NetBSD Problem Report #47271
From htodd@emily.i8u.org Sat Dec 1 06:05:38 2012
Return-Path: <htodd@emily.i8u.org>
Received: from mail.netbsd.org (mail.netbsd.org [149.20.53.66])
by www.NetBSD.org (Postfix) with ESMTP id 8A53D63DFC7
for <gnats-bugs@gnats.NetBSD.org>; Sat, 1 Dec 2012 06:05:38 +0000 (UTC)
Message-Id: <20121201060537.2B3486862E6@emily.i8u.org>
Date: Fri, 30 Nov 2012 22:05:37 -0800 (PST)
From: htodd@twofifty.com
Reply-To: htodd@twofifty.com
To: gnats-bugs@gnats.NetBSD.org
Subject: host (1) dumps core on latest netbsd-6
X-Send-Pr-Version: 3.95
>Number: 47271
>Category: bin
>Synopsis: host (1) dumps core on latest netbsd-6
>Confidential: no
>Severity: critical
>Priority: high
>Responsible: bin-bug-people
>State: closed
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Sat Dec 01 06:10:00 +0000 2012
>Closed-Date: Sun Dec 23 12:45:37 +0000 2012
>Last-Modified: Sun Dec 23 12:45:37 +0000 2012
>Originator: H. Todd Fujinaka
>Release: NetBSD 6.0_STABLE
>Organization:
None
>Environment:
System: NetBSD emily.i8u.org 6.0_STABLE NetBSD 6.0_STABLE (EMILY) #1: Thu Nov 29 02:52:06 PST 2012 htodd@emily.i8u.org:/usr/obj/sys/arch/i386/compile.i386/EMILY i386
Architecture: i386
Machine: i386
>Description:
GNU gdb (GDB) 7.3.1
Copyright (C) 2011 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "i486--netbsdelf".
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>...
Reading symbols from /home/htodd/host...(no debugging symbols found)...done.
[New process 1]
Core was generated by `host'.
Program terminated with signal 11, Segmentation fault.
#0 0xbb72e3b6 in __fpclassifyf () from /usr/lib/libc.so.12
(gdb) bt
#0 0xbb72e3b6 in __fpclassifyf () from /usr/lib/libc.so.12
#1 0xbb9aea83 in pthread_create () from /usr/lib/libpthread.so.1
#2 0xbb9f2558 in isc__taskmgr_create () from /usr/lib/libisc.so.5
#3 0xbb9f219b in isc__task_getcurrenttime () from /usr/lib/libisc.so.5
#4 0x0804f925 in setup_libs ()
#5 0x0804d624 in main ()
(gdb) q
>How-To-Repeat:
Build the latest i386 code and install. Hope you have a build before 11/28.
>Fix:
Yes please.
>Release-Note:
>Audit-Trail:
From: David Laight <david@l8s.co.uk>
To: gnats-bugs@NetBSD.org
Cc:
Subject: Re: bin/47271: host (1) dumps core on latest netbsd-6
Date: Sat, 1 Dec 2012 08:36:12 +0000
On Sat, Dec 01, 2012 at 06:10:01AM +0000, htodd@twofifty.com wrote:
> >Number: 47271
> >Category: bin
> >Synopsis: host (1) dumps core on latest netbsd-6
...
> (gdb) bt
> #0 0xbb72e3b6 in __fpclassifyf () from /usr/lib/libc.so.12
> #1 0xbb9aea83 in pthread_create () from /usr/lib/libpthread.so.1
> #2 0xbb9f2558 in isc__taskmgr_create () from /usr/lib/libisc.so.5
> #3 0xbb9f219b in isc__task_getcurrenttime () from /usr/lib/libisc.so.5
> #4 0x0804f925 in setup_libs ()
> #5 0x0804d624 in main ()
That stack trace doesn't look entirely correct - or something odd
is going on.
AFAICT __fpclassifyf() is very unlikely to fault and it won't be called
directly by pthread_create().
Probably worth disassembling the code before and after each return address
to help verify the location (starting 64 bytes before might be enough
to get the instruction bytes aligned).
Also the registers of the faulting stack frame will show why it faulted.
(I can't quote the exact gdb commands - I usually manage to find them
by trial and error!)
David
--
David Laight: david@l8s.co.uk
From: "John D. Baker" <jdbaker@mylinuxisp.com>
To: gnats-bugs@NetBSD.org
Cc:
Subject: Re: bin/47271: host (1) dumps core on latest netbsd-6
Date: Sat, 1 Dec 2012 10:09:11 -0600 (CST)
The recent pull-ups to libpthread seem to affect any program compiled
with "-pthread". On my amd64 system, 'host' crashes as follows:
Core was generated by `host'.
Program terminated with signal 11, Segmentation fault.
#0 0x00007f7ff600af70 in pthread__init () from /usr/lib/libpthread.so.1
(gdb) bt
#0 0x00007f7ff600af70 in pthread__init () from /usr/lib/libpthread.so.1
#1 0x00007f7ff564ec95 in _libc_init () from /usr/lib/libc.so.12
#2 0x00007f7ff5638604 in ?? () from /usr/lib/libc.so.12
#3 0x00007f7ff7ff98c0 in ?? ()
#4 0x00007f7ff56340b9 in _init () from /usr/lib/libc.so.12
#5 0x0000000000000000 in ?? ()
I observed exactly the same backtrace with 'nfsd' (even after a clean
release build) as well as with applications built prior to the pull-ups.
Likewise, the configure phase of package builds that expect to use
"-pthread" will fail when the test program crashes.
--
|/"\ John D. Baker, KN5UKS NetBSD Darwin/MacOS X
|\ / jdbaker[snail]mylinuxisp[flyspeck]com OpenBSD FreeBSD
| X No HTML/proprietary data in email. BSD just sits there and works!
|/ \ GPGkeyID: D703 4A7E 479F 63F8 D3F4 BD99 9572 8F23 E4AD 1645
From: Hisashi T Fujinaka <htodd@twofifty.com>
To: gnats-bugs@NetBSD.org
Cc: gnats-admin@NetBSD.org, netbsd-bugs@NetBSD.org
Subject: Re: bin/47271: host (1) dumps core on latest netbsd-6
Date: Sat, 1 Dec 2012 13:53:02 -0800 (PST)
I did a rebuild with -g and MKDEBUG=yes and the backtrace looks
different. Not sure what to do next.
GNU gdb (GDB) 7.3.1
Copyright (C) 2011 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "i486--netbsdelf".
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>...
Reading symbols from /usr/bin/host...(no debugging symbols found)...done.
[New process 1]
Core was generated by `host'.
Program terminated with signal 11, Segmentation fault.
#0 0xbb72e3b6 in _lwp_makecontext () from /usr/lib/libc.so.12
(gdb) bt
#0 0xbb72e3b6 in _lwp_makecontext () from /usr/lib/libc.so.12
#1 0xbb9aea83 in pthread_create () from /usr/lib/libpthread.so.1
#2 0xbb9f2558 in isc_thread_create () from /usr/lib/libisc.so.5
#3 0xbb9f219b in isc__taskmgr_create () from /usr/lib/libisc.so.5
#4 0x0804f925 in setup_libs ()
#5 0x0804d624 in main ()
(gdb)
--
Hisashi T Fujinaka - htodd@twofifty.com
BSEE(6/86) + BSChem(3/95) + BAEnglish(8/95) + MSCS(8/03) + $2.50 = latte
From: Hisashi T Fujinaka <htodd@twofifty.com>
To: gnats-bugs@NetBSD.org
Cc: gnats-admin@NetBSD.org, netbsd-bugs@NetBSD.org
Subject: Re: bin/47271: host (1) dumps core on latest netbsd-6
Date: Sat, 1 Dec 2012 15:35:09 -0800 (PST)
This also happens on a Pentium 4 machine.
cpu0 at mainbus0 apid 0: Intel(R) Pentium(R) 4 CPU 3.00GHz, id 0xf34
NetBSD kerry.i8u.org 6.0_STABLE NetBSD 6.0_STABLE (KERRY) #48: Sat Nov 24 17:57:21 PST 2012
htodd@kerry.i8u.org:/usr/obj/netbsd-6/i386/objdir/usr/src/sys/arch/i386/compile/KERRY i386
htodd@kerry:~ > sudo gdb /usr/bin/host host.core
GNU gdb (GDB) 7.3.1
Copyright (C) 2011 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later
<http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show
copying"
and "show warranty" for details.
