https://bugzilla.redhat.com/show_bug.cgi?id=1221824
--- Comment #26 from John Eckersberg jeckersb@redhat.com --- I can reproduce this as well following comment 23. Something is going horribly wrong and destroying the stack.
(gdb) t a a bt
Thread 19 (Thread 0xf3614b40 (LWP 24996)): #0 0xf7fd6ba0 in ?? ()
Thread 18 (Thread 0xf3e15b40 (LWP 24995)): #0 0xf7fd6ba0 in ?? ()
Thread 17 (Thread 0xf4616b40 (LWP 24994)): #0 0xf7fd6ba0 in ?? ()
Thread 16 (Thread 0xf4e17b40 (LWP 24993)): #0 0x56798dae in ethr_dw_atomic_cmpxchg () at ../include/internal/i386/atomic.h:177 #1 0x568688f0 in erts_proc ()
Thread 15 (Thread 0xf5618b40 (LWP 24992)): #0 0xf7fd6ba0 in ?? ()
Thread 14 (Thread 0xf628bb40 (LWP 24991)): #0 0xf7fd6ba0 in ?? () Backtrace stopped: Cannot access memory at address 0x7
Thread 13 (Thread 0xf5629b40 (LWP 24990)): #0 0xf7fd6ba0 in ?? ()
Thread 12 (Thread 0xf563ab40 (LWP 24989)): #0 0xf7fd6ba0 in ?? ()
Thread 11 (Thread 0xf564bb40 (LWP 24988)): #0 0xf7fd6ba0 in ?? ()
Thread 10 (Thread 0xf565cb40 (LWP 24987)): #0 0xf7fd6ba0 in ?? ()
Thread 9 (Thread 0xf566db40 (LWP 24986)): #0 0xf7fd6ba0 in ?? ()
Thread 8 (Thread 0xf567eb40 (LWP 24985)): #0 0xf7fd6ba0 in ?? ()
Thread 7 (Thread 0xf629cb40 (LWP 24984)): #0 0xf7fd6ba0 in ?? ()
Thread 6 (Thread 0xf62adb40 (LWP 24983)): #0 0xf7fd6ba0 in ?? ()
Thread 5 (Thread 0xf62beb40 (LWP 24982)): #0 0xf7fd6ba0 in ?? ()
Thread 4 (Thread 0xf6d13b40 (LWP 24981)): #0 0xf7fd6ba0 in ?? ()
Thread 3 (Thread 0xf5e7fb40 (LWP 24980)): #0 0xf7fd6ba0 in ?? () Backtrace stopped: Cannot access memory at address 0x7
Thread 2 (Thread 0xf6cbfb40 (LWP 24979)): #0 0xf7fd6ba0 in ?? () #1 0xc0000000 in ?? () #2 0xaef6cc00 in ?? () #3 0xc556797e in ?? () #4 0x88567a24 in ?? () #5 0x00f6cc00 in ?? () #6 0x00000000 in ?? ()
Thread 1 (Thread 0xf7d31700 (LWP 24975)): #0 0xf7fd6ba0 in ?? () #1 0xf7db19b9 in strstr () from /lib/libc.so.6 #2 0x00000000 in ?? ()
The current thread is 16:
(gdb) bt #0 0x56798dae in ethr_dw_atomic_cmpxchg () at ../include/internal/i386/atomic.h:177 #1 0x568688f0 in erts_proc ()
Note that erts_proc isn't even a function, it's a variable, and ebp points somewhere in the middle of it:
(gdb) p &erts_proc $5 = (ErtsPTab *) 0x568688c0 <erts_proc> (gdb) p sizeof erts_proc $6 = 320 (gdb) i r ebp ebp 0x568688f0 0x568688f0 <erts_proc+48>