From owner-freebsd-stable@freebsd.org Wed Jul 15 16:45:21 2015 Return-Path: Delivered-To: freebsd-stable@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 3104A9A208F for ; Wed, 15 Jul 2015 16:45:21 +0000 (UTC) (envelope-from ortadur@web.de) Received: from mout.web.de (mout.web.de [212.227.15.4]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mout.web.de", Issuer "TeleSec ServerPass DE-1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 94E691A59 for ; Wed, 15 Jul 2015 16:45:19 +0000 (UTC) (envelope-from ortadur@web.de) Received: from [131.169.71.160] by 3capp-webde-bs41.server.lan (via HTTP); Wed, 15 Jul 2015 18:32:13 +0200 MIME-Version: 1.0 Message-ID: From: "Andre Meiser" To: "Konstantin Belousov" Cc: freebsd-stable@freebsd.org Subject: Re: Many core dumps in pthread_getspecific. Content-Type: text/plain; charset=UTF-8 Date: Wed, 15 Jul 2015 18:32:13 +0200 Importance: normal Sensitivity: Normal In-Reply-To: <20150703211111.GZ2080@kib.kiev.ua> References: <20150603145838.GX2499@kib.kiev.ua> <20150614190504.GT2080@kib.kiev.ua> <20150616073637.GO2080@kib.kiev.ua> , <20150703211111.GZ2080@kib.kiev.ua> X-UI-Message-Type: mail X-Priority: 3 X-Provags-ID: V03:K0:LmFdeH7AaS0oYripMQ9p19bPuZ7MHSfqyidIEZ9znrc v0Er8s+abxUghXa0DNHy38VL2OVYmonl4r+fYmO2YCzztklVdf ZhZz3hl2zof0a/F/Qk6mX2CaYmyxLmIvpJU4CJiATWVk1qzw4d UUAvfFdk53Z+JJSn3cFIlF0Xox26CoiSTi9FQdJ6fpBigHnQ06 8lVKyE9xnOQLO7nI2h8qChU+AX/pwff0kWEExybdXd28b4Z82N BEPhnsisF/B90J8Y0J6hxndyc7x7tHh2Ih3c9502Dv0RRSqGbt wkOiBk= X-UI-Out-Filterresults: notjunk:1;V01:K0:znSxgaeO4TM=:WprNgtfa6vbuukyeQ3R5TW uEJ6v8/hcY3QUQllHyUZXwyXk+lcJ9zOo3D+Mfq0WsNRSBXRonDjvvY+ZdT7tvIpTPPOTYUfA 8l9UeMODqUl+9w5E5zwBJ46HdvYpeXegC1zupuaSmyS5gVXkuZb9RM1jfRvztA8lrN6sN1Yzq qK658oSAxqohtUGVr9I+LdpLViK3iSVy2bjWG/GlbuvgfJwzsBVSIoqlI1tNpXlKtmzTuDjrT kcp3h5qRD/WVfMIWp/skz5KnatB/qNyxyGkSPJZcIrIIpQHx7o1uYY80LHoLEjrC401c2EHnv YqdMd6c8uVFdAv1Cfd+162wHLVWavva7xNOYdlRCz6+xHKzEx+bOcEXnqWfprIFlPSYm3nVHA axpuwV37dUNlJfHywfWszNLf29Yu7G+GRY7+bQKjIEbtlN+CgMNjDQiR7kGi6iqdD6AxgIkUn fWpfz/sFqnFqfbAszXArKjcd/KRT7X9vp7gJiSdrKGNqhC1SIXHCdsWVFAPzKVZbhQhZ9omjU Y7DiI/wHBS7x1mbzFGeTRM= X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 15 Jul 2015 16:45:21 -0000 Hi, no crash from vim or Xorg but from xterm and again at getcontext(uc) after alloca: % readelf -d xterm | grep NEEDED 0x0000000000000001 (NEEDED) Shared library: [libXinerama.so.1] 0x0000000000000001 (NEEDED) Shared library: [libXft.so.2] 0x0000000000000001 (NEEDED) Shared library: [libfontconfig.so.1] 0x0000000000000001 (NEEDED) Shared library: [libutil.so.9] 0x0000000000000001 (NEEDED) Shared library: [libXaw.so.7] 0x0000000000000001 (NEEDED) Shared library: [libXmu.so.6] 0x0000000000000001 (NEEDED) Shared library: [libXt.so.6] 0x0000000000000001 (NEEDED) Shared library: [libX11.so.6] 0x0000000000000001 (NEEDED) Shared library: [libXpm.so.4] 0x0000000000000001 (NEEDED) Shared library: [libICE.so.6] 0x0000000000000001 (NEEDED) Shared library: [libulog.so.0] 0x0000000000000001 (NEEDED) Shared library: [libncurses.so.8] 0x0000000000000001 (NEEDED) Shared library: [libc.so.7] (gdb) bt #0 0x0000000803038642 in check_deferred_signal (curthread=0x805006400) at /usr/src/lib/libthr/thread/thr_sig.c:332 #1 0x000000080303858d in _thr_ast (curthread=0x805006400) at /usr/src/lib/libthr/thread/thr_sig.c:265 #2 0x000000080303d367 in _thr_rtld_lock_release (lock=) at /usr/src/lib/libthr/thread/thr_rtld.c:162 #3 0x000000080067d94d in _r_debug_postinit () from /libexec/ld-elf.so.1 #4 0x000000080067b15d in .text () from /libexec/ld-elf.so.1 #5 0x0000000000438007 in ?? () #6 0x000000000043fe77 in ?? () #7 0x000000000041808b in ?? () #8 0x0000000000417e0a in ?? () #9 0x000000000042e04a in ?? () #10 0x000000000040823f in ?? () #11 0x0000000800697000 in ?? () #12 0x0000000000000000 in ?? () (gdb) info locals act = {__sigaction_u = {__sa_handler = 0x7fff00000001, __sa_sigaction = 0x7fff00000001}, sa_flags = -6472, sa_mask = {__bits = { 32767, 4198068, 0, 54936355}}} info = {si_signo = 0, si_errno = 0, si_code = -6472, si_pid = 32767, si_uid = 4294960256, si_status = 32767, si_addr = 0x800000021, si_value = { sival_int = -6368, sival_ptr = 0x7fffffffe720, sigval_int = -6368, sigval_ptr = 0x7fffffffe720}, _reason = {_fault = {_trapno = 15}, _timer = {_timerid = 15, _overrun = 0}, _mesgq = {_mqd = 15}, _poll = { _band = 15}, __spare__ = {__spare1__ = 15, __spare2__ = {0, 0, 6909952, 8, -6496, 32767, 6806459}}}} (gdb) info registers rax 0xf0b470 15774832 rbx 0x805006400 34443650048 rcx 0x0 0 rdx 0xca0000 13238272 rsi 0x7fffffffe6b8 140737488348856 rdi 0x7fffff0f3150 140737472573776 rbp 0x7fffffffe650 0x7fffffffe650 rsp 0x7fffff0f3150 0x7fffff0f3150 r8 0x12 18 r9 0x7fffffffe720 140737488348960 r10 0x4030d0 4206800 r11 0x261 609 r12 0x1 1 r13 0x679320 6787872 r14 0x7fffff0f3150 140737472573776 r15 0x23 35 rip 0x803038642 0x803038642 eflags 0x10206 66054 cs 0x43 67 ss 0x3b 59 ds 0x0 0 es 0x0 0 fs 0x0 0 gs 0x0 0 (gdb) disassemble Dump of assembler code for function check_deferred_signal: 0x00000008030385f0 : push %rbp 0x00000008030385f1 : mov %rsp,%rbp 0x00000008030385f4 : push %r15 0x00000008030385f6 : push %r14 0x00000008030385f8 : push %rbx 0x00000008030385f9 : sub $0x78,%rsp 0x00000008030385fd : mov %rdi,%rbx 0x0000000803038600 : cmpl $0x0,0x100(%rbx) 0x0000000803038607 : je 0x803038612 0x0000000803038609 : cmpl $0x0,0x180(%rbx) 0x0000000803038610 : je 0x80303861d 0x0000000803038612 : lea -0x18(%rbp),%rsp 0x0000000803038616 : pop %rbx 0x0000000803038617 : pop %r14 0x0000000803038619 : pop %r15 0x000000080303861b : pop %rbp 0x000000080303861c : retq 0x000000080303861d : movl $0x1,0x180(%rbx) 0x0000000803038627 : callq 0x803032dfc <__getcontextx_size@plt> 0x000000080303862c : cltq 0x000000080303862e : mov %rsp,%r14 0x0000000803038631 : add $0xf,%rax 0x0000000803038635 : and $0xfffffffffffffff0,%rax 0x0000000803038639 : sub %rax,%r14 0x000000080303863c : mov %r14,%rsp 0x000000080303863f : mov %r14,%rdi 0x0000000803038642 : callq 0x8030331cc 0x0000000803038647 : cmpl $0x0,0x100(%rbx) 0x000000080303864e : je 0x8030386db 0x0000000803038654 : lea 0x100(%rbx),%r15 0x000000080303865b : mov %r14,%rdi 0x000000080303865e : callq 0x80303301c <__fillcontextx2@plt> 0x0000000803038663 : movups 0x160(%rbx),%xmm0 0x000000080303866a : movups 0x170(%rbx),%xmm1 0x0000000803038671 : movaps %xmm1,-0x30(%rbp) 0x0000000803038675 : movaps %xmm0,-0x40(%rbp) 0x0000000803038679 : movups 0x150(%rbx),%xmm0 0x0000000803038680 : movups %xmm0,(%r14) 0x0000000803038684 : movups 0x40(%r15),%xmm0 0x0000000803038689 : movaps %xmm0,-0x50(%rbp) 0x000000080303868d : movups (%r15),%xmm0 0x0000000803038691 : movups 0x10(%r15),%xmm1 0x0000000803038696 : movups 0x20(%r15),%xmm2 0x000000080303869b : movups 0x30(%r15),%xmm3 0x00000008030386a0 : movaps %xmm3,-0x60(%rbp) 0x00000008030386a4 : movaps %xmm2,-0x70(%rbp) 0x00000008030386a8 : movaps %xmm1,-0x80(%rbp) 0x00000008030386ac : movaps %xmm0,-0x90(%rbp) 0x00000008030386b3 : movl $0x0,0x100(%rbx) 0x00000008030386bd : mov -0x90(%rbp),%esi 0x00000008030386c3 : lea -0x40(%rbp),%rdi 0x00000008030386c7 : lea -0x90(%rbp),%rdx 0x00000008030386ce : mov %r14,%rcx 0x00000008030386d1 : callq 0x803039330 0x00000008030386d6 : jmpq 0x803038612 0x00000008030386db : movl $0x0,0x180(%rbx) 0x00000008030386e5 : jmpq 0x803038612 End of assembler dump. I like the system, but this thread library smells fishy... :( Sincerely yours Andre.