Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 5 Jun 2003 01:56:08 +0200
From:      Thomas Moestl <t.moestl@tu-bs.de>
To:        Kris Kennaway <kris@obsecurity.org>
Cc:        sparc64@freebsd.org
Subject:   Re: phoenix crash in libc_r on sparc64
Message-ID:  <20030604235607.GA682@crow.dom2ip.de>
In-Reply-To: <20030604073036.GA35212@rot13.obsecurity.org>
References:  <20030602231543.GA28135@rot13.obsecurity.org> <20030604073036.GA35212@rot13.obsecurity.org>

next in thread | previous in thread | raw e-mail | index | archive | help

--tKW2IUtsqtDRztdT
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

On Wed, 2003/06/04 at 00:30:36 -0700, Kris Kennaway wrote:
> On Mon, Jun 02, 2003 at 04:15:43PM -0700, Kris Kennaway wrote:
> > phoenix on my sparc64 crashed while idle with the following:
> > 
> > Fatal error '_waitq_insert: Already in queue' at line 321 in file /usr/src/lib/libc_r/uthread/uthread_priority_queue.c (errno = 2)
> > 
> > Any ideas?

It should have dropped a core - can you please take a look at it with
gdb?

> One of the libc_r tests seems to hang:
> 
> Test static library:
> --------------------------------------------------------------------------
> Test                                      c_user c_system c_total     chng
>  passed/FAILED                            h_user h_system h_total   % chng
> --------------------------------------------------------------------------
> hello_d                                     0.00     0.02    0.02
>  passed
> --------------------------------------------------------------------------
> hello_s                                     0.00     0.02    0.02
>  passed
> --------------------------------------------------------------------------
> join_leak_d                                 0.77     0.18    0.95
>  passed
> --------------------------------------------------------------------------
> mutex_d                                     9.08    92.42  101.50
>  passed
> --------------------------------------------------------------------------
> sem_d                                       0.01     0.02    0.02
>  passed
> --------------------------------------------------------------------------
> sigsuspend_d                                0.00     0.02    0.02
>  passed
> --------------------------------------------------------------------------
> sigwait_d                                   0.00     0.02    0.02
>  *** FAILED ***
> --------------------------------------------------------------------------
> guard_s.pl
> 
> It's been sitting there for hours now.

This an unfortunate failure mode, which is caused by a fault on the
stack while all signals are masked (by libc_r internals, I assume);
the kernel will fail to store the user register windows on the stack,
and because SIGILL is blocked, it cannot notify (or terminate) the
process and is stuck trying to copy out the register windows over and
over.

> P.S. Why do 3 of the tests even fail on i386?

The guard test includes constants which are machine- and
compiler-specific, probably this broke due to a gcc upgrade.

The sigwait test is killed by it's own SIGUSR1, and this behaviour
actually looks correct to me (but I could easily be wrong, since the
signal behaviour of pthreads seems to be quite complex).

The propagate test failure is due to problems in libc (failing to
use the underscored versions of functions overridden in libc_r). The
attached patch should fix that; Daniel, does this look OK to you?

	- Thomas

-- 
Thomas Moestl <t.moestl@tu-bs.de>	http://www.tu-bs.de/~y0015675/
              <tmm@FreeBSD.org>		http://people.FreeBSD.org/~tmm/
PGP fingerprint: 1C97 A604 2BD0 E492 51D0  9C0F 1FE6 4F1D 419C 776C

--tKW2IUtsqtDRztdT
Content-Type: text/plain; charset=us-ascii
Content-Disposition: attachment; filename="namespace.diff"

Index: gen/sysconf.c
===================================================================
RCS file: /vol/ncvs/src/lib/libc/gen/sysconf.c,v
retrieving revision 1.20
diff -u -r1.20 sysconf.c
--- gen/sysconf.c	17 Nov 2002 08:54:29 -0000	1.20
+++ gen/sysconf.c	4 Jun 2003 20:44:47 -0000
@@ -40,6 +40,7 @@
 #include <sys/cdefs.h>
 __FBSDID("$FreeBSD: src/lib/libc/gen/sysconf.c,v 1.20 2002/11/17 08:54:29 dougb Exp $");
 
+#include "namespace.h"
 #include <sys/param.h>
 #include <sys/time.h>
 #include <sys/sysctl.h>
@@ -52,6 +53,7 @@
 #include <pthread.h>		/* we just need the limits */
 #include <time.h>
 #include <unistd.h>
+#include "un-namespace.h"
 
