A test package is now available for testing (pre-sru) to determine if this fixes the problem in Ubuntu as well.
# Instructions sudo add-apt-repository ppa:slashd/sf143225ksh sudo apt-get update sudo apt-get install ksh # Validation dpkg -l | grep -i ksh should reveal version : ksh - 93u+20120801-1+ Please provide feedbacks. - Eric ** Description changed: + [Impact] + + * The compiler optimization dropped parts from the ksh job + locking mechanism from the binary code. As a consequence, ksh could terminate + unexpectedly with a segmentation fault after it received the SIGCHLD signal. + + [Test Case] + + Unfortunately, there is no clear and easy way to reproduce. + + * But the original reporter of this bug can randomly reproduce the + problem using an in-house ksh script that only works inside his + infrastructure as follow : "ksh <in-house-script.ksh>" and then once in + a while ksh will segfault as follow : + + (gdb) bt + #0 job_chksave (pid=pid@entry=19003) at /build/ksh-6IEHIC/ksh-93u+20120801/src/cmd/ksh93/sh/jobs.c:1948 + #1 0x00000000004282ab in job_reap (sig=17) at /build/ksh-6IEHIC/ksh-93u+20120801/src/cmd/ksh93/sh/jobs.c:428 + #2 <signal handler called> + ... + + [Regression Potential] + + * This update implements a fix to ensure the compiler does not drop + parts of the ksh mechanism for the crash to no longer occurs. + + * The fix has been written by RH and has been proven to work for them + for the last 3 years. + + Note that the RH fix has never been merged upstream (ksh is a + unmaintained project) and/or possibly never been proposed to upstream + (to be verified). + + [Other Info] + + * ksh project is unmaintained nowadays [https://github.com/att/ast], thus no new development is made upstream nor in debian upstream. + + * Details about the RH bug : -- + - https://bugzilla.redhat.com/show_bug.cgi?id=1123467 + - https://bugzilla.redhat.com/show_bug.cgi?id=1112306 + - https://access.redhat.com/solutions/1253243 + - http://rhn.redhat.com/errata/RHBA-2014-1015.html + + # ksh.spec + Fri Jul 25 2014 Michal Hlavinka <[email protected]> - 20120801-10.8 + - job locking mechanism did not survive compiler optimization (#1123467) + + # patch + - ksh-20120801-locking.patch + -- + + [Original Description] + # gdb [New LWP 3882] Core was generated by `/bin/ksh <KSH_SCRIPT>.ksh'. Program terminated with signal SIGSEGV, Segmentation fault. #0 job_chksave (pid=pid@entry=19385) at /build/ksh-6IEHIC/ksh-93u+20120801/src/cmd/ksh93/sh/jobs.c:1948 1948 if(jp->pid==pid) (gdb) p *jp Cannot access memory at address 0xb (gdb) p *jp->pid Cannot access memory at address 0x13 (gdb) p pid $2 = 19385 (gdb) p *jpold $1 = {next = 0xb, pid = -604008960, exitval = 11124} The struct is corrupted at some point looking at the next,pid and exitval struct members values which isn't valid data. # assembly code => 0x0000000000427159 <+41>: cmp %edi,0x8(%rdx) (gdb) p $edi ## pid variable $1 = 19385 (gdb) p *($rdx + 8) ## jp->pid struct Cannot access memory at address 0x13 -- ksh is segfaulting because it can't access struct "jp" ($rdx) thus cannot de-reference the struct member "jp>pid" ($rdx + 8) at line : src/cmd/ksh93/sh/jobs.c:1948 when looking if jp->pid is equal to pid ($edi) variable. I have looked at the github project "att/ast" upstream repo and some patches here and there, and nothing seems to apply. Note that the project seems unmaintained anymore. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1697501 Title: ksh segfault on job_chksave () after it receive a SIGCHLD (Signal 17) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ksh/+bug/1697501/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
