Re: sporadic core dumps in 12.0-RELEASE

2018-12-18 Thread Konstantin Belousov 
On Tue, Dec 18, 2018 at 07:34:33AM -0800, Chuck Tuffli wrote:
> Hi
> 
> When running 12.0-RELEASE in bhyve, nvmecontrol will core dump sporadically
> in rtld. This is repeatable, but doesn't happen every time. Peeking at
> rlock_acquire(), the function checks for a NULL lockstate and then
> dereferences the lock. The backtrace (below) suggests the lock is NULL but
> the lockstate pointer is not. Does anyone know if this is expected, weird,
> etc.?
This is very weird.  If you look at the frame #1, you would see that
rlock_acquire() is called for the rtld_bind_lock, which should point
to rtld_locks[0].

> 
> root@freebsd:~ # uname -a
> FreeBSD freebsd 12.0-RELEASE FreeBSD 12.0-RELEASE r341666 GENERIC  amd64
> root@freebsd:~ # /usr/libexec/gdb -q /sbin/nvmecontrol nvmecontrol.core
> Core was generated by `nvmecontrol identify nvme0'.
> Program terminated with signal 11, Segmentation fault.
> Reading symbols from /lib/libc.so.7...Reading symbols from
> /usr/lib/debug//lib/libc.so.7.debug...done.
> done.
> Loaded symbols for /lib/libc.so.7
> Reading symbols from /libexec/ld-elf.so.1...Reading symbols from
> /usr/lib/debug//libexec/ld-e
> lf.so.1.debug...done.
> done.
> Loaded symbols for /libexec/ld-elf.so.1
> #0  rlock_acquire (lock=0x0, lockstate=0x7fffd9b8)
> at /usr/src/libexec/rtld-elf/rtld_lock.c:203
> 203 /usr/src/libexec/rtld-elf/rtld_lock.c: No such file or directory.
> in /usr/src/libexec/rtld-elf/rtld_lock.c
> (gdb) bt
> #0  rlock_acquire (lock=0x0, lockstate=0x7fffd9b8)
> at /usr/src/libexec/rtld-elf/rtld_lock.c:203
> #1  0x00080021a2fd in _rtld_bind (obj=0x800236000, reloff=528)
> at /usr/src/libexec/rtld-elf/rtld.c:790
> #2  0x00080021704d in _rtld_bind_start ()
> at /usr/src/libexec/rtld-elf/amd64/rtld_start.S:121
> #3  0x002087de in identify_ctrlr (argc=2, argv=0x7fffebd0)
> at /usr/src/sbin/nvmecontrol/identify.c:183
> #4  0x002086e0 in identify (argc=2, argv=0x7fffebd0)
> at /usr/src/sbin/nvmecontrol/identify.c:292
> #5  0x00207935 in main (argc=, argv= optimized out>)
> at /usr/src/sbin/nvmecontrol/nvmecontrol.c:89
> #6  0x0020711b in _start (ap=, cleanup= optimized out>)
> at /usr/src/lib/csu/amd64/crt1.c:76
> #7  0x000800236000 in ?? ()
> #8  0x in ?? ()
> Current language:  auto; currently minimal
> (gdb) p *lockstate
> $1 = {lockstate = 0, env = 0x7fffd9c0}
> (gdb)
> 
> --chuck
> ___
> freebsd-stable@freebsd.org mailing list
> https://lists.freebsd.org/mailman/listinfo/freebsd-stable
> To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"
___
freebsd-stable@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

sporadic core dumps in 12.0-RELEASE

2018-12-18 Thread Chuck Tuffli 
Hi

When running 12.0-RELEASE in bhyve, nvmecontrol will core dump sporadically
in rtld. This is repeatable, but doesn't happen every time. Peeking at
rlock_acquire(), the function checks for a NULL lockstate and then
dereferences the lock. The backtrace (below) suggests the lock is NULL but
the lockstate pointer is not. Does anyone know if this is expected, weird,
etc.?

root@freebsd:~ # uname -a
FreeBSD freebsd 12.0-RELEASE FreeBSD 12.0-RELEASE r341666 GENERIC  amd64
root@freebsd:~ # /usr/libexec/gdb -q /sbin/nvmecontrol nvmecontrol.core
Core was generated by `nvmecontrol identify nvme0'.
Program terminated with signal 11, Segmentation fault.
Reading symbols from /lib/libc.so.7...Reading symbols from
/usr/lib/debug//lib/libc.so.7.debug...done.
done.
Loaded symbols for /lib/libc.so.7
Reading symbols from /libexec/ld-elf.so.1...Reading symbols from
/usr/lib/debug//libexec/ld-e
lf.so.1.debug...done.
done.
Loaded symbols for /libexec/ld-elf.so.1
#0  rlock_acquire (lock=0x0, lockstate=0x7fffd9b8)
at /usr/src/libexec/rtld-elf/rtld_lock.c:203
203 /usr/src/libexec/rtld-elf/rtld_lock.c: No such file or directory.
in /usr/src/libexec/rtld-elf/rtld_lock.c
(gdb) bt
#0  rlock_acquire (lock=0x0, lockstate=0x7fffd9b8)
at /usr/src/libexec/rtld-elf/rtld_lock.c:203
#1  0x00080021a2fd in _rtld_bind (obj=0x800236000, reloff=528)
at /usr/src/libexec/rtld-elf/rtld.c:790
#2  0x00080021704d in _rtld_bind_start ()
at /usr/src/libexec/rtld-elf/amd64/rtld_start.S:121
#3  0x002087de in identify_ctrlr (argc=2, argv=0x7fffebd0)
at /usr/src/sbin/nvmecontrol/identify.c:183
#4  0x002086e0 in identify (argc=2, argv=0x7fffebd0)
at /usr/src/sbin/nvmecontrol/identify.c:292
#5  0x00207935 in main (argc=, argv=)
at /usr/src/sbin/nvmecontrol/nvmecontrol.c:89
#6  0x0020711b in _start (ap=, cleanup=)
at /usr/src/lib/csu/amd64/crt1.c:76
#7  0x000800236000 in ?? ()
#8  0x in ?? ()
Current language:  auto; currently minimal
(gdb) p *lockstate
$1 = {lockstate = 0, env = 0x7fffd9c0}
(gdb)

--chuck
___
freebsd-stable@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"