Date: Thu, 5 Jun 2003 01:56:08 +0200 From: Thomas Moestl <t.moestl@tu-bs.de> To: Kris Kennaway <kris@obsecurity.org> Cc: sparc64@freebsd.org Subject: Re: phoenix crash in libc_r on sparc64 Message-ID: <20030604235607.GA682@crow.dom2ip.de> In-Reply-To: <20030604073036.GA35212@rot13.obsecurity.org> References: <20030602231543.GA28135@rot13.obsecurity.org> <20030604073036.GA35212@rot13.obsecurity.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--tKW2IUtsqtDRztdT Content-Type: text/plain; charset=us-ascii Content-Disposition: inline On Wed, 2003/06/04 at 00:30:36 -0700, Kris Kennaway wrote: > On Mon, Jun 02, 2003 at 04:15:43PM -0700, Kris Kennaway wrote: > > phoenix on my sparc64 crashed while idle with the following: > > > > Fatal error '_waitq_insert: Already in queue' at line 321 in file /usr/src/lib/libc_r/uthread/uthread_priority_queue.c (errno = 2) > > > > Any ideas? It should have dropped a core - can you please take a look at it with gdb? > One of the libc_r tests seems to hang: > > Test static library: > -------------------------------------------------------------------------- > Test c_user c_system c_total chng > passed/FAILED h_user h_system h_total % chng > -------------------------------------------------------------------------- > hello_d 0.00 0.02 0.02 > passed > -------------------------------------------------------------------------- > hello_s 0.00 0.02 0.02 > passed > -------------------------------------------------------------------------- > join_leak_d 0.77 0.18 0.95 > passed > -------------------------------------------------------------------------- > mutex_d 9.08 92.42 101.50 > passed > -------------------------------------------------------------------------- > sem_d 0.01 0.02 0.02 > passed > -------------------------------------------------------------------------- > sigsuspend_d 0.00 0.02 0.02 > passed > -------------------------------------------------------------------------- > sigwait_d 0.00 0.02 0.02 > *** FAILED *** > -------------------------------------------------------------------------- > guard_s.pl > > It's been sitting there for hours now. This an unfortunate failure mode, which is caused by a fault on the stack while all signals are masked (by libc_r internals, I assume); the kernel will fail to store the user register windows on the stack, and because SIGILL is blocked, it cannot notify (or terminate) the process and is stuck trying to copy out the register windows over and over. > P.S. Why do 3 of the tests even fail on i386? The guard test includes constants which are machine- and compiler-specific, probably this broke due to a gcc upgrade. The sigwait test is killed by it's own SIGUSR1, and this behaviour actually looks correct to me (but I could easily be wrong, since the signal behaviour of pthreads seems to be quite complex). The propagate test failure is due to problems in libc (failing to use the underscored versions of functions overridden in libc_r). The attached patch should fix that; Daniel, does this look OK to you? - Thomas -- Thomas Moestl <t.moestl@tu-bs.de> http://www.tu-bs.de/~y0015675/ <tmm@FreeBSD.org> http://people.FreeBSD.org/~tmm/ PGP fingerprint: 1C97 A604 2BD0 E492 51D0 9C0F 1FE6 4F1D 419C 776C --tKW2IUtsqtDRztdT Content-Type: text/plain; charset=us-ascii Content-Disposition: attachment; filename="namespace.diff" Index: gen/sysconf.c =================================================================== RCS file: /vol/ncvs/src/lib/libc/gen/sysconf.c,v retrieving revision 1.20 diff -u -r1.20 sysconf.c --- gen/sysconf.c 17 Nov 2002 08:54:29 -0000 1.20 +++ gen/sysconf.c 4 Jun 2003 20:44:47 -0000 @@ -40,6 +40,7 @@ #include <sys/cdefs.h> __FBSDID("$FreeBSD: src/lib/libc/gen/sysconf.c,v 