Re: [Xenomai-help] native skin 2.5.0: rt_task_create() segfaults if stacksize parameter too small

[Stefan Kisdaroczi <kisda@domain.hid>]

[-- Attachment #1.1: Type: text/plain, Size: 3502 bytes --]

Am 08.01.2010 14:52, schrieb Gilles Chanteperdrix:
> Stefan Kisdaroczi wrote:
>> Am 08.01.2010 14:30, schrieb Gilles Chanteperdrix:
>>> Stefan Kisdaroczi wrote:
>>>> Am 08.01.2010 12:57, schrieb Gilles Chanteperdrix:
>>>>> Stefan Kisdaroczi wrote:
>>>>>> Am 07.01.2010 17:57, schrieb Gilles Chanteperdrix:
>>>>>>> Stefan Kisdaroczi wrote:
>>>>>>>> Am 07.01.2010 15:36, schrieb Gilles Chanteperdrix:
>>>>>>>>> Stefan Kisdaroczi wrote:
>>>>>>>>>> hi,
>>>>>>>>>>
>>>>>>>>>> i have upgraded xenomai to 2.5.0 (x86,32bit). My application segfaults when I
>>>>>>>>>> try to create a task with stacksize 2048, this worked with 2.4.10.
>>>>>>>>>> Because my app is written in pascal i have reproduced the problem with the
>>>>>>>>>> xenomai trivial-periodic.c example:
>>>>>>>>>>
>>>>>>>>>> -	rt_task_create(&demo_task, "trivial", 0, 99, 0);
>>>>>>>>>> +	rt_task_create(&demo_task, "trivial",16911, 99, 0);
>>>>>>>>>>
>>>>>>>>>> Stacksize 0 -> default stack size : ok
>>>>>>>>>> Stacksize > 0 and <= 16911 : Segmentation fault
>>>>>>>>>> Stacksize >= 16912 : ok
>>>>>>>>>>
>>>>>>>>>> Any hints ?
>>>>>>>>> What does the task do? If it uses printf, printf needs a lot of room on
>>>>>>>>> the stack.
>>>>>>>>>
>>>>>>>> To clarify:
>>>>>>>> It does not depend on the task body, the task is not even started.
>>>>>>>> The segfault happens when calling rt_task_create(), before rt_task_start()
>>>>>>>> is called.
>>>>>>> Actually, when calling rt_task_create, the thread is created, under the
>>>>>>> hood, and waits to be started. So the segmentation fault is most
>>>>>>> certainly due to a stack overflow in the newly created thread.
>>>>>>>
>>>>>>> And I am afraid I know why it happens: the newly merged user-space
>>>>>>> signals support requires roughly 16 * sizeof(struct siginfo) on stack.
>>>>>>> But this amounts to two Kbytes here. Could you run the following program
>>>>>>> on your target ?
>>>>>> salut gilles,
>>>>>>
>>>>>> as the stacksize is already checked and increased to PTHREAD_STACK_MIN if
>>>>>> the value is too small, i suggest to take the stacksize needed by xenomai
>>>>>> into account too. The attached patch is clearly wrong, but it solved the
>>>>>> problem for me.
>>>>> PTHREAD_STACK_MIN varies a lot depending on architectures and even
>>>>> depending on the glibc versions. Which is why we took 32 Kb as the
>>>>> default stack size. Since the default is enough even for struct xnsig,
>>>>> if you are asking a smaller size, you may have good reasons to do so. We
>>>>> should check that the size is at least sizeof(struct xnsig), but since
>>>>> PTHREAD_STACK_MIN is larger than struct xnsig, it should work as is.
>>>>>
>>>>> The point is that your system seems to require 16 Kb whereas
>>>>> sizeof(struct xnsig) is only 2Kb. So, there is something wrong somewhere
>>>>> else.
>>>>>
>>>>> Could you run the segfaulting program inside gdb, and print the frames
>>>>> infos ?
>>>> gdb logfile attached
>>> Ok. Could you get the value of the "esp" register at the time of the
>>> failure, as well as the contents of /proc/<pid>/smaps where <pid> is the
>>> pid of the failing application ? You can run the cat /proc/<pid>/smaps
>>> when the process is stopped in gdb.
>>
>> attached.
> 
> The values seem to depend on the run, I am afraid you will have to do it
> all again at once. Once thing can be told for sure from your posts: a
> Linux signal frame is stacked over Xenomai stack frame.
> 

attached

[-- Attachment #1.2: gdb-and-smaps.txt --]
[-- Type: text/plain, Size: 12232 bytes --]

