netbsd-bugs: lib/25563: pthread crash in signal handler with sigaltstack

Subject: lib/25563: pthread crash in signal handler with sigaltstack
To: None <gnats-bugs@gnats.NetBSD.org>
From: None <kent@NetBSD.org>
List: netbsd-bugs
Date: 05/14/2004 06:01:45

>Number:         25563
>Category:       lib
>Synopsis:       pthread crash in signal handler with sigaltstack
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    lib-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Fri May 14 06:02:00 UTC 2004
>Closed-Date:
>Last-Modified:
>Originator:     TAMURA Kent
>Release:        2.0E i386
>Organization:
NetBSD
>Environment:
NetBSD p4 2.0E NetBSD 2.0E (P4MP) #6: Wed May 12 23:02:09 JST 2004  kent@p4:/sys/arch/i386/compile/P4MP i386
>Description:
Functions of pthread does not work in a signal handler with alternate stack.

>How-To-Repeat:
===================== sample code:  sigtest.c
#include <pthread.h>
#include <signal.h>
#include <stdio.h>
#include <stdlib.h>

void handler(int signo) {
    printf("ENTER: handler\n");
    fflush(stdout);
    printf("self=%p\n", pthread_self());
    printf("LEAVE: handler\n");
    exit(1);
}

int main() {
    stack_t s;
    s.ss_sp = malloc(SIGSTKSZ);
    s.ss_size = SIGSTKSZ;
    s.ss_flags = 0;
    if (sigaltstack(&s, NULL) < 0)
        perror("sigaltstack()");

    struct sigaction sa;
    sa.sa_flags = SA_ONSTACK;
    sa.sa_handler = handler;
    sigemptyset(&sa.sa_mask);
    sigaction(SIGSEGV, &sa, NULL);
    printf("self=%p\n", pthread_self());
    *(int*)NULL = 1;            // throw SIGSEGV
    return 0;
}

% gcc -g -o sigtest sigtest.c -lpthread

% ./sigtest
self=0xbfa00000
zsh: segmentation fault (core dumped)  ./sigtest

(gdb) bt
#0  0x48068c04 in pthread_spinlock () from /usr/lib/libpthread.so.0
#1  0x4806b118 in pthread_setcancelstate () from /usr/lib/libpthread.so.0
#2  0x481900e6 in __flockfile_internal () from /usr/lib/libc.so.12
#3  0x4818729c in vfprintf () from /usr/lib/libc.so.12
#4  0x48175315 in printf () from /usr/lib/libc.so.12
#5  0x080489bf in handler(int) (signo=11) at sigtest.c:7
#6  <signal handler called>
#7  main () at sigtest.c:28
#8  0x08048752 in ___start ()

>Fix:
To retrieve pthread_self() from the stack pointer is bad idea.

>Release-Note:
>Audit-Trail:
>Unformatted: