OpenSolaris

Printable Version Enter a New Search
Bug ID 6398585
Synopsis wbem: /usr/sadm/lib/wbem/rds got SIGSEGV in wr_error()
State 11-Closed:Verified (Closed)
Category:Subcategory wbem:performance_provider
Keywords SEGV | rds | rtiq_reviewed | wr_error
Responsible Engineer Sindhu Pv
Reported Against s10 , s10u1_01
Duplicate Of
Introduced In solaris_10
Commit to Fix s10u7_01
Fixed In s10u7_01
Release Fixed solaris_10u7(s10u7_01) , solaris_nevada(snv_86) (Bug ID:2157123)
Related Bugs 4897493
Submit Date 15-March-2006
Last Update Date 5-December-2008
Description 
/usr/sadm/lib/wbem/rds could dump core in wr_error() with the following stack trace.

bash-3.00# pldd core
core '/core' of 4356:   /usr/sadm/lib/wbem/rds -a -t 30000 -i 1000 -f /var/run/rds_db -m -L /v
...

bash-3.00# dbx -f rds core
...
t@1 (l@1) terminated by signal KILL (Killed)
0xffffffff7f2cd394: ___nanosleep+0x0008:        bcc,a,pt  %icc,___nanosleep+0x18        ! 0xffffffff7f2cd3a4
(dbx) where
current thread: t@1
=>[1] ___nanosleep(0x4, 0xffffffff7ffff330, 0xffffffff7f3eef40, 0x100003e84, 0xffffffff7f402000, 0x0), at 0xffffffff7f2cd394 
  [2] _sleep(0x1, 0x3, 0x0, 0x0, 0xffffffff7f402000, 0x1), at 0xffffffff7f2bf758 
  [3] 0x100003e84(0x100003000, 0x100003, 0x1, 0x10010bcb8, 0x10010ad08, 0x10010acd0), at 0x100003e84 
  [4] main(0x100003, 0x100003, 0x100000, 0x100000, 0x1, 0x10010b), at 0x100004360 
(dbx) threads
 >    t@1  a  l@1   ?()   LWP suspended in  ___nanosleep() 
o     t@2  a  l@2   ?()   signal SIGSEGV in  wr_error() 
      t@3  a  l@3   ?()   LWP suspended in  __pollsys() 
(dbx) thread t@2
t@2 (l@2) stopped in wr_error at 0x1000080e0
0x00000001000080e0: wr_error+0x0070:    ldsb     [%i5 + %i0], %o3
(dbx) where -l -h
current thread: t@2
=>[1] rds:wr_error(0x100117960, 0xfffffffffffffffc, 0x10010c, 0x10010c6f8, 0x10010c, 0xffffffffffff269f), at 0x1000080e0 
  [2] 0x100002854(0x10010b740, 0x10010b, 0x100117000, 0x10010ad04, 0x100116, 0x100117), at 0x100002854 
  [3] 0x100002994(0x10010b880, 0x0, 0x100000, 0x10010ad0c, 0x10010a000, 0x10010a), at 0x100002994 
  [4] 0x100002d7c(0x67adb, 0x1, 0x100116d7c, 0x10010aca4, 0x10, 0x10010b8a8), at 0x100002d7c 
(dbx) dis wr_error,wr_error+0x80
dbx: warning: unknown language, 'c' assumed
0x0000000100008070: wr_error       :    save     %sp, -176, %sp
0x0000000100008074: wr_error+0x0004:    sethi    %hi(0x100000), %i5
0x0000000100008078: wr_error+0x0008:    or       %i5, 0x000000000000010c, %i4   ! 0x10010c
0x000000010000807c: wr_error+0x000c:    sllx     %i4, 12, %i3
0x0000000100008080: wr_error+0x0010:    inc      1784, %i3
0x0000000100008084: wr_error+0x0014:    call     strlen [PLT]   ! 0x10010a7a0
0x0000000100008088: wr_error+0x0018:    add      %i3, 1, %o0
0x000000010000808c: wr_error+0x001c:    mov      %o0, %i5
0x0000000100008090: wr_error+0x0020:    call     strlen [PLT]   ! 0x10010a7a0
0x0000000100008094: wr_error+0x0024:    mov      %i0, %o0
0x0000000100008098: wr_error+0x0028:    neg      %i5, %i1
0x000000010000809c: wr_error+0x002c:    add      %i1, 80, %l7
0x00000001000080a0: wr_error+0x0030:    cmp      %o0, %l7
0x00000001000080a4: wr_error+0x0034:    bleu,pn  %xcc,wr_error+0x54     ! 0x1000080c4
0x00000001000080a8: wr_error+0x0038:    neg      %i5, %o1
0x00000001000080ac: wr_error+0x003c:    add      %i0, %o1, %g5
0x00000001000080b0: wr_error+0x0040:    mov      46, %o0
0x00000001000080b4: wr_error+0x0044:    stb      %o0, [%g5 + 76]
0x00000001000080b8: wr_error+0x0048:    stb      %o0, [%g5 + 77]
0x00000001000080bc: wr_error+0x004c:    stb      %o0, [%g5 + 78]
0x00000001000080c0: wr_error+0x0050:    clrb     [%g5 + 79]
0x00000001000080c4: wr_error+0x0054:    call     strlen [PLT]   ! 0x10010a7a0
0x00000001000080c8: wr_error+0x0058:    mov      %i0, %o0
0x00000001000080cc: wr_error+0x005c:    sub      %o0, 1, %i5
0x00000001000080d0: wr_error+0x0060:    mov      32, %o2
0x00000001000080d4: wr_error+0x0064:    cmp      %i5, 0
0x00000001000080d8: wr_error+0x0068:    bleu,pn  %xcc,wr_error+0x8c     ! 0x1000080fc
0x00000001000080dc: wr_error+0x006c:    dec      %i5
0x00000001000080e0: wr_error+0x0070:    ldsb     [%i5 + %i0], %o3     <================== SEGV happened here.
0x00000001000080e4: wr_error+0x0074:    cmp      %o3, 10
0x00000001000080e8: wr_error+0x0078:    bne,pn   %icc,wr_error+0x68     ! 0x1000080d8
0x00000001000080ec: wr_error+0x007c:    cmp      %i5, 0
0x00000001000080f0: wr_error+0x0080:    stb      %o2, [%i0 + %i5]
(dbx) regs
current thread: t@2
current frame:  [1]
g0-g1    0x0000000000000000 0xfffffffffefefeff
g2-g3    0x0000000000001235 0x0000000100009000
g4-g5    0xffffffff7f3effc4 0x0000000080dc6400
g6-g7    0x0000000000000000 0xffffffff7f402400
o0-o1    0x0000000000000000 0x0000000000000000
o2-o3    0x0000000000000020 0x0000000000000000
o4-o5    0x0000000000ff0000 0x0000000080808080
o6-o7    0xffffffff7edf9301 0x00000001000080c4
l0-l1    0x0000000000039f21 0x0000000000039ef4
l2-l3    0x000000010010a000 0x000000000010010a
l4-l5    0x0000000000100000 0x00000000015d1d1f
l6-l7    0x00000000000022e8 0x000000000000004c
i0-i1    0x0000000100117960 0xfffffffffffffffc
         ^^^^^^^^^^^^^^^^^^
i2-i3    0x000000000010010c 0x000000010010c6f8
i4-i5    0x000000000010010c 0xffffffffffff269f
                            ^^^^^^^^^^^^^^^^^^
i6-i7    0xffffffff7edf93b1 0x0000000100002854
y        0x0000000000000000
ccr      0x0000000000000088
pc       0x00000001000080e0:wr_error+0x70       ldsb     [%i5 + %i0], %o3
npc      0x00000001000080e4:wr_error+0x74       cmp      %o3, 10
(dbx) x 0x0000000100117960+0xffffffffffff269f/X
0x0000000100109fff:     dbx: core file read error: address 0x100109fff not in data space
(dbx)
Work Around 
N/A
Comments 
N/A