NetBSD Problem Report #53918
From martin@duskware.de Mon Jan 28 13:50:26 2019
Return-Path: <martin@duskware.de>
Received: from mail.netbsd.org (mail.netbsd.org [199.233.217.200])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
(Client CN "mail.NetBSD.org", Issuer "mail.NetBSD.org CA" (not verified))
by mollari.NetBSD.org (Postfix) with ESMTPS id 4C52B7A1FE
for <gnats-bugs@gnats.NetBSD.org>; Mon, 28 Jan 2019 13:50:26 +0000 (UTC)
Message-Id: <20190128135017.8D17D5CC8CB@emmas.aprisoft.de>
Date: Mon, 28 Jan 2019 14:50:17 +0100 (CET)
From: martin@NetBSD.org
Reply-To: martin@NetBSD.org
To: gnats-bugs@NetBSD.org
Subject: X crashes on pinebook and stack unwinding broken
X-Send-Pr-Version: 3.95
>Number: 53918
>Category: toolchain
>Synopsis: X crashes on pinebook and stack unwinding broken
>Confidential: no
>Severity: critical
>Priority: high
>Responsible: toolchain-manager
>State: open
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Mon Jan 28 13:55:00 +0000 2019
>Last-Modified: Wed Oct 23 00:45:01 +0000 2019
>Originator: Martin Husemann
>Release: NetBSD 8.99.32
>Organization:
The NetBSD Foundation, Inc.
>Environment:
System: NetBSD painkiller.duskware.de 8.99.32 NetBSD 8.99.32 (GENERIC64) #32: Mon Jan 28 11:53:50 CET 2019 martin@seven-days-to-the-wolves.aprisoft.de:/work/src/sys/arch/evbarm/compile/GENERIC64 evbarm
Architecture: aarch64
Machine: evbarm
>Description:
Since my last update X does not start any more and the X process hangs
apparently trying to log a backtrace:
[Switching to LWP 1 of process 437]
0x0000fffffb816e00 in memset () from /usr/lib/libc.so.12
(gdb) bt
#0 0x0000fffffb816e00 in memset () from /usr/lib/libc.so.12
#1 0x0000fffffb6d5218 in ?? () from /lib/libgcc_s.so.1
#2 0x0000fffffb6d68b8 in _Unwind_Backtrace () from /lib/libgcc_s.so.1
#3 0x0000fffffbe710b0 in backtrace (arr=<optimized out>, len=<optimized out>)
at /work/src/lib/libexecinfo/unwind.c:67
#4 0x0000000200271d70 in xorg_backtrace ()
#5 0x000000020026dc6c in ?? ()
#6 0x0000fffffb79d750 in _opendir (name=<optimized out>)
at /work/src/lib/libc/gen/opendir.c:72
Backtrace stopped: previous frame identical to this frame (corrupt stack?)
This failure to unwind is why this is in the toolchain category - real fixes
for the X issue would be nice too ;-)
>How-To-Repeat:
Set xdm=yes in /etc/rc.conf and boot a pinebook - does not happen always,
but quite often.
>Fix:
n/a
>Audit-Trail:
From: matthew green <mrg@eterna.com.au>
To: gnats-bugs@NetBSD.org
Cc: toolchain-manager@netbsd.org, gnats-admin@netbsd.org,
netbsd-bugs@netbsd.org
Subject: re: toolchain/53918: X crashes on pinebook and stack unwinding broken
Date: Tue, 29 Jan 2019 10:53:34 +1100
> Since my last update X does not start any more and the X process hangs =
> apparently trying to log a backtrace:
> =
> [Switching to LWP 1 of process 437]
> 0x0000fffffb816e00 in memset () from /usr/lib/libc.so.12
> (gdb) bt
> #0 0x0000fffffb816e00 in memset () from /usr/lib/libc.so.12
> #1 0x0000fffffb6d5218 in ?? () from /lib/libgcc_s.so.1
> #2 0x0000fffffb6d68b8 in _Unwind_Backtrace () from /lib/libgcc_s.so.1
> #3 0x0000fffffbe710b0 in backtrace (arr=3D<optimized out>, len=3D<optim=
ized out>)
> at /work/src/lib/libexecinfo/unwind.c:67
> #4 0x0000000200271d70 in xorg_backtrace ()
> #5 0x000000020026dc6c in ?? ()
> #6 0x0000fffffb79d750 in _opendir (name=3D<optimized out>)
> at /work/src/lib/libc/gen/opendir.c:72
> Backtrace stopped: previous frame identical to this frame (corrupt stack=
?)
> =
> This failure to unwind is why this is in the toolchain category - real f=
ixes
> for the X issue would be nice too ;-)
looks like a bug for libexecinfo() on arm64? at least you
seem to have something beyond signals. on amd64 nothing
from the actually faulting code is shown, just the signal
handler and below.
.mrg.
