libkse and bus error

Morten Rodal morten at rodal.no
Sun Nov 23 08:23:30 PST 2003 

Morten Rodal wrote:
> Daniel Eischen wrote:
> 
>> On Sun, 19 Oct 2003, Morten Rodal wrote:
>>
>>> On Sun, Oct 19, 2003 at 02:16:27PM -0400, Daniel Eischen wrote:
>>>
>>>> On Sun, 19 Oct 2003, Morten Rodal wrote:
>>>>
>>>>> I seem to be able to crash almost every pthread program that uses
>>>>> pthread_mutex'es.  First I thought it was a problem with
>>>>> pthread_testcancel(), until I compiled libkse with DEBUG_FLAGS=-g on
>>>>> one of machines.
>>>>>
>>>>> Backtrace from a machine with DEBUG_FLAGS=-g and libkse:
>>>>>
>>>>> #0  0x28e6ed1b in kse_thr_interrupt () at {standard input}:15
>>>>> #1  0x28e5f990 in _thr_sig_add (pthread=0x81fab00, sig=136293172,
>>>>> info=0x0)
>>>>>    at /usr/src/lib/libpthread/thread/thr_sig.c:885
>>>>> #2  0x28e687cb in kse_check_completed (kse=0x81fab00)
>>>>>    at /usr/src/lib/libpthread/thread/thr_kern.c:1558
>>>>> #3  0x28e6721c in kse_sched_multi (kmbx=0x17e)
>>>>>    at /usr/src/lib/libpthread/thread/thr_kern.c:1021
>>>>
>>>>
>>>> This is a problem.  The mailbox pointer is invalid.
>>>>
>>>
>>> I thought it looked a bit strange.  Any clues to what might have
>>> caused this?
>>
>>
>>
>> When I've seen it before, it's when %gs becomes corrupted.  Nvidia
>> uses static ldt allocation and this can screw things up.  If you
>> are getting any static ldt allocations out of the kernel, that is
>> the problem.
>>
> 
> I hate to rip up in old mails, but I am now able to crash Mozilla 
> Firebird at command.  It dies with the same strange traceback as I got 
> with dc++ (which this thread originally addressed).
> 
> When ordering a airplane ticket from www.scandinavian.net Mozilla 
> Firebird will crash when confirming the payment with a signal 10. This 
> happens on three completly different computers;
> 
>  * Dual Pentium II 300MHz, libkse, kernel from Nov 19
>  * Pentium III 933MHz, libkse, kernel from Nov  3
>  * Pentium 4 1.7GHz, libkse, kernel from Nov 21
> 
> Only the Dual Pentium is running nvidia drivers.  The others are running 
> X11 drivers.
> 
> All of them produce a MozillaFirebird-bin.core which has this backtrace 
> (cut down to an absolute minimum since it is rather huge):
> 
> #0  0x288c2ebb in pthread_testcancel () from /usr/lib/libkse.so.1
> #1  0x288bc91b in pthread_mutexattr_init () from /usr/lib/libkse.so.1
> #2  0x288bb36c in pthread_mutexattr_init () from /usr/lib/libkse.so.1
> #3  0x09b8d000 in ?? ()
> #4  0x283c5cac in gtk_widget_hide () from 
> /usr/X11R6/lib/libgtk-x11-2.0.so.200
> 
> I will recompile libkse with DEBUG_FLAGS=-g and see if I cant get any 
> more accurate info than this.
> 

Backtrace with debugging symbols in libkse:

#0  0x288c2f4b in kse_thr_interrupt () at /var/tmp//cc4HnJI9.s:15
#1  0x288b3b3d in _thr_sig_add (pthread=0x805e000, sig=134574132, info=0x0)
     at /usr/src/lib/libpthread/thread/thr_sig.c:885
#2  0x288bc9ab in kse_check_completed (kse=0x8057000)
     at /usr/src/lib/libpthread/thread/thr_kern.c:1558
#3  0x288bb3fc in kse_sched_multi (kmbx=0x17e)
     at /usr/src/lib/libpthread/thread/thr_kern.c:1021
#4  0x08287000 in ?? ()
#5  0x283c5cac in gtk_widget_hide () from 
/usr/X11R6/lib/libgtk-x11-2.0.so.200


This is taken from the Pentium III machine, which has a ATI card with 
X11 drivers.  I have never seen any mention of usage of static ldt 
entries in the dmesg.

-- 
Morten Rodal

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-threads/attachments/20031123/be93a9c7/attachment.bin

More information about the freebsd-threads mailing list