From owner-freebsd-stable@freebsd.org Thu Sep 28 07:32:30 2017 Return-Path: Delivered-To: freebsd-stable@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 81305E2B530 for ; Thu, 28 Sep 2017 07:32:30 +0000 (UTC) (envelope-from kostikbel@gmail.com) Received: from kib.kiev.ua (kib.kiev.ua [IPv6:2001:470:d5e7:1::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 0FBA073834; Thu, 28 Sep 2017 07:32:29 +0000 (UTC) (envelope-from kostikbel@gmail.com) Received: from tom.home (kib@localhost [127.0.0.1]) by kib.kiev.ua (8.15.2/8.15.2) with ESMTPS id v8S7WJue095846 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Thu, 28 Sep 2017 10:32:19 +0300 (EEST) (envelope-from kostikbel@gmail.com) DKIM-Filter: OpenDKIM Filter v2.10.3 kib.kiev.ua v8S7WJue095846 Received: (from kostik@localhost) by tom.home (8.15.2/8.15.2/Submit) id v8S7WHZN095844; Thu, 28 Sep 2017 10:32:17 +0300 (EEST) (envelope-from kostikbel@gmail.com) X-Authentication-Warning: tom.home: kostik set sender to kostikbel@gmail.com using -f Date: Thu, 28 Sep 2017 10:32:17 +0300 From: Konstantin Belousov To: Asterisk on BSD discussion Cc: Tao Zhou , freebsd-stable , Konstantin Belousov , David Wetzel , Ed Maste Subject: Re: [Asterisk-bsd] Asterisk13 coredump on freebsd 11.1 Message-ID: <20170928073217.GN2271@kib.kiev.ua> References: <30f177e2-3fd7-37e7-2f77-4b43a56c6713@ish.com.au> <25f05b1c-34e5-aa88-39cc-55c9a7b15616@selasky.org> <81116454-105e-f72a-5251-a45aac100c22@selasky.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <81116454-105e-f72a-5251-a45aac100c22@selasky.org> User-Agent: Mutt/1.9.0 (2017-09-02) X-Spam-Status: No, score=-2.0 required=5.0 tests=ALL_TRUSTED,BAYES_00, DKIM_ADSP_CUSTOM_MED,FREEMAIL_FROM,NML_ADSP_CUSTOM_MED autolearn=no autolearn_force=no version=3.4.1 X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on tom.home X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 28 Sep 2017 07:32:30 -0000 On Thu, Sep 28, 2017 at 01:17:24AM +0200, Hans Petter Selasky wrote: > Hi, > > I just upgraded and hit these SEGFAULTs too. First of all you need to > install GDB 8.0 from ports to get the right backtrace (important). This > leads straight into LibUnwind in libgcc: > > (gdb) bt > #0 uw_frame_state_for (context=context@entry=0x7fffdf3bbe20, > fs=fs@entry=0x7fffdf3bbb70) > at /wrkdirs/usr/ports/lang/gcc6/work/gcc-6.4.0/libgcc/unwind-dw2.c:1249 > #1 0x0000000802cc8ffb in _Unwind_ForcedUnwind_Phase2 > (exc=exc@entry=0x804427230, > context=context@entry=0x7fffdf3bbe20) at > /wrkdirs/usr/ports/lang/gcc6/work/gcc-6.4.0/libgcc/unwind.inc:155 > #2 0x0000000802cc9334 in _Unwind_ForcedUnwind (exc=0x804427230, > stop=0x8024d5450 , > stop_argument=) at > /wrkdirs/usr/ports/lang/gcc6/work/gcc-6.4.0/libgcc/unwind.inc:207 > #3 0x00000008024d52b3 in _Unwind_ForcedUnwind (ex=, > stop_func=0x7fffdf3bb948, stop_arg=0x804427000) > at /usr/img/freebsd.11/lib/libthr/thread/thr_exit.c:106 > #4 thread_unwind () at /usr/img/freebsd.11/lib/libthr/thread/thr_exit.c:172 > #5 _pthread_exit_mask (status=, mask=) > at /usr/img/freebsd.11/lib/libthr/thread/thr_exit.c:257 > #6 0x00000008024d50db in _pthread_exit (status=0x804427000) at > /usr/img/freebsd.11/lib/libthr/thread/thr_exit.c:206 > #7 0x00000008024c7c0d in thread_start (curthread=0x804427000) > at /usr/img/freebsd.11/lib/libthr/thread/thr_create.c:289 > #8 0x00007fffdf340000 in ?? () > Backtrace stopped: Cannot access memory at address 0x7fffdf3bc000 > > libgcc uses this format which is OK: > > (gdb) ptype struct _Unwind_Context > type = struct _Unwind_Context { > _Unwind_Context_Reg_Val reg[18]; > void *cfa; > void *ra; > void *lsda; > struct dwarf_eh_bases bases; > _Unwind_Word flags; > _Unwind_Word version; > _Unwind_Word args_size; > char by_value[18]; > } > > > x86_64_freebsd_fallback_frame_state > > (struct _Unwind_Context *context, _Unwind_FrameState *fs) > > { > > struct sigframe *sf; > > long new_cfa; > > > > /* Prior to FreeBSD 9, the signal trampoline was located immediately > > before the ps_strings. To support non-executable stacks on AMD64, > > the sigtramp was moved to a shared page for FreeBSD 9. Unfortunately > > this means looking frame patterns again (sys/amd64/amd64/sigtramp.S) > > rather than using the robust and convenient KERN_PS_STRINGS trick. > > > > : lea 0x10(%rsp),%rdi > > : pushq $0x0 > > : mov $0x1a1,%rax > > : syscall > > > > If we can't find this pattern, we're at the end of the stack. > > */ > > > > if (!( *(unsigned int *)(context->ra) == 0x247c8d48 > ^^^^ fault is triggered by this read access on the stack > > && *(unsigned int *)(context->ra + 4) == 0x48006a10 > > && *(unsigned int *)(context->ra + 8) == 0x01a1c0c7 > > && *(unsigned int *)(context->ra + 12) == 0x050f0000 )) > > return _URC_END_OF_STACK; > > > > The code in question is trying to access the return address of the > caller on the stack which apparently I think is caught by the recently > added MAP_GUARD feature: > > https://svnweb.freebsd.org/changeset/base/320763 > > I think this feature can be disabled by setting: > sysctl security.bsd.stack_guard_page=0 > > And then restart Asterisk. Not sure if it helps, currently testing. > This my best guess why Asterisk started segfaulting when upgrading to 11.1. See this thread on current https://lists.freebsd.org/pipermail/freebsd-current/2017-August/066855.html which contained at least two variants of the supposed improvements.