Bug 372504

Summary: Hanging on exit_group
Product: [Developer tools] valgrind Reporter: Unknown <null>
Component: generalAssignee: Julian Seward <jseward>
Status: RESOLVED FIXED    
Severity: grave CC: philippe.waroquiers, tom
Priority: NOR    
Version: 3.12 SVN   
Target Milestone: ---   
Platform: Compiled Sources   
OS: Linux   
Latest Commit: Version Fixed In:
Sentry Crash Report:
Attachments: Trace of run with failure
program not dying because it masks sigvgkill

Description Unknown 2016-11-15 14:23:53 UTC
I have a set of programs I am trying to debug an issue with, that I think may be a memory bounds error. I am trying to use Valgrind to debug this, but it introduces its own error - it won't terminate when the program does. The program calls exit_group, and then valgrind just goes into a 100% CPU loop.

I'm a bit limited in what I can share about the programs, but:
1) Valgrind works fine for trivial programs such as /bin/true
2) It doesn't seem to matter what tool I pick: DRD, none, memcheck.
3) It is 100% repeatable on the programs I need to debug.
4) I've pulled down the latest released Valgrind sources (3.12.0) and built them - no change.
5) It always ends the same way:

 --22893--   SCHED[1]: TRC: CHAIN_ME_FAST
--22893--   SCHED[1]: TRC: CHAIN_ME_FAST
--22893--   SCHED[1]: TRC: CHAIN_ME_FAST
--22893--   SCHED[1]: TRC: CHAIN_ME_FAST
--22893--   SCHED[1]: TRC: CHAIN_ME_SLOW
--22893--   SCHED[1]: TRC: CHAIN_ME_FAST
--22893--   SCHED[1]: TRC: CHAIN_ME_FAST
--22893--   SCHED[1]: TRC: FASTMISS
--22893--   SCHED[1]: TRC: CHAIN_ME_FAST
--22893--   SCHED[1]: TRC: SYSCALL
SYSCALL[22893,1](231) exit_group( 0 )--22893-- get_thread_out_of_syscall zaps tid 2 lwp 22894
--22893-- get_thread_out_of_syscall zaps tid 3 lwp 22895
--22893--   SCHED[1]: releasing lock (VG_(vg_yield)) -> VgTs_Yielding
--22893--   SCHED[1]:  acquired lock (VG_(vg_yield))
--22893--   SCHED[1]: releasing lock (VG_(vg_yield)) -> VgTs_Yielding
--22893--   SCHED[1]:  acquired lock (VG_(vg_yield))
--22893--   SCHED[1]: releasing lock (VG_(vg_yield)) -> VgTs_Yielding
--22893--   SCHED[1]:  acquired lock (VG_(vg_yield))
--22893--   SCHED[1]: releasing lock (VG_(vg_yield)) -> VgTs_Yielding
--22893--   SCHED[1]:  acquired lock (VG_(vg_yield))
--22893--   SCHED[1]: releasing lock (VG_(vg_yield)) -> VgTs_Yielding
--22893--   SCHED[1]:  acquired lock (VG_(vg_yield))
--22893--   SCHED[1]: releasing lock (VG_(vg_yield)) -> VgTs_Yielding
--22893--   SCHED[1]:  acquired lock (VG_(vg_yield))
--22893--   SCHED[1]: releasing lock (VG_(vg_yield)) -> VgTs_Yielding
--22893--   SCHED[1]:  acquired lock (VG_(vg_yield))
--22893--   SCHED[1]: releasing lock (VG_(vg_yield)) -> VgTs_Yielding
--22893--   SCHED[1]:  acquired lock (VG_(vg_yield))
--22893--   SCHED[1]: releasing lock (VG_(vg_yield)) -> VgTs_Yielding
--22893--   SCHED[1]:  acquired lock (VG_(vg_yield))
--22893--   SCHED[1]: releasing lock (VG_(vg_yield)) -> VgTs_Yielding
--22893--   SCHED[1]:  acquired lock (VG_(vg_yield))
<repeat until kill -9>

6) It always is spinning in the same area:
#0  0x0000000038056bf9 in do_syscall_WRK ()
#1  0x0000000038056d52 in vgPlain_do_syscall (sysno=sysno@entry=128, a1=a1@entry=34520677520, a2=a2@entry=34520677552, a3=a3@entry=941228976, a4=a4@entry=8, a5=a5@entry=0, a6=a6@entry=0, a7=a7@entry=0,
    a8=a8@entry=0) at m_syscall.c:956
#2  0x000000003804321c in vgPlain_sigtimedwait_zero (set=set@entry=0x80997bc90, info=info@entry=0x80997bcb0) at m_libcsignal.c:420
#3  0x0000000038055be3 in vgPlain_poll_signals (tid=tid@entry=1) at m_signals.c:2962
#4  0x0000000038099714 in vgPlain_reap_threads (self=self@entry=1) at m_syswrap/syswrap-generic.c:2828
#5  0x00000000380a282b in vgSysWrap_linux_sys_exit_group_before (tid=1, layout=0x80997bdd0, arrghs=0x80237aff8, status=0x80237b040, flags=<optimized out>) at m_syswrap/syswrap-linux.c:777
#6  0x00000000380935c0 in vgPlain_client_syscall (tid=tid@entry=1, trc=trc@entry=73) at m_syswrap/syswrap-main.c:1906
#7  0x0000000038090193 in handle_syscall (tid=tid@entry=1, trc=73) at m_scheduler/scheduler.c:1118
#8  0x0000000038091757 in vgPlain_scheduler (tid=tid@entry=1) at m_scheduler/scheduler.c:1435
#9  0x00000000380a0beb in thread_wrapper (tidW=1) at m_syswrap/syswrap-linux.c:103
#10 run_a_thread_NORETURN (tidW=1) at m_syswrap/syswrap-linux.c:156

It always thinks there are threads running. However, it never allows anything to run so the thread can never terminate.
Comment 1 Philippe Waroquiers 2016-11-16 05:42:26 UTC
(In reply to David Hagood from comment #0)
> It always thinks there are threads running. However, it never allows
> anything to run so the thread can never terminate.

Do you have the same behaviour with 3.11 ?

But 361615  was (recently) fixed in 3.12, and touches the thread termination.

Just in case, can you also test with --fair-sched=yes ?

Thanks
Comment 2 Philippe Waroquiers 2016-11-16 05:43:58 UTC
(In reply to Philippe Waroquiers from comment #1)

> But 361615  was (recently) fixed in 3.12, and touches the thread termination.
I meant bug 361615
Comment 3 Unknown 2016-11-16 14:08:57 UTC
I tried with the version of Valgrind delivered with Ubuntu 14.04 (3.9), and had the problem (hence why I went to 3.12). If you think it's worth it, I am willing to try 3.11 - I couldn't see any sources for download, a link would be appreciated.

I did try with fair_sched=yes as well as =no.

From what I can see, there are no other threads within Valgrind running (i.e. attaching gdb to Valgrind and doing a "info threads" shows only the one thread). 

WRT 361516: The program(s) being inspected are not being killed via a signal - they are terminating naturally.
Comment 4 Philippe Waroquiers 2016-11-16 20:17:55 UTC
(In reply to David Hagood from comment #3)
> I tried with the version of Valgrind delivered with Ubuntu 14.04 (3.9), and
> had the problem (hence why I went to 3.12). If you think it's worth it, I am
> willing to try 3.11 - I couldn't see any sources for download, a link would
> be appreciated.
If this is easy for you, doing a test with 3.11 can eliminate a regression
in 3.12, while 3.9 is too old.
You can get it:
http://www.valgrind.org/downloads/valgrind-3.11.0.tar.bz2

Of course, the best would to be have a small reproducer.
> 
> I did try with fair_sched=yes as well as =no.
> 
> From what I can see, there are no other threads within Valgrind running
> (i.e. attaching gdb to Valgrind and doing a "info threads" shows only the
> one thread). 
At least old versions of gdb could not properly detect the several threads
running in a 'valgrind process' : on debian, gdb 7.7 only sees one thread
after attaching, while gdb 7.12 can see all threads of a simple multi-thread program.
What you can do after attaching (even to one thread)
is to print all the thread status and exit reason:

(gdb) p vgPlain_threads[1].status
$3 = VgTs_WaitSys
(gdb) p vgPlain_threads[1].exitreason
$4 = VgSrc_None
(gdb) p vgPlain_threads[2].status
$5 = VgTs_Empty
(gdb) p vgPlain_threads[2].exitreason
$6 = VgSrc_ExitThread
(gdb) p vgPlain_threads[3].status
$7 = VgTs_Empty
(gdb) p vgPlain_threads[3].exitreason
$8 = VgSrc_ExitThread
(gdb) p vgPlain_threads[4].status
$9 = VgTs_Empty
(gdb) p vgPlain_threads[4].exitreason
$10 = VgSrc_ExitThread
(gdb) p vgPlain_threads[5].status
$11 = VgTs_Empty
(gdb) p vgPlain_threads[5].exitreason
$12 = VgSrc_None
....
(or do print e.g. the first 10 entries doing
p vgPlain_threads[1]@10

and then grepping the output for status and exit reason.
An empty/none entry means never used.
> 
> WRT 361516: The program(s) being inspected are not being killed via a signal
> - they are terminating naturally.
Comment 5 Unknown 2016-11-16 20:49:53 UTC
OK, I've tried 3.11, with no change of behavior (still locks).