This GDB was configured as "i486--netbsdelf".
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>...
Reading symbols from /usr/bin/host...(no debugging symbols
found)...done.
[New process 1]
Core was generated by `host'.
Program terminated with signal 11, Segmentation fault.
#0 0xbb6c442e in _lwp_makecontext () from /usr/lib/libc.so.12
(gdb) bt
#0 0xbb6c442e in _lwp_makecontext () from /usr/lib/libc.so.12
#1 0xbb96591e in pthread_create () from /usr/lib/libpthread.so.1
#2 0xbb9af5c9 in isc_thread_create () from /usr/lib/libisc.so.5
#3 0xbb9ae8c5 in isc__taskmgr_create () from /usr/lib/libisc.so.5
#4 0x080502ee in setup_libs ()
#5 0x0804dca5 in main ()
(gdb)
--
Hisashi T Fujinaka - htodd@twofifty.com
BSEE(6/86) + BSChem(3/95) + BAEnglish(8/95) + MSCS(8/03) + $2.50 = latte
From: Hisashi T Fujinaka <htodd@twofifty.com>
To: gnats-bugs@NetBSD.org
Cc:
Subject: Re: bin/47271: host (1) dumps core on latest netbsd-6
Date: Sat, 1 Dec 2012 15:43:03 -0800 (PST)
htodd@kerry:~ > sudo gdb /usr/bin/host host.core
GNU gdb (GDB) 7.3.1
Copyright (C) 2011 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "i486--netbsdelf".
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>...
Reading symbols from /usr/bin/host...Reading symbols from /usr/libdata/debug/usr/bin/host.debug...done.
done.
[New process 1]
Core was generated by `host'.
Program terminated with signal 11, Segmentation fault.
#0 0xbb6c442e in _lwp_makecontext () from /usr/lib/libc.so.12
(gdb) bt
#0 0xbb6c442e in _lwp_makecontext () from /usr/lib/libc.so.12
#1 0xbb96591e in pthread_create (thread=0xbb5130c8, attr=0xbfbfecd4, startfunc=0xbb9ae3c2 <run>, arg=0xbb514000)
at /usr/src/lib/libpthread/pthread.c:426
#2 0xbb9af5c9 in isc_thread_create (func=0xbb9ae3c2 <run>, arg=0xbb514000, thread=0xbb5130c8)
at /usr/src/external/bsd/bind/dist/lib/isc/pthreads/thread.c:62
#3 0xbb9ae8c5 in isc__taskmgr_create (mctx=0xbb5010e0, workers=1, default_quantum=5, managerp=0x805b034)
at /usr/src/external/bsd/bind/dist/lib/isc/task.c:1410
#4 0x080502ee in setup_libs () at /usr/src/external/bsd/bind/dist/bin/dig/dighost.c:1330
#5 0x0804dca5 in main (argc=2, argv=0xbfbfedb0) at /usr/src/external/bsd/bind/dist/bin/dig/host.c:876
--
Hisashi T Fujinaka - htodd@twofifty.com
BSEE(6/86) + BSChem(3/95) + BAEnglish(8/95) + MSCS(8/03) + $2.50 = latte
From: Hisashi T Fujinaka <htodd@twofifty.com>
To: gnats-bugs@NetBSD.org
Cc: gnats-admin@NetBSD.org, netbsd-bugs@NetBSD.org
Subject: Re: bin/47271: host (1) dumps core on latest netbsd-6
Date: Sat, 1 Dec 2012 16:27:50 -0800 (PST)
Disassembly of my _lwp_makecontext
(gdb) disas _lwp_makecontext
Dump of assembler code for function _lwp_makecontext:
