatal-signal along with the
segfault this is printed:
  kernel: klibctest/9222: potentially unexpected fatal signal 11.
  kernel: code at 00000420: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 
  kernel: 
  kernel: Pid: 9222, comm:            klibctest
  kernel: EIP: 0073:[<00000420>] CPU: 0
  kernel: EIP is at 0x420
  kernel:  ESP: 007b:bfed56e4 EFLAGS: 00010207    Not tainted  (2.6.11-1.1191_FC4)
  kernel: EAX: 00000002 EBX: bfed59d0 ECX: 00000000 EDX: 00000000
  kernel: ESI: 00000064 EDI: 00000000 EBP: 080480e4 DS: 007b ES: 007b
  kernel: CR0: 8005003b CR2: 0000042f CR3: 32e53000 CR4: 000006c0
  kernel: klibctest/9222: potentially unexpected fatal signal 11.
  kernel: code at 00000420: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 

If I switch off /proc/sys/kernel/vdso everything seems to work normal.

Thanks,
Kay

More information about the klibc mailing list