(gdb) p vgPlain_threads[1].status
$13 = VgTs_Yielding
(gdb) p vgPlain_threads[1].exitreason
$14 = VgSrc_None
(gdb) p vgPlain_threads[2].status
$15 = VgTs_WaitSys
(gdb) p vgPlain_threads[2].exitreason
$16 = VgSrc_ExitProcess
(gdb) p vgPlain_threads[3].status
$17 = VgTs_WaitSys
(gdb) p vgPlain_threads[3].exitreason
$18 = VgSrc_ExitProcess
(gdb) p vgPlain_threads[4].status
$19 = VgTs_Empty
(gdb) p vgPlain_threads[4].exitreason
$20 = VgSrc_ExitThread
(gdb) p vgPlain_threads[5].status
$21 = VgTs_Empty
(gdb) p vgPlain_threads[5].exitreason
$22 = VgSrc_ExitThread
Comment 6 Unknown 2016-11-16 20:51:48 UTC
BTW: When I say I see no other threads - that is I see no other threads *within Valgrind itself* - I have not attached to the process running under Valgrind.
Comment 7 Philippe Waroquiers 2016-11-16 21:09:45 UTC
(In reply to David Hagood from comment #5)
> OK, I've tried 3.11, with no change of behavior (still locks).
> 
> (gdb) p vgPlain_threads[1].status
> $13 = VgTs_Yielding
> (gdb) p vgPlain_threads[1].exitreason
> $14 = VgSrc_None
> (gdb) p vgPlain_threads[2].status
> $15 = VgTs_WaitSys
> (gdb) p vgPlain_threads[2].exitreason
> $16 = VgSrc_ExitProcess
> (gdb) p vgPlain_threads[3].status
> $17 = VgTs_WaitSys
> (gdb) p vgPlain_threads[3].exitreason
> $18 = VgSrc_ExitProcess
> (gdb) p vgPlain_threads[4].status
> $19 = VgTs_Empty
> (gdb) p vgPlain_threads[4].exitreason
> $20 = VgSrc_ExitThread
> (gdb) p vgPlain_threads[5].status
> $21 = VgTs_Empty
> (gdb) p vgPlain_threads[5].exitreason
> $22 = VgSrc_ExitThread
Strange: all threads but thread 1 are in status exiting (2 and 3)
or have exited already by themselves (4 and 5)
However, 2 and 3 are still blocked in a syscall, while exit_group
syscall in valgrind is calling 
 VG_(nuke_all_threads_except)( tid, VgSrc_ExitProcess );
which should get the threads out of their syscall.

Can you run (with 3.12) your testcase with
   --trace-signals=yes --trace-syscalls=yes
and attach the resulting trace (from a little bit before
the call to exit_group)
till you reach the infinite loop.
Comment 8 Philippe Waroquiers 2016-11-16 21:11:05 UTC
(In reply to David Hagood from comment #6)
> BTW: When I say I see no other threads - that is I see no other threads
> *within Valgrind itself* - I have not attached to the process running under
> Valgrind.

IIUC, you have done:
  gdb
  (gdb) attach <the pid of valgrind>

To my knowledge, unless you have a recent gdb, this will *not* show
all the threads of the process. You must use a recent gdb for that.
Comment 9 Philippe Waroquiers 2016-11-16 21:12:03 UTC
(In reply to Philippe Waroquiers from comment #8)
> (In reply to David Hagood from comment #6)
> > BTW: When I say I see no other threads - that is I see no other threads
> > *within Valgrind itself* - I have not attached to the process running under
> > Valgrind.
> 
> IIUC, you have done:
>   gdb
>   (gdb) attach <the pid of valgrind>
> 
> To my knowledge, unless you have a recent gdb, this will *not* show
> all the threads of the process. You must use a recent gdb for that.
You might also check the list of threads by doing:
  ls /proc/<the pid of valgrind>/task
Comment 10 Philippe Waroquiers 2016-11-16 21:13:30 UTC
(In reply to Philippe Waroquiers from comment #9)
> (In reply to Philippe Waroquiers from comment #8)
> > (In reply to David Hagood from comment #6)
> > > BTW: When I say I see no other threads - that is I see no other threads
> > > *within Valgrind itself* - I have not attached to the process running under
> > > Valgrind.
> > 
> > IIUC, you have done:
> >   gdb
> >   (gdb) attach <the pid of valgrind>
> > 
> > To my knowledge, unless you have a recent gdb, this will *not* show
> > all the threads of the process. You must use a recent gdb for that.
> You might also check the list of threads by doing:
>   ls /proc/<the pid of valgrind>/task

Assuming you have an old gdb, you can then attach to one such task
(not the main one) and do backtrace
to see what it is doing.
Comment 11 Unknown 2016-11-16 21:26:59 UTC
Created attachment 102262 [details]
Trace of run with failure

Trace of run with lockup
Comment 12 Unknown 2016-11-16 21:28:19 UTC
How recent is recent enough?

GNU gdb (Ubuntu 7.7.1-0ubuntu5~14.04.2) 7.7.1

And the trace really doesn't show any more than what I first posted: call to exit_group, then spin forever.
Comment 13 Philippe Waroquiers 2016-11-16 21:37:39 UTC
(In reply to David Hagood from comment #12)
> How recent is recent enough?
> 
> GNU gdb (Ubuntu 7.7.1-0ubuntu5~14.04.2) 7.7.1
> 
> And the trace really doesn't show any more than what I first posted: call to
> exit_group, then spin forever.

Humph. The trace 
--29359-- get_thread_out_of_syscall zaps tid 2 lwp 29360
--29359-- get_thread_out_of_syscall zaps tid 3 lwp 29361
shows that the threads should have been taken out of the syscall.

On debian 8, gdb 7.7.1 is not recent enough.
7.12 is ok. No idea for befoer 7.12.

But even with an old gdb, you should be able to attach to the task
you find in /proc/<pid>/task
and do backtrace.
Comment 14 Philippe Waroquiers 2016-11-16 21:40:17 UTC
(In reply to Philippe Waroquiers from comment #13)
> (In reply to David Hagood from comment #12)

> But even with an old gdb, you should be able to attach to the task
> you find in /proc/<pid>/task
> and do backtrace.
To be more precise, do

ls /proc/pid/task

According to your trace, this ls should show 3 task id, one being
the pid.
Take one of the 2 other task id, and use a gdb to attach
to this task id and do backtrace.

Thanks
Comment 15 Unknown 2016-11-16 21:45:35 UTC
OK, the backtraces are:
#0  0x0000000038056bf9 in do_syscall_WRK ()
#1  0x0000000038056d52 in vgPlain_do_syscall (sysno=sysno@entry=39, 
    a1=a1@entry=0, a2=a2@entry=0, a3=a3@entry=0, a4=a4@entry=0, 
    a5=a5@entry=0, a6=a6@entry=0, a7=a7@entry=0, a8=a8@entry=0)
    at m_syscall.c:956
#2  0x0000000038042504 in vgPlain_getpid () at m_libcproc.c:705
#3  0x0000000038041271 in add_to__vmessage_buf (c=<optimized out>, 
    p=0x384310a0 <vmessage_buf>) at m_libcprint.c:493
#4  0x00000000380d3acc in vgPlain_debugLog_vprintf (
    send=send@entry=0x38041030 <add_to__vmessage_buf>, 
    send_arg2=send_arg2@entry=0x384310a0 <vmessage_buf>, 
    format=0x381bd174 "  SCHED[%u]: %s\n", vargs=0x80997bbc8)
    at m_debuglog.c:888
#5  0x000000003804135f in vgPlain_vmessage (kind=<optimized out>, 
    format=<optimized out>, vargs=<optimized out>) at m_libcprint.c:532
#6  0x0000000038041507 in vgPlain_message (kind=kind@entry=Vg_DebugMsg, 
    format=format@entry=0x381bd174 "  SCHED[%u]: %s\n") at m_libcprint.c:553
#7  0x0000000038090871 in print_sched_event (
    what=0x80997bca0 "releasing lock (VG_(vg_yield)) -> VgTs_Yielding", tid=1)
    at m_scheduler/scheduler.c:178
#8  vgPlain_release_BigLock (tid=1, sleepstate=<optimized out>, 
    who=0x381bd1f1 "VG_(vg_yield)") at m_scheduler/scheduler.c:333
---Type <return> to continue, or q <return> to quit---
#9  0x0000000038090bd7 in vgPlain_vg_yield () at m_scheduler/scheduler.c:448
#10 0x000000003809970d in vgPlain_reap_threads (self=self@entry=1)
    at m_syswrap/syswrap-generic.c:2827
#11 0x00000000380a282b in vgSysWrap_linux_sys_exit_group_before (tid=1, 
    layout=0x80997bdd0, arrghs=0x80237aff8, status=0x80237b040, 
    flags=<optimized out>) at m_syswrap/syswrap-linux.c:777
#12 0x00000000380935c0 in vgPlain_client_syscall (tid=tid@entry=1, 
    trc=trc@entry=73) at m_syswrap/syswrap-main.c:1906
#13 0x0000000038090193 in handle_syscall (tid=tid@entry=1, trc=73)
    at m_scheduler/scheduler.c:1118
#14 0x0000000038091757 in vgPlain_scheduler (tid=tid@entry=1)
    at m_scheduler/scheduler.c:1435
#15 0x00000000380a0beb in thread_wrapper (tidW=1)
    at m_syswrap/syswrap-linux.c:103
#16 run_a_thread_NORETURN (tidW=1) at m_syswrap/syswrap-linux.c:156
#17 0x0000000000000000 in ?? ()

#0  vgModuleLocal_do_syscall_for_client_WRK ()
    at m_syswrap/syscall-amd64-linux.S:173
#1  0x00000000380936a9 in do_syscall_for_client (syscall_mask=0x80dce7db0, 
    tst=0x80200a530, syscallno=130) at m_syswrap/syswrap-main.c:339
#2  vgPlain_client_syscall (tid=tid@entry=2, trc=trc@entry=73)
    at m_syswrap/syswrap-main.c:2007
#3  0x0000000038090193 in handle_syscall (tid=tid@entry=2, trc=73)
    at m_scheduler/scheduler.c:1118
#4  0x0000000038091757 in vgPlain_scheduler (tid=tid@entry=2)
    at m_scheduler/scheduler.c:1435
#5  0x00000000380a0beb in thread_wrapper (tidW=2)
    at m_syswrap/syswrap-linux.c:103
#6  run_a_thread_NORETURN (tidW=2) at m_syswrap/syswrap-linux.c:156
#7  0x00000000380a0f9b in vgModuleLocal_start_thread_NORETURN (
    arg=<optimized out>) at m_syswrap/syswrap-linux.c:325
#8  0x00000000380c93ee in do_syscall_clone_amd64_linux ()
#9  0xdeadbeefdeadbeef in ?? ()
#10 0xdeadbeefdeadbeef in ?? ()
#11 0xdeadbeefdeadbeef in ?? ()
#12 0xdeadbeefdeadbeef in ?? ()
#13 0x0000000000000000 in ?? ()

#0  vgModuleLocal_do_syscall_for_client_WRK ()
    at m_syswrap/syscall-amd64-linux.S:173
#1  0x00000000380936a9 in do_syscall_for_client (syscall_mask=0x80ddebdb0, 
    tst=0x80200c130, syscallno=130) at m_syswrap/syswrap-main.c:339
#2  vgPlain_client_syscall (tid=tid@entry=3, trc=trc@entry=73)
    at m_syswrap/syswrap-main.c:2007
#3  0x0000000038090193 in handle_syscall (tid=tid@entry=3, trc=73)
    at m_scheduler/scheduler.c:1118
#4  0x0000000038091757 in vgPlain_scheduler (tid=tid@entry=3)
    at m_scheduler/scheduler.c:1435
#5  0x00000000380a0beb in thread_wrapper (tidW=3)
    at m_syswrap/syswrap-linux.c:103
#6  run_a_thread_NORETURN (tidW=3) at m_syswrap/syswrap-linux.c:156
#7  0x00000000380a0f9b in vgModuleLocal_start_thread_NORETURN (
    arg=<optimized out>) at m_syswrap/syswrap-linux.c:325
#8  0x00000000380c93ee in do_syscall_clone_amd64_linux ()
#9  0xdeadbeefdeadbeef in ?? ()
#10 0xdeadbeefdeadbeef in ?? ()
#11 0xdeadbeefdeadbeef in ?? ()
#12 0xdeadbeefdeadbeef in ?? ()
#13 0x0000000000000000 in ?? ()


But, funny thing: after attaching to each of the three pending threads, then detaching, Valgrind exited. So it's like the second 2 threads in that group needed a kick in the head from the debugger to exit.
Comment 16 Philippe Waroquiers 2016-11-16 21:56:48 UTC
(In reply to David Hagood from comment #15)
> #1  0x00000000380936a9 in do_syscall_for_client (syscall_mask=0x80ddebdb0, 
>     tst=0x80200c130, syscallno=130) at m_syswrap/syswrap-main.c:339
According to the above, the 2 blocked threads are doing a sigsuspend
syscall.
Now, to get a thread out of a syscall, valgrind sends a special signal
VG_SIGVGKILL
(which is signal 64 on my setup. I think it changes depending on the platform,
but I guess it will be 64 on Ubuntu also).
So, maybe what happens is that the signal VG_SIGVGKILL is blocked ?

> 
> But, funny thing: after attaching to each of the three pending threads, then
> detaching, Valgrind exited. So it's like the second 2 threads in that group
> needed a kick in the head from the debugger to exit.
I guess that gdb is doing a ptrace syscall or something like that that
finally gets the thread 2 and 3 out of the syscall, allowing the
threads to terminate, and so the main thread detects they are dead.

I guess the question now is: why is the signal sent by valgrind to these 2
threads not getting these out of the syscall ?
Can you check the value of the mask ?
Comment 17 Unknown 2016-11-16 22:38:17 UTC
I would be happy to, if you or somebody else can tell me how.
Comment 18 Philippe Waroquiers 2016-11-16 22:54:21 UTC
(In reply to David Hagood from comment #17)
> I would be happy to, if you or somebody else can tell me how.

strace -f -o vg.out valgrind <your program>

the file vg.out should contain all syscalls done by valgrind
and/or by your program.
Comment 19 Unknown 2016-11-17 15:41:59 UTC
OK, looking through the resulting trace file shows the following:
At startup, there's a lot of 
10966 rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
10966 rt_sigprocmask(SIG_SETMASK, ~[], [], 8) = 0

Then, signal handlers get set up:

