Author: florian
Date: Tue Apr 14 20:59:21 2015
New Revision: 15091
Log:
Followup to r14974. That revision oversimplified a condition, part
of which was presumed to be redundant but wasn't. This caused code
to hang due to an infinite signal-delivery loop. Observed and
tracked down by Austin English.
Added:
trunk/none/tests/x86-linux/hang.c
trunk/none/tests/x86-linux/hang.stderr.exp
trunk/none/tests/x86-linux/hang.vgtest
Modified:
trunk/coregrind/m_signals.c
trunk/none/tests/x86-linux/ (props changed)
trunk/none/tests/x86-linux/Makefile.am
Modified: trunk/coregrind/m_signals.c
==============================================================================
--- trunk/coregrind/m_signals.c (original)
+++ trunk/coregrind/m_signals.c Tue Apr 14 20:59:21 2015
@@ -2427,7 +2427,7 @@
{
Addr fault;
Addr esp;
- NSegment const* seg;
+ NSegment const *seg, *seg_next;
if (info->si_signo != VKI_SIGSEGV)
return False;
@@ -2435,6 +2435,8 @@
fault = (Addr)info->VKI_SIGINFO_si_addr;
esp = VG_(get_SP)(tid);
seg = VG_(am_find_nsegment)(fault);
+ seg_next = seg ? VG_(am_next_nsegment)( seg, True/*fwds*/ )
+ : NULL;
if (VG_(clo_trace_signals)) {
if (seg == NULL)
@@ -2449,6 +2451,10 @@
if (info->si_code == VKI_SEGV_MAPERR
&& seg
+ && seg->kind == SkResvn
+ && seg->smode == SmUpper
+ && seg_next
+ && seg_next->kind == SkAnonC
&& fault >= fault_mask(esp - VG_STACK_REDZONE_SZB)) {
/* If the fault address is above esp but below the current known
stack segment base, and it was a fault because there was
Modified: trunk/none/tests/x86-linux/Makefile.am
==============================================================================
--- trunk/none/tests/x86-linux/Makefile.am (original)
+++ trunk/none/tests/x86-linux/Makefile.am Tue Apr 14 20:59:21 2015
@@ -5,10 +5,12 @@
filter_stderr
EXTRA_DIST = \
+ hang.stderr.exp hang.vgtest \
seg_override.stderr.exp seg_override.stdout.exp seg_override.vgtest \
sigcontext.stdout.exp sigcontext.stderr.exp sigcontext.vgtest
check_PROGRAMS = \
+ hang \
seg_override \
sigcontext
Added: trunk/none/tests/x86-linux/hang.c
==============================================================================
--- trunk/none/tests/x86-linux/hang.c (added)
+++ trunk/none/tests/x86-linux/hang.c Tue Apr 14 20:59:21 2015
@@ -0,0 +1,5 @@
+int main ( void )
+{
+ *(volatile char *)0xDEADBEEF = 'x';
+ return 0;
+}
Added: trunk/none/tests/x86-linux/hang.stderr.exp
==============================================================================
--- trunk/none/tests/x86-linux/hang.stderr.exp (added)
+++ trunk/none/tests/x86-linux/hang.stderr.exp Tue Apr 14 20:59:21 2015
@@ -0,0 +1,9 @@
+
+Process terminating with default action of signal 11 (SIGSEGV)
+ Access not within mapped region at address 0x........
+ at 0x........: main (hang.c:3)
+ If you believe this happened as a result of a stack
+ overflow in your program's main thread (unlikely but
+ possible), you can try to increase the size of the
+ main thread stack using the --main-stacksize= flag.
+ The main thread stack size used in this run was ....
Added: trunk/none/tests/x86-linux/hang.vgtest
==============================================================================
--- trunk/none/tests/x86-linux/hang.vgtest (added)
+++ trunk/none/tests/x86-linux/hang.vgtest Tue Apr 14 20:59:21 2015
@@ -0,0 +1,5 @@
+# r14974 introduced a bug which cause code to hang due to
+# an infinite signal-delivery loop.
+# Can only be reproduced on an x86 box running a 32-bit kernel.
+prog: hang
+vgopts: -q
|