0xbb6c43d0 <+0>: push %ebp
0xbb6c43d1 <+1>: mov %esp,%ebp
0xbb6c43d3 <+3>: push %ebx
0xbb6c43d4 <+4>: sub $0x14,%esp
0xbb6c43d7 <+7>: call 0xbb6c43dc <_lwp_makecontext+12>
0xbb6c43dc <+12>: pop %ebx
0xbb6c43dd <+13>: add $0xb51e0,%ebx
0xbb6c43e3 <+19>: mov 0x8(%ebp),%eax
0xbb6c43e6 <+22>: mov %eax,(%esp)
0xbb6c43e9 <+25>: call 0xbb69e67c <_getcontext@plt>
0xbb6c43ee <+30>: mov 0x8(%ebp),%edx
0xbb6c43f1 <+33>: movl $0x0,0x4(%edx)
0xbb6c43f8 <+40>: mov 0x18(%ebp),%eax
0xbb6c43fb <+43>: mov %eax,0x18(%edx)
0xbb6c43fe <+46>: mov 0x1c(%ebp),%eax
0xbb6c4401 <+49>: mov %eax,0x1c(%edx)
0xbb6c4404 <+52>: mov 0xc(%ebp),%eax
0xbb6c4407 <+55>: mov %eax,0x5c(%edx)
0xbb6c440a <+58>: mov 0x18(%ebp),%eax
0xbb6c440d <+61>: add 0x1c(%ebp),%eax
0xbb6c4410 <+64>: and $0xfffffffc,%eax
0xbb6c4413 <+67>: mov 0x10(%ebp),%edx
0xbb6c4416 <+70>: mov %edx,-0x4(%eax)
0xbb6c4419 <+73>: lea -0x8(%eax),%edx
0xbb6c441c <+76>: mov -0x238(%ebx),%ecx
0xbb6c4422 <+82>: mov %ecx,-0x8(%eax)
0xbb6c4425 <+85>: mov 0x8(%ebp),%eax
0xbb6c4428 <+88>: mov %edx,0x68(%eax)
0xbb6c442b <+91>: mov 0x14(%ebp),%edx
=> 0xbb6c442e <+94>: mov %edx,0x2f4(%eax)
0xbb6c4434 <+100>: orl $0x80000,(%eax)
0xbb6c443a <+106>: add $0x14,%esp
0xbb6c443d <+109>: pop %ebx
0xbb6c443e <+110>: pop %ebp
0xbb6c443f <+111>: ret
End of assembler dump.
(gdb)
--
Hisashi T Fujinaka - htodd@twofifty.com
BSEE(6/86) + BSChem(3/95) + BAEnglish(8/95) + MSCS(8/03) + $2.50 = latte
From: christos@zoulas.com (Christos Zoulas)
To: Hisashi T Fujinaka <htodd@twofifty.com>, gnats-bugs@NetBSD.org
Cc: gnats-admin@NetBSD.org, netbsd-bugs@NetBSD.org
Subject: Re: bin/47271: host (1) dumps core on latest netbsd-6
Date: Sat, 1 Dec 2012 19:53:01 -0500
On Dec 1, 1:53pm, htodd@twofifty.com (Hisashi T Fujinaka) wrote:
-- Subject: Re: bin/47271: host (1) dumps core on latest netbsd-6
| I did a rebuild with -g and MKDEBUG=yes and the backtrace looks
| different. Not sure what to do next.
build and link with -lc_g -lpthread_g
christos
From: Hisashi T Fujinaka <htodd@twofifty.com>
To: gnats-bugs@NetBSD.org
Cc: gnats-admin@NetBSD.org, netbsd-bugs@NetBSD.org
Subject: Re: bin/47271: host (1) dumps core on latest netbsd-6
Date: Sat, 1 Dec 2012 19:44:26 -0800 (PST)
htodd@kerry:~ > sudo gdb /usr/bin/host host.core
GNU gdb (GDB) 7.3.1
Copyright (C) 2011 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "i486--netbsdelf".
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>...
Reading symbols from /usr/bin/host...Reading symbols from /usr/libdata/debug/usr/bin/host.debug...done.
done.
[New process 1]
Core was generated by `host'.
Program terminated with signal 11, Segmentation fault.