10966 rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
10966 rt_sigprocmask(SIG_SETMASK, ~[], [], 8) = 0
10966 rt_sigaction(SIGHUP, NULL, {SIG_DFL, [], 0}, 8) = 0
10966 write(10231, "snaffling handler 0x0 for signal"..., 35) = 35
10966 rt_sigaction(SIGINT, NULL, {SIG_DFL, [], 0}, 8) = 0
10966 write(10231, "snaffling handler 0x0 for signal"..., 35) = 35
10966 rt_sigaction(SIGQUIT, NULL, {SIG_DFL, [], 0}, 8) = 0
10966 write(10231, "snaffling handler 0x0 for signal"..., 35) = 35
10966 rt_sigaction(SIGILL, NULL, {SIG_DFL, [], 0}, 8) = 0
10966 write(10231, "snaffling handler 0x0 for signal"..., 35) = 35
10966 rt_sigaction(SIGTRAP, NULL, {SIG_DFL, [], 0}, 8) = 0
10966 write(10231, "snaffling handler 0x0 for signal"..., 35) = 35
10966 rt_sigaction(SIGABRT, NULL, {SIG_DFL, [], 0}, 8) = 0
10966 write(10231, "snaffling handler 0x0 for signal"..., 35) = 35
10966 rt_sigaction(SIGBUS, NULL, {SIG_DFL, [], 0}, 8) = 0
10966 write(10231, "snaffling handler 0x0 for signal"..., 35) = 35
10966 rt_sigaction(SIGFPE, NULL, {SIG_DFL, [], 0}, 8) = 0
10966 write(10231, "snaffling handler 0x0 for signal"..., 35) = 35
10966 rt_sigaction(SIGKILL, NULL, {SIG_DFL, [], 0}, 8) = 0
10966 write(10231, "snaffling handler 0x0 for signal"..., 35) = 35
10966 rt_sigaction(SIGUSR1, NULL, {SIG_DFL, [], 0}, 8) = 0
10966 write(10231, "snaffling handler 0x0 for signal"..., 36) = 36
10966 rt_sigaction(SIGSEGV, NULL, {SIG_DFL, [], 0}, 8) = 0
10966 write(10231, "snaffling handler 0x0 for signal"..., 36) = 36
10966 rt_sigaction(SIGUSR2, NULL, {SIG_DFL, [], 0}, 8) = 0
10966 write(10231, "snaffling handler 0x0 for signal"..., 36) = 36
10966 rt_sigaction(SIGPIPE, NULL, {SIG_IGN, [], 0}, 8) = 0
10966 write(10231, "snaffling handler 0x1 for signal"..., 36) = 36
10966 rt_sigaction(SIGALRM, NULL, {SIG_DFL, [], 0}, 8) = 0
10966 write(10231, "snaffling handler 0x0 for signal"..., 36) = 36
10966 rt_sigaction(SIGTERM, NULL, {SIG_DFL, [], 0}, 8) = 0
10966 write(10231, "snaffling handler 0x0 for signal"..., 36) = 36
10966 rt_sigaction(SIGSTKFLT, NULL, {SIG_DFL, [], 0}, 8) = 0
10966 write(10231, "snaffling handler 0x0 for signal"..., 36) = 36
10966 rt_sigaction(SIGCHLD, NULL, {SIG_DFL, [], 0}, 8) = 0
10966 write(10231, "snaffling handler 0x0 for signal"..., 36) = 36
10966 rt_sigaction(SIGCONT, NULL, {SIG_DFL, [], 0}, 8) = 0
10966 write(10231, "snaffling handler 0x0 for signal"..., 36) = 36
10966 rt_sigaction(SIGSTOP, NULL, {SIG_DFL, [], 0}, 8) = 0
10966 write(10231, "snaffling handler 0x0 for signal"..., 36) = 36
10966 rt_sigaction(SIGTSTP, NULL, {SIG_DFL, [], 0}, 8) = 0
10966 write(10231, "snaffling handler 0x0 for signal"..., 36) = 36
10966 rt_sigaction(SIGTTIN, NULL, {SIG_DFL, [], 0}, 8) = 0
10966 write(10231, "snaffling handler 0x0 for signal"..., 36) = 36
10966 rt_sigaction(SIGTTOU, NULL, {SIG_DFL, [], 0}, 8) = 0
10966 write(10231, "snaffling handler 0x0 for signal"..., 36) = 36
10966 rt_sigaction(SIGURG, NULL, {SIG_DFL, [], 0}, 8) = 0
10966 write(10231, "snaffling handler 0x0 for signal"..., 36) = 36
10966 rt_sigaction(SIGXCPU, NULL, {SIG_DFL, [], 0}, 8) = 0
10966 write(10231, "snaffling handler 0x0 for signal"..., 36) = 36
10966 rt_sigaction(SIGXFSZ, NULL, {SIG_DFL, [], 0}, 8) = 0
10966 write(10231, "snaffling handler 0x0 for signal"..., 36) = 36
10966 rt_sigaction(SIGVTALRM, NULL, {SIG_DFL, [], 0}, 8) = 0
10966 write(10231, "snaffling handler 0x0 for signal"..., 36) = 36
10966 rt_sigaction(SIGPROF, NULL, {SIG_DFL, [], 0}, 8) = 0
10966 write(10231, "snaffling handler 0x0 for signal"..., 36) = 36
10966 rt_sigaction(SIGWINCH, NULL, {SIG_DFL, [], 0}, 8) = 0
10966 write(10231, "snaffling handler 0x0 for signal"..., 36) = 36
10966 rt_sigaction(SIGIO, NULL, {SIG_DFL, [], 0}, 8) = 0
10966 write(10231, "snaffling handler 0x0 for signal"..., 36) = 36
10966 rt_sigaction(SIGPWR, NULL, {SIG_DFL, [], 0}, 8) = 0
10966 write(10231, "snaffling handler 0x0 for signal"..., 36) = 36
10966 rt_sigaction(SIGSYS, NULL, {SIG_DFL, [], 0}, 8) = 0
10966 write(10231, "snaffling handler 0x0 for signal"..., 36) = 36
10966 rt_sigaction(SIGRTMIN, NULL, {SIG_DFL, [], 0}, 8) = 0
10966 rt_sigaction(SIGRTMIN, {0x380553f0, ~[], SA_SIGINFO}, NULL, 8) = 0
10966 rt_sigaction(SIGRTMIN, {SIG_DFL, [], 0}, NULL, 8) = 0
10966 write(10231, "snaffling handler 0x0 for signal"..., 36) = 36
10966 rt_sigaction(SIGRT_1, NULL, {SIG_DFL, [], 0}, 8) = 0
10966 rt_sigaction(SIGRT_1, {0x380553f0, ~[], SA_SIGINFO}, NULL, 8) = 0
10966 rt_sigaction(SIGRT_1, {SIG_DFL, [], 0}, NULL, 8) = 0
10966 write(10231, "snaffling handler 0x0 for signal"..., 36) = 36
10966 rt_sigaction(SIGRT_2, NULL, {SIG_DFL, [], 0}, 8) = 0
10966 rt_sigaction(SIGRT_2, {0x380553f0, ~[], SA_SIGINFO}, NULL, 8) = 0
10966 rt_sigaction(SIGRT_2, {SIG_DFL, [], 0}, NULL, 8) = 0
10966 write(10231, "snaffling handler 0x0 for signal"..., 36) = 36
10966 rt_sigaction(SIGRT_3, NULL, {SIG_DFL, [], 0}, 8) = 0
10966 rt_sigaction(SIGRT_3, {0x380553f0, ~[], SA_SIGINFO}, NULL, 8) = 0
10966 rt_sigaction(SIGRT_3, {SIG_DFL, [], 0}, NULL, 8) = 0
10966 write(10231, "snaffling handler 0x0 for signal"..., 36) = 36
10966 rt_sigaction(SIGRT_4, NULL, {SIG_DFL, [], 0}, 8) = 0
10966 rt_sigaction(SIGRT_4, {0x380553f0, ~[], SA_SIGINFO}, NULL, 8) = 0
10966 rt_sigaction(SIGRT_4, {SIG_DFL, [], 0}, NULL, 8) = 0
10966 write(10231, "snaffling handler 0x0 for signal"..., 36) = 36
10966 rt_sigaction(SIGRT_5, NULL, {SIG_DFL, [], 0}, 8) = 0
10966 rt_sigaction(SIGRT_5, {0x380553f0, ~[], SA_SIGINFO}, NULL, 8) = 0
10966 rt_sigaction(SIGRT_5, {SIG_DFL, [], 0}, NULL, 8) = 0
10966 write(10231, "snaffling handler 0x0 for signal"..., 36) = 36
10966 rt_sigaction(SIGRT_6, NULL, {SIG_DFL, [], 0}, 8) = 0
10966 rt_sigaction(SIGRT_6, {0x380553f0, ~[], SA_SIGINFO}, NULL, 8) = 0
10966 rt_sigaction(SIGRT_6, {SIG_DFL, [], 0}, NULL, 8) = 0
10966 write(10231, "snaffling handler 0x0 for signal"..., 36) = 36
10966 rt_sigaction(SIGRT_7, NULL, {SIG_DFL, [], 0}, 8) = 0
10966 rt_sigaction(SIGRT_7, {0x380553f0, ~[], SA_SIGINFO}, NULL, 8) = 0
10966 rt_sigaction(SIGRT_7, {SIG_DFL, [], 0}, NULL, 8) = 0
10966 write(10231, "snaffling handler 0x0 for signal"..., 36) = 36
10966 rt_sigaction(SIGRT_8, NULL, {SIG_DFL, [], 0}, 8) = 0
10966 rt_sigaction(SIGRT_8, {0x380553f0, ~[], SA_SIGINFO}, NULL, 8) = 0
10966 rt_sigaction(SIGRT_8, {SIG_DFL, [], 0}, NULL, 8) = 0
10966 write(10231, "snaffling handler 0x0 for signal"..., 36) = 36
10966 rt_sigaction(SIGRT_9, NULL, {SIG_DFL, [], 0}, 8) = 0
10966 rt_sigaction(SIGRT_9, {0x380553f0, ~[], SA_SIGINFO}, NULL, 8) = 0
10966 rt_sigaction(SIGRT_9, {SIG_DFL, [], 0}, NULL, 8) = 0
10966 write(10231, "snaffling handler 0x0 for signal"..., 36) = 36
10966 rt_sigaction(SIGRT_10, NULL, {SIG_DFL, [], 0}, 8) = 0
10966 rt_sigaction(SIGRT_10, {0x380553f0, ~[], SA_SIGINFO}, NULL, 8) = 0
10966 rt_sigaction(SIGRT_10, {SIG_DFL, [], 0}, NULL, 8) = 0
10966 write(10231, "snaffling handler 0x0 for signal"..., 36) = 36
10966 rt_sigaction(SIGRT_11, NULL, {SIG_DFL, [], 0}, 8) = 0
10966 rt_sigaction(SIGRT_11, {0x380553f0, ~[], SA_SIGINFO}, NULL, 8) = 0
10966 rt_sigaction(SIGRT_11, {SIG_DFL, [], 0}, NULL, 8) = 0
10966 write(10231, "snaffling handler 0x0 for signal"..., 36) = 36
10966 rt_sigaction(SIGRT_12, NULL, {SIG_DFL, [], 0}, 8) = 0
10966 rt_sigaction(SIGRT_12, {0x380553f0, ~[], SA_SIGINFO}, NULL, 8) = 0
10966 rt_sigaction(SIGRT_12, {SIG_DFL, [], 0}, NULL, 8) = 0
10966 write(10231, "snaffling handler 0x0 for signal"..., 36) = 36
10966 rt_sigaction(SIGRT_13, NULL, {SIG_DFL, [], 0}, 8) = 0
10966 rt_sigaction(SIGRT_13, {0x380553f0, ~[], SA_SIGINFO}, NULL, 8) = 0
10966 rt_sigaction(SIGRT_13, {SIG_DFL, [], 0}, NULL, 8) = 0
10966 write(10231, "snaffling handler 0x0 for signal"..., 36) = 36
10966 rt_sigaction(SIGRT_14, NULL, {SIG_DFL, [], 0}, 8) = 0
10966 rt_sigaction(SIGRT_14, {0x380553f0, ~[], SA_SIGINFO}, NULL, 8) = 0
10966 rt_sigaction(SIGRT_14, {SIG_DFL, [], 0}, NULL, 8) = 0
10966 write(10231, "snaffling handler 0x0 for signal"..., 36) = 36
10966 rt_sigaction(SIGRT_15, NULL, {SIG_DFL, [], 0}, 8) = 0
10966 rt_sigaction(SIGRT_15, {0x380553f0, ~[], SA_SIGINFO}, NULL, 8) = 0
10966 rt_sigaction(SIGRT_15, {SIG_DFL, [], 0}, NULL, 8) = 0
10966 write(10231, "snaffling handler 0x0 for signal"..., 36) = 36
10966 rt_sigaction(SIGRT_16, NULL, {SIG_DFL, [], 0}, 8) = 0
10966 rt_sigaction(SIGRT_16, {0x380553f0, ~[], SA_SIGINFO}, NULL, 8) = 0
10966 rt_sigaction(SIGRT_16, {SIG_DFL, [], 0}, NULL, 8) = 0
10966 write(10231, "snaffling handler 0x0 for signal"..., 36) = 36
10966 rt_sigaction(SIGRT_17, NULL, {SIG_DFL, [], 0}, 8) = 0
10966 rt_sigaction(SIGRT_17, {0x380553f0, ~[], SA_SIGINFO}, NULL, 8) = 0
10966 rt_sigaction(SIGRT_17, {SIG_DFL, [], 0}, NULL, 8) = 0
10966 write(10231, "snaffling handler 0x0 for signal"..., 36) = 36
10966 rt_sigaction(SIGRT_18, NULL, {SIG_DFL, [], 0}, 8) = 0
10966 rt_sigaction(SIGRT_18, {0x380553f0, ~[], SA_SIGINFO}, NULL, 8) = 0
10966 rt_sigaction(SIGRT_18, {SIG_DFL, [], 0}, NULL, 8) = 0
10966 write(10231, "snaffling handler 0x0 for signal"..., 36) = 36
10966 rt_sigaction(SIGRT_19, NULL, {SIG_DFL, [], 0}, 8) = 0
10966 rt_sigaction(SIGRT_19, {0x380553f0, ~[], SA_SIGINFO}, NULL, 8) = 0
10966 rt_sigaction(SIGRT_19, {SIG_DFL, [], 0}, NULL, 8) = 0
10966 write(10231, "snaffling handler 0x0 for signal"..., 36) = 36
10966 rt_sigaction(SIGRT_20, NULL, {SIG_DFL, [], 0}, 8) = 0
10966 rt_sigaction(SIGRT_20, {0x380553f0, ~[], SA_SIGINFO}, NULL, 8) = 0
10966 rt_sigaction(SIGRT_20, {SIG_DFL, [], 0}, NULL, 8) = 0
10966 write(10231, "snaffling handler 0x0 for signal"..., 36) = 36
10966 rt_sigaction(SIGRT_21, NULL, {SIG_DFL, [], 0}, 8) = 0
10966 rt_sigaction(SIGRT_21, {0x380553f0, ~[], SA_SIGINFO}, NULL, 8) = 0
10966 rt_sigaction(SIGRT_21, {SIG_DFL, [], 0}, NULL, 8) = 0
10966 write(10231, "snaffling handler 0x0 for signal"..., 36) = 36
10966 rt_sigaction(SIGRT_22, NULL, {SIG_DFL, [], 0}, 8) = 0
10966 rt_sigaction(SIGRT_22, {0x380553f0, ~[], SA_SIGINFO}, NULL, 8) = 0
10966 rt_sigaction(SIGRT_22, {SIG_DFL, [], 0}, NULL, 8) = 0
10966 write(10231, "snaffling handler 0x0 for signal"..., 36) = 36
10966 rt_sigaction(SIGRT_23, NULL, {SIG_DFL, [], 0}, 8) = 0
10966 rt_sigaction(SIGRT_23, {0x380553f0, ~[], SA_SIGINFO}, NULL, 8) = 0
10966 rt_sigaction(SIGRT_23, {SIG_DFL, [], 0}, NULL, 8) = 0
10966 write(10231, "snaffling handler 0x0 for signal"..., 36) = 36
10966 rt_sigaction(SIGRT_24, NULL, {SIG_DFL, [], 0}, 8) = 0
10966 rt_sigaction(SIGRT_24, {0x380553f0, ~[], SA_SIGINFO}, NULL, 8) = 0
10966 rt_sigaction(SIGRT_24, {SIG_DFL, [], 0}, NULL, 8) = 0
10966 write(10231, "snaffling handler 0x0 for signal"..., 36) = 36
10966 rt_sigaction(SIGRT_25, NULL, {SIG_DFL, [], 0}, 8) = 0
10966 rt_sigaction(SIGRT_25, {0x380553f0, ~[], SA_SIGINFO}, NULL, 8) = 0
10966 rt_sigaction(SIGRT_25, {SIG_DFL, [], 0}, NULL, 8) = 0
10966 write(10231, "snaffling handler 0x0 for signal"..., 36) = 36
10966 rt_sigaction(SIGRT_26, NULL, {SIG_DFL, [], 0}, 8) = 0
10966 rt_sigaction(SIGRT_26, {0x380553f0, ~[], SA_SIGINFO}, NULL, 8) = 0
10966 rt_sigaction(SIGRT_26, {SIG_DFL, [], 0}, NULL, 8) = 0
10966 write(10231, "snaffling handler 0x0 for signal"..., 36) = 36
10966 rt_sigaction(SIGRT_27, NULL, {SIG_DFL, [], 0}, 8) = 0
10966 rt_sigaction(SIGRT_27, {0x380553f0, ~[], SA_SIGINFO}, NULL, 8) = 0
10966 rt_sigaction(SIGRT_27, {SIG_DFL, [], 0}, NULL, 8) = 0
10966 write(10231, "snaffling handler 0x0 for signal"..., 36) = 36
10966 rt_sigaction(SIGRT_28, NULL, {SIG_DFL, [], 0}, 8) = 0
10966 rt_sigaction(SIGRT_28, {0x380553f0, ~[], SA_SIGINFO}, NULL, 8) = 0
10966 rt_sigaction(SIGRT_28, {SIG_DFL, [], 0}, NULL, 8) = 0
10966 write(10231, "snaffling handler 0x0 for signal"..., 36) = 36
10966 rt_sigaction(SIGRT_29, NULL, {SIG_DFL, [], 0}, 8) = 0
10966 rt_sigaction(SIGRT_29, {0x380553f0, ~[], SA_SIGINFO}, NULL, 8) = 0
10966 rt_sigaction(SIGRT_29, {SIG_DFL, [], 0}, NULL, 8) = 0
10966 write(10231, "snaffling handler 0x0 for signal"..., 36) = 36
10966 rt_sigaction(SIGRT_30, NULL, {SIG_DFL, [], 0}, 8) = 0
10966 rt_sigaction(SIGRT_30, {0x380553f0, ~[], SA_SIGINFO}, NULL, 8) = 0
10966 rt_sigaction(SIGRT_30, {SIG_DFL, [], 0}, NULL, 8) = 0
10966 write(10231, "snaffling handler 0x0 for signal"..., 36) = 36
10966 rt_sigaction(SIGRT_31, NULL, {SIG_DFL, [], 0}, 8) = 0
10966 rt_sigaction(SIGRT_31, {0x380553f0, ~[], SA_SIGINFO}, NULL, 8) = 0
10966 rt_sigaction(SIGRT_31, {SIG_DFL, [], 0}, NULL, 8) = 0
10966 write(10231, "snaffling handler 0x0 for signal"..., 36) = 36
10966 rt_sigaction(SIGRT_32, NULL, {SIG_DFL, [], 0}, 8) = 0