Starting program: /home/ski/src/xenotest/trivial-periodic 
[Thread debugging using libthread_db enabled]
[New Thread 0xb75eb6c0 (LWP 21509)]
[New Thread 0xb75eab90 (LWP 21512)]

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0xb75eab90 (LWP 21512)]
0xb7784783 in ?? () from /lib/ld-linux.so.2
#0  0xb7784783 in ?? () from /lib/ld-linux.so.2
#1  0xb778a2e0 in ?? () from /lib/ld-linux.so.2
#2  0xb77507fd in xeno_sigwinch_handler () from /usr/lib/libnative.so.3
#3  0xb77508a6 in xeno_sigshadow_handler () from /usr/lib/libnative.so.3
#4  <signal handler called>
#5  0xb774f1e0 in ?? () from /usr/lib/libnative.so.3
#6  0xb75ea3b8 in ?? ()
#7  0xb7752208 in ?? () from /usr/lib/libnative.so.3
#8  0xb77523c0 in ?? () from /usr/lib/libnative.so.3
#9  0xb7750700 in ?? () from /usr/lib/libnative.so.3
#10 0x00000000 in ?? ()
eax            0xb776c2a8	-1216953688
ecx            0xb75e89dc	-1218541092
edx            0xd0	208
ebx            0xb7752208	-1217060344
esp            0xb75e8000	0xb75e8000
ebp            0xb75e8000	0xb75e8000
esi            0x63	99
edi            0x1c	28
eip            0xb7784783	0xb7784783
eflags         0x10206	[ PF IF RF ]
cs             0x73	115
ss             0x7b	123
ds             0x7b	123
es             0x7b	123
fs             0x0	0
gs             0x33	51
Stack frame at 0xb75e8008:
 eip = 0xb7784783; saved eip 0xb778a2e0
 called by frame at 0xb75e8020
 Arglist at 0xb75e7ffc, args: 
 Locals at 0xb75e7ffc, Previous frame's sp is 0xb75e8008
 Saved registers:
  ebp at 0xb75e8000, eip at 0xb75e8004
Stack frame at 0xb75e8020:
 eip = 0xb778a2e0; saved eip 0xb77507fd
 called by frame at 0xb75e88a0, caller of frame at 0xb75e8008
 Arglist at 0xb75e8004, args: 
 Locals at 0xb75e8004, Previous frame's sp is 0xb75e8020
 Saved registers:
  eip at 0xb75e801c
Stack frame at 0xb75e88a0:
 eip = 0xb77507fd in xeno_sigwinch_handler; saved eip 0xb77508a6
 called by frame at 0xb75e8950, caller of frame at 0xb75e8020
 Arglist at 0xb75e8898, args: 
 Locals at 0xb75e8898, Previous frame's sp is 0xb75e88a0
 Saved registers:
  ebp at 0xb75e8898, eip at 0xb75e889c
Stack frame at 0xb75e8950:
 eip = 0xb77508a6 in xeno_sigshadow_handler; saved eip 0xb777640c
