Bug 1001187

Summary: SIGSEGV signal handler calls functions that are not signal-safe
Product: [Fedora] Fedora Reporter: Steve Tyler <stephent98>
Component: anacondaAssignee: Anaconda Maintenance Team <anaconda-maint-list>
Status: CLOSED WONTFIX QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 20CC: akozumpl, anaconda-maint-list, dshea, g.kaviyarasu, jonathan, mkolman, sbueno, stephent98, vanmeeuwen+fedora
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2013-10-16 21:21:09 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Steve Tyler 2013-08-26 16:18:02 UTC 
Description of problem:
anaconda installs a SIGSEGV signal handler, doSegvHandler(), which calls printf(), free(), and exit(), none of which are on the list of signal-safe functions:

POSIX:
2.4 Signal Concepts
2.4.3 Signal Actions
http://pubs.opengroup.org/onlinepubs/009695399/functions/xsh_chap02_04.html#tag_02_04_03

SIGNAL(7)
http://man7.org/linux/man-pages/man7/signal.7.html

Version-Release number of selected component (if applicable):
anaconda-20.8-1

How reproducible:


Steps to Reproduce:
1.
2.
3.

Actual results:


Expected results:


Additional info:
See also: Bug 983319, Comment 24.

For reference:
$ less -N anaconda-20.8-1/pyanaconda/isys/isys.c
...
    219 static PyObject * doSegvHandler(PyObject *s, PyObject *args) {
    220     void *array[20];
    221     size_t size;
    222     char **strings;
    223     size_t i;
    224 
    225     signal(SIGSEGV, SIG_DFL); /* back to default */
    226     
    227     size = backtrace (array, 20);
    228     strings = backtrace_symbols (array, size);
    229     
    230     printf ("Anaconda received SIGSEGV!.  Backtrace:\n");
    231     for (i = 0; i < size; i++)
    232         printf ("%s\n", strings[i]);
    233      
    234     free (strings);
    235     exit(1);
    236 }
...
Comment 1 Steve Tyler 2013-08-26 16:19:51 UTC 
[Comment copied from Bug 983319, Comment 24]
Ales Kozumplik 2013-08-26 12:11:30 UTC

(In reply to Brian C. Lane from comment #14)
> Created attachment 789669 [details]
> strace after hitting 'reclaim space'
> 
> Note the end, where it does this forever:
> 
> --- SIGSEGV {si_signo=SIGSEGV, si_code=SI_KERNEL, si_addr=0} ---
> rt_sigreturn()                          = 20651408

this could be caused by Anaconda trying to catch the sigsegv and write out some useful information about it via isys.handleSegv. That's a naive thing to try.
Comment 2 Steve Tyler 2013-08-26 16:40:14 UTC 
[Comment copied from Bug 983319, Comment 29]
Ales Kozumplik 2013-08-26 16:29:10 UTC

(In reply to Steve Tyler from comment #25)
> Thanks for pointing that out, Ales. I was wondering about that SIGSEGV
> handler too. Do you think it could be removed?
> 

It should, definitely. It was written for a different Anaconda:)