bash signal handling coredump on Linux

bug-bash

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bash signal handling coredump on Linux

From:	Carlo Nyto
Subject:	bash signal handling coredump on Linux
Date:	Thu, 29 May 2008 17:50:47 -0400

On a CentOS 4.4 system on a x86_64, using bash 3.0 (Redhat's
bash-3.0-19.3 package), bash coredumped when the stack filled up.
Looks like signals being received from within a signal handler to me.
This happened after someone hit ctrl-c many times while tail -f'ing a
log file that was being written to at an insane rate.

Below is the stack trace from when their login bash shell coredumped.
I have never seen bash coredump on these systems (hundreds of HP DL360
G5's running CentOS 4.4 with kernel 2.6.9-67). This system, however,
is running Linux kernel 2.6.25.3. I wanted to deploy this kernel to a
few more systems, therefore my concern that I have uncovered a kernel
bug, or a change in signal handling behavior that will confuse bash or
other processes.

# rpm -q bash
bash-3.0-19.3.x86_64
# uname -r
2.6.25.3

Core was generated by `-bash'.
Program terminated with signal 11, Segmentation fault.
[...]
#0  0x0000003fd4a76200 in mbrtowc
   () from /lib64/tls/libc.so.6
(gdb) bt
#0  0x0000003fd4a76200 in mbrtowc () from /lib64/tls/libc.so.6
#1  0x0000000000473888 in rl_redisplay ()
#2  0x0000000000471968 in rl_clear_message ()
#3  0x0000000000474505 in rl_free_line_state ()
#4  0x00000000004745c1 in rl_free_line_state ()
#5  <signal handler called>
#6  0x0000003fd4a2e743 in sigprocmask () from /lib64/tls/libc.so.6
#7  0x0000000000474582 in rl_free_line_state ()
#8  <signal handler called>
#9  0x0000003fd4a2e743 in sigprocmask () from /lib64/tls/libc.so.6
#10 0x0000000000474582 in rl_free_line_state ()
#11 <signal handler called>
#12 0x0000003fd4a2e743 in sigprocmask () from /lib64/tls/libc.so.6
#13 0x0000000000474582 in rl_free_line_state ()
[...repeat many times...]
#33417 0x0000003fd4a2e743 in sigprocmask () from /lib64/tls/libc.so.6
#33418 0x0000000000474582 in rl_free_line_state ()
#33419 <signal handler called>
#33420 0x0000003fd4a2e743 in sigprocmask () from /lib64/tls/libc.so.6
#33421 0x0000000000474582 in rl_free_line_state ()
#33422 <signal handler called>
#33423 0x0000003fd4a2e5ed in sigaction () from /lib64/tls/libc.so.6
#33424 0x000000000047417d in _rl_current_display_line ()
#33425 0x000000000047421c in _rl_current_display_line ()
#33426 0x00000000004742dc in rl_set_signals ()
#33427 0x0000000000466e75 in readline ()
#33428 0x000000000041a3ea in yy_input_name ()
#33429 0x000000000041c1c5 in execute_prompt_command ()
#33430 0x000000000041d291 in execute_prompt_command ()
#33431 0x000000000041fd0d in yyparse ()
#33432 0x0000000000419e42 in parse_command ()
#33433 0x0000000000419ee8 in read_command ()
#33434 0x000000000041a05d in reader_loop ()
#33435 0x00000000004192a0 in main ()

Also seen in syslog:
kernel: bash[9443]: segfault at 7ffff65ddff8 ip 3fd4a76200
sp7ffff65ddfe0 error 6 in libc-2.3.4.so[3fd4a00000+12b000]
kernel: bash used greatest stack depth: 3096 bytes left

[Prev in Thread]

Current Thread

[Next in Thread]

bash signal handling coredump on Linux, Carlo Nyto <=

Prev by Date: heredoc in command subst bug?
Next by Date: alias expansion with functions in non-interactive mode
Previous by thread: heredoc in command subst bug?
Next by thread: alias expansion with functions in non-interactive mode
Index(es):
- Date
- Thread