>Number:         24983
>Category:       kern
>Synopsis:       sigsegv inside sigsegv spins inside the kernel
>Confidential:   no
>Severity:       serious
>Priority:       high
>Responsible:    kern-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Wed Mar 31 01:19:00 UTC 2004
>Closed-Date:
>Last-Modified:
>Originator:     Perry E. Metzger
>Release:        NetBSD 2.0A
>Organization:
Perry E. Metzger		perry@piermont.com
--
"Ask not what your country can force other people to do for you..."
>Environment:
	
	
System: NetBSD hackworth 2.0A NetBSD 2.0A (HACKWORTH) #0: Mon Mar 29 09:12:40 EST 2004 perry@hackworth:/usr/src/sys/arch/i386/compile/HACKWORTH i386
Architecture: i386
Machine: i386
>Description:
	Get a sigsegv inside a sigsegv and you spin inside the kernel,
	never returning to userland.
>How-To-Repeat:

Run this:

/*----------------------------------------------------------------------*/
#include <assert.h>
#include <signal.h>
#include <stdio.h>
#include <sys/ucontext.h>

void
sigsegv(int signo, siginfo_t *info, void *ptr)
{
	*(long *)0 = 0;
	exit(0);
}

int
main(void)
{
	struct sigaction sa;
	sa.sa_flags = SA_SIGINFO;
	sa.sa_sigaction = sigsegv;
	sigemptyset(&sa.sa_mask);
	sigaction(SIGSEGV, &sa, NULL);
	*(long *)0 = 0;
	return 0;
}
/*----------------------------------------------------------------------*/


>Fix:
	No clue, though I would guess from POSIX that you should
	probably sleep under these circumstances, although it is
	somewhat ambiguous.
>Release-Note:
>Audit-Trail:
>Unformatted: