On May 11, 2021, at 11:36, Borislav Petkov <bp@xxxxxxxxx> wrote: > > I clumsily tried to register a SIGSEGV handler with > > act.sa_sigaction = my_sigsegv; > sigaction(SIGSEGV, &act, NULL); > > but that doesn't fire - task gets killed. Maybe I'm doing it wrong. Since the altstack is already overflowed, perhaps set the flag like this -- not using it to get the handler: act.sa_sigaction = my_sigsegv; + act.sa_flags = SA_SIGINFO; sigaction(SIGSEGV, &act, NULL); FWIW, I think this is just a workaround for this case; in practice, altstack is rather a backup for normal stack corruption. Thanks, Chang
