267612 – Valgrind crash: valgrind: m_signals.c:2328 (sync_signalhandler_from_kernel): Assertion 'tid != 0' failed.

Bug 267612 - Valgrind crash: valgrind: m_signals.c:2328 (sync_signalhandler_from_kernel): Assertion 'tid != 0' failed.

Summary: Valgrind crash: valgrind: m_signals.c:2328 (sync_signalhandler_from_kernel): ...

Status:	RESOLVED FIXED

Alias:	None

Product:	valgrind
Classification:	Developer tools
Component:	general (show other bugs)
Version:	3.7 SVN
Platform:	Unlisted Binaries Linux

Importance:	NOR crash
Target Milestone:	---
Assignee:	Julian Seward

URL:
Keywords:

Depends on:
Blocks:

Reported:	2011-03-04 10:08 UTC by Emmanuel Viaud
Modified:	2011-06-10 21:53 UTC (History)
CC List:	0 users

See Also:
Latest Commit:
Version Fixed In:

Attachments
small testcase to reproduce the crash (1.14 KB, application/octet-stream) 2011-03-04 10:08 UTC, Emmanuel Viaud	Details
View All Add an attachment

Note You need to log in before you can comment on or make changes to this bug.

Description Emmanuel Viaud 2011-03-04 10:08:13 UTC

Created attachment 57666 [details]
small testcase to reproduce the crash

Hi.

I'm running latest Valgrind from SVN (r11578 + callgrind patch from bug 265771). When running memcheck on the testcase from bug 246152 (reattached here), I get the following error:

[emmanuel@fengr1]/tmp/test_valg$valgrind -v ./a.out
==5002== Memcheck, a memory error detector
==5002== Copyright (C) 2002-2010, and GNU GPL'd, by Julian Seward et al.
==5002== Using Valgrind-3.7.0.SVN and LibVEX; rerun with -h for copyright info
==5002== Command: ./a.out
==5002==
--5002-- Valgrind options:
--5002--    -v
--5002-- Contents of /proc/version:
--5002--   Linux version 2.6.9-67.ELsmp (brewbuilder@ls20-bc1-14.build.redhat.com) (gcc version 3.4.6 20060404 (Red Hat 3.4.6-8)) #1 SMP Wed Nov 7 13:58:04 EST 2007
--5002-- Arch and hwcaps: X86, x86-sse1-sse2
--5002-- Page sizes: currently 4096, max supported 4096
--5002-- Valgrind library directory: /u/emmanuel/tools/valgrind/lib/valgrind
--5002-- Reading syms from /lib/ld-2.3.4.so (0x2e6000)
--5002-- Reading syms from /tmp/test_valg/a.out (0x8048000)
--5002-- Reading syms from /u/emmanuel/tools/valgrind/lib/valgrind/memcheck-x86-linux (0x38000000)
--5002--    object doesn't have a dynamic symbol table
--5002-- Reading suppressions file: /u/emmanuel/tools/valgrind/lib/valgrind/default.supp
--5002-- REDIR: 0x2f85b0 (index) redirected to 0x3804c967 (vgPlain_x86_linux_REDIR_FOR_index)
--5002-- Reading syms from /u/emmanuel/tools/valgrind/lib/valgrind/vgpreload_core-x86-linux.so (0x4000000)
--5002-- Reading syms from /u/emmanuel/tools/valgrind/lib/valgrind/vgpreload_memcheck-x86-linux.so (0x4003000)
==5002== WARNING: new redirection conflicts with existing -- ignoring it
--5002--     new: 0x002f85b0 (index               ) R-> 0x04006b8e index
--5002-- REDIR: 0x2f8750 (strlen) redirected to 0x4006ef6 (strlen)
--5002-- Reading syms from /lib/tls/libpthread-2.3.4.so (0x55c000)
--5002-- Reading syms from /lib/tls/libc-2.3.4.so (0x300000)
--5002-- REDIR: 0x36abb0 (memset) redirected to 0x40084b7 (memset)
--5002-- REDIR: 0x36b0d0 (memcpy) redirected to 0x4007987 (memcpy)
--5002-- REDIR: 0x36a380 (strstr) redirected to 0x40089ff (strstr)
--5002-- REDIR: 0x369d50 (rindex) redirected to 0x4006abc (rindex)
create thread
--5002-- REDIR: 0x3646c0 (calloc) redirected to 0x40063b6 (calloc)
--5002-- REDIR: 0x364fe0 (realloc) redirected to 0x4006480 (realloc)
--5002-- REDIR: 0x36ac10 (mempcpy) redirected to 0x40086c6 (mempcpy)
-- thread waiting on condition
cancel thread
--5002-- REDIR: 0x3692a0 (index) redirected to 0x4006b34 (index)
--5002-- REDIR: 0x3649a0 (malloc) redirected to 0x4004f35 (malloc)
--5002-- Reading syms from /lib/libgcc_s-3.4.6-20060404.so.1 (0x710000)
--5002--    object doesn't have a symbol table
--5002-- REDIR: 0x369970 (strlen) redirected to 0x4006ec4 (strlen)
--5002-- VALGRIND INTERNAL ERROR: Valgrind received a signal 11 (SIGSEGV) - exiting
--5002-- si_code=1;  Faulting address: 0x143D;  sp: 0x64e8dfb0

valgrind: m_signals.c:2328 (sync_signalhandler_from_kernel): Assertion 'tid != 0' failed.
==5002==    at 0x380363A9: report_and_quit (m_libcassert.c:193)

sched status:
  running_tid=0

Thread 1: status = VgTs_WaitSys
==5002==    at 0x562297: pthread_join (in /lib/tls/libpthread-2.3.4.so)
==5002==    by 0x80486D1: main (test_vg.c:38)


The machine is the same as the one described in bug 265771:
[emmanuel@fengr1]$cat /etc/redhat-release
Red Hat Enterprise Linux ES release 4 (Nahant Update 6)

[emmanuel@fengr1]$uname -a
Linux fengr1 2.6.9-67.ELsmp #1 SMP Wed Nov 7 13:58:04 EST 2007 i686 i686 i386
GNU/Linux

[emmanuel@fengr1]$rpm -qa | grep glibc
glibc-devel-2.3.4-2.39
glibc-headers-2.3.4-2.39
glibc-2.3.4-2.39
glibc-kernheaders-2.4-9.1.100.EL
glibc-common-2.3.4-2.39

[emmanuel@fengr1]/tmp/test_valg$gcc -v
Reading specs from /usr/lib/gcc/i386-redhat-linux/3.4.6/specs
Configured with: ../configure --prefix=/usr --mandir=/usr/share/man
--infodir=/usr/share/info --enable-shared --enable-threads=posix
--disable-checking --with-system-zlib --enable-__cxa_atexit
--disable-libunwind-exceptions --enable-java-awt=gtk --host=i386-redhat-linux
Thread model: posix
gcc version 3.4.6 20060404 (Red Hat 3.4.6-9)

I get the same behavior with all the tools I've tried (memcheck, cachegrind, callgrind, massif).

I've tried commenting out the pthread_cancel and pthread_join calls in the testcase (as mentionned at the beginning of bug 160267) but I still get the crash when the program exits. I've also tried to run in gdb to get a backtrace but gdb seems to hang like in https://bugs.kde.org/show_bug.cgi?id=246152#c17.

Comment 1 Emmanuel Viaud 2011-03-15 07:25:38 UTC

I've made a clean checkout (r11643) and I don't get the mentioned problem anymore. I don't see which commit between r11578 and r11643 could have corrected this so maybe it was just a compilation problem on my side.

I guess the bug can be closed.