#0 0xbb6c442e in _lwp_makecontext () from /usr/lib/libc.so.12
(gdb) bt
#0 0xbb6c442e in _lwp_makecontext () from /usr/lib/libc.so.12
#1 0xbb96591e in pthread_create (thread=0xbb5130c8, attr=0xbfbfecd4, startfunc=0xbb9ae3c2 <run>, arg=0xbb514000)
at /usr/src/lib/libpthread/pthread.c:426
#2 0xbb9af5c9 in isc_thread_create (func=0xbb9ae3c2 <run>, arg=0xbb514000, thread=0xbb5130c8)
at /usr/src/external/bsd/bind/dist/lib/isc/pthreads/thread.c:62
#3 0xbb9ae8c5 in isc__taskmgr_create (mctx=0xbb5010e0, workers=1, default_quantum=5, managerp=0x805b034)
at /usr/src/external/bsd/bind/dist/lib/isc/task.c:1410
#4 0x080502ee in setup_libs () at /usr/src/external/bsd/bind/dist/bin/dig/dighost.c:1330
#5 0x0804dca5 in main (argc=2, argv=0xbfbfedb0) at /usr/src/external/bsd/bind/dist/bin/dig/host.c:876
(gdb) disas _lwp_makecontext
Dump of assembler code for function _lwp_makecontext:
0xbb6c43d0 <+0>: push %ebp
0xbb6c43d1 <+1>: mov %esp,%ebp
0xbb6c43d3 <+3>: push %ebx
0xbb6c43d4 <+4>: sub $0x14,%esp
0xbb6c43d7 <+7>: call 0xbb6c43dc <_lwp_makecontext+12>
0xbb6c43dc <+12>: pop %ebx
0xbb6c43dd <+13>: add $0xb51e0,%ebx
0xbb6c43e3 <+19>: mov 0x8(%ebp),%eax
0xbb6c43e6 <+22>: mov %eax,(%esp)
0xbb6c43e9 <+25>: call 0xbb69e67c <_getcontext@plt>
0xbb6c43ee <+30>: mov 0x8(%ebp),%edx
0xbb6c43f1 <+33>: movl $0x0,0x4(%edx)
0xbb6c43f8 <+40>: mov 0x18(%ebp),%eax
0xbb6c43fb <+43>: mov %eax,0x18(%edx)
0xbb6c43fe <+46>: mov 0x1c(%ebp),%eax
0xbb6c4401 <+49>: mov %eax,0x1c(%edx)
0xbb6c4404 <+52>: mov 0xc(%ebp),%eax
0xbb6c4407 <+55>: mov %eax,0x5c(%edx)
0xbb6c440a <+58>: mov 0x18(%ebp),%eax
0xbb6c440d <+61>: add 0x1c(%ebp),%eax
0xbb6c4410 <+64>: and $0xfffffffc,%eax
0xbb6c4413 <+67>: mov 0x10(%ebp),%edx
0xbb6c4416 <+70>: mov %edx,-0x4(%eax)
0xbb6c4419 <+73>: lea -0x8(%eax),%edx
0xbb6c441c <+76>: mov -0x238(%ebx),%ecx
0xbb6c4422 <+82>: mov %ecx,-0x8(%eax)
0xbb6c4425 <+85>: mov 0x8(%ebp),%eax
0xbb6c4428 <+88>: mov %edx,0x68(%eax)
0xbb6c442b <+91>: mov 0x14(%ebp),%edx
=> 0xbb6c442e <+94>: mov %edx,0x2f4(%eax)
0xbb6c4434 <+100>: orl $0x80000,(%eax)
0xbb6c443a <+106>: add $0x14,%esp
0xbb6c443d <+109>: pop %ebx
0xbb6c443e <+110>: pop %ebp
0xbb6c443f <+111>: ret
End of assembler dump.
(gdb)
--
Hisashi T Fujinaka - htodd@twofifty.com
BSEE(6/86) + BSChem(3/95) + BAEnglish(8/95) + MSCS(8/03) + $2.50 = latte
From: christos@zoulas.com (Christos Zoulas)
To: Hisashi T Fujinaka <htodd@twofifty.com>, gnats-bugs@NetBSD.org
Cc: gnats-admin@NetBSD.org, netbsd-bugs@NetBSD.org
Subject: Re: bin/47271: host (1) dumps core on latest netbsd-6
Date: Sun, 2 Dec 2012 10:08:48 -0500
On Dec 1, 7:44pm, htodd@twofifty.com (Hisashi T Fujinaka) wrote:
-- Subject: Re: bin/47271: host (1) dumps core on latest netbsd-6
| Program terminated with signal 11, Segmentation fault.
| #0 0xbb6c442e in _lwp_makecontext () from /usr/lib/libc.so.12
| (gdb) bt
| #0 0xbb6c442e in _lwp_makecontext () from /usr/lib/libc.so.12
Looks like libpthread has symbols, but libc has not.
christos
From: Hisashi T Fujinaka <htodd@twofifty.com>
To: gnats-bugs@NetBSD.org
Cc: gnats-admin@NetBSD.org, netbsd-bugs@NetBSD.org
Subject: Re: bin/47271: host (1) dumps core on latest netbsd-6
Date: Sun, 2 Dec 2012 08:25:00 -0800 (PST)
Rebuilding again with different objdirs to see if I can get symbols in
libc.
