https://bugs.openldap.org/show_bug.cgi?id=9916
--- Comment #10 from Howard Chu hyc@openldap.org --- But I'm able to get a core dump from the test and examine it.
Reading symbols from ../servers/slapd/slapd... [New LWP 162936] [Thread debugging using libthread_db enabled] Using host libthread_db library "/lib/sparc64-linux-gnu/libthread_db.so.1". Core was generated by `/tmp/openldap/servers/slapd/slapd -Ta -d 0 -f /tmp/openldap/tests/testrun/slapa'. Program terminated with signal SIGUSR1, User defined signal 1. #0 0x00000100000c8aec in mdb_node_add (mc=0x10000420728, indx=<optimized out>, key=0x7feffae65e0, data=0x7feffae65d0, pgno=0, flags=0) at ./../../../libraries/liblmdb/mdb.c:7358 7358 mp->mp_lower += (indx_t)sizeof(indx_t); (gdb) disass /s Dump of assembler code for function mdb_node_add: ./../../../libraries/liblmdb/mdb.c: 7283 { 0x00000100000c89c0 <+0>: save %sp, -192, %sp
7284 unsigned int i; 7285 size_t node_size = NODESIZE; 7286 ssize_t room; 7287 indx_t ofs; 7288 MDB_node *node; 7289 MDB_page *mp = mc->mc_pg[mc->mc_top]; 0x00000100000c89c4 <+4>: lduh [ %i0 + 0x42 ], %g1 0x00000100000c89c8 <+8>: add %g1, 8, %g1 0x00000100000c89cc <+12>: sllx %g1, 3, %g1 0x00000100000c89d0 <+16>: add %i0, %g1, %g1 0x00000100000c89d4 <+20>: sethi %hi(0x237400), %l7 0x00000100000c89d8 <+24>: call 0x10000016f20 <__sparc_get_pc_thunk.l7> 0x00000100000c89dc <+28>: add %l7, 0x228, %l7 ! 0x237628 0x00000100000c89e0 <+32>: ldx [ %g1 + 8 ], %l0
7290 MDB_page *ofp = NULL; /* overflow page */ 7291 void *ndata; 7292 DKBUF; 7293 7294 mdb_cassert(mc, mp->mp_upper >= mp->mp_lower); 0x00000100000c89e4 <+36>: lduh [ %l0 + 0xc ], %l3 0x00000100000c89e8 <+40>: lduh [ %l0 + 0xe ], %g3 0x00000100000c89ec <+44>: sll %l3, 0x10, %g1 0x00000100000c89f0 <+48>: srl %g1, 0x10, %g2 0x00000100000c89f4 <+52>: cmp %g3, %g2 0x00000100000c89f8 <+56>: bcs,pn %icc, 0x100000c8dd0 <mdb_node_add+1040> 0x00000100000c89fc <+60>: lduh [ %l0 + 0xe ], %l4
7295 7296 DPRINTF(("add to %s %spage %"Z"u index %i, data size %"Z"u key size %"Z"u [%s]", 7297 IS_LEAF(mp) ? "leaf" : "branch", 7298 IS_SUBP(mp) ? "sub-" : "", 7299 mdb_dbg_pgno(mp), indx, data ? data->mv_size : 0, 7300 key ? key->mv_size : 0, key ? DKEY(key) : "null")); 7301 7302 if (IS_LEAF2(mp)) { 0x00000100000c8a00 <+64>: lduh [ %l0 + 0xa ], %g3 0x00000100000c8a04 <+68>: and %g3, 0x20, %g4 0x00000100000c8a08 <+72>: cmp %g4, 0 0x00000100000c8a0c <+76>: bne,pn %icc, 0x100000c8bb4 <mdb_node_add+500> 0x00000100000c8a10 <+80>: mov %g4, %l1
7316 } 7317 --Type <RET> for more, q to quit, c to continue without paging-- 7318 room = (ssize_t)SIZELEFT(mp) - (ssize_t)sizeof(indx_t); 0x00000100000c8a14 <+84>: sub %l4, %l3, %g2 0x00000100000c8a18 <+88>: and %g3, 2, %g3 0x00000100000c8a1c <+92>: sllx %g2, 0x30, %g2 0x00000100000c8a20 <+96>: srlx %g2, 0x30, %g2
7319 if (key != NULL) 0x00000100000c8a24 <+100>: brz,pn %i2, 0x100000c8c58 <mdb_node_add+664> 0x00000100000c8a28 <+104>: add %g2, -2, %g2
7321 if (IS_LEAF(mp)) { 0x00000100000c8a2c <+108>: cmp %g3, 0 0x00000100000c8a30 <+112>: bne %icc, 0x100000c8c14 <mdb_node_add+596> 0x00000100000c8a34 <+116>: ldx [ %i2 ], %l5
