From owner-freebsd-threads@freebsd.org  Wed Aug 24 19:54:52 2016
Return-Path: <owner-freebsd-threads@freebsd.org>
Delivered-To: freebsd-threads@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 9B083BC5777
 for <freebsd-threads@mailman.ysv.freebsd.org>;
 Wed, 24 Aug 2016 19:54:52 +0000 (UTC)
 (envelope-from bugzilla-noreply@freebsd.org)
Received: from kenobi.freebsd.org (kenobi.freebsd.org
 [IPv6:2001:1900:2254:206a::16:76])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 805A216C5
 for <freebsd-threads@FreeBSD.org>; Wed, 24 Aug 2016 19:54:52 +0000 (UTC)
 (envelope-from bugzilla-noreply@freebsd.org)
Received: from bugs.freebsd.org ([127.0.1.118])
 by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id u7OJsq5k021575
 for <freebsd-threads@FreeBSD.org>; Wed, 24 Aug 2016 19:54:52 GMT
 (envelope-from bugzilla-noreply@freebsd.org)
From: bugzilla-noreply@freebsd.org
To: freebsd-threads@FreeBSD.org
Subject: [Bug 211947] bconsole won't die sitting on do_rw_wrlock
Date: Wed, 24 Aug 2016 19:54:52 +0000
X-Bugzilla-Reason: AssignedTo
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: Base System
X-Bugzilla-Component: threads
X-Bugzilla-Version: 10.3-STABLE
X-Bugzilla-Keywords: regression
X-Bugzilla-Severity: Affects Some People
X-Bugzilla-Who: longwitz@incore.de
X-Bugzilla-Status: New
X-Bugzilla-Resolution: 
X-Bugzilla-Priority: ---
X-Bugzilla-Assigned-To: freebsd-threads@FreeBSD.org
X-Bugzilla-Flags: 
X-Bugzilla-Changed-Fields: 
Message-ID: <bug-211947-16-1Dr7136cXZ@https.bugs.freebsd.org/bugzilla/>
In-Reply-To: <bug-211947-16@https.bugs.freebsd.org/bugzilla/>
References: <bug-211947-16@https.bugs.freebsd.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
X-BeenThere: freebsd-threads@freebsd.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Threading on FreeBSD <freebsd-threads.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-threads>, 
 <mailto:freebsd-threads-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-threads/>
List-Post: <mailto:freebsd-threads@freebsd.org>
List-Help: <mailto:freebsd-threads-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-threads>, 
 <mailto:freebsd-threads-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 24 Aug 2016 19:54:52 -0000

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D211947

--- Comment #4 from longwitz@incore.de ---
I can confirm that the user stack of the hanging process nearly looks like
yours, the difference is probably because I use amd64:

[Switching to Thread 801406400 (LWP 100956)]
_umtx_op_err () at /usr/src/lib/libthr/arch/amd64/amd64/_umtx_op_err.S:37
37      RSYSCALL_ERR(_umtx_op)
(gdb) bt
#0  _umtx_op_err () at /usr/src/lib/libthr/arch/amd64/amd64/_umtx_op_err.S:=
37
#1  0x000000080082a267 in __thr_rwlock_wrlock (rwlock=3D0x800a42880,
tsp=3D<optimized out>) at /usr/src/lib/libthr/thread/thr_umtx.c:297
#2  0x000000080083186a in _thr_rwlock_wrlock (rwlock=3D<optimized out>,
tsp=3D<optimized out>)
    at /usr/src/lib/libthr/thread/thr_umtx.h:204
#3  _thr_rtld_wlock_acquire (lock=3D0x800a42880) at
/usr/src/lib/libthr/thread/thr_rtld.c:141
#4  0x000000080060bc80 in wlock_acquire (lock=3D0x80081fcc0 <rtld_locks>,
lockstate=3D0x7fffffffe658)
    at /usr/src/libexec/rtld-elf/rtld_lock.c:217
#5  0x0000000800605dbd in objlist_call_fini (list=3D<optimized out>,
root=3D<optimized out>, lockstate=3D<optimized out>)
    at /usr/src/libexec/rtld-elf/rtld.c:2418
#6  0x0000000800604f39 in rtld_exit () at /usr/src/libexec/rtld-elf/rtld.c:=
2800
#7  0x0000000800b5f8c6 in __cxa_finalize () from /lib/libc.so.7
#8  0x0000000800b0337c in exit () from /lib/libc.so.7
#9  0x0000000000400bcb in main ()
(gdb) frame 4
#4  0x000000080060bc80 in wlock_acquire (lock=3D0x80081fcc0 <rtld_locks>,
lockstate=3D0x7fffffffe658)
    at /usr/src/libexec/rtld-elf/rtld_lock.c:217
217             lockinfo.wlock_acquire(lock->handle);
(gdb) p/x *(struct urwlock *)(lock->handle)
$1 =3D {rw_state =3D 0xa0000000, rw_flags =3D 0x2, rw_blocked_readers =3D 0=
x0,
rw_blocked_writers =3D 0x0, rw_spare =3D {0x0, 0x0, 0x0, 0x0}}

