Opened 14 years ago
Closed 14 years ago
#5271 closed bug (fixed)
[BeShare] crash on exit
| Reported by: | korli | Owned by: | axeld |
|---|---|---|---|
| Priority: | high | Milestone: | R1 |
| Component: | System/libroot.so | Version: | R1/alpha1 |
| Keywords: | Cc: | ||
| Blocked By: | Blocking: | ||
| Platform: | All |
Description
Tested on Haiku from 2010, 7th January with http://www.bebits.com/bob/19533/BeShare2.28.zip
It seems like the function _thread_do_exit_notification() is called two times. Here both calls stacktraces:
#0 0xffff0114 in ?? () #1 0x006a52fe in debugger () from /boot/system/lib/libroot.so #2 0x0065634e in __net_data_destroy () from /boot/system/lib/libnetwork.so #3 0x006b79d1 in __pthread_key_call_destructors () from /boot/system/lib/libroot.so #4 0x006b6c88 in __pthread_destroy_thread () from /boot/system/lib/libroot.so #5 0x006a9af8 in _thread_do_exit_notification () from /boot/system/lib/libroot.so #6 0x00281a7c in _start () #7 0x00105bb6 in runtime_loader () from /boot/system/runtime_loader #8 0x7ffeefec in ?? ()
and
#0 0xffff0114 in ?? () #1 0x006a52fe in debugger () from /boot/system/lib/libroot.so #2 0x0065634e in __net_data_destroy () from /boot/system/lib/libnetwork.so #3 0x006b79d1 in __pthread_key_call_destructors () from /boot/system/lib/libroot.so #4 0x006b6c88 in __pthread_destroy_thread () from /boot/system/lib/libroot.so #5 0x006a9af8 in _thread_do_exit_notification () from /boot/system/lib/libroot.so #6 0x0070fd86 in exit () from /boot/system/lib/libroot.so #7 0x00281a82 in _start () #8 0x00105bb6 in runtime_loader () from /boot/system/runtime_loader #9 0x7ffeefec in ?? ()
Here is the _start function from BeShare.x86 executable.
00081a14 <_start>: 81a14: 55 push %ebp 81a15: 89 e5 mov %esp,%ebp 81a17: 57 push %edi 81a18: 56 push %esi 81a19: 53 push %ebx 81a1a: e8 00 00 00 00 call 81a1f <_start+0xb> 81a1f: 5b pop %ebx 81a20: 81 c3 e1 0f 13 00 add $0x130fe1,%ebx 81a26: 8b 7d 0c mov 0xc(%ebp),%edi 81a29: 8b 75 10 mov 0x10(%ebp),%esi 81a2c: 8b 83 8c 0d 00 00 mov 0xd8c(%ebx),%eax 81a32: 89 38 mov %edi,(%eax) 81a34: 8b 83 80 0c 00 00 mov 0xc80(%ebx),%eax 81a3a: 89 30 mov %esi,(%eax) 81a3c: 85 f6 test %esi,%esi 81a3e: 75 0a jne 81a4a <_start+0x36> 81a40: 89 da mov %ebx,%edx 81a42: 81 c2 48 10 ff ff add $0xffff1048,%edx 81a48: 89 10 mov %edx,(%eax) 81a4a: 64 a1 04 00 00 00 mov %fs:0x4,%eax 81a50: 89 c2 mov %eax,%edx 81a52: 8b 83 a4 0a 00 00 mov 0xaa4(%ebx),%eax 81a58: 89 10 mov %edx,(%eax) 81a5a: 56 push %esi 81a5b: 57 push %edi 81a5c: 8b 55 08 mov 0x8(%ebp),%edx 81a5f: 52 push %edx 81a60: e8 37 f1 ff ff call 80b9c <_init_c_library_@plt> 81a65: e8 92 e7 ff ff call 801fc <_call_init_routines_@plt> 81a6a: 56 push %esi 81a6b: 57 push %edi 81a6c: 8b 45 08 mov 0x8(%ebp),%eax 81a6f: 50 push %eax 81a70: e8 b3 57 09 00 call 117228 <main> 81a75: 89 c6 mov %eax,%esi 81a77: e8 c0 e4 ff ff call 7ff3c <_thread_do_exit_notification@plt> 81a7c: 56 push %esi 81a7d: e8 0a fa ff ff call 8148c <exit@plt> 81a82: 90 nop 81a83: 90 nop
It seems to me that _start here calls _thread_do_exit_notification() itself as does exit() later.
For a native Haiku executable, we have this _start function:
00007d44 <_start>:
7d44: 55 push %ebp
7d45: 89 e5 mov %esp,%ebp
7d47: 83 ec 0c sub $0xc,%esp
7d4a: 57 push %edi
7d4b: 56 push %esi
7d4c: 53 push %ebx
7d4d: e8 00 00 00 00 call 7d52 <_start+0xe>
7d52: 5b pop %ebx
7d53: 81 c3 ea 7b 00 00 add $0x7bea,%ebx
7d59: 8b 75 0c mov 0xc(%ebp),%esi
7d5c: 8b 7d 10 mov 0x10(%ebp),%edi
7d5f: 8b 83 3c 03 00 00 mov 0x33c(%ebx),%eax
7d65: 89 30 mov %esi,(%eax)
7d67: 83 c4 f4 add $0xfffffff4,%esp
7d6a: 6a 00 push $0x0
7d6c: e8 cf f6 ff ff call 7440 <find_thread@plt>
7d71: 89 c2 mov %eax,%edx
7d73: 8b 83 18 03 00 00 mov 0x318(%ebx),%eax
7d79: 89 10 mov %edx,(%eax)
7d7b: 83 c4 fc add $0xfffffffc,%esp
7d7e: 57 push %edi
7d7f: 56 push %esi
7d80: 8b 45 08 mov 0x8(%ebp),%eax
7d83: 50 push %eax
7d84: e8 07 fa ff ff call 7790 <_init_c_library_@plt>
7d89: 83 c4 20 add $0x20,%esp
7d8c: e8 ef f5 ff ff call 7380 <_call_init_routines_@plt>
7d91: 83 c4 fc add $0xfffffffc,%esp
7d94: 57 push %edi
7d95: 56 push %esi
7d96: 8b 45 08 mov 0x8(%ebp),%eax
7d99: 50 push %eax
7d9a: e8 31 01 00 00 call 7ed0 <main>
7d9f: 83 c4 f4 add $0xfffffff4,%esp
7da2: 50 push %eax
7da3: e8 e8 fc ff ff call 7a90 <exit@plt>
7da8: 31 c0 xor %eax,%eax
7daa: 8d 65 e8 lea 0xffffffe8(%ebp),%esp
7dad: 5b pop %ebx
7dae: 5e pop %esi
7daf: 5f pop %edi
7db0: 89 ec mov %ebp,%esp
7db2: 5d pop %ebp
7db3: c3 ret
We do have a compatibility problem here.
Note:
See TracTickets
for help on using tickets.
Fixed in hrev35098.