 #include "../stdlib/atexit.h"
 #include "../stdtime/tzfile.h"
@@ -560,7 +562,7 @@
 		value = socket(PF_INET6, SOCK_DGRAM, 0);
 		errno = sverrno;
 		if (value >= 0) {
-			close(value);
+			_close(value);
 			return (200112L);
 		} else
 			return (0);
Index: include/namespace.h
===================================================================
RCS file: /vol/ncvs/src/lib/libc/include/namespace.h,v
retrieving revision 1.16
diff -u -r1.16 namespace.h
--- include/namespace.h	1 May 2003 19:03:13 -0000	1.16
+++ include/namespace.h	4 Jun 2003 20:38:29 -0000
@@ -122,8 +122,10 @@
 /*#define		sigaction			_sigaction*/
 #define		sigprocmask			_sigprocmask
 #define		sigsuspend			_sigsuspend
+#define		sleep				_sleep
 #define		socket				_socket
 #define		socketpair			_socketpair
+#define		wait				_wait
 #define		wait4				_wait4
 #define		waitpid				_waitpid
 #define		write				_write
@@ -154,10 +156,8 @@
 #define		sigpending			_sigpending
 #define		sigreturn			_sigreturn
 #define		sigsetmask			_sigsetmask
-#define		sleep				_sleep
 #define		system				_system
 #define		tcdrain				_tcdrain
-#define		wait				_wait
 #endif
 
 #endif /* _NAMESPACE_H_ */
Index: include/un-namespace.h
===================================================================
RCS file: /vol/ncvs/src/lib/libc/include/un-namespace.h,v
retrieving revision 1.13
diff -u -r1.13 un-namespace.h
--- include/un-namespace.h	1 May 2003 19:03:13 -0000	1.13
+++ include/un-namespace.h	4 Jun 2003 20:44:04 -0000
@@ -103,8 +103,10 @@
 #undef		sigaction
 #undef		sigprocmask
 #undef		sigsuspend
+#undef		sleep
 #undef		socket
 #undef		socketpair
+#undef		wait
 #undef		wait4
 #undef		waitpid
 #undef		write
@@ -127,10 +129,8 @@
 #undef		sigpending
 #undef		sigreturn
 #undef		sigsetmask
-#undef		sleep
 #undef		system
 #undef		tcdrain
-#undef		wait
 #endif	/* 0 */
 
 #ifdef _SIGNAL_H_
Index: net/rcmdsh.c
===================================================================
RCS file: /vol/ncvs/src/lib/libc/net/rcmdsh.c,v
retrieving revision 1.5
diff -u -r1.5 rcmdsh.c
--- net/rcmdsh.c	27 Feb 2003 13:40:00 -0000	1.5
+++ net/rcmdsh.c	4 Jun 2003 21:01:20 -0000
@@ -36,6 +36,7 @@
 #include <sys/cdefs.h>
 __FBSDID("$FreeBSD: src/lib/libc/net/rcmdsh.c,v 1.5 2003/02/27 13:40:00 nectar Exp $");
 
+#include "namespace.h"
 #include <sys/types.h>
 #include <sys/socket.h>
 #include <sys/wait.h>
@@ -48,6 +49,7 @@
 #include <stdio.h>
 #include <string.h>
 #include <unistd.h>
+#include "un-namespace.h"
 
 #ifndef _PATH_RSH
 #define	_PATH_RSH	"/usr/bin/rsh"
@@ -117,7 +119,7 @@
 		/*
 		 * Child.  We use sp[1] to be stdin/stdout, and close sp[0].
 		 */
-		(void)close(sp[0]);
+		(void)_close(sp[0]);
 		if (dup2(sp[1], 0) == -1 || dup2(0, 1) == -1) {
 			perror("rcmdsh: dup2 failed");
 			_exit(255);
@@ -161,9 +163,9 @@
 		_exit(255);
 	} else {
 		/* Parent. close sp[1], return sp[0]. */
-		(void)close(sp[1]);
+		(void)_close(sp[1]);
 		/* Reap child. */
-		(void)wait(NULL);
+		(void)_wait(NULL);
 		return (sp[0]);
 	}
 	/* NOTREACHED */
Index: rpc/getnetconfig.c
===================================================================
RCS file: /vol/ncvs/src/lib/libc/rpc/getnetconfig.c,v
retrieving revision 1.9
diff -u -r1.9 getnetconfig.c
--- rpc/getnetconfig.c	16 Feb 2003 17:29:10 -0000	1.9
+++ rpc/getnetconfig.c	4 Jun 2003 20:45:42 -0000
@@ -428,7 +428,7 @@
 	fprintf(stderr, "See UPDATING entry 20021216 for details.\n");
 	fprintf(stderr, "Continuing in 10 seconds\n\n");
 	fprintf(stderr, "This warning will be removed 20030301\n");
-	sleep(10);
+	_sleep(10);
 
     }
 

--tKW2IUtsqtDRztdT--



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030604235607.GA682>