Skip to content

runtime: crash in sigtramp #10534

New issue
New issue
Closed
Closed
runtime: crash in sigtramp#10534
Labels
FrozenDueToAge
Milestone
 
Go1.5
@dvyukov

Description

@dvyukov
dvyukov
opened on Apr 22, 2015

go version devel +87054c4 Wed Apr 22 02:50:48 2015 +0000 linux/amd64

A program silently crashed here (from a core file):

(gdb) bt
#0  runtime.sigtramp () at /ssd/src/go10/src/runtime/sys_linux_amd64.s:232
#1  0x0000000000469690 in runtime.sigtramp () at /ssd/src/go10/src/runtime/sys_linux_amd64.s:246
#2  0x0000000000000001 in ?? ()
#3  0x0000000000000000 in ?? ()
(gdb) disass
Dump of assembler code for function runtime.sigtramp:
   0x0000000000469620 <+0>: sub    $0x40,%rsp
   0x0000000000469624 <+4>: mov    %fs:0xfffffffffffffff8,%r10
   0x000000000046962d <+13>:    cmp    $0x0,%r10
   0x0000000000469631 <+17>:    jne    0x469645 <runtime.sigtramp+37>
   0x0000000000469633 <+19>:    mov    %rdi,(%rsp)
   0x0000000000469637 <+23>:    lea    -0x1d60e(%rip),%rax        # 0x44c030 <runtime.badsignal>
   0x000000000046963e <+30>:    callq  *%rax
   0x0000000000469640 <+32>:    add    $0x40,%rsp
   0x0000000000469644 <+36>:    retq   
   0x0000000000469645 <+37>:    mov    %r10,0x28(%rsp)
   0x000000000046964a <+42>:    mov    0xb8(%r10),%rax
=> 0x0000000000469651 <+49>:    mov    0x48(%rax),%rax
   0x0000000000469655 <+53>:    mov    %rax,%fs:0xfffffffffffffff8
   0x000000000046965e <+62>:    mov    %rdi,(%rsp)
   0x0000000000469662 <+66>:    mov    %rsi,0x8(%rsp)
   0x0000000000469667 <+71>:    mov    %rdx,0x10(%rsp)
   0x000000000046966c <+76>:    mov    %r10,0x18(%rsp)
   0x0000000000469671 <+81>:    callq  0x44abd0 <runtime.sighandler>
   0x0000000000469676 <+86>:    mov    0x28(%rsp),%r10
   0x000000000046967b <+91>:    mov    %r10,%fs:0xfffffffffffffff8
   0x0000000000469684 <+100>:   add    $0x40,%rsp
   0x0000000000469688 <+104>:   retq   
   0x0000000000469689 <+105>:   add    %al,(%rax)
   0x000000000046968b <+107>:   add    %al,(%rax)
   0x000000000046968d <+109>:   add    %al,(%rax)
   0x000000000046968f <+111>:   add    %bh,0xf(%rax)
End of assembler dump.
(gdb) info registers
rax            0x0  0
rbx            0x0  0
rcx            0xc20807ab40 833358375744
rdx            0xc2097ebac0 833382955712
rsi            0xc2097ebbf0 833382956016
rdi            0xb  11
rbp            0x8  0x8
rsp            0xc2097eba78 0xc2097eba78
r8             0x10 16
r9             0x0  0
r10            0xc20807ab40 833358375744
r11            0x216    534
r12            0x1  1
r13            0xeccc98a8a  63565302410
r14            0xeccc98a8b  63565302411
r15            0xa3b0c0 10727616
rip            0x469651 0x469651 <runtime.sigtramp+49>
eflags         0x10202  [ IF RF ]
cs             0x33 51
ss             0x2b 43
ds             0x0  0
es             0x0  0
fs             0x0  0
gs             0x0  0

It means that g != nil but g.m == nil. The goroutine descriptor looks valid:

(gdb) p /x $r10
$1 = 0xc20807ab40
(gdb) x/100g 0xc20807ab40
0xc20807ab40:   0x000000c208953000  0x000000c208954000
0xc20807ab50:   0x000000c208953280  0xffffffffffffffff
0xc20807ab60:   0x0000000000000000  0x0000000000000000
0xc20807ab70:   0x0000000000000000  0x0000000000465f90
0xc20807ab80:   0x000000c20807ab40  0x0000000000000000
0xc20807ab90:   0x0000000000000000  0x0000000000000000
0xc20807aba0:   0x000000000045ace0  0x0000000000000000
0xc20807abb0:   0x000000000051c0f5  0x0000000000000000
0xc20807abc0:   0x0000000000000002  0x0000000000000017
0xc20807abd0:   0x0000000000000000  0x000000000084ddb0
0xc20807abe0:   0x000000000000000c  0x000000c20807a8c0
0xc20807abf0:   0x0000000001000000  0x0000000000000000
0xc20807ac00:   0x0000000000000000  0x0000000000000000
0xc20807ac10:   0x0000000000000000  0x0000000000000000
0xc20807ac20:   0x0000000000000000  0x0000000000000000
0xc20807ac30:   0x0000000000000000  0x0000000000000000
0xc20807ac40:   0x000000000040a1b6  0x000000000040a1f0
0xc20807ac50:   0x0000000000000000  0x0000000000000000
0xc20807ac60:   0x0000000000000000  0x0000000000002d40
0xc20807ac70:   0x000000000000015f  0x0000000000000000
0xc20807ac80:   0x000000c208e1f000  0x000000c208e20000
0xc20807ac90:   0x000000c208e1f280  0xffffffffffffffff
0xc20807aca0:   0x0000000000000000  0x0000000000000000
0xc20807acb0:   0x000000c208e1f950  0x0000000000465f90
0xc20807acc0:   0x000000c20807ac80  0x0000000000000000
0xc20807acd0:   0x0000000000000000  0x0000000000000000
0xc20807ace0:   0x000000000045ad20  0x0000000000000000
0xc20807acf0:   0x000000000051c0f5  0x0000000000000000
0xc20807ad00:   0x0000000000000002  0x0000000000000018
0xc20807ad10:   0x0000000000000000  0x000000000084ddb0
0xc20807ad20:   0x000000000000000c  0x000000c20807bb80
0xc20807ad30:   0x0000000001000000  0x000000c2099c4000
0xc20807ad40:   0x0000000000000000  0x0000000000000000
0xc20807ad50:   0x0000000000000000  0x0000000000000000
0xc20807ad60:   0x0000000000000000  0x0000000000000000
0xc20807ad70:   0x0000000000000000  0x0000000000000000
0xc20807ad80:   0x000000000040a1b6  0x000000000040a1f0
0xc20807ad90:   0x0000000000000000  0x0000000000000000
0xc20807ada0:   0x0000000000000000  0x0000000000006620
0xc20807adb0:   0x0000000000000322  0x0000000000000000
0xc20807adc0:   0x000000c208aae000  0x000000c208aaf000
0xc20807add0:   0x000000c208aae280  0xffffffffffffffff
0xc20807ade0:   0x0000000000000000  0x0000000000000000
0xc20807adf0:   0x000000c208aae640  0x000000000051c0f5
0xc20807ae00:   0x000000c20807adc0  0x0000000000000000
0xc20807ae10:   0x0000000000000000  0x0000000000000000

This is goroutine 17:

(gdb) info goroutines
* 17 syscall  runtime.goexit

I don't any obvious place where we setg(g) with g.m==nil.

Core file and the binary are here:
https://drive.google.com/file/d/0B20Uwp8Hs1oCdVpieWdfZy1PN3M/view?usp=sharing

Metadata

Metadata

Assignees

No one assigned

    Labels

    FrozenDueToAge

    Type

    No type

    Projects

    No projects

    Milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions