Bug 261010

Summary: Trace/BPT trap after interrupting truss
Product: Base System Reporter: martin
Component: threadsAssignee: Konstantin Belousov <kib>
Status: Closed FIXED    
Severity: Affects Only Me CC: kib, markj, msl0000023508
Priority: ---    
Version: 12.2-RELEASE   
Hardware: amd64   
OS: Any   
Attachments:
Description Flags
Example source code none

Description martin 2022-01-07 19:17:10 UTC 
Created attachment 230792 [details]
Example source code

Compile the attached truss-crash.c with

cc -pthread -o truss-crash truss-crash.c

and then run ./truss-crash in one shell.

In another shell, find the pid of the running truss-crash and attach truss
to it:

truss -H -o /dev/null -p $pid

After a while, interrupt the truss with Ctrl+C.

Sometimes, truss-crash will crash with Trace/BPT trap (core dumped).  This happens 100% of the time in a VM with 2 cores.

GDB shows the following for the core file:

GNU gdb (GDB) 11.1 [GDB v11.1 for FreeBSD]
Copyright (C) 2021 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Type "show copying" and "show warranty" for details.
This GDB was configured as "x86_64-portbld-freebsd12.2".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<https://www.gnu.org/software/gdb/bugs/>.
Find the GDB manual and other documentation resources online at:
    <http://www.gnu.org/software/gdb/documentation/>.