 called by frame at 0xb75e8a58, caller of frame at 0xb75e88a0
 Arglist at 0xb75e8948, args: 
 Locals at 0xb75e8948, Previous frame's sp is 0xb75e8950
 Saved registers:
  ebp at 0xb75e8948, eip at 0xb75e894c
Stack frame at 0xb75e8a58:
 eip = 0xb777640c in __kernel_rt_sigreturn; saved eip 0xb774f1e0
 called by frame at 0xb75e8a5c, caller of frame at 0xb75e8950
 Arglist at unknown address.
 Locals at unknown address, Previous frame's sp is 0xb75e8a58
 Saved registers:
  eax at 0xb75e8a1c, ecx at 0xb75e8a18, edx at 0xb75e8a14, ebx at 0xb75e8a10,
  ebp at 0xb75e8a08, esi at 0xb75e8a04, edi at 0xb75e8a00, eip at 0xb75e8a28
Stack frame at 0xb75e8a5c:
 eip = 0xb774f1e0; saved eip 0xb75ea3b8
 called by frame at 0xb75e8a60, caller of frame at 0xb75e8a58
 Arglist at 0xb75e8a54, args: 
 Locals at 0xb75e8a54, Previous frame's sp is 0xb75e8a5c
 Saved registers:
  eip at 0xb75e8a58
Stack frame at 0xb75e8a60:
 eip = 0xb75ea3b8; saved eip 0xb7752208
 called by frame at 0xb75e8a64, caller of frame at 0xb75e8a5c
 Arglist at 0xb75e8a58, args: 
 Locals at 0xb75e8a58, Previous frame's sp is 0xb75e8a60
 Saved registers:
  eip at 0xb75e8a5c
Stack frame at 0xb75e8a64:
 eip = 0xb7752208; saved eip 0xb77523c0
 called by frame at 0xb75e8a68, caller of frame at 0xb75e8a60
 Arglist at 0xb75e8a5c, args: 
 Locals at 0xb75e8a5c, Previous frame's sp is 0xb75e8a64
 Saved registers:
  eip at 0xb75e8a60
Stack frame at 0xb75e8a68:
 eip = 0xb77523c0 in xeno_sigshadow_installed; saved eip 0xb7750700
 called by frame at 0xb75e8a6c, caller of frame at 0xb75e8a64
 Arglist at 0xb75e8a60, args: 
 Locals at 0xb75e8a60, Previous frame's sp is 0xb75e8a68
 Saved registers:
  eip at 0xb75e8a64
Stack frame at 0xb75e8a6c:
 eip = 0xb7750700 in xeno_sigshadow_install; saved eip 0x0
 called by frame at 0xb75e8a70, caller of frame at 0xb75e8a68
 Arglist at 0xb75e8a64, args: 
 Locals at 0xb75e8a64, Previous frame's sp is 0xb75e8a6c
 Saved registers:
  eip at 0xb75e8a68
Stack frame at 0xb75e8a70:
 eip = 0x0; saved eip 0x0
 caller of frame at 0xb75e8a6c
 Arglist at 0xb75e8a68, args: 
 Locals at 0xb75e8a68, Previous frame's sp is 0xb75e8a70
 Saved registers:
  eip at 0xb75e8a6c
The program is running.  Exit anyway? (y or n)