From: matthew green <mrg@eterna.com.au>
To: gnats-bugs@NetBSD.org
Cc: toolchain-manager@netbsd.org, gnats-admin@netbsd.org,
netbsd-bugs@netbsd.org
Subject: re: toolchain/53918: X crashes on pinebook and stack unwinding broken
Date: Tue, 29 Jan 2019 11:19:08 +1100
i hacked the xorg_backtrace() function into a simple test case that
also hangs on arm64 for me.
.mrg.
#include <dlfcn.h>
#include <execinfo.h>
#include <stdio.h>
#include <signal.h>
#define ErrorFSigSafe printf
void
xorg_backtrace(void)
{
const int BT_SIZE = 64;
void *array[BT_SIZE];
const char *mod;
int size, i;
Dl_info info;
ErrorFSigSafe("\n");
ErrorFSigSafe("Backtrace:\n");
size = backtrace(array, BT_SIZE);
ErrorFSigSafe("bt size = %d\n", size);
for (i = 0; i < size; i++) {
int rc = dladdr(array[i], &info);
if (rc == 0) {
ErrorFSigSafe("%u: ?? [%p]\n", i, array[i]);
continue;
}
mod = (info.dli_fname && *info.dli_fname) ? info.dli_fname : "(vdso)";
if (info.dli_saddr)
ErrorFSigSafe(
"%u: %s (%s+0x%x) [%p]\n",
i,
mod,
info.dli_sname,
(unsigned int)((char *) array[i] -
(char *) info.dli_saddr),
array[i]);
else
ErrorFSigSafe(
"%u: %s (%p+0x%x) [%p]\n",
i,
mod,
info.dli_fbase,
(unsigned int)((char *) array[i] -
(char *) info.dli_fbase),
array[i]);
}
ErrorFSigSafe("\n");
}
void
call_bt(int signo)
{
printf("signo: %d\n", signo);
xorg_backtrace();
}
int
main(void)
{
xorg_backtrace();
signal(SIGSEGV, call_bt);
*(volatile char *)0 = 1;
}
From: matthew green <mrg@eterna.com.au>
To: toolchain-manager@netbsd.org, gnats-admin@netbsd.org,
netbsd-bugs@netbsd.org, gnats-bugs@NetBSD.org
Cc:
Subject: re: toolchain/53918: X crashes on pinebook and stack unwinding broken
Date: Tue, 29 Jan 2019 11:32:31 +1100
matthew green writes:
> i hacked the xorg_backtrace() function into a simple test case that
> also hangs on arm64 for me.
>
this "fixes" the hang for me by avoiding an infinite loop in
the libexecinfo unwind tracer() function, but it still shows
that there is a bug in the handling (i had to fix a bug in the
test program to call _exit(1) for this to work properly):
soft-irony ~> ./a.out
Backtrace:
bt size = 2
0: ./a.out (0x200100000+0xb18) [0x200100b18]
1: ./a.out (0x200100000+0xcc4) [0x200100cc4]
signo: 11
Backtrace:
bt size = 63
0: ./a.out (0x200100000+0xb18) [0x200100b18]
1: ./a.out (0x200100000+0xcb0) [0x200100cb0]
2: /usr/lib/libc.so.12 (__sigtramp_siginfo_2+0x0) [0xf68683d9d6d0]
3: /usr/lib/libc.so.12 (__sigtramp_siginfo_2+0x0) [0xf68683d9d6d0]
4: /usr/lib/libc.so.12 (__sigtramp_siginfo_2+0x0) [0xf68683d9d6d0]
[ ... ]
62: /usr/lib/libc.so.12 (__sigtramp_siginfo_2+0x0) [0xf68683d9d6d0]
soft-irony ~>
on amd64, this ends at frame#2 -- the libc trampoline. on arm64
it is recursing to itself.
.mrg.
Index: unwind.c
===================================================================
RCS file: /cvsroot/src/lib/libexecinfo/unwind.c,v
retrieving revision 1.2
diff -p -u -r1.2 unwind.c
--- unwind.c 24 Mar 2014 21:26:01 -0000 1.2
+++ unwind.c 29 Jan 2019 00:29:30 -0000
@@ -52,6 +52,8 @@ tracer(struct _Unwind_Context *ctx, void
}
if (t->n < t->len)
t->arr[t->n++] = (void *)_Unwind_GetIP(ctx);
+ else
+ return 1; // other code better, but will do for now
return 0;
}
From: coypu@sdf.org
To: gnats-bugs@netbsd.org
Cc:
Subject: re: toolchain/53918: X crashes on pinebook and stack unwinding broken
Date: Wed, 23 Oct 2019 00:40:20 +0000
in a similar discussion, jared points out that the fb driver on the
pinebook does not reserve memory for the framebuffer, so if the memory
gets too fragmented, X will fail to start.
(Contact us)
$NetBSD: query-full-pr,v 1.43 2018/01/16 07:36:43 maya Exp $
$NetBSD: gnats_config.sh,v 1.9 2014/08/02 14:16:04 spz Exp $
Copyright © 1994-2017
The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.
Home