This is the mail archive of the glibc-bugs@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

[Bug libc/3457] New: popen fails in sighandler after double free or corruption

From: "schaudhu at blackrock dot com" <sourceware-bugzilla at sourceware dot org>
To: glibc-bugs at sources dot redhat dot com
Date: 3 Nov 2006 23:56:17 -0000
Subject: [Bug libc/3457] New: popen fails in sighandler after double free or corruption
Reply-to: sourceware-bugzilla at sourceware dot org

Please examine the following atomic example:

#include <iostream>
#include <signal.h>
#include <sys/signal.h>

using std::cout;
using std::endl;

void handler( int sig, siginfo_t *info, void *ctx )
{
    cout << "Got " << sig << " signal." << endl;
    popen( "/bin/ps", "r" );

    cout << "Finished." << endl;
}

int main()
{
    struct sigaction action;

    action.sa_sigaction = &handler;
    sigfillset( &action.sa_mask );
    action.sa_flags = SA_RESETHAND | SA_SIGINFO | SA_ONSTACK;

    sigaction( SIGABRT, &action, NULL );
    sigaction( SIGQUIT, &action, NULL );
    sigaction( SIGILL, &action, NULL );
    sigaction( SIGTRAP, &action, NULL );
    sigaction( SIGABRT, &action, NULL );
    sigaction( SIGFPE, &action, NULL );
    sigaction( SIGBUS, &action, NULL );
    sigaction( SIGSEGV, &action, NULL );
    sigaction( SIGSYS, &action, NULL );
    sigaction( SIGXCPU, &action, NULL );
    sigaction( SIGXFSZ, &action, NULL );

    void *p = ::malloc( 1 );
    ::free( p );
    ::free( p );

    return 0;
}

With older versions of glibc, this produces:

Got 11 signal.
Finished.
Segmentation fault (core dumped)


With newer versions of glibc, this HANGS after producing:

*** glibc detected *** double free or corruption (fasttop): 0x0804a008 ***
Got 6 signal.


The only way to terminate it is to forcibly kill the process.  Using system() 
instead of popen() works okay.  Can someone please investigate?

Thanks!

-- 
           Summary: popen fails in sighandler after double free or
                    corruption
           Product: glibc
           Version: 2.4
            Status: NEW
          Severity: normal
          Priority: P2
         Component: libc
        AssignedTo: drepper at redhat dot com
        ReportedBy: schaudhu at blackrock dot com
                CC: glibc-bugs at sources dot redhat dot com,schaudhu at
                    blackrock dot com


http://sourceware.org/bugzilla/show_bug.cgi?id=3457

------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.

Follow-Ups:
- [Bug libc/3457] popen fails in sighandler after double free or corruption
  - From: schaudhu at blackrock dot com
- [Bug libc/3457] popen fails in sighandler after double free or corruption
  - From: drepper at redhat dot com

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]