In this situation I can see the backtrace of the process in the kernel,
but "bt full" stops in frame 2:

(kgdb) thread 705
[Switching to thread 705 (Thread 100956)]#0  sched_switch
(td=3D0xfffff80052d114b0, newtd=3D<value optimized out>,
    flags=3D<value optimized out>) at /usr/src/sys/kern/sched_ule.c:1945
1945                    cpuid =3D PCPU_GET(cpuid);
(kgdb) bt
#0  sched_switch (td=3D0xfffff80052d114b0, newtd=3D<value optimized out>,
flags=3D<value optimized out>)
    at /usr/src/sys/kern/sched_ule.c:1945
#1  0xffffffff80551271 in mi_switch (flags=3D260, newtd=3D0x0) at
/usr/src/sys/kern/kern_synch.c:491
#2  0xffffffff80594ffb in sleepq_catch_signals (wchan=3D0xfffff80052018c80,
pri=3D0) at /usr/src/sys/kern/subr_sleepqueue.c:426
#3  0xffffffff80594eaf in sleepq_wait_sig (wchan=3D0x0, pri=3D0) at
/usr/src/sys/kern/subr_sleepqueue.c:632
#4  0xffffffff80550c7d in _sleep (ident=3D<value optimized out>, lock=3D<va=
lue
optimized out>, priority=3D<value optimized out>,
    wmesg=3D<value optimized out>, sbt=3D<value optimized out>, pr=3D<value=
 optimized
out>, flags=3D<value optimized out>)
    at /usr/src/sys/kern/kern_synch.c:253
#5  0xffffffff80565285 in umtxq_sleep (uq=3D0xfffff80052018c80,
wmesg=3D0xffffffff808b2ebc "uwrlck", abstime=3D0x0)
    at /usr/src/sys/kern/kern_umtx.c:780
#6  0xffffffff8056881f in do_rw_wrlock (td=3D0xfffff80052d114b0,
rwlock=3D0x800a42880, timeout=3D<value optimized out>)
    at /usr/src/sys/kern/kern_umtx.c:3109
#7  0xffffffff8056c4a7 in __umtx_op_rw_wrlock (td=3D<value optimized out>,
uap=3D<value optimized out>)
    at /usr/src/sys/kern/kern_umtx.c:3657
#8  0xffffffff807db84f in amd64_syscall (td=3D0xfffff80052d114b0, traced=3D=
0) at
subr_syscall.c:141
#9  0xffffffff807c040b in Xfast_syscall () at
/usr/src/sys/amd64/amd64/exception.S:398
#10 0x0000000800833e8c in ?? ()
Previous frame inner to this frame (corrupt stack?)
(kgdb) bt full
#0  sched_switch (td=3D0xfffff80052d114b0, newtd=3D<value optimized out>,
flags=3D<value optimized out>)
    at /usr/src/sys/kern/sched_ule.c:1945
        tdq =3D <value optimized out>
        ts =3D <value optimized out>
        mtx =3D <value optimized out>
#1  0xffffffff80551271 in mi_switch (flags=3D260, newtd=3D0x0) at
/usr/src/sys/kern/kern_synch.c:491
        td =3D (struct thread *) 0xfffff80052d114b0
        new_switchtime =3D <value optimized out>
        runtime =3D <value optimized out>
#2  0xffffffff80594ffb in sleepq_catch_signals (wchan=3D0xfffff80052018c80,
pri=3D0) at /usr/src/sys/kern/subr_sleepqueue.c:426
        td =3D <value optimized out>
        ret =3D Error accessing memory address 0x4: Bad address.

--=20
You are receiving this mail because:
You are the assignee for the bug.=