1.20 2002/11/17 08:54:29 dougb Exp $"); +#include "namespace.h" #include <sys/param.h> #include <sys/time.h> #include <sys/sysctl.h> @@ -52,6 +53,7 @@ #include <pthread.h> /* we just need the limits */ #include <time.h> #include <unistd.h> +#include "un-namespace.h" #include "../stdlib/atexit.h" #include "../stdtime/tzfile.h" @@ -560,7 +562,7 @@ value = socket(PF_INET6, SOCK_DGRAM, 0); errno = sverrno; if (value >= 0) { - close(value); + _close(value); return (200112L); } else return (0); Index: include/namespace.h =================================================================== RCS file: /vol/ncvs/src/lib/libc/include/namespace.h,v retrieving revision 1.16 diff -u -r1.16 namespace.h --- include/namespace.h 1 May 2003 19:03:13 -0000 1.16 +++ include/namespace.h 4 Jun 2003 20:38:29 -0000 @@ -122,8 +122,10 @@ /*#define sigaction _sigaction*/ #define sigprocmask _sigprocmask #define sigsuspend _sigsuspend +#define sleep _sleep #define socket _socket #define socketpair _socketpair +#define wait _wait #define wait4 _wait4 #define waitpid _waitpid #define write _write @@ -154,10 +156,8 @@ #define sigpending _sigpending #define sigreturn _sigreturn #define sigsetmask _sigsetmask -#define sleep _sleep #define system _system #define tcdrain _tcdrain -#define wait _wait #endif #endif /* _NAMESPACE_H_ */ Index: include/un-namespace.h =================================================================== RCS file: /vol/ncvs/src/lib/libc/include/un-namespace.h,v retrieving revision 1.13 diff -u -r1.13 un-namespace.h --- include/un-namespace.h 1 May 2003 19:03:13 -0000 1.13 +++ include/un-namespace.h 4 Jun 2003 20:44:04 -0000 @@ -103,8 +103,10 @@ #undef sigaction #undef sigprocmask #undef sigsuspend +#undef sleep #undef socket #undef socketpair +#undef wait #undef wait4 #undef waitpid #undef write @@ -127,10 +129,8 @@ #undef sigpending #undef sigreturn #undef sigsetmask -#undef sleep #undef system #undef tcdrain -#undef wait #endif /* 0 */ #ifdef _SIGNAL_H_ Index: net/rcmdsh.c =================================================================== RCS file: /vol/ncvs/src/lib/libc/net/rcmdsh.c,v retrieving revision 1.5 diff -u -r1.5 rcmdsh.c --- net/rcmdsh.c 27 Feb 2003 13:40:00 -0000 1.5 +++ net/rcmdsh.c 4 Jun 2003 21:01:20 -0000 @@ -36,6 +36,7 @@ #include <sys/cdefs.h> __FBSDID("$FreeBSD: src/lib/libc/net/rcmdsh.c,v 1.5 2003/02/27 13:40:00 nectar Exp $"); +#include "namespace.h" #include <sys/types.h> #include <sys/socket.h> #include <sys/wait.h> @@ -48,6 +49,7 @@ #include <stdio.h> #include <string.h> #include <unistd.h> +#include "un-namespace.h" #ifndef _PATH_RSH #define _PATH_RSH "/usr/bin/rsh" @@ -117,7 +119,7 @@ /* * Child. We use sp[1] to be stdin/stdout, and close sp[0]. */ - (void)close(sp[0]); + (void)_close(sp[0]); if (dup2(sp[1], 0) == -1 || dup2(0, 1) == -1) { perror("rcmdsh: dup2 failed"); _exit(255); @@ -161,9 +163,9 @@ _exit(255); } else { /* Parent. close sp[1], return sp[0]. */ - (void)close(sp[1]); + (void)_close(sp[1]); /* Reap child. */ - (void)wait(NULL); + (void)_wait(NULL); return (sp[0]); } /* NOTREACHED */ Index: rpc/getnetconfig.c =================================================================== RCS file: /vol/ncvs/src/lib/libc/rpc/getnetconfig.c,v retrieving revision 1.9 diff -u -r1.9 getnetconfig.c --- rpc/getnetconfig.c 16 Feb 2003 17:29:10 -0000 1.9 +++ rpc/getnetconfig.c 4 Jun 2003 20:45:42 -0000 @@ -428,7 +428,7 @@ fprintf(stderr, "See UPDATING entry 20021216 for details.\n"); fprintf(stderr, "Continuing in 10 seconds\n\n"); fprintf(stderr, "This warning will be removed 20030301\n"); - sleep(10); + _sleep(10); } --tKW2IUtsqtDRztdT--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030604235607.GA682>