7340 } else { 7341 node_size += data->mv_size; 7342 } 7343 } 7344 node_size = EVEN(node_size); 0x00000100000c8a38 <+120>: add %l5, 9, %l5 0x00000100000c8a3c <+124>: and %l5, -2, %l5
7345 if ((ssize_t)node_size > room) 0x00000100000c8a40 <+128>: mov %l5, %g3 0x00000100000c8a44 <+132>: cmp %g3, %g2 0x00000100000c8a48 <+136>: bg,pn %xcc, 0x100000c8db4 <mdb_node_add+1012> 0x00000100000c8a4c <+140>: clr %l2
7346 goto full; 7347 7348 update: 7349 /* Move higher pointers up one slot. */ 7350 for (i = NUMKEYS(mp); i > indx; i--) 0x00000100000c8a50 <+144>: srl %g1, 0x10, %g1 0x00000100000c8a54 <+148>: add %g1, -16, %g1 0x00000100000c8a58 <+152>: srl %g1, 1, %g1 0x00000100000c8a5c <+156>: cmp %g1, %i1 0x00000100000c8a60 <+160>: bleu,pn %icc, 0x100000c8aac <mdb_node_add+236> 0x00000100000c8a64 <+164>: sub %g1, %i1, %o2
7351 mp->mp_ptrs[i] = mp->mp_ptrs[i - 1]; 0x00000100000c8a68 <+168>: add %g1, 7, %o1 0x00000100000c8a6c <+172>: add %o2, -1, %g2 0x00000100000c8a70 <+176>: add %g1, 8, %g1 0x00000100000c8a74 <+180>: srl %g2, 0, %g2 0x00000100000c8a78 <+184>: srl %g1, 0, %g1 0x00000100000c8a7c <+188>: neg %g2 0x00000100000c8a80 <+192>: add %g1, %g1, %g1 --Type <RET> for more, q to quit, c to continue without paging-- 0x00000100000c8a84 <+196>: add %g2, %g2, %g2 0x00000100000c8a88 <+200>: add %g1, %g2, %g1 0x00000100000c8a8c <+204>: srl %o2, 0, %o2 0x00000100000c8a90 <+208>: srl %o1, 0, %o1 0x00000100000c8a94 <+212>: sllx %o2, 1, %o2 0x00000100000c8a98 <+216>: add %o1, %o1, %o1 0x00000100000c8a9c <+220>: add %l0, %g1, %o0 0x00000100000c8aa0 <+224>: add %o1, %g2, %o1 0x00000100000c8aa4 <+228>: call 0x10000302980 memmove@got.plt 0x00000100000c8aa8 <+232>: add %l0, %o1, %o1
7352 7353 /* Adjust free space offsets. */ 7354 ofs = mp->mp_upper - node_size; 0x00000100000c8aac <+236>: sub %l4, %l5, %g1
7355 mdb_cassert(mc, ofs >= mp->mp_lower + sizeof(indx_t)); 0x00000100000c8ab0 <+240>: sllx %l3, 0x30, %g2 0x00000100000c8ab4 <+244>: sllx %g1, 0x30, %g3 0x00000100000c8ab8 <+248>: srlx %g2, 0x30, %g2 0x00000100000c8abc <+252>: srlx %g3, 0x30, %g3 0x00000100000c8ac0 <+256>: add %g2, 2, %g2 0x00000100000c8ac4 <+260>: cmp %g3, %g2 0x00000100000c8ac8 <+264>: bcs,pn %xcc, 0x100000c8dfc <mdb_node_add+1084> 0x00000100000c8acc <+268>: add %i1, 8, %i1
7356 mp->mp_ptrs[indx] = ofs; 0x00000100000c8ad0 <+272>: add %i1, %i1, %i1 0x00000100000c8ad4 <+276>: sth %g1, [ %l0 + %i1 ]
7357 mp->mp_upper = ofs; 7358 mp->mp_lower += (indx_t)sizeof(indx_t); 0x00000100000c8ad8 <+280>: add %l3, 2, %l3 0x00000100000c8adc <+284>: sll %g1, 0x10, %g1 0x00000100000c8ae0 <+288>: sll %l3, 0x10, %l3 0x00000100000c8ae4 <+292>: srl %g1, 0x10, %g1 0x00000100000c8ae8 <+296>: or %l3, %g1, %l3 => 0x00000100000c8aec <+300>: st %l3, [ %l0 + 0xc ]
This is a gcc optimizer bug. Both mp_upper and mp_lower are type indx_t, which is a 2-byte integer. The compiler has OR'd the two statements into a single value, and tried to use a 4-byte store instruction to store both variables at once, but the fields are only 2-byte aligned.