--
Hisashi T Fujinaka - htodd@twofifty.com
BSEE(6/86) + BSChem(3/95) + BAEnglish(8/95) + MSCS(8/03) + $2.50 = latte
From: Taylor R Campbell <campbell+netbsd@mumble.net>
To: gnats-bugs@NetBSD.org
Cc:
Subject: Re: bin/47271: host (1) dumps core on latest netbsd-6
Date: Sun, 2 Dec 2012 18:03:16 +0000
I suspect that netbsd-6 didn't take well to ~doubling sizeof(struct
__pthread_st) in christos's recent changes to pthread's thread-
specific data. On amd64, it formerly fit in a single page; now it
covers nearly two, and I expect it's similar on i386. The pthread
stack setup changed substantially from 6 to HEAD, so it's not
surprising that these changes might work in HEAD but not in 6.
From: Jan Danielsson <jan.m.danielsson@gmail.com>
To: gnats-bugs@NetBSD.org
Cc: htodd@twofifty.com, gnats-admin@netbsd.org, netbsd-bugs@netbsd.org
Subject: Re: bin/47271: host (1) dumps core on latest netbsd-6
Date: Sun, 02 Dec 2012 19:06:35 +0100
I'm seeing a very similar behavior on NetBSD/amd64.
Other applications which seem to be affected: named (from base),
rtorrent, vim.
--
Kind regards,
Jan Danielsson
From: Taylor R Campbell <campbell+netbsd@mumble.net>
To: gnats-bugs@NetBSD.org
Cc: netbsd-bugs@NetBSD.org
Subject: Re: bin/47271: host (1) dumps core on latest netbsd-6
Date: Sun, 2 Dec 2012 18:56:03 +0000
This is a multi-part message in MIME format.
--=_vXlEPmH0ra2WG62OZf6ZyohNndGD9pGb
The attached patch works around the problem, at least on amd64, but I
think we ought to discuss whether it is actually appropriate to double
the size of each pthread for the thread-specific data deletion kludge,
both in HEAD and in netbsd-6. For now, until that discussion happens,
riz has reverted the TSD change in netbsd-6.
--=_vXlEPmH0ra2WG62OZf6ZyohNndGD9pGb
Content-Type: text/plain; charset="ISO-8859-1"; name="nb6-pthread-fix"
Content-Transfer-Encoding: quoted-printable
Content-Disposition: attachment; filename="nb6-pthread-fix.patch"
Index: lib/libpthread/pthread.c
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
RCS file: /cvsroot/src/lib/libpthread/pthread.c,v
retrieving revision 1.125.4.1
diff -p -u -r1.125.4.1 pthread.c
--- lib/libpthread/pthread.c 7 May 2012 03:12:33 -0000 1.125.4.1
+++ lib/libpthread/pthread.c 2 Dec 2012 18:50:03 -0000
@@ -1274,22 +1274,32 @@ pthread__stackid_setup(void *base, size_
{
pthread_t t;
void *redaddr;
- size_t pagesize;
+ size_t pagesize, bytes_needed;
int ret;
=20
t =3D base;
pagesize =3D (size_t)sysconf(_SC_PAGESIZE);
+ bytes_needed =3D roundup(sizeof(*t), pagesize);
+
+ if (pagesize >=3D size)
+ return ENOMEM;
+ if (bytes_needed >=3D (size - pagesize))
+ return ENOMEM;
=20
/*
* Put a pointer to the pthread in the bottom (but
* redzone-protected section) of the stack.=20
+ *
+ * XXX If the stack grows up, the pthread is *not*
+ * protected by the redzone.
