Re: core dump in cvsup caused by _once()?

From: James R. Van Artsdalen <james-freebsd-current_at_jrv.org>
Date: Thu, 21 Jan 2010 03:43:41 -0600
>From early December:

Kostik Belousov wrote:
>>>>
>>
> Could you, please, also recompile rtld with debugging symbols ?
>
> SIGILL might be generated by kernel when signal frame cannot be copied
> out to usermode stack. Check out the registers content and size of
> stack too.

Was this ever root caused?

Unless the fault address being reported is wrong I don't see why the
CALL fails.  Is there a way to dump the CS: selector values to make sure
the target address of the CALL is accessible that way?  How to tell if
that page is executable?

OF interest: I have two bootable disks at svn 200727 on this system and
the other doesn't crash here.  The other was installed at 8.0-RELEASE
and this one date from last summer, both upgraded to svn 200727 by
installworld etc.  However another system was originally installed a
year ago, likewise upgrades since to 200727, and does not fail like this:

bigback:/root# uname -a
FreeBSD bigback.housenet.jrv 9.0-CURRENT FreeBSD 9.0-CURRENT #0
r200727M: Wed Jan 20 12:28:18 UTC 2010    
root_at_bigback.housenet.jrv:/usr/obj/usr/src/sys/GENERIC  amd64
bigback:/root# gdb cvsup
GNU gdb 6.1.1 [FreeBSD]
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain
conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "amd64-marcel-freebsd"...(no debugging
symbols found)...
(gdb) run ports-supfile
Starting program: /usr/local/bin/cvsup ports-supfile
Connected to cvsup10.FreeBSD.org
Updating collection ports-all/cvs
 Edit ports/CHANGES