10966 rt_sigaction(SIGRT_32, {0x380553f0, ~[], SA_SIGINFO}, NULL, 8) = 0
10966 rt_sigaction(SIGRT_32, {SIG_DFL, [], 0}, NULL, 8) = 0
10966 write(10231, "snaffling handler 0x0 for signal"..., 36) = 36
10966 write(10231, "--10966-- setting ksig 1 to: hdl"..., 102) = 102
10966 rt_sigaction(SIGHUP, {0x38055050, ~[KILL STOP], SA_RESTORER|SA_RESTART|SA_SIGINFO, 0x38053370}, {SIG_DFL, [], 0}, 8) = 0
10966 write(10231, "--10966-- setting ksig 2 to: hdl"..., 102) = 102
10966 rt_sigaction(SIGINT, {0x38055050, ~[KILL STOP], SA_RESTORER|SA_RESTART|SA_SIGINFO, 0x38053370}, {SIG_DFL, [], 0}, 8) = 0
10966 write(10231, "--10966-- setting ksig 3 to: hdl"..., 102) = 102
10966 rt_sigaction(SIGQUIT, {0x38055050, ~[KILL STOP], SA_RESTORER|SA_RESTART|SA_SIGINFO, 0x38053370}, {SIG_DFL, [], 0}, 8) = 0
10966 write(10231, "--10966-- setting ksig 4 to: hdl"..., 102) = 102
10966 rt_sigaction(SIGILL, {0x380553f0, ~[KILL STOP], SA_RESTORER|SA_RESTART|SA_SIGINFO, 0x38053370}, {SIG_DFL, [], 0}, 8) = 0
10966 write(10231, "--10966-- setting ksig 5 to: hdl"..., 102) = 102
10966 rt_sigaction(SIGTRAP, {0x380553f0, ~[KILL STOP], SA_RESTORER|SA_RESTART|SA_SIGINFO, 0x38053370}, {SIG_DFL, [], 0}, 8) = 0
10966 write(10231, "--10966-- setting ksig 6 to: hdl"..., 102) = 102
10966 rt_sigaction(SIGABRT, {0x38055050, ~[KILL STOP], SA_RESTORER|SA_RESTART|SA_SIGINFO, 0x38053370}, {SIG_DFL, [], 0}, 8) = 0
10966 write(10231, "--10966-- setting ksig 7 to: hdl"..., 102) = 102
10966 rt_sigaction(SIGBUS, {0x380553f0, ~[KILL STOP], SA_RESTORER|SA_RESTART|SA_SIGINFO, 0x38053370}, {SIG_DFL, [], 0}, 8) = 0
10966 write(10231, "--10966-- setting ksig 8 to: hdl"..., 102) = 102
10966 rt_sigaction(SIGFPE, {0x380553f0, ~[KILL STOP], SA_RESTORER|SA_RESTART|SA_SIGINFO, 0x38053370}, {SIG_DFL, [], 0}, 8) = 0
10966 write(10231, "--10966-- setting ksig 10 to: hd"..., 103) = 103
10966 rt_sigaction(SIGUSR1, {0x38055050, ~[KILL STOP], SA_RESTORER|SA_RESTART|SA_SIGINFO, 0x38053370}, {SIG_DFL, [], 0}, 8) = 0
10966 write(10231, "--10966-- setting ksig 11 to: hd"..., 103) = 103
10966 rt_sigaction(SIGSEGV, {0x380553f0, ~[KILL STOP], SA_RESTORER|SA_RESTART|SA_SIGINFO, 0x38053370}, {SIG_DFL, [], 0}, 8) = 0
10966 write(10231, "--10966-- setting ksig 12 to: hd"..., 103) = 103
10966 rt_sigaction(SIGUSR2, {0x38055050, ~[KILL STOP], SA_RESTORER|SA_RESTART|SA_SIGINFO, 0x38053370}, {SIG_DFL, [], 0}, 8) = 0
10966 write(10231, "--10966-- setting ksig 13 to: hd"..., 96) = 96
10966 rt_sigaction(SIGPIPE, {SIG_IGN, ~[KILL STOP], SA_RESTORER|SA_RESTART|SA_SIGINFO, 0x38053370}, {SIG_IGN, [], 0}, 8) = 0
10966 write(10231, "--10966-- setting ksig 14 to: hd"..., 103) = 103
10966 rt_sigaction(SIGALRM, {0x38055050, ~[KILL STOP], SA_RESTORER|SA_RESTART|SA_SIGINFO, 0x38053370}, {SIG_DFL, [], 0}, 8) = 0
10966 write(10231, "--10966-- setting ksig 15 to: hd"..., 103) = 103
10966 rt_sigaction(SIGTERM, {0x38055050, ~[KILL STOP], SA_RESTORER|SA_RESTART|SA_SIGINFO, 0x38053370}, {SIG_DFL, [], 0}, 8) = 0
10966 write(10231, "--10966-- setting ksig 16 to: hd"..., 103) = 103
10966 rt_sigaction(SIGSTKFLT, {0x38055050, ~[KILL STOP], SA_RESTORER|SA_RESTART|SA_SIGINFO, 0x38053370}, {SIG_DFL, [], 0}, 8) = 0
10966 write(10231, "--10966-- setting ksig 17 to: hd"..., 96) = 96
10966 rt_sigaction(SIGCHLD, {SIG_DFL, ~[KILL STOP], SA_RESTORER|SA_RESTART|SA_SIGINFO, 0x38053370}, {SIG_DFL, [], 0}, 8) = 0
10966 write(10231, "--10966-- setting ksig 18 to: hd"..., 96) = 96
10966 rt_sigaction(SIGCONT, {SIG_DFL, ~[KILL STOP], SA_RESTORER|SA_RESTART|SA_SIGINFO, 0x38053370}, {SIG_DFL, [], 0}, 8) = 0
10966 write(10231, "--10966-- setting ksig 20 to: hd"..., 103) = 103
10966 rt_sigaction(SIGTSTP, {0x38055050, ~[KILL STOP], SA_RESTORER|SA_RESTART|SA_SIGINFO, 0x38053370}, {SIG_DFL, [], 0}, 8) = 0
10966 write(10231, "--10966-- setting ksig 21 to: hd"..., 103) = 103
10966 rt_sigaction(SIGTTIN, {0x38055050, ~[KILL STOP], SA_RESTORER|SA_RESTART|SA_SIGINFO, 0x38053370}, {SIG_DFL, [], 0}, 8) = 0
10966 write(10231, "--10966-- setting ksig 22 to: hd"..., 103) = 103
10966 rt_sigaction(SIGTTOU, {0x38055050, ~[KILL STOP], SA_RESTORER|SA_RESTART|SA_SIGINFO, 0x38053370}, {SIG_DFL, [], 0}, 8) = 0
10966 write(10231, "--10966-- setting ksig 23 to: hd"..., 96) = 96
10966 rt_sigaction(SIGURG, {SIG_DFL, ~[KILL STOP], SA_RESTORER|SA_RESTART|SA_SIGINFO, 0x38053370}, {SIG_DFL, [], 0}, 8) = 0
10966 write(10231, "--10966-- setting ksig 24 to: hd"..., 103) = 103
10966 rt_sigaction(SIGXCPU, {0x38055050, ~[KILL STOP], SA_RESTORER|SA_RESTART|SA_SIGINFO, 0x38053370}, {SIG_DFL, [], 0}, 8) = 0
10966 write(10231, "--10966-- setting ksig 25 to: hd"..., 103) = 103
10966 rt_sigaction(SIGXFSZ, {0x38055050, ~[KILL STOP], SA_RESTORER|SA_RESTART|SA_SIGINFO, 0x38053370}, {SIG_DFL, [], 0}, 8) = 0
10966 write(10231, "--10966-- setting ksig 26 to: hd"..., 103) = 103
10966 rt_sigaction(SIGVTALRM, {0x38055050, ~[KILL STOP], SA_RESTORER|SA_RESTART|SA_SIGINFO, 0x38053370}, {SIG_DFL, [], 0}, 8) = 0
10966 write(10231, "--10966-- setting ksig 27 to: hd"..., 103) = 103
10966 rt_sigaction(SIGPROF, {0x38055050, ~[KILL STOP], SA_RESTORER|SA_RESTART|SA_SIGINFO, 0x38053370}, {SIG_DFL, [], 0}, 8) = 0
10966 write(10231, "--10966-- setting ksig 28 to: hd"..., 96) = 96
10966 rt_sigaction(SIGWINCH, {SIG_DFL, ~[KILL STOP], SA_RESTORER|SA_RESTART|SA_SIGINFO, 0x38053370}, {SIG_DFL, [], 0}, 8) = 0
10966 write(10231, "--10966-- setting ksig 29 to: hd"..., 103) = 103
10966 rt_sigaction(SIGIO, {0x38055050, ~[KILL STOP], SA_RESTORER|SA_RESTART|SA_SIGINFO, 0x38053370}, {SIG_DFL, [], 0}, 8) = 0
10966 write(10231, "--10966-- setting ksig 30 to: hd"..., 103) = 103
10966 rt_sigaction(SIGPWR, {0x38055050, ~[KILL STOP], SA_RESTORER|SA_RESTART|SA_SIGINFO, 0x38053370}, {SIG_DFL, [], 0}, 8) = 0
10966 write(10231, "--10966-- setting ksig 31 to: hd"..., 103) = 103
10966 rt_sigaction(SIGSYS, {0x38055050, ~[KILL STOP], SA_RESTORER|SA_RESTART|SA_SIGINFO, 0x38053370}, {SIG_DFL, [], 0}, 8) = 0
10966 write(10231, "--10966-- setting ksig 32 to: hd"..., 103) = 103
10966 rt_sigaction(SIGRTMIN, {0x38055050, ~[KILL STOP], SA_RESTORER|SA_RESTART|SA_SIGINFO, 0x38053370}, {SIG_DFL, [], 0}, 8) = 0
10966 write(10231, "--10966-- setting ksig 33 to: hd"..., 103) = 103
10966 rt_sigaction(SIGRT_1, {0x38055050, ~[KILL STOP], SA_RESTORER|SA_RESTART|SA_SIGINFO, 0x38053370}, {SIG_DFL, [], 0}, 8) = 0
10966 write(10231, "--10966-- setting ksig 34 to: hd"..., 103) = 103
10966 rt_sigaction(SIGRT_2, {0x38055050, ~[KILL STOP], SA_RESTORER|SA_RESTART|SA_SIGINFO, 0x38053370}, {SIG_DFL, [], 0}, 8) = 0
10966 write(10231, "--10966-- setting ksig 35 to: hd"..., 103) = 103
10966 rt_sigaction(SIGRT_3, {0x38055050, ~[KILL STOP], SA_RESTORER|SA_RESTART|SA_SIGINFO, 0x38053370}, {SIG_DFL, [], 0}, 8) = 0
10966 write(10231, "--10966-- setting ksig 36 to: hd"..., 103) = 103
10966 rt_sigaction(SIGRT_4, {0x38055050, ~[KILL STOP], SA_RESTORER|SA_RESTART|SA_SIGINFO, 0x38053370}, {SIG_DFL, [], 0}, 8) = 0
10966 write(10231, "--10966-- setting ksig 37 to: hd"..., 103) = 103
10966 rt_sigaction(SIGRT_5, {0x38055050, ~[KILL STOP], SA_RESTORER|SA_RESTART|SA_SIGINFO, 0x38053370}, {SIG_DFL, [], 0}, 8) = 0
10966 write(10231, "--10966-- setting ksig 38 to: hd"..., 103) = 103
10966 rt_sigaction(SIGRT_6, {0x38055050, ~[KILL STOP], SA_RESTORER|SA_RESTART|SA_SIGINFO, 0x38053370}, {SIG_DFL, [], 0}, 8) = 0
10966 write(10231, "--10966-- setting ksig 39 to: hd"..., 103) = 103
10966 rt_sigaction(SIGRT_7, {0x38055050, ~[KILL STOP], SA_RESTORER|SA_RESTART|SA_SIGINFO, 0x38053370}, {SIG_DFL, [], 0}, 8) = 0
10966 write(10231, "--10966-- setting ksig 40 to: hd"..., 103) = 103
10966 rt_sigaction(SIGRT_8, {0x38055050, ~[KILL STOP], SA_RESTORER|SA_RESTART|SA_SIGINFO, 0x38053370}, {SIG_DFL, [], 0}, 8) = 0
10966 write(10231, "--10966-- setting ksig 41 to: hd"..., 103) = 103
10966 rt_sigaction(SIGRT_9, {0x38055050, ~[KILL STOP], SA_RESTORER|SA_RESTART|SA_SIGINFO, 0x38053370}, {SIG_DFL, [], 0}, 8) = 0
10966 write(10231, "--10966-- setting ksig 42 to: hd"..., 103) = 103
10966 rt_sigaction(SIGRT_10, {0x38055050, ~[KILL STOP], SA_RESTORER|SA_RESTART|SA_SIGINFO, 0x38053370}, {SIG_DFL, [], 0}, 8) = 0
10966 write(10231, "--10966-- setting ksig 43 to: hd"..., 103) = 103
10966 rt_sigaction(SIGRT_11, {0x38055050, ~[KILL STOP], SA_RESTORER|SA_RESTART|SA_SIGINFO, 0x38053370}, {SIG_DFL, [], 0}, 8) = 0
10966 write(10231, "--10966-- setting ksig 44 to: hd"..., 103) = 103
10966 rt_sigaction(SIGRT_12, {0x38055050, ~[KILL STOP], SA_RESTORER|SA_RESTART|SA_SIGINFO, 0x38053370}, {SIG_DFL, [], 0}, 8) = 0
10966 write(10231, "--10966-- setting ksig 45 to: hd"..., 103) = 103
10966 rt_sigaction(SIGRT_13, {0x38055050, ~[KILL STOP], SA_RESTORER|SA_RESTART|SA_SIGINFO, 0x38053370}, {SIG_DFL, [], 0}, 8) = 0
10966 write(10231, "--10966-- setting ksig 46 to: hd"..., 103) = 103
10966 rt_sigaction(SIGRT_14, {0x38055050, ~[KILL STOP], SA_RESTORER|SA_RESTART|SA_SIGINFO, 0x38053370}, {SIG_DFL, [], 0}, 8) = 0
10966 write(10231, "--10966-- setting ksig 47 to: hd"..., 103) = 103
10966 rt_sigaction(SIGRT_15, {0x38055050, ~[KILL STOP], SA_RESTORER|SA_RESTART|SA_SIGINFO, 0x38053370}, {SIG_DFL, [], 0}, 8) = 0
10966 write(10231, "--10966-- setting ksig 48 to: hd"..., 103) = 103
10966 rt_sigaction(SIGRT_16, {0x38055050, ~[KILL STOP], SA_RESTORER|SA_RESTART|SA_SIGINFO, 0x38053370}, {SIG_DFL, [], 0}, 8) = 0
10966 write(10231, "--10966-- setting ksig 49 to: hd"..., 103) = 103
10966 rt_sigaction(SIGRT_17, {0x38055050, ~[KILL STOP], SA_RESTORER|SA_RESTART|SA_SIGINFO, 0x38053370}, {SIG_DFL, [], 0}, 8) = 0
10966 write(10231, "--10966-- setting ksig 50 to: hd"..., 103) = 103
10966 rt_sigaction(SIGRT_18, {0x38055050, ~[KILL STOP], SA_RESTORER|SA_RESTART|SA_SIGINFO, 0x38053370}, {SIG_DFL, [], 0}, 8) = 0
10966 write(10231, "--10966-- setting ksig 51 to: hd"..., 103) = 103
10966 rt_sigaction(SIGRT_19, {0x38055050, ~[KILL STOP], SA_RESTORER|SA_RESTART|SA_SIGINFO, 0x38053370}, {SIG_DFL, [], 0}, 8) = 0
10966 write(10231, "--10966-- setting ksig 52 to: hd"..., 103) = 103
10966 rt_sigaction(SIGRT_20, {0x38055050, ~[KILL STOP], SA_RESTORER|SA_RESTART|SA_SIGINFO, 0x38053370}, {SIG_DFL, [], 0}, 8) = 0
10966 write(10231, "--10966-- setting ksig 53 to: hd"..., 103) = 103
10966 rt_sigaction(SIGRT_21, {0x38055050, ~[KILL STOP], SA_RESTORER|SA_RESTART|SA_SIGINFO, 0x38053370}, {SIG_DFL, [], 0}, 8) = 0
10966 write(10231, "--10966-- setting ksig 54 to: hd"..., 103) = 103
10966 rt_sigaction(SIGRT_22, {0x38055050, ~[KILL STOP], SA_RESTORER|SA_RESTART|SA_SIGINFO, 0x38053370}, {SIG_DFL, [], 0}, 8) = 0
10966 write(10231, "--10966-- setting ksig 55 to: hd"..., 103) = 103
10966 rt_sigaction(SIGRT_23, {0x38055050, ~[KILL STOP], SA_RESTORER|SA_RESTART|SA_SIGINFO, 0x38053370}, {SIG_DFL, [], 0}, 8) = 0
10966 write(10231, "--10966-- setting ksig 56 to: hd"..., 103) = 103
10966 rt_sigaction(SIGRT_24, {0x38055050, ~[KILL STOP], SA_RESTORER|SA_RESTART|SA_SIGINFO, 0x38053370}, {SIG_DFL, [], 0}, 8) = 0
10966 write(10231, "--10966-- setting ksig 57 to: hd"..., 103) = 103
10966 rt_sigaction(SIGRT_25, {0x38055050, ~[KILL STOP], SA_RESTORER|SA_RESTART|SA_SIGINFO, 0x38053370}, {SIG_DFL, [], 0}, 8) = 0
10966 write(10231, "--10966-- setting ksig 58 to: hd"..., 103) = 103
10966 rt_sigaction(SIGRT_26, {0x38055050, ~[KILL STOP], SA_RESTORER|SA_RESTART|SA_SIGINFO, 0x38053370}, {SIG_DFL, [], 0}, 8) = 0
10966 write(10231, "--10966-- setting ksig 59 to: hd"..., 103) = 103
10966 rt_sigaction(SIGRT_27, {0x38055050, ~[KILL STOP], SA_RESTORER|SA_RESTART|SA_SIGINFO, 0x38053370}, {SIG_DFL, [], 0}, 8) = 0
10966 write(10231, "--10966-- setting ksig 60 to: hd"..., 103) = 103
10966 rt_sigaction(SIGRT_28, {0x38055050, ~[KILL STOP], SA_RESTORER|SA_RESTART|SA_SIGINFO, 0x38053370}, {SIG_DFL, [], 0}, 8) = 0
10966 write(10231, "--10966-- setting ksig 61 to: hd"..., 103) = 103
10966 rt_sigaction(SIGRT_29, {0x38055050, ~[KILL STOP], SA_RESTORER|SA_RESTART|SA_SIGINFO, 0x38053370}, {SIG_DFL, [], 0}, 8) = 0
10966 write(10231, "--10966-- setting ksig 62 to: hd"..., 103) = 103
10966 rt_sigaction(SIGRT_30, {0x38055050, ~[KILL STOP], SA_RESTORER|SA_RESTART|SA_SIGINFO, 0x38053370}, {SIG_DFL, [], 0}, 8) = 0
10966 write(10231, "--10966-- setting ksig 63 to: hd"..., 103) = 103
10966 rt_sigaction(SIGRT_31, {0x38055050, ~[KILL STOP], SA_RESTORER|SA_RESTART|SA_SIGINFO, 0x38053370}, {SIG_DFL, [], 0}, 8) = 0
10966 write(10231, "--10966-- setting ksig 64 to: hd"..., 103) = 103
10966 rt_sigaction(SIGRT_32, {0x38053550, ~[KILL STOP], SA_RESTORER|SA_RESTART|SA_SIGINFO, 0x38053370}, {SIG_DFL, [], 0}, 8) = 0

