[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [BUG] tst-sem5 fails with a segfault



Dear Sirs,

    Sorry about posting this in two parts but I was unsure if I could
get a backtrace.

I made a chroot directory with the nptl libc librarys, gdb and the test
binaries, modified so they didn't fork.

After running the test I got the following in the chroot, see spam at
the end of the email.

The line it segfaults on in
sysdeps/unix/sysv/linux/i386/i486/lowlevelsem.S is:
 
        addl    $_GLOBAL_OFFSET_TABLE_, %ebx
        movl    %gs:0, %edx
        subl    errno gottpoff(%ebx), %edx
        movl    %eax, (%edx)  <-------- This line dies
        orl     $-1, %eax
The objdump -d code from libpthread.so is:

    7c16:       81 c3 2e 15 00 00       add    $0x152e,%ebx
    7c1c:       65 8b 15 00 00 00 00    mov    %gs:0x0,%edx
    7c23:       2b 93 74 01 00 00       sub    0x174(%ebx),%edx
    7c29:       89 02                   mov    %eax,(%edx)
    7c2b:       83 c8 ff                or     $0xffffffff,%eax

for the above section, see below for gdb output, includes register dump.

So something is wrong with either my binutils or libpthread.so, good
luck.

As said before  gcc = 3.2
		binutils = 2.13.90.0.4 ( unpatched )
		kernel = 2.5.41
		CPU = athlon-xp

	Stefan Jones

GDB spam / output:

$ ./gdb tst-sem5
GNU gdb 5.2.1
Copyright 2002 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "i686-pc-linux-gnu"...
(gdb) run
Starting program: /tst-sem5

