Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com
X-Authenticated: #14308112
Date: Thu, 13 Oct 2005 12:52:42 +0300
From: Pavel Tsekov <ptsekov AT gmx DOT net>
To: cygwin AT cygwin DOT com
Subject: Re: handle_threadlist_exception: handle_threadlist_exception called     with threadlist_ix -1
In-Reply-To: <Pine.CYG.4.58.0510121448440.1312@mordor>
Message-ID: <Pine.CYG.4.58.0510131251190.1196@mordor>
References: <SERRANOzGZuNY1SWoBD0000004f AT SERRANO DOT CAM DOT ARTIMI DOT COM>  <20050901144331 DOT GH18595 AT trixie DOT casa DOT cgf DOT cx> <Pine DOT CYG DOT 4 DOT 58 DOT 0510061616570 DOT 1556 AT mordor>  <20051006141933 DOT GB17445 AT trixie DOT casa DOT cgf DOT cx> <Pine DOT CYG DOT 4 DOT 58 DOT 0510061735120 DOT 1140 AT mordor>  <20051006150019 DOT GA6197 AT trixie DOT casa DOT cgf DOT cx> <Pine DOT CYG DOT 4 DOT 58 DOT 0510061840550 DOT 1524 AT mordor>  <Pine DOT CYG DOT 4 DOT 58 DOT 0510111733550 DOT 1460 AT mordor> <20051011150127 DOT GB14140 AT trixie DOT casa DOT cgf DOT cx>  <Pine DOT CYG DOT 4 DOT 58 DOT 0510121448440 DOT 1312 AT mordor>
MIME-Version: 1.0
Content-Type: MULTIPART/MIXED; BOUNDARY="-559023410-1658969638-1129197162=:1196"
X-Y-GMX-Trusted: 0
X-IsSubscribed: yes

---559023410-1658969638-1129197162=:1196
Content-Type: TEXT/PLAIN; charset=US-ASCII

On Wed, 12 Oct 2005, Pavel Tsekov wrote:

> On Tue, 11 Oct 2005, Christopher Faylor wrote:
>
> > I don't see how ignoring blocked signals would cause a SEGV however.
>
> Well... indirectly they do :) I hope you are not too annoyed already
> because this time I really found the cause of the problem.
>
> Assume a signal is sent to a thread with pthread_kill() but the thread is
> blocking the signal and in doesn't get processed through it's lifetime.
> The thread dies but the signal still remains in the singal queue.
> Something triggeres the processing of the signal - sig_dispatch_pending()
> in my case (which is called as part of pthread_sigmask()). As part of the
> processing the 'tls' member of sigpacket is dereferenced but at that time
> it is already invalid.
>
> I'll try to post a testcase ASAP which demonstrates the problem.

Find the testcase attached. The interesting part starts when SIGUSR2 is
send from the main thread.
---559023410-1658969638-1129197162=:1196
Content-Type: TEXT/PLAIN; charset=US-ASCII; name="sigpacket_bad_tls_crash.c"
Content-Transfer-Encoding: BASE64
Content-ID: <Pine DOT CYG DOT 4 DOT 58 DOT 0510131252420 DOT 1196 AT mordor>
Content-Description: 
Content-Disposition: attachment; filename="sigpacket_bad_tls_crash.c"

