[haiku-bugs] [Haiku] #5271: [BeShare] crash on exit
- From: "korli" <trac@xxxxxxxxxxxx>
- Date: Sat, 16 Jan 2010 14:32:29 -0000
#5271: [BeShare] crash on exit
-------------------------------+--------------------------------------------
Reporter: korli | Owner: axeld
Type: bug | Status: new
Priority: high | Milestone: R1
Component: System/libroot.so | Version: R1/alpha1
Keywords: | Blockedby:
Platform: All | Blocking:
-------------------------------+--------------------------------------------
Tested on Haiku from 2010, 7th January with
http://www.bebits.com/bob/19533/BeShare2.28.zip
It seems like the function _thread_do_exit_notification() is called two
times. Here both calls stacktraces:
{{{
#0 0xffff0114 in ?? ()
#1 0x006a52fe in debugger () from /boot/system/lib/libroot.so
#2 0x0065634e in __net_data_destroy () from
/boot/system/lib/libnetwork.so
#3 0x006b79d1 in __pthread_key_call_destructors ()
from /boot/system/lib/libroot.so
#4 0x006b6c88 in __pthread_destroy_thread () from
/boot/system/lib/libroot.so
#5 0x006a9af8 in _thread_do_exit_notification ()
from /boot/system/lib/libroot.so
#6 0x00281a7c in _start ()
#7 0x00105bb6 in runtime_loader () from /boot/system/runtime_loader
#8 0x7ffeefec in ?? ()
}}}
and
{{{
#0 0xffff0114 in ?? ()
#1 0x006a52fe in debugger () from /boot/system/lib/libroot.so
#2 0x0065634e in __net_data_destroy () from
/boot/system/lib/libnetwork.so
#3 0x006b79d1 in __pthread_key_call_destructors ()
from /boot/system/lib/libroot.so
#4 0x006b6c88 in __pthread_destroy_thread () from
/boot/system/lib/libroot.so
#5 0x006a9af8 in _thread_do_exit_notification ()
from /boot/system/lib/libroot.so
#6 0x0070fd86 in exit () from /boot/system/lib/libroot.so
#7 0x00281a82 in _start ()
#8 0x00105bb6 in runtime_loader () from /boot/system/runtime_loader
#9 0x7ffeefec in ?? ()
}}}
Here is the _start function from BeShare.x86 executable.
{{{
00081a14 <_start>:
81a14: 55 push %ebp
81a15: 89 e5 mov %esp,%ebp
81a17: 57 push %edi
81a18: 56 push %esi
81a19: 53 push %ebx
81a1a: e8 00 00 00 00 call 81a1f <_start+0xb>
81a1f: 5b pop %ebx
81a20: 81 c3 e1 0f 13 00 add $0x130fe1,%ebx
81a26: 8b 7d 0c mov 0xc(%ebp),%edi
81a29: 8b 75 10 mov 0x10(%ebp),%esi
81a2c: 8b 83 8c 0d 00 00 mov 0xd8c(%ebx),%eax
81a32: 89 38 mov %edi,(%eax)
81a34: 8b 83 80 0c 00 00 mov 0xc80(%ebx),%eax
81a3a: 89 30 mov %esi,(%eax)
81a3c: 85 f6 test %esi,%esi
81a3e: 75 0a jne 81a4a <_start+0x36>
81a40: 89 da mov %ebx,%edx
81a42: 81 c2 48 10 ff ff add $0xffff1048,%edx
81a48: 89 10 mov %edx,(%eax)
81a4a: 64 a1 04 00 00 00 mov %fs:0x4,%eax
81a50: 89 c2 mov %eax,%edx
81a52: 8b 83 a4 0a 00 00 mov 0xaa4(%ebx),%eax
81a58: 89 10 mov %edx,(%eax)
81a5a: 56 push %esi
81a5b: 57 push %edi
81a5c: 8b 55 08 mov 0x8(%ebp),%edx
81a5f: 52 push %edx
81a60: e8 37 f1 ff ff call 80b9c
<_init_c_library_@plt>
81a65: e8 92 e7 ff ff call 801fc
<_call_init_routines_@plt>
81a6a: 56 push %esi
81a6b: 57 push %edi
81a6c: 8b 45 08 mov 0x8(%ebp),%eax
81a6f: 50 push %eax
81a70: e8 b3 57 09 00 call 117228 <main>
81a75: 89 c6 mov %eax,%esi
81a77: e8 c0 e4 ff ff call 7ff3c
<_thread_do_exit_notification@plt>
81a7c: 56 push %esi
81a7d: e8 0a fa ff ff call 8148c <exit@plt>
81a82: 90 nop
81a83: 90 nop
}}}
It seems to me that _start here calls _thread_do_exit_notification()
itself as does exit() later.
For a native Haiku executable, we have this _start function:
{{{
00007d44 <_start>:
7d44: 55 push %ebp
7d45: 89 e5 mov %esp,%ebp
7d47: 83 ec 0c sub $0xc,%esp
7d4a: 57 push %edi
7d4b: 56 push %esi
7d4c: 53 push %ebx
7d4d: e8 00 00 00 00 call 7d52 <_start+0xe>
7d52: 5b pop %ebx
7d53: 81 c3 ea 7b 00 00 add $0x7bea,%ebx
7d59: 8b 75 0c mov 0xc(%ebp),%esi
7d5c: 8b 7d 10 mov 0x10(%ebp),%edi
7d5f: 8b 83 3c 03 00 00 mov 0x33c(%ebx),%eax
7d65: 89 30 mov %esi,(%eax)
7d67: 83 c4 f4 add $0xfffffff4,%esp
7d6a: 6a 00 push $0x0
7d6c: e8 cf f6 ff ff call 7440 <find_thread@plt>
7d71: 89 c2 mov %eax,%edx
7d73: 8b 83 18 03 00 00 mov 0x318(%ebx),%eax
7d79: 89 10 mov %edx,(%eax)
7d7b: 83 c4 fc add $0xfffffffc,%esp
7d7e: 57 push %edi
7d7f: 56 push %esi
7d80: 8b 45 08 mov 0x8(%ebp),%eax
7d83: 50 push %eax
7d84: e8 07 fa ff ff call 7790 <_init_c_library_@plt>
7d89: 83 c4 20 add $0x20,%esp
7d8c: e8 ef f5 ff ff call 7380
<_call_init_routines_@plt>
7d91: 83 c4 fc add $0xfffffffc,%esp
7d94: 57 push %edi
7d95: 56 push %esi
7d96: 8b 45 08 mov 0x8(%ebp),%eax
7d99: 50 push %eax
7d9a: e8 31 01 00 00 call 7ed0 <main>
7d9f: 83 c4 f4 add $0xfffffff4,%esp
7da2: 50 push %eax
7da3: e8 e8 fc ff ff call 7a90 <exit@plt>
7da8: 31 c0 xor %eax,%eax
7daa: 8d 65 e8 lea 0xffffffe8(%ebp),%esp
7dad: 5b pop %ebx
7dae: 5e pop %esi
7daf: 5f pop %edi
7db0: 89 ec mov %ebp,%esp
7db2: 5d pop %ebp
7db3: c3 ret
}}}
We do have a compatibility problem here.
--
Ticket URL: <http://dev.haiku-os.org/ticket/5271>
Haiku <http://dev.haiku-os.org>
Haiku - the operating system.
Other related posts:
