[Gc] Segfault for certain sizes of GC_Thread_Rep

Petter Urkedal urkedal at nbi.dk
Mon Sep 19 00:01:52 PDT 2011


On 2011-09-19, Ivan Maidanski wrote:
> Hi Petter,
> 
> According to the backtrace, GC_lookup_thread can't find the thread descriptor. Please try to find out who alter the corresponding GC_threads element.

Hi Ivan,

Thanks for the response.  I had a closer look at this yesterday,
enabling the THERAD_DEBUG messages, and adding some more.  I also wrote
a test which exposes the issue without modification to the GC code:
https://github.com/paurkedal/bdwgc/blob/t/thread_create_bug/tests/subthread_create.c
This also should the issue is independent of pthread key destructors.

Looking at the thread ID that gets mapped to NULL, it appear neither
GC_delete_thread nor GC_delete_gc_thread is called on it, and in some
cases the pointer is invalid rather than NULL.  With the above test
case, it appears that the issue has to do with nested thread creation,
since if the thread creation depth is 0 or the origin thread joins the
subthread before exiting (with DECAY_NUMER/DECAY_DENOM < 1!), then I
can't reproduce the issue.  Maybe it has to do with resources used by
the subthread which gets cleaned up too early.  I can see a semaphores
is used to prevent this, though.

Petter


More information about the Gc mailing list