I2luY2x1ZGUgPGxpbWl0cy5oPg0KI2luY2x1ZGUgPHNpZ25hbC5oPg0KI2lu
Y2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8cHRocmVhZC5oPg0KDQpzdGF0
aWMgcGlkX3QgdGhlX3BpZDsNCg0Kc3RhdGljIHZvaWQgZW1wdHlfaGFuZGxl
cihpbnQgc2lnbm8pDQp7DQogIHByaW50ZiAoImluIGVtcHR5X2hhbmRsZXIo
KTogc2lnbm8gPSAlZFxuIiwgc2lnbm8pOw0KfQ0KDQpzdGF0aWMgdm9pZCAq
dGhyZWFkX2xvb3AgKHZvaWQgKnVudXNlZCkNCnsNCiAgaW50IGk7DQogIHNp
Z3NldF90IGJsb2NrX3NldCwgcGVuZGluZ19zZXQ7DQoNCiAgc2lnZW1wdHlz
ZXQgKCZibG9ja19zZXQpOw0KICBzaWdhZGRzZXQgKCZibG9ja19zZXQsIFNJ
R1VTUjIpOw0KICBpZiAocHRocmVhZF9zaWdtYXNrIChTSUdfQkxPQ0ssICZi
bG9ja19zZXQsIE5VTEwpICE9IDApDQogICAgew0KICAgICAgcHJpbnRmICgi
ZmFpbGVkIHRvIHNldCB0aGUgbGlzdCBvZiBibG9ja2VkIHNpZ25hbHNcbiIp
Ow0KICAgIH0NCg0KICAvKiBBbGwgZG9uZSAtIGxldCB0aGUgbWFpbiB0aHJl
YWQga25vdyB0aGF0IGl0DQogICAgIGNhbiBzZW5kIHVzIGEgc2lnbmFsLiAq
Lw0KICBraWxsICh0aGVfcGlkLCBTSUdVU1IxKTsNCg0KICBmb3IgKGkgPSAw
OyBpIDwgSU5UX01BWDsgaSsrKTsNCg0KICBwcmludGYgKCJleGl0aW5nIHRo
cmVhZF9sb29wKClcbiIpOw0KDQogIHJldHVybiBOVUxMOw0KfQ0KDQppbnQg
bWFpbiAoaW50IGFyZ2MsIGNoYXIgKiphcmd2KQ0Kew0KICBpbnQgcnY7DQog
IGludCBpOw0KICBwdGhyZWFkX3QgdGhyX2lkOw0KICBzaWdzZXRfdCBuZXdf
c2V0LCBvbGRfc2V0Ow0KICB2b2lkICp0aHJfcmVzdWx0Ow0KDQogIHRoZV9w
aWQgPSBnZXRwaWQgKCk7DQoNCiAgLyogRHVtbXkgc3luY2hyb25pemF0aW9u
IHNjaGVtZSBzbyB0aGF0IHdlIGtub3cgdGhhdA0KICAgICB0aGUgc2Vjb25k
IHRocmVhZCBpbml0aWFsaXplZCBpdHMgbGlzdCBvZiBibG9ja2VkDQogICAg
IHNpZ25hbHMuICovDQogIHNpZ25hbCAoU0lHVVNSMSwgZW1wdHlfaGFuZGxl
cik7DQogIHNpZ2VtcHR5c2V0ICgmbmV3X3NldCk7DQogIHNpZ2FkZHNldCAo
Jm5ld19zZXQsIFNJR1VTUjEpOw0KICBzaWdwcm9jbWFzayAoU0lHX0JMT0NL
LCAmbmV3X3NldCwgJm9sZF9zZXQpOw0KDQogIHJ2ID0gcHRocmVhZF9jcmVh
dGUgKCZ0aHJfaWQsIE5VTEwsIHRocmVhZF9sb29wLCBOVUxMKTsNCiAgaWYg
KHJ2ICE9IDApDQogICAgew0KICAgICAgcHJpbnRmICgiZmFpbGVkIHRvIGNy
ZWF0ZSB0aHJlYWQuXG4iKTsNCiAgICAgIGV4aXQgKDEpOw0KICAgIH0NCg0K
ICAvKiBXYWl0IHVudGlsIHRoZSBzZWNvbmQgdGhyZWFkIHNpZ25hbHMgdGhl
IG1haW4gdGhyZWFkLiAqLw0KICBzaWdzdXNwZW5kICgmb2xkX3NldCk7DQog
IHNpZ3Byb2NtYXNrIChTSUdfVU5CTE9DSywgJm5ld19zZXQsIE5VTEwpOw0K
DQogIC8qIFNlbmQgYSBTSUdVU1IyIHNpZ25hbCB0byB0aGUgc2Vjb25kIHRo
cmVhZCB3aGlsZQ0KICAgICBpdCBpcyBibG9ja2luZyBTSUdVU1IyLiAqLw0K
ICBwdGhyZWFkX2tpbGwgKHRocl9pZCwgU0lHVVNSMik7DQoNCiAgLyogV2Fp
dCBmb3IgdGhlIHRocmVhZCB0byB0ZXJtaW5hdGUuICovDQogIHB0aHJlYWRf
am9pbiAodGhyX2lkLCAmdGhyX3Jlc3VsdCk7DQoNCiAgLyogVHJpZ2dlciBz
aWdfZGlzcGF0Y2hfcGVuZGluZygpICovDQogIHNpZ25hbCAoU0lHVVNSMSwg
U0lHX0lHTik7DQoNCiAgLyogSnVzdCB3YWl0IGZvciB0aGUgcHJvZ3JhbSB0
byBjcmFzaC4gKi8NCiAgc2xlZXAgKDYwMCk7DQoNCiAgZXhpdCAoMCk7DQp9
DQo=


---559023410-1658969638-1129197162=:1196
Content-Type: text/plain; charset=us-ascii

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/
---559023410-1658969638-1129197162=:1196--