For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from truss-crash...
[New LWP 102187]
[New LWP 100569]
[New LWP 100816]
[New LWP 100817]
[New LWP 100820]
[New LWP 100827]
[New LWP 100829]
[New LWP 100830]
[New LWP 100940]
[New LWP 101209]
[New LWP 101287]
[New LWP 101288]
[New LWP 101289]
[New LWP 101290]
[New LWP 101291]
[New LWP 101292]
[New LWP 101293]
[New LWP 101294]
[New LWP 101297]
[New LWP 101299]
[New LWP 101300]
[New LWP 101301]
[New LWP 101302]
[New LWP 101303]
[New LWP 101304]
[New LWP 101307]
[New LWP 101308]
[New LWP 101312]
[New LWP 101314]
[New LWP 101315]
[New LWP 101316]
[New LWP 101320]
[New LWP 101321]
[New LWP 101322]
[New LWP 101323]
[New LWP 101324]
[New LWP 101325]
[New LWP 101326]
[New LWP 101327]
[New LWP 101328]
[New LWP 101332]
[New LWP 101333]
[New LWP 101334]
[New LWP 101335]
[New LWP 101336]
[New LWP 101337]
[New LWP 101338]
[New LWP 101339]
[New LWP 101340]
[New LWP 101341]
[New LWP 101342]
[New LWP 101343]
[New LWP 101344]
[New LWP 101345]
[New LWP 101346]
[New LWP 101347]
[New LWP 101350]
[New LWP 101351]
[New LWP 101352]
[New LWP 101353]
[New LWP 101355]
[New LWP 101357]
[New LWP 101358]
[New LWP 101359]
[New LWP 101360]
[New LWP 101366]
[New LWP 101373]
[New LWP 101374]
[New LWP 101375]
[New LWP 101376]
[New LWP 101379]
[New LWP 101385]
[New LWP 101386]
[New LWP 101387]
[New LWP 101388]
[New LWP 101389]
[New LWP 101390]
[New LWP 101391]
[New LWP 101392]
[New LWP 101393]
[New LWP 101394]
[New LWP 101395]
[New LWP 101396]
[New LWP 101397]
[New LWP 101398]
[New LWP 101399]
[New LWP 101400]
[New LWP 101401]
[New LWP 101402]
[New LWP 101403]
[New LWP 101404]
[New LWP 101405]
[New LWP 101406]
[New LWP 101407]
[New LWP 101533]
[New LWP 101591]
[New LWP 101712]
[New LWP 101713]
[New LWP 101887]
[New LWP 101892]
[New LWP 101901]
Core was generated by `truss-crash'.
Program terminated with signal SIGTRAP, Trace/breakpoint trap.
#0  _umtx_op_err () at /usr/src/lib/libthr/arch/amd64/amd64/_umtx_op_err.S:37
37	RSYSCALL_ERR(_umtx_op)
[Current thread is 1 (LWP 102187)]
gdb> disass $pc
Dump of assembler code for function _umtx_op_err:
   0x0000000800269680 <+0>:	mov    $0x1c6,%rax
   0x0000000800269687 <+7>:	mov    %rcx,%r10
   0x000000080026968a <+10>:	syscall 
=> 0x000000080026968c <+12>:	ret    
   0x000000080026968d <+13>:	int3   
   0x000000080026968e <+14>:	int3   
   0x000000080026968f <+15>:	int3   
End of assembler dump.
gdb> bt
#0  _umtx_op_err () at /usr/src/lib/libthr/arch/amd64/amd64/_umtx_op_err.S:37
#1  0x0000000800265591 in join_common (pthread=0x800680500, thread_return=0x0, abstime=0x0, peek=<optimized out>) at /usr/src/lib/libthr/thread/thr_join.c:147
#2  0x0000000000201afa in main ()
gdb> i threads
  Id   Target Id         Frame 
* 1    LWP 102187        _umtx_op_err () at /usr/src/lib/libthr/arch/amd64/amd64/_umtx_op_err.S:37
  2    LWP 100569        0x0000000000201a28 in func ()
  3    LWP 100816        0x0000000000201a36 in func ()
  4    LWP 100817        0x0000000000201a28 in func ()
  5    LWP 100820        0x0000000000201a36 in func ()
  6    LWP 100827        0x0000000000201a36 in func ()
  7    LWP 100829        0x0000000000201a36 in func ()
  8    LWP 100830        0x0000000000201a28 in func ()
  9    LWP 100940        0x0000000000201a13 in func ()
  10   LWP 101209        0x0000000000201a36 in func ()
  11   LWP 101287        0x0000000000201a28 in func ()
  12   LWP 101288        0x0000000000201a36 in func ()
  13   LWP 101289        0x0000000000201a13 in func ()
  14   LWP 101290        0x0000000000201a36 in func ()
  15   LWP 101291        0x0000000000201a36 in func ()
  16   LWP 101292        0x0000000000201a36 in func ()
  17   LWP 101293        0x0000000000201a36 in func ()
  18   LWP 101294        0x0000000000201a1a in func ()
  19   LWP 101297        0x0000000000201a36 in func ()
  20   LWP 101299        0x0000000000201a28 in func ()
  21   LWP 101300        0x0000000000201a36 in func ()
  22   LWP 101301        0x0000000000201a36 in func ()
  23   LWP 101302        0x0000000000201a28 in func ()
  24   LWP 101303        0x0000000000201a36 in func ()
  25   LWP 101304        0x0000000000201a20 in func ()
  26   LWP 101307        0x0000000000201a36 in func ()
  27   LWP 101308        0x0000000000201a36 in func ()
  28   LWP 101312        0x0000000000201a28 in func ()
  29   LWP 101314        0x0000000000201a39 in func ()
  30   LWP 101315        0x0000000000201a2e in func ()
  31   LWP 101316        0x0000000000201a39 in func ()
  32   LWP 101320        0x0000000000201a36 in func ()
  33   LWP 101321        0x0000000000201a28 in func ()
  34   LWP 101322        0x0000000000201a28 in func ()
  35   LWP 101323        0x0000000000201a36 in func ()
  36   LWP 101324        0x0000000000201a36 in func ()
  37   LWP 101325        0x0000000000201a13 in func ()
  38   LWP 101326        0x0000000000201a1a in func ()
  39   LWP 101327        0x0000000000201a36 in func ()
  40   LWP 101328        0x0000000000201a36 in func ()
  41   LWP 101332        0x0000000000201a36 in func ()
  42   LWP 101333        0x0000000000201a28 in func ()
  43   LWP 101334        0x0000000000201a20 in func ()
  44   LWP 101335        0x0000000000201a28 in func ()
  45   LWP 101336        0x0000000000201a28 in func ()
  46   LWP 101337        0x0000000000201a36 in func ()
  47   LWP 101338        0x0000000000201a36 in func ()
  48   LWP 101339        0x0000000000201a36 in func ()
  49   LWP 101340        0x0000000000201a20 in func ()
  50   LWP 101341        0x0000000000201a36 in func ()
  51   LWP 101342        0x0000000000201a1a in func ()
  52   LWP 101343        0x0000000000201a1a in func ()
  53   LWP 101344        0x0000000000201a28 in func ()
  54   LWP 101345        0x0000000000201a28 in func ()
  55   LWP 101346        0x0000000000201a39 in func ()
  56   LWP 101347        0x0000000000201a28 in func ()
  57   LWP 101350        0x0000000000201a1a in func ()
  58   LWP 101351        0x0000000000201a36 in func ()
  59   LWP 101352        0x0000000000201a36 in func ()
  60   LWP 101353        0x0000000000201a28 in func ()
  61   LWP 101355        0x0000000000201a36 in func ()
  62   LWP 101357        0x0000000000201a36 in func ()
  63   LWP 101358        0x0000000000201a28 in func ()
  64   LWP 101359        0x0000000000201a28 in func ()
  65   LWP 101360        0x0000000000201a28 in func ()
  66   LWP 101366        0x0000000000201a13 in func ()
  67   LWP 101373        0x0000000000201a36 in func ()
  68   LWP 101374        0x0000000000201a36 in func ()
  69   LWP 101375        0x0000000000201a20 in func ()
  70   LWP 101376        0x0000000000201a28 in func ()
  71   LWP 101379        0x0000000000201a28 in func ()
  72   LWP 101385        0x0000000000201a28 in func ()
  73   LWP 101386        0x0000000000201a39 in func ()
  74   LWP 101387        0x0000000000201a28 in func ()
  75   LWP 101388        0x0000000000201a28 in func ()
  76   LWP 101389        0x0000000000201a28 in func ()
  77   LWP 101390        0x0000000000201a3f in func ()
  78   LWP 101391        0x0000000000201a1a in func ()
  79   LWP 101392        0x0000000000201a36 in func ()
  80   LWP 101393        0x0000000000201a36 in func ()
  81   LWP 101394        0x0000000000201a36 in func ()
  82   LWP 101395        0x0000000000201a20 in func ()
  83   LWP 101396        0x0000000000201a20 in func ()
  84   LWP 101397        0x0000000000201a28 in func ()
  85   LWP 101398        0x0000000000201a36 in func ()
  86   LWP 101399        0x0000000000201a36 in func ()
  87   LWP 101400        0x0000000000201a39 in func ()
  88   LWP 101401        0x0000000000201a36 in func ()
  89   LWP 101402        0x0000000000201a28 in func ()
  90   LWP 101403        0x0000000000201a36 in func ()
  91   LWP 101404        0x0000000000201a28 in func ()
  92   LWP 101405        0x0000000000201a28 in func ()
  93   LWP 101406        0x0000000000201a28 in func ()
  94   LWP 101407        0x0000000000201a36 in func ()
  95   LWP 101533        0x0000000000201a36 in func ()
  96   LWP 101591        0x0000000000201a1a in func ()
  97   LWP 101712        0x0000000000201a28 in func ()
  98   LWP 101713        0x0000000000201a36 in func ()
  99   LWP 101887        0x0000000000201a36 in func ()
  100  LWP 101892        0x0000000000201a28 in func ()
  101  LWP 101901        0x0000000000201a13 in func ()
gdb>
Comment 1 Konstantin Belousov freebsd_committer freebsd_triage 2022-01-08 09:57:21 UTC 
https://reviews.freebsd.org/D33787
Comment 2 commit-hook freebsd_committer freebsd_triage 2022-01-12 05:42:27 UTC 
A commit in branch main references this bug:

URL: https://cgit.FreeBSD.org/src/commit/?id=a24afbb4e633f6725dfe3de099b8e2a4f6b1b631

commit a24afbb4e633f6725dfe3de099b8e2a4f6b1b631
Author:     Konstantin Belousov <kib@FreeBSD.org>
AuthorDate: 2022-01-08 09:46:45 +0000
Commit:     Konstantin Belousov <kib@FreeBSD.org>
CommitDate: 2022-01-12 05:33:30 +0000

    Ignore debugger-injected signals left after detaching

    PR:     261010
    Reported by:    Martin Simmons <martin@lispworks.com>
    Reviewed by:    markj
    Sponsored by:   The FreeBSD Foundation
    MFC after:      1 week
    Differential revision:  https://reviews.freebsd.org/D33787

 sys/kern/kern_sig.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)
Comment 3 commit-hook freebsd_committer freebsd_triage 2022-01-16 02:54:48 UTC 
A commit in branch stable/13 references this bug:

URL: https://cgit.FreeBSD.org/src/commit/?id=a5f69859956049b5153b0e1b67f8f4a99622dc6f

commit a5f69859956049b5153b0e1b67f8f4a99622dc6f
Author:     Konstantin Belousov <kib@FreeBSD.org>
AuthorDate: 2022-01-08 09:46:45 +0000
Commit:     Konstantin Belousov <kib@FreeBSD.org>
CommitDate: 2022-01-15 12:55:32 +0000

    Ignore debugger-injected signals left after detaching

    PR:     261010

    (cherry picked from commit a24afbb4e633f6725dfe3de099b8e2a4f6b1b631)

 sys/kern/kern_sig.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)