Subject: kern/22490: with options DEBUG, any sa-pthreads program immediately panics/hangs the box
To: None <gnats-bugs@gnats.netbsd.org>
From: None <dogcow@babymeat.com>
List: netbsd-bugs
Date: 08/15/2003 01:31:20
>Number:         22490
>Category:       kern
>Synopsis:       with options DEBUG, any sa-pthreads program immediately panics/hangs the box
>Confidential:   no
>Severity:       serious
>Priority:       high
>Responsible:    kern-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Fri Aug 15 08:32:00 UTC 2003
>Closed-Date:
>Last-Modified:
>Originator:     Tom Spindler
>Release:        NetBSD 1.6W
>Organization:
	
>Environment:
	
	
System: NetBSD beefcake.babymeat.com 1.6W NetBSD 1.6W (DEBUGBEEFCAKE) #33: Fri Aug 15 00:31:09 PDT 2003 dogcow@beefcake.babymeat.com:/usr/src/sys/arch/i386/compile/DEBUGBEEFCAKE i386
Architecture: i386
Machine: i386
>Description:
if a kernel has 'options DEBUG' in it, any pthreads-using program will
immediately generate a "not enough stacks" message and the box will panic.
	
>How-To-Repeat:
(boot with options DEBUG kernel)
cat > die.c<<EOF
#include <pthread.h>
void* func(void *arg) { return arg; }
int main(void) { pthread_t tid; return pthread_create (&tid, 0, func, 0) == 0 ? 
0 : 1; }
EOF
gcc -pthread -o die die.c -lpthread; ./die
	
here's the die.c core:
(gdb) bt
#0  0xbdbe87b2 in _setcontext_u_xmm () from /usr/lib/libpthread.so.0
#1  0xbdbe1713 in pthread__switch () from /usr/lib/libpthread.so.0
#2  0xbdbe3e7a in pthread__resolve_locks () from /usr/lib/libpthread.so.0
#3  0xbdbe3360 in pthread__upcall () from /usr/lib/libpthread.so.0
and the kernel traceback:
#0  0x1 in ?? ()
#1  0xc022c757 in cpu_reboot (howto=256, bootstr=0x0)
    at ../../../../arch/i386/i386/machdep.c:883
#2  0xc01d0a7f in panic () at ../../../../kern/subr_prf.c:242
#3  0xc029149f in __assert () at ../../../../../../lib/libkern/__assert.c:47
#4  0xc01bf61b in sa_upcall_userret (l=0xd374db80)
    at ../../../../kern/kern_sa.c:898
#5  0xc0234bdc in trap (frame={tf_gs = -65493, tf_fs = -1078198229, 
      tf_es = 43, tf_ds = -1111621589, tf_edi = -1, tf_esi = -1078198272, 
      tf_ebp = 0, tf_ebx = -1111574452, tf_edx = 0, tf_ecx = -1111701468, 
      tf_eax = 330, tf_trapno = 6, tf_err = 4, tf_eip = -1111608716, 
      tf_cs = 35, tf_eflags = 66199, tf_esp = -1114899264, tf_ss = 43, 
      tf_vm86_es = 0, tf_vm86_ds = 0, tf_vm86_fs = 0, tf_vm86_gs = 0})
    at machine/userret.h:96
#4  0xc01bf61b in sa_upcall_userret (l=0xd374db80)
    at ../../../../kern/kern_sa.c:898
898                     KDASSERT(sa->sa_nstacks > 0);
(gdb) print sa
$1 = (struct sadata *) 0xd39c2000
(gdb) print *sa
$2 = {sa_lock = {lock_data = 0}, sa_flag = 0, sa_upcall = 0xbdbe3274, 
  sa_vp = 0xd374dc00, sa_old_lwp = 0xd374dc80, sa_vp_wait_count = 10, 
  sa_woken = 0xd374dc00, sa_idle = 0x0, sa_concurrency = 1, sa_lwpcache = {
    lh_first = 0x0}, sa_ncached = 0, sa_stacks = 0xc088bc00, sa_nstacks = 0, 
  sa_upcalls = {sqh_first = 0x0, sqh_last = 0xd39c2034}}
(gdb) up
#5  0xc0234bdc in trap (frame={tf_gs = -65493, tf_fs = -1078198229, 
      tf_es = 43, tf_ds = -1111621589, tf_edi = -1, tf_esi = -1078198272, 
      tf_ebp = 0, tf_ebx = -1111574452, tf_edx = 0, tf_ecx = -1111701468, 
      tf_eax = 330, tf_trapno = 6, tf_err = 4, tf_eip = -1111608716, 
      tf_cs = 35, tf_eflags = 66199, tf_esp = -1114899264, tf_ss = 43, 
      tf_vm86_es = 0, tf_vm86_ds = 0, tf_vm86_fs = 0, tf_vm86_gs = 0})
    at machine/userret.h:96
96                      sa_upcall_userret(l);
(gdb) print l
$3 = (struct lwp *) 0xd374db80
(gdb) print *l
$4 = {l_forw = 0xd374db00, l_back = 0x0, l_list = {le_next = 0xd374db00, 
    le_prev = 0xd374dc08}, l_zlist = {le_next = 0x0, le_prev = 0x0}, 
  l_proc = 0xd3776694, l_sibling = {le_next = 0xd374db00, 
    le_prev = 0xd374dc1c}, l_cpu = 0xc030d820, l_flag = 6291460, l_stat = 7, 
  l_lid = 11, l_swtime = 0, l_slptime = 0, l_wchan = 0x0, l_tsleep_ch = {
    c_list = {cq_next = 0x0, cq_prev = 0x0}, c_func = 0, c_arg = 0x0, 
    c_time = 0, c_flags = 0}, l_wmesg = 0xc02b86a3 "sa processor", 
  l_holdcnt = 0, l_ctxlink = 0x0, l_priority = 32 ' ', l_usrpri = 54 '6', 
  l_private = 0x0, l_locks = 0, l_addr = 0xd39dc000, l_md = {
    md_regs = 0xd39dffa8, md_flags = 1, md_tss_sel = 352}}
>Fix:
	
workaround: don't use options DEBUG. ASSERTs are for the weak.
>Release-Note:
>Audit-Trail:
>Unformatted: