pthreaded program killed by sigsegv from time to time under load

[Andriy Tkachuk]

ok, using info threads i found:

  128 Thread 128 (runnable)  0x08055b82 in pack (buf=0x2826b498, fmt=0xdff2 <Address 0xdff2 out of bounds>) at etip.c:618

then:

(gdb) thread 128
[Switching to thread 128 (Thread 128 (runnable))]#0  0x08055b82 in pack (buf=0x2826b498, fmt=0xdff2 <Address 0xdff2 out of bounds>) at etip.c:618
618             for (p = fmt; *p != '\0'; p++) {
(gdb) bt
#0  0x08055b82 in pack (buf=0x2826b498, fmt=0xdff2 <Address 0xdff2 out of bounds>) at etip.c:618
#1  0x281f97dc in ldexp () from /lib/libc.so.5
#2  0x00000000 in ?? ()
(gdb) bt full
#0  0x08055b82 in pack (buf=0x2826b498, fmt=0xdff2 <Address 0xdff2 out of bounds>) at etip.c:618
        bp = (uchar *) 0x28265b0c "HJ\f"
        s = 48698
        args = 0x28265b0c "HJ\f"
        p = 0x8e312c0 "юvн\b@"
        l = 0
#1  0x281f97dc in ldexp () from /lib/libc.so.5
No symbol table info available.
#2  0x00000000 in ?? ()
No symbol table info available.


i use pack function this way only in my program:

int
pack(void *buf, const char *fmt, ...);

pack(buf_0 + 8, "sc", term_code, oper_code);

i.e. second argument is format specifyer like fmt in printf.
Actually this is the function from book of Kernighan & Pike
Practice of Programming. I just checked all the code - everywhere
threre are static strings.

btw. how to get the real backtrace? It is imposiible
that this function is called from ldexp()

thank you.