Program received signal SIGSEGV, Segmentation fault.
0x00000008009fef3b in tzload (name=0x800a2d8e1 "posixrules",
sp=0x7c0ed8, doextend=0) at /usr/src/lib/libc/stdtime/localtime.c:393
393        if (name != NULL && issetugid() != 0)
(gdb) x/i $pc
0x8009fef3b <tzload+75>:    callq  0x80095a5dc <_init+6196>
(gdb) x/20i tzload
0x8009feef0 <tzload>:    mov    %rbx,0xffffffffffffffd0(%rsp)
0x8009feef5 <tzload+5>:    mov    %r12,0xffffffffffffffe0(%rsp)
0x8009feefa <tzload+10>:    mov    %rdi,%rbx
0x8009feefd <tzload+13>:    mov    %r13,0xffffffffffffffe8(%rsp)
0x8009fef02 <tzload+18>:    mov    %r14,0xfffffffffffffff0(%rsp)
0x8009fef07 <tzload+23>:    mov    %rsi,%r12
0x8009fef0a <tzload+26>:    mov    %rbp,0xffffffffffffffd8(%rsp)
0x8009fef0f <tzload+31>:    mov    %r15,0xfffffffffffffff8(%rsp)
0x8009fef14 <tzload+36>:    sub    $0xeea8,%rsp
0x8009fef1b <tzload+43>:    mov    1364782(%rip),%r14        #
0x800b4c250 <__thr_jtable+90512>
0x8009fef22 <tzload+50>:    mov    %edx,%r13d
0x8009fef25 <tzload+53>:    mov    (%r14),%rax
0x8009fef28 <tzload+56>:    mov    %rax,0xee68(%rsp)
0x8009fef30 <tzload+64>:    xor    %eax,%eax
0x8009fef32 <tzload+66>:    test   %rdi,%rdi
0x8009fef35 <tzload+69>:    je     0x8009ff090 <tzload+416>
0x8009fef3b <tzload+75>:    callq  0x80095a5dc <_init+6196>
0x8009fef40 <tzload+80>:    test   %eax,%eax
0x8009fef42 <tzload+82>:    jne    0x8009ff062 <tzload+370>
0x8009fef48 <tzload+88>:    movzbl (%rbx),%ebp
(gdb) x/5i 0x80095a5dc
0x80095a5dc <_init+6196>:    jmpq   *2035238(%rip)        # 0x800b4b408
<__thr_jtable+86856>
0x80095a5e2 <_init+6202>:    pushq  $0x181
0x80095a5e7 <_init+6207>:    jmpq   0x800958dbc <_init+20>
0x80095a5ec <_init+6212>:    jmpq   *2035230(%rip)        # 0x800b4b410
<__thr_jtable+86864>
0x80095a5f2 <_init+6218>:    pushq  $0x182
(gdb) bt
#0  0x00000008009fef3b in tzload (name=0x800a2d8e1 "posixrules",
sp=0x7c0ed8, doextend=0) at /usr/src/lib/libc/stdtime/localtime.c:393
#1  0x00000008009fe9ce in tzparse (name=0x7b6ced "", sp=0x7c0ed8,
lastditch=Variable "lastditch" is not available.
) at /usr/src/lib/libc/stdtime/localtime.c:1002
#2  0x00000008009ff6a6 in tzload (name=Variable "name" is not available.
) at /usr/src/lib/libc/stdtime/localtime.c:579
#3  0x00000008009ff8b8 in gmtload (sp=0x800b601c0) at
/usr/src/lib/libc/stdtime/localtime.c:1197
#4  0x0000000800a02ca8 in _once (once_control=0x800b5ba00,
init_routine=Variable "init_routine" is not available.
) at /usr/src/lib/libc/gen/_once_stub.c:43
#5  0x00000008009fe64f in gmtsub (timep=0x7c5bb8, offset=0,
tmp=0x800b64a60) at /usr/src/lib/libc/stdtime/localtime.c:1489
#6  0x00000008009fff27 in gmtime (timep=0x7c5bb8) at
/usr/src/lib/libc/stdtime/localtime.c:1550
#7  0x00000000004a643a in calloc ()
#8  0x000000000043aec7 in ?? ()
#9  0x0000000000448eaa in ?? ()
#10 0x0000000000409ece in ?? ()
#11 0x00000000004191a4 in ?? ()
#12 0x0000000000417cbe in ?? ()
#13 0x000000000041529f in ?? ()
#14 0x0000000000414d7a in ?? ()
#15 0x000000000049f980 in calloc ()
#16 0x000000000048fa3d in fnmatch ()
#17 0x00007fffffffd3b8 in ?? ()
#18 0x00007fffffffe920 in ?? ()
#19 0x00007fffffffea10 in ?? ()
#20 0x00007fffffffe9f8 in ?? ()
#21 0x0000000000000000 in ?? ()
#22 0x0000000000000000 in ?? ()
#23 0x00001fa00000037f in ?? ()
#24 0x0000000000000000 in ?? ()
#25 0x00000000006476c0 in ?? ()
#26 0x00000000006476c0 in ?? ()
#27 0x0000000000494d89 in fnmatch ()
Previous frame inner to this frame (corrupt stack?)
(gdb) info all-reg
rax            0x0    0
rbx            0x800a2d8e1    34370410721
rcx            0xa7    167
rdx            0x0    0
rsi            0x7c0ed8    8130264
rdi            0x800a2d8e1    34370410721
rbp            0x7c0ed8    0x7c0ed8
rsp            0x7a7c68    0x7a7c68
r8             0x0    0
r9             0x0    0
r10            0x1f6    502
r11            0x682880    6826112
r12            0x7c0ed8    8130264
r13            0x0    0
r14            0x800b53920    34371615008
r15            0x7b6ce9    8088809
rip            0x8009fef3b    0x8009fef3b <tzload+75>
eflags         0x10206    66054
cs             0x43    67
ss             0x3b    59
ds             0x0    0
es             0x0    0
fs             0x0    0
gs             0x0    0
st0            0    (raw 0x00000000000000000000)
st1            0    (raw 0x00000000000000000000)
st2            0    (raw 0x00000000000000000000)
st3            0    (raw 0x00000000000000000000)
st4            0    (raw 0x00000000000000000000)
st5            0    (raw 0x00000000000000000000)
st6            104.4456787109375    (raw 0x4005d0e4300000000000)
st7            104.4456787109375    (raw 0x4005d0e4300000000000)
fctrl          0x37f    895
fstat          0x0    0
ftag           0xffff    65535
fiseg          0x43    67
fioff          0x99b58c    10073484
foseg          0x3b    59
fooff          0x7c59f0    8149488
fop            0x55c    1372
xmm0           {f = {0x0, 0x1, 0x0, 0x0}}    {f = {0, 1.75, 0, 0}}
xmm1           {f = {0x0, 0x0, 0x0, 0x0}}    {f = {0, 0, 0, 0}}
xmm2           {f = {0x0, 0x1, 0x0, 0x0}}    {f = {-1.81759241e-12,
1.70399642, 0, 0}}
xmm3           {f = {0x0, 0x0, 0x0, 0x0}}    {f = {0, 0, 0, 0}}
xmm4           {f = {0x0, 0x0, 0x0, 0x0}}    {f = {0, 0, 0, 0}}
xmm5           {f = {0x0, 0x0, 0x0, 0x0}}    {f = {0, 0, 0, 0}}
xmm6           {f = {0x0, 0x0, 0x0, 0x0}}    {f = {0, 0, 0, 0}}
xmm7           {f = {0x0, 0x0, 0x0, 0x0}}    {f = {0, 0, 0, 0}}
xmm8           {f = {0x0, 0x0, 0x0, 0x0}}    {f = {0, 0, 0, 0}}
xmm9           {f = {0x0, 0x0, 0x0, 0x0}}    {f = {0, 0, 0, 0}}
xmm10          {f = {0x0, 0x0, 0x0, 0x0}}    {f = {0, 0, 0, 0}}
xmm11          {f = {0x0, 0x0, 0x0, 0x0}}    {f = {0, 0, 0, 0}}
xmm12          {f = {0x0, 0x0, 0x0, 0x0}}    {f = {0, 0, 0, 0}}
xmm13          {f = {0x0, 0x0, 0x0, 0x0}}    {f = {0, 0, 0, 0}}
xmm14          {f = {0x0, 0x0, 0x0, 0x0}}    {f = {0, 0, 0, 0}}
xmm15          {f = {0x0, 0x0, 0x0, 0x0}}    {f = {0, 0, 0, 0}}
mxcsr          0x1fa0    8096
(gdb)
Received on Thu Jan 21 2010 - 08:43:42 UTC

This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:40:00 UTC