08048000-08049000 r-xp 00000000 08:01 1976845    /home/ski/src/xenotest/trivial-periodic
Size:                  4 kB
Rss:                   4 kB
Pss:                   4 kB
Shared_Clean:          0 kB
Shared_Dirty:          0 kB
Private_Clean:         4 kB
Private_Dirty:         0 kB
Referenced:            4 kB
Swap:                  0 kB
KernelPageSize:        4 kB
MMUPageSize:           4 kB
08049000-0804a000 rw-p 00000000 08:01 1976845    /home/ski/src/xenotest/trivial-periodic
Size:                  4 kB
Rss:                   4 kB
Pss:                   4 kB
Shared_Clean:          0 kB
Shared_Dirty:          0 kB
Private_Clean:         0 kB
Private_Dirty:         4 kB
Referenced:            4 kB
Swap:                  0 kB
KernelPageSize:        4 kB
MMUPageSize:           4 kB
099eb000-09a0c000 rw-p 00000000 00:00 0          [heap]
Size:                132 kB
Rss:                 132 kB
Pss:                 132 kB
Shared_Clean:          0 kB
Shared_Dirty:          0 kB
Private_Clean:         0 kB
Private_Dirty:       132 kB
Referenced:          132 kB
Swap:                  0 kB
KernelPageSize:        4 kB
MMUPageSize:           4 kB
b75e7000-b75e8000 ---p 00000000 00:00 0 
Size:                  4 kB
Rss:                   4 kB
Pss:                   4 kB
Shared_Clean:          0 kB
Shared_Dirty:          0 kB
Private_Clean:         0 kB
Private_Dirty:         4 kB
Referenced:            4 kB
Swap:                  0 kB
KernelPageSize:        4 kB
MMUPageSize:           4 kB
b75e8000-b75ec000 rw-p 00000000 00:00 0 
Size:                 16 kB
Rss:                  16 kB
Pss:                  16 kB
Shared_Clean:          0 kB
Shared_Dirty:          0 kB
Private_Clean:         0 kB
Private_Dirty:        16 kB
Referenced:           16 kB
Swap:                  0 kB
KernelPageSize:        4 kB
MMUPageSize:           4 kB
b75ec000-b7741000 r-xp 00000000 08:01 4810048    /lib/i686/cmov/libc-2.7.so
Size:               1364 kB
Rss:                1364 kB
Pss:                 404 kB
Shared_Clean:       1364 kB
Shared_Dirty:          0 kB
Private_Clean:         0 kB
Private_Dirty:         0 kB
Referenced:         1364 kB
Swap:                  0 kB
KernelPageSize:        4 kB
MMUPageSize:           4 kB
b7741000-b7742000 r--p 00155000 08:01 4810048    /lib/i686/cmov/libc-2.7.so
Size:                  4 kB
Rss:                   4 kB
Pss:                   4 kB
Shared_Clean:          0 kB
Shared_Dirty:          0 kB
Private_Clean:         0 kB
Private_Dirty:         4 kB
Referenced:            4 kB
Swap:                  0 kB
KernelPageSize:        4 kB
MMUPageSize:           4 kB
b7742000-b7744000 rw-p 00156000 08:01 4810048    /lib/i686/cmov/libc-2.7.so
Size:                  8 kB
Rss:                   8 kB
Pss:                   8 kB
Shared_Clean:          0 kB
Shared_Dirty:          0 kB
Private_Clean:         0 kB
Private_Dirty:         8 kB
Referenced:            8 kB
Swap:                  0 kB
KernelPageSize:        4 kB
MMUPageSize:           4 kB
b7744000-b7747000 rw-p 00000000 00:00 0 
Size:                 12 kB
Rss:                  12 kB
Pss:                  12 kB
Shared_Clean:          0 kB
Shared_Dirty:          0 kB
Private_Clean:         0 kB
Private_Dirty:        12 kB
Referenced:           12 kB
Swap:                  0 kB
KernelPageSize:        4 kB
MMUPageSize:           4 kB
b7747000-b7752000 r-xp 00000000 08:01 958534     /usr/lib/libnative.so.3.0.0
Size:                 44 kB
Rss:                  44 kB
Pss:                  44 kB
Shared_Clean:          0 kB
Shared_Dirty:          0 kB
Private_Clean:        12 kB
Private_Dirty:        32 kB
Referenced:           44 kB
Swap:                  0 kB
KernelPageSize:        4 kB
MMUPageSize:           4 kB
b7752000-b7753000 rw-p 0000a000 08:01 958534     /usr/lib/libnative.so.3.0.0
Size:                  4 kB
Rss:                   4 kB
Pss:                   4 kB
Shared_Clean:          0 kB
