crash after receiving SIGCHLD during system call
David Mosberger
davidm at egauge.net
Thu May 18 08:28:00 PDT 2017
On Wed, May 17, 2017 at 11:34 PM, David Mosberger <davidm at egauge.net> wrote:
> I also confirmed that at the end of sys_rt_sigreturn(), the T bit in
> regs->ARM_cpsr is NEVER set.
Similarly, regs->ARM_lr does not have bit 0 set (expect when it's
obviously used as a scratch registers, with values of 0x1 or 0x10d).
To me, it looks like bit 0 of a return address gets corrupted
(possibly a register state corruption or an on-stack corruption).
That would in turn cause the "bx rl" instruction to turn on Thumb mode
and things go south from there. It's interesting that only one bit
get corrupted since the address overall looks plausible.
--david
More information about the linux-arm-kernel
mailing list