*/
- redaddr =3D STACK_SHRINK(STACK_MAX(base, size), pagesize);
- t->pt_stack.ss_size =3D size - 2 * pagesize;
+ t->pt_stack.ss_size =3D size - bytes_needed - pagesize;
#ifdef __MACHINE_STACK_GROWS_UP
- t->pt_stack.ss_sp =3D (char *)(void *)base + pagesize;
+ redaddr =3D STACK_SHRINK(STACK_MAX(base, size), pagesize);
+ t->pt_stack.ss_sp =3D (char *)(void *)base + bytes_needed;
#else
- t->pt_stack.ss_sp =3D (char *)(void *)base + 2 * pagesize;
+ redaddr =3D STACK_SHRINK(STACK_MAX(base, size), bytes_needed);
+ t->pt_stack.ss_sp =3D (char *)(void *)base + bytes_needed + pagesize;
#endif
/* Protect the next-to-bottom stack page as a red zone. */
ret =3D mprotect(redaddr, pagesize, PROT_NONE);
--=_vXlEPmH0ra2WG62OZf6ZyohNndGD9pGb--
From: christos@zoulas.com (Christos Zoulas)
To: gnats-bugs@NetBSD.org, gnats-admin@netbsd.org, netbsd-bugs@netbsd.org,
htodd@twofifty.com
Cc:
Subject: Re: bin/47271: host (1) dumps core on latest netbsd-6
Date: Sun, 2 Dec 2012 14:55:46 -0500
On Dec 2, 6:05pm, campbell+netbsd@mumble.net (Taylor R Campbell) wrote:
-- Subject: Re: bin/47271: host (1) dumps core on latest netbsd-6
| I suspect that netbsd-6 didn't take well to ~doubling sizeof(struct
| __pthread_st) in christos's recent changes to pthread's thread-
| specific data. On amd64, it formerly fit in a single page; now it
| covers nearly two, and I expect it's similar on i386. The pthread
| stack setup changed substantially from 6 to HEAD, so it's not
| surprising that these changes might work in HEAD but not in 6.
Does unlimiting the stack fix the problem?
christos
From: christos@zoulas.com (Christos Zoulas)
To: gnats-bugs@NetBSD.org, gnats-admin@netbsd.org, netbsd-bugs@netbsd.org,
htodd@twofifty.com
Cc:
Subject: Re: bin/47271: host (1) dumps core on latest netbsd-6
Date: Sun, 2 Dec 2012 15:06:53 -0500
On Dec 2, 7:00pm, campbell+netbsd@mumble.net (Taylor R Campbell) wrote:
-- Subject: Re: bin/47271: host (1) dumps core on latest netbsd-6
| The attached patch works around the problem, at least on amd64, but I
| think we ought to discuss whether it is actually appropriate to double
| the size of each pthread for the thread-specific data deletion kludge,
| both in HEAD and in netbsd-6. For now, until that discussion happens,
| riz has reverted the TSD change in netbsd-6.
The size increase is not really necessary if you are willing to
pay the cost of going through the all_thread list when you remove
a key (and hold a different lock). Having said that, even in the
case of 1000 threads, this just amounts to 6M of memory on a 64
bit host, instread of ~2M, since I've added 2 pointers to the array
of 256 keys; you need at least one more to hold the data.
christos
From: "Julian Coleman" <jdc@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc:
Subject: PR/47271 CVS commit: [netbsd-6] src/lib/libpthread
Date: Mon, 3 Dec 2012 19:07:28 +0000
Module Name: src
Committed By: jdc
Date: Mon Dec 3 19:07:27 UTC 2012
Modified Files:
src/lib/libpthread [netbsd-6]: pthread.c
Log Message:
Apply patch (requested by riastradh in ticket #735) to fix the unchecked
assumption that sizeof(struct __pthread_st) <= pagesize, as observed in
PR 47271.
To generate a diff of this commit:
cvs rdiff -u -r1.125.4.1 -r1.125.4.2 src/lib/libpthread/pthread.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
State-Changed-From-To: open->closed
State-Changed-By: martin@NetBSD.org
State-Changed-When: Sun, 23 Dec 2012 12:45:37 +0000
State-Changed-Why:
fixed
>Unformatted:
(Contact us)
$NetBSD: query-full-pr,v 1.39 2013/11/01 18:47:49 spz Exp $
$NetBSD: gnats_config.sh,v 1.8 2006/05/07 09:23:38 tsutsui Exp $
Copyright © 1994-2007
The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.
Home