Program received signal SIGSEGV, Segmentation fault.
0x4001fc29 in __lll_sem_timedwait () from /lib/libpthread.so.0
(gdb) disassemble
Dump of assembler code for function __lll_sem_timedwait:
0x4001fb90 <__lll_sem_timedwait>:       push   %ebx
0x4001fb91 <__lll_sem_timedwait+1>:     push   %esi
0x4001fb92 <__lll_sem_timedwait+2>:     push   %edi
0x4001fb93 <__lll_sem_timedwait+3>:     push   %ebp
0x4001fb94 <__lll_sem_timedwait+4>:     sub    $0x8,%esp
0x4001fb97 <__lll_sem_timedwait+7>:     mov    %eax,%ebp
0x4001fb99 <__lll_sem_timedwait+9>:     mov    %edx,%edi
0x4001fb9b <__lll_sem_timedwait+11>:    mov    %esp,%esi
0x4001fb9d <__lll_sem_timedwait+13>:    incl   0x8(%ebp)
0x4001fba0 <__lll_sem_timedwait+16>:    lock incl 0x0(%ebp)
0x4001fba4 <__lll_sem_timedwait+20>:
    jle    0x4001fc36 <__lll_sem_timedwait+166>
0x4001fbaa <__lll_sem_timedwait+26>:    xor    %ecx,%ecx
0x4001fbac <__lll_sem_timedwait+28>:    mov    %esp,%ebx
0x4001fbae <__lll_sem_timedwait+30>:    mov    $0x4e,%eax
0x4001fbb3 <__lll_sem_timedwait+35>:    int    $0x80
0x4001fbb5 <__lll_sem_timedwait+37>:    mov    0x4(%esp,1),%eax
0x4001fbb9 <__lll_sem_timedwait+41>:    mov    $0x3e8,%edx
0x4001fbbe <__lll_sem_timedwait+46>:    mul    %edx
0x4001fbc0 <__lll_sem_timedwait+48>:    mov    (%edi),%ecx
0x4001fbc2 <__lll_sem_timedwait+50>:    mov    0x4(%edi),%edx
0x4001fbc5 <__lll_sem_timedwait+53>:    sub    (%esp,1),%ecx
0x4001fbc8 <__lll_sem_timedwait+56>:    sub    %eax,%edx
0x4001fbca <__lll_sem_timedwait+58>:
    jns    0x4001fbd3 <__lll_sem_timedwait+67>
0x4001fbcc <__lll_sem_timedwait+60>:    add    $0x3b9aca00,%edx
0x4001fbd2 <__lll_sem_timedwait+66>:    dec    %ecx
0x4001fbd3 <__lll_sem_timedwait+67>:    test   %ecx,%ecx
0x4001fbd5 <__lll_sem_timedwait+69>:
    js     0x4001fc4b <__lll_sem_timedwait+187>
0x4001fbd7 <__lll_sem_timedwait+71>:    mov    %ecx,(%esp,1)
0x4001fbda <__lll_sem_timedwait+74>:    mov    %edx,0x4(%esp,1)
0x4001fbde <__lll_sem_timedwait+78>:    lea    0x4(%ebp),%ebx
0x4001fbe1 <__lll_sem_timedwait+81>:    xor    %ecx,%ecx
0x4001fbe3 <__lll_sem_timedwait+83>:    mov    $0xf0,%eax
0x4001fbe8 <__lll_sem_timedwait+88>:    xor    %edx,%edx
0x4001fbea <__lll_sem_timedwait+90>:    int    $0x80
0x4001fbec <__lll_sem_timedwait+92>:    mov    %eax,%edx
0x4001fbee <__lll_sem_timedwait+94>:    or     $0xffffffff,%eax
0x4001fbf1 <__lll_sem_timedwait+97>:    lock xadd %eax,0x0(%ebp)
0x4001fbf6 <__lll_sem_timedwait+102>:
    jne    0x4001fc42 <__lll_sem_timedwait+178>
0x4001fbf8 <__lll_sem_timedwait+104>:   decl   0x8(%ebp)
0x4001fbfb <__lll_sem_timedwait+107>:   xor    %eax,%eax
0x4001fbfd <__lll_sem_timedwait+109>:   cmpl   $0x0,(%ebx)
0x4001fc00 <__lll_sem_timedwait+112>:
    jne,pt 0x4001fc2e <__lll_sem_timedwait+158>
0x4001fc03 <__lll_sem_timedwait+115>:   cmp    $0xfffffffc,%edx
0x4001fc06 <__lll_sem_timedwait+118>:
    je,pn  0x4001fc0f <__lll_sem_timedwait+127>
0x4001fc09 <__lll_sem_timedwait+121>:   cmp    $0xffffff92,%edx
0x4001fc0c <__lll_sem_timedwait+124>:
    jne,pn 0x4001fb9d <__lll_sem_timedwait+13>
0x4001fc0f <__lll_sem_timedwait+127>:   sub    %edx,%eax
0x4001fc11 <__lll_sem_timedwait+129>:
    call   0x4001fc52 <__i686.get_pc_thunk.bx>
0x4001fc16 <__lll_sem_timedwait+134>:   add    $0x152e,%ebx
0x4001fc1c <__lll_sem_timedwait+140>:   mov    %gs:0x0,%edx
0x4001fc23 <__lll_sem_timedwait+147>:   sub    0x174(%ebx),%edx
0x4001fc29 <__lll_sem_timedwait+153>:   mov    %eax,(%edx)
0x4001fc2b <__lll_sem_timedwait+155>:   or     $0xffffffff,%eax
0x4001fc2e <__lll_sem_timedwait+158>:   add    $0x8,%esp
0x4001fc31 <__lll_sem_timedwait+161>:   pop    %ebp
0x4001fc32 <__lll_sem_timedwait+162>:   pop    %edi
0x4001fc33 <__lll_sem_timedwait+163>:   pop    %esi
0x4001fc34 <__lll_sem_timedwait+164>:   pop    %ebx
0x4001fc35 <__lll_sem_timedwait+165>:   ret
0x4001fc36 <__lll_sem_timedwait+166>:   mov    %ebp,%eax
0x4001fc38 <__lll_sem_timedwait+168>:   call   0x4001f3f2 <__lll_unlock_wake>
0x4001fc3d <__lll_sem_timedwait+173>:
    jmp    0x4001fbaa <__lll_sem_timedwait+26>
0x4001fc42 <__lll_sem_timedwait+178>:   mov    %ebp,%ecx
0x4001fc44 <__lll_sem_timedwait+180>:   call   0x4001f3b0 <__lll_lock_wait>
0x4001fc49 <__lll_sem_timedwait+185>:
    jmp    0x4001fbf8 <__lll_sem_timedwait+104>
0x4001fc4b <__lll_sem_timedwait+187>:   mov    $0x6e,%eax
0x4001fc50 <__lll_sem_timedwait+192>:
    jmp    0x4001fc11 <__lll_sem_timedwait+129>
End of assembler dump.
(gdb) info registers
eax            0x6e     110
ecx            0x0      0
edx            0x40139200       1075024384
ebx            0x40021144       1073877316
esp            0xbffff944       0xbffff944
ebp            0xbffff990       0xbffff990
esi            0xbffff944       -1073743548
edi            0xbffff980       -1073743488
eip            0x4001fc29       0x4001fc29
eflags         0x10207  66055
cs             0x23     35
ss             0x2b     43
ds             0x2b     43
es             0x2b     43
fs             0x0      0
gs             0x43     67
fctrl          0x37f    895
fstat          0x0      0
ftag           0xffff   65535
fiseg          0x0      0
fioff          0x0      0
foseg          0x0      0
fooff          0x0      0
fop            0x0      0
xmm0           {f = {0x0, 0x0, 0x0, 0x0}}       {f = {0, 0, 0, 0}}
xmm1           {f = {0x0, 0x0, 0x0, 0x0}}       {f = {0, 0, 0, 0}}
xmm2           {f = {0x0, 0x0, 0x0, 0x0}}       {f = {0, 0, 0, 0}}
xmm3           {f = {0x0, 0x0, 0x0, 0x0}}       {f = {0, 0, 0, 0}}
xmm4           {f = {0x0, 0x0, 0x0, 0x0}}       {f = {0, 0, 0, 0}}
xmm5           {f = {0x0, 0x0, 0x0, 0x0}}       {f = {0, 0, 0, 0}}
xmm6           {f = {0x0, 0x0, 0x0, 0x0}}       {f = {0, 0, 0, 0}}
xmm7           {f = {0x0, 0x0, 0x0, 0x0}}       {f = {0, 0, 0, 0}}
mxcsr          0x1f80   8064
orig_eax       0xffffffff       -1





[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]