Shared_Dirty:          0 kB
Private_Clean:         0 kB
Private_Dirty:         4 kB
Referenced:            4 kB
Swap:                  0 kB
KernelPageSize:        4 kB
MMUPageSize:           4 kB
b7753000-b7768000 r-xp 00000000 08:01 4810062    /lib/i686/cmov/libpthread-2.7.so
Size:                 84 kB
Rss:                  84 kB
Pss:                  24 kB
Shared_Clean:         80 kB
Shared_Dirty:          0 kB
Private_Clean:         0 kB
Private_Dirty:         4 kB
Referenced:           84 kB
Swap:                  0 kB
KernelPageSize:        4 kB
MMUPageSize:           4 kB
b7768000-b776a000 rw-p 00014000 08:01 4810062    /lib/i686/cmov/libpthread-2.7.so
Size:                  8 kB
Rss:                   8 kB
Pss:                   8 kB
Shared_Clean:          0 kB
Shared_Dirty:          0 kB
Private_Clean:         0 kB
Private_Dirty:         8 kB
Referenced:            8 kB
Swap:                  0 kB
KernelPageSize:        4 kB
MMUPageSize:           4 kB
b776a000-b776d000 rw-p 00000000 00:00 0 
Size:                 12 kB
Rss:                  12 kB
Pss:                  12 kB
Shared_Clean:          0 kB
Shared_Dirty:          0 kB
Private_Clean:         0 kB
Private_Dirty:        12 kB
Referenced:           12 kB
Swap:                  0 kB
KernelPageSize:        4 kB
MMUPageSize:           4 kB
b776f000-b7772000 rw-s 00000000 00:0d 1551       /dev/rtheap
Size:                 12 kB
Rss:                  12 kB
Pss:                   6 kB
Shared_Clean:         12 kB
Shared_Dirty:          0 kB
Private_Clean:         0 kB
Private_Dirty:         0 kB
Referenced:           12 kB
Swap:                  0 kB
KernelPageSize:        4 kB
MMUPageSize:           4 kB
b7772000-b7775000 rw-s 00000000 00:0d 1551       /dev/rtheap
Size:                 12 kB
Rss:                  12 kB
Pss:                  12 kB
Shared_Clean:          0 kB
Shared_Dirty:          0 kB
Private_Clean:        12 kB
Private_Dirty:         0 kB
Referenced:           12 kB
Swap:                  0 kB
KernelPageSize:        4 kB
MMUPageSize:           4 kB
b7775000-b7776000 rw-p 00000000 00:00 0 
Size:                  4 kB
Rss:                   4 kB
Pss:                   4 kB
Shared_Clean:          0 kB
Shared_Dirty:          0 kB
Private_Clean:         0 kB
Private_Dirty:         4 kB
Referenced:            4 kB
Swap:                  0 kB
KernelPageSize:        4 kB
MMUPageSize:           4 kB
b7776000-b7777000 r-xp 00000000 00:00 0          [vdso]
Size:                  4 kB
Rss:                   4 kB
Pss:                   0 kB
Shared_Clean:          4 kB
Shared_Dirty:          0 kB
Private_Clean:         0 kB
Private_Dirty:         0 kB
Referenced:            4 kB
Swap:                  0 kB
KernelPageSize:        4 kB
MMUPageSize:           4 kB
b7777000-b7791000 r-xp 00000000 08:01 4800514    /lib/ld-2.7.so
Size:                104 kB
Rss:                 104 kB
Pss:                  10 kB
Shared_Clean:        100 kB
Shared_Dirty:          0 kB
Private_Clean:         0 kB
Private_Dirty:         4 kB
Referenced:          104 kB
Swap:                  0 kB
KernelPageSize:        4 kB
MMUPageSize:           4 kB
b7791000-b7793000 rw-p 0001a000 08:01 4800514    /lib/ld-2.7.so
Size:                  8 kB
Rss:                   8 kB
Pss:                   8 kB
Shared_Clean:          0 kB
Shared_Dirty:          0 kB
Private_Clean:         0 kB
Private_Dirty:         8 kB
Referenced:            8 kB
Swap:                  0 kB
KernelPageSize:        4 kB
MMUPageSize:           4 kB
bfd6a000-bfd7f000 rw-p 00000000 00:00 0          [stack]
Size:                 84 kB
Rss:                  84 kB
Pss:                  84 kB
Shared_Clean:          0 kB
Shared_Dirty:          0 kB
Private_Clean:         0 kB
Private_Dirty:        84 kB
Referenced:           84 kB
Swap:                  0 kB
KernelPageSize:        4 kB
MMUPageSize:           4 kB

[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 251 bytes --]