[Mono-bugs] [Bug 74711][Nor] New - Races between thread creation and abort
bugzilla-daemon@bugzilla.ximian.com
bugzilla-daemon@bugzilla.ximian.com
Sun, 24 Apr 2005 14:27:10 -0400 (EDT)
Please do not reply to this email- if you want to comment on the bug, go to the
URL shown below and enter your comments there.
Changed by bmaurer@users.sf.net.
http://bugzilla.ximian.com/show_bug.cgi?id=74711
--- shadow/74711 2005-04-24 14:27:10.000000000 -0400
+++ shadow/74711.tmp.21543 2005-04-24 14:27:10.000000000 -0400
@@ -0,0 +1,256 @@
+Bug#: 74711
+Product: Mono: Runtime
+Version: 1.0
+OS:
+OS Details:
+Status: NEW
+Resolution:
+Severity:
+Priority: Normal
+Component: misc
+AssignedTo: mono-bugs@ximian.com
+ReportedBy: bmaurer@users.sf.net
+QAContact: mono-bugs@ximian.com
+TargetMilestone: ---
+URL:
+Cc:
+Summary: Races between thread creation and abort
+
+With the following test case:
+
+using System;
+using System.Threading;
+
+class X {
+ static void Main ()
+ {
+ while (true) {
+ Thread t = new Thread (Worker);
+ t.Start ();
+ t.Abort ();
+ Console.Write (".");
+ }
+
+ }
+
+ static void Worker ()
+ {
+ while (true) {
+ }
+ }
+}
+
+I get a bunch of conditions that I can only explain as race conditions:
+
+1) Segfaults. I was able to get a backtrace with one of these:
+Program received signal SIGSEGV, Segmentation fault.
+[Switching to Thread -179946576 (zombie)]
+0x00000064 in ?? ()
+(gdb) bt
+#0 0x00000064 in ?? ()
+#1 0x00becf99 in unwind_stop () from /lib/tls/libpthread.so.0
+#2 0x003ed092 in _Unwind_RaiseException () from /lib/libgcc_s.so.1
+#3 0x003ed18b in _Unwind_ForcedUnwind () from /lib/libgcc_s.so.1
+#4 0x00bef38a in _Unwind_ForcedUnwind () from /lib/tls/libpthread.so.0
+#5 0x00bed061 in __pthread_unwind () from /lib/tls/libpthread.so.0
+#6 0x00be8ff0 in pthread_exit () from /lib/tls/libpthread.so.0
+#7 0x08117b17 in _wapi_timed_thread_exit (exitstatus=4294967295) at
+timed-thread.c:91
+#8 0x08107648 in ExitThread (exitcode=4294967295) at threads.c:375
+#9 0x080ad0c6 in mono_thread_exit () at threads.c:458
+#10 0x081479aa in mono_thread_abort (obj=0x8b93c30) at mini.c:7413
+#11 0x0816218f in mono_handle_exception (ctx=0xf546329c, obj=0x8b93c30,
+original_ip=0x80e96d1, test_only=0) at mini-exceptions.c:765
+#12 0x0808007c in throw_exception (eax=4141741088, ecx=146357296,
+edx=146157168, ebx=136098616, esi=0, edi=145708208, ebp=4115018528,
+exc=0x8b93c30,
+ eip=135173841, esp=4115018500, rethrow=135173841) at exceptions-x86.c:273
+#13 0xf6ddf435 in ?? ()
+#14 0xf6ddf420 in ?? ()
+#15 0x08b93c30 in ?? ()
+#16 0x08b62e70 in ?? ()
+#17 0x081cb338 in ?? ()
+#18 0x00000000 in ?? ()
+(gdb) t a a bt
+
+Thread 133 (Thread -215737424 (LWP 28612)):
+#0 0x009797a2 in _dl_sysinfo_int80 () from /lib/ld-linux.so.2
+#1 0x00bed331 in __lll_mutex_unlock_wake () from /lib/tls/libpthread.so.0
+#2 0x00bea0ff in _L_mutex_unlock_128 () from /lib/tls/libpthread.so.0
+#3 0xf3241348 in ?? ()
+#4 0x0810f029 in _wapi_handle_unlock_handle (handle=0xf6c2404c) at
+handles-private.h:270
+#5 0x0810f029 in _wapi_handle_unlock_handle (handle=0x50a) at
+handles-private.h:270
+#6 0x0810f167 in ReleaseSemaphore (handle=0x50a, count=1, prevcount=0x0)
+at semaphores.c:229
+#7 0x080acc9d in start_wrapper (data=0x8a79c18) at threads.c:273
+#8 0x08117c43 in timed_thread_start_routine (args=0x8b28900) at
+timed-thread.c:134
+#9 0x08122dbb in GC_start_routine (arg=0x8b95f60) at pthread_support.c:1237
+#10 0x00be81d5 in start_thread () from /lib/tls/libpthread.so.0
+#11 0x00a572da in clone () from /lib/tls/libc.so.6
+
+Thread 132 (Thread -236790864 (LWP 28611)):
+#0 0x009797a2 in _dl_sysinfo_int80 () from /lib/ld-linux.so.2
+#1 0x00bed21e in __lll_mutex_lock_wait () from /lib/tls/libpthread.so.0
+#2 0x00be9dcf in _L_mutex_lock_32 () from /lib/tls/libpthread.so.0
+#3 0xf1e2dbb0 in ?? ()
+#4 0x00000000 in ?? ()
+
+Thread 3 (Thread -159945808 (LWP 28482)):
+#0 0x009797a2 in _dl_sysinfo_int80 () from /lib/ld-linux.so.2
+#1 0x00beaac6 in pthread_cond_wait@@GLIBC_2.3.2 () from
+/lib/tls/libpthread.so.0
+#2 0x081140f4 in _wapi_handle_wait_signal_handle (handle=0x403) at
+handles.c:1359
+#3 0x08116c9c in WaitForSingleObjectEx (handle=0x403, timeout=4294967295,
+alertable=1) at wait.c:181
+#4 0x080e445a in finalizer_thread (unused=0x0) at gc.c:674
+#5 0x080acce4 in start_wrapper (data=0x8ad5238) at threads.c:288
+#6 0x08117c43 in timed_thread_start_routine (args=0x8ad5138) at
+timed-thread.c:134
+#7 0x08122dbb in GC_start_routine (arg=0x8aaff00) at pthread_support.c:1237
+#8 0x00be81d5 in start_thread () from /lib/tls/libpthread.so.0
+#9 0x00a572da in clone () from /lib/tls/libc.so.6
+
+Thread 2 (Thread -159863888 (LWP 28481)):
+#0 0x009797a2 in _dl_sysinfo_int80 () from /lib/ld-linux.so.2
+#1 0x00bedcc6 in __nanosleep_nocancel () from /lib/tls/libpthread.so.0
+#2 0x0810f1f8 in collection_thread (unused=0x0) at collection.c:36
+#3 0x00be81d5 in start_thread () from /lib/tls/libpthread.so.0
+#4 0x00a572da in clone () from /lib/tls/libc.so.6
+
+Thread 1 (Thread -151062304 (LWP 28478)):
+#0 0x00a572cc in clone () from /lib/tls/libc.so.6
+#1 0xf606f4e0 in ?? ()
+#2 0xf606fbb0 in ?? ()
+#3 0x00bf1ff4 in ?? () from /lib/tls/libpthread.so.0
+#4 0x00be89f2 in pthread_create@@GLIBC_2.1 () from /lib/tls/libpthread.so.0
+#5 0x08122eef in GC_pthread_create (new_thread=0x8b2c228, attr=0xfee51284,
+start_routine=0x8117b3d <timed_thread_start_routine>, arg=0x8b2c228)
+ at pthread_support.c:1305
+#6 0x08117db0 in _wapi_timed_thread_create (threadp=0xfee512c0,
+attr=0xfee51284, create_flags=4, start_routine=0x80acbde <start_wrapper>,
+ exit_routine=0x8106a99 <thread_exit>, arg=0x8a79c00,
+exit_userdata=0x50d) at timed-thread.c:178
+#7 0x08107340 in CreateThread (security=0x0, stacksize=1048576,
+start=0x80acbde <start_wrapper>, param=0x8a79c00, create=4, tid=0xfee51454)
+ at threads.c:271
+#8 0x080ad201 in ves_icall_System_Threading_Thread_Thread_internal
+(this=0x8b8c370, start=0x8b74af0) at threads.c:514
+#9 0xf6778d49 in ?? ()
+#10 0x08b8c370 in ?? ()
+#11 0x08b74af0 in ?? ()
+#12 0x08a6e7b8 in ?? ()
+---Type <return> to continue, or q <return> to quit---
+#13 0x08a6e7a0 in ?? ()
+#14 0x08adee70 in ?? ()
+#15 0x08b74af0 in ?? ()
+#16 0x08b8c370 in ?? ()
+#17 0x08b8c370 in ?? ()
+#18 0xfee5149c in ?? ()
+#19 0xf6778d24 in ?? ()
+#20 0xfee514c8 in ?? ()
+#21 0xf6778b87 in ?? ()
+#22 0x08b8c370 in ?? ()
+#23 0x08b74af0 in ?? ()
+#24 0x08abcbd0 in ?? ()
+#25 0xf6778a25 in ?? ()
+#26 0x08b8c370 in ?? ()
+#27 0x08b8c370 in ?? ()
+#28 0x08b8c370 in ?? ()
+#29 0x08b8c370 in ?? ()
+#30 0x08b74af0 in ?? ()
+#31 0xfee514e0 in ?? ()
+#32 0xf6778749 in ?? ()
+#33 0x08b8c370 in ?? ()
+#34 0xfee517d4 in ?? ()
+#35 0xfee51760 in ?? ()
+#36 0x08ab9fc0 in ?? ()
+#37 0xfee51508 in ?? ()
+#38 0xf67784c0 in ?? ()
+#39 0xfee51508 in ?? ()
+#40 0x0814c4d6 in mono_jit_compile_method (method=0x8b8c370) at mini.c:9416
+Previous frame inner to this frame (corrupt stack?)
+(gdb)
+
+
+2) hangs
+
+When I get that, the backtrace always looks like:
+
+(gdb) t a a bt
+
+Thread 4 (Thread -159863888 (LWP 30471)):
+#0 0x009797a2 in _dl_sysinfo_int80 () from /lib/ld-linux.so.2
+#1 0x00bedcc6 in __nanosleep_nocancel () from /lib/tls/libpthread.so.0
+#2 0x0810f1f8 in collection_thread (unused=0x0) at collection.c:36
+#3 0x00be81d5 in start_thread () from /lib/tls/libpthread.so.0
+#4 0x00a572da in clone () from /lib/tls/libc.so.6
+
+Thread 3 (Thread -159945808 (LWP 30472)):
+#0 0x009797a2 in _dl_sysinfo_int80 () from /lib/ld-linux.so.2
+#1 0x00beaac6 in pthread_cond_wait@@GLIBC_2.3.2 () from
+/lib/tls/libpthread.so.0
+#2 0x081140f4 in _wapi_handle_wait_signal_handle (handle=0x403) at
+handles.c:1359
+#3 0x08116c9c in WaitForSingleObjectEx (handle=0x403, timeout=4294967295,
+alertable=1) at wait.c:181
+#4 0x080e445a in finalizer_thread (unused=0x0) at gc.c:674
+#5 0x080acce4 in start_wrapper (data=0x8678238) at threads.c:288
+#6 0x08117c43 in timed_thread_start_routine (args=0x8678138) at
+timed-thread.c:134
+#7 0x08122dbb in GC_start_routine (arg=0x8652f00) at pthread_support.c:1237
+#8 0x00be81d5 in start_thread () from /lib/tls/libpthread.so.0
+#9 0x00a572da in clone () from /lib/tls/libc.so.6
+
+Thread 2 (Thread -184157264 (LWP 31209)):
+#0 0x009797a2 in _dl_sysinfo_int80 () from /lib/ld-linux.so.2
+#1 0x00beca24 in sem_wait@GLIBC_2.0 () from /lib/tls/libpthread.so.0
+#2 0x081cb338 in ?? ()
+#3 0x0811826a in _wapi_timed_thread_suspend (thread=0x877a348) at
+timed-thread.c:307
+#4 0x08117c2f in timed_thread_start_routine (args=0x877a348) at
+timed-thread.c:131
+#5 0x08122dbb in GC_start_routine (arg=0x873afc0) at pthread_support.c:1237
+#6 0x00be81d5 in start_thread () from /lib/tls/libpthread.so.0
+#7 0x00a572da in clone () from /lib/tls/libc.so.6
+
+Thread 1 (Thread -151062304 (LWP 30470)):
+#0 0x009797a2 in _dl_sysinfo_int80 () from /lib/ld-linux.so.2
+#1 0x00beaac6 in pthread_cond_wait@@GLIBC_2.3.2 () from
+/lib/tls/libpthread.so.0
+#2 0x081140f4 in _wapi_handle_wait_signal_handle (handle=0x9c8) at
+handles.c:1359
+#3 0x08116c9c in WaitForSingleObjectEx (handle=0x9c8, timeout=4294967295,
+alertable=0) at wait.c:181
+#4 0x080ad2de in ves_icall_System_Threading_Thread_Start_internal
+(this=0x8742370, thread=0x9c9) at threads.c:582
+#5 0xf6778f58 in ?? ()
+#6 0x08742370 in ?? ()
+#7 0x000009c9 in ?? ()
+#8 0x086117b8 in ?? ()
+#9 0x086117a0 in ?? ()
+#10 0x086a3050 in ?? ()
+#11 0x00000000 in ?? ()
+
+3) Assertion:
+[builder@monobuild1 ~]$ mono abort.exe
+....................................................................................................................................................................................................................................................
+** ERROR **: file mini-exceptions.c: line 613 (mono_handle_exception):
+assertion failed: (jit_tls->end_of_stack)
+aborting...
+Aborted
+
+
+4) null reference exception
+
+[builder@monobuild1 ~]$ mono abort.exe
+.....................................................................................................................................................................................................
+Unhandled Exception: System.NullReferenceException: Object reference not
+set to an instance of an object
+Segmentation fault
+
+
+I haven't been able to get this one under GDB