Then a bunch of

10966 rt_sigprocmask(SIG_SETMASK, ~[ILL TRAP BUS FPE KILL SEGV STOP], NULL, 8) = 0
10966 rt_sigprocmask(SIG_SETMASK, ~[], ~[ILL TRAP BUS FPE KILL SEGV STOP], 8) = 0

Then

10997 rt_sigprocmask(SIG_SETMASK, ~[ILL FPE KILL SEGV STOP RTMIN RT_1], ~[ILL TRAP BUS FPE KILL SEGV STOP], 8) = 0
10997 rt_sigprocmask(SIG_SETMASK, ~[ILL TRAP BUS FPE KILL SEGV STOP], NULL, 8) = 0

The rest of the log (until I kill -9 the process) is:

10966 rt_sigtimedwait([ILL FPE KILL SEGV STOP RTMIN RT_1], 0x80997bcb0, {0, 0}, 8) = -1 EAGAIN (Resource temporarily unavailable)
10966 rt_sigprocmask(SIG_SETMASK, ~[ILL TRAP BUS FPE KILL SEGV STOP], NULL, 8) = 0
10966 rt_sigprocmask(SIG_SETMASK, ~[], ~[ILL TRAP BUS FPE KILL SEGV STOP], 8) = 0

Looking through Valgrind's output for signal operations, I see


SYSCALL[10966,1](13) sys_rt_sigaction ( 32, 0xffeffec10, 0x0, 8 )--10966-- sys_sigaction: sigNo 32, new 0xffeffec10, old 0x0, new flags 0x4000004
SYSCALL[10966,1](13) sys_rt_sigaction ( 33, 0xffeffec10, 0x0, 8 )--10966-- sys_sigaction: sigNo 33, new 0xffeffec10, old 0x0, new flags 0x14000004
SYSCALL[10966,1](14) sys_rt_sigprocmask ( 1, 0xffeffed88, 0x0, 8 )--10966-- do_setmask: tid = 1 how = 1 (SIG_UNBLOCK), newset = 0xFFEFFED88 (       180000000)
--10966-- REDIR: 0x8beef46 (libstdc++.so.6:operator new(unsigned long)) redirected to 0x4c2b17c (operator new(unsigned long))
--10966-- REDIR: 0x8beefb8 (libstdc++.so.6:operator new(unsigned long, std::nothrow_t const&)) redirected to 0x4c2b3cf (operator new(unsigned long, std::nothrow_t const&))
--10966-- REDIR: 0x8bef02a (libstdc++.so.6:operator new[](unsigned long, std::nothrow_t const&)) redirected to 0x4c2ba74 (operator new[](unsigned long, std::nothrow_t const&))
SYSCALL[10966,1](14) sys_rt_sigprocmask ( 0, 0xffeffeaf0, 0x0, 8 )--10966-- do_setmask: tid = 1 how = 0 (SIG_BLOCK), newset = 0xFFEFFEAF0 (fffffffe7ffffb77)
SYSCALL[10966,2](14) sys_rt_sigprocmask ( 2, 0x4039e90, 0x0, 8 )--10966-- do_setmask: tid = 2 how = 2 (SIG_SETMASK), newset = 0x4039E90 (fffffffe7fffbffb)
SYSCALL[10966,2](130) sys_rt_sigsuspend ( 0x4039e90, 8 ) --> [async] ... 
SYSCALL[10966,3](14) sys_rt_sigprocmask ( 2, 0x403de90, 0x0, 8 )--10966-- do_setmask: tid = 3 how = 2 (SIG_SETMASK), newset = 0x403DE90 (fffffffe7ffeffff)
SYSCALL[10966,3](130) sys_rt_sigsuspend ( 0x403de90, 8 ) --> [async] ... 
SYSCALL[10966,1](13) sys_rt_sigaction ( 15, 0xffeffe9a0, 0x0, 8 )--10966-- sys_sigaction: sigNo 15, new 0xffeffe9a0, old 0x0, new flags 0x4000000
SYSCALL[10966,1](13) sys_rt_sigaction ( 3, 0xffeffe9a0, 0x0, 8 )--10966-- sys_sigaction: sigNo 3, new 0xffeffe9a0, old 0x0, new flags 0x4000000
SYSCALL[10966,1](13) sys_rt_sigaction ( 17, 0xffeffe9a0, 0x0, 8 )--10966-- sys_sigaction: sigNo 17, new 0xffeffe9a0, old 0x0, new flags 0x4000000
--10966-- setting ksig 17 to: hdlr 0x38055050, flags 0x14000004, mask(msb..lsb) 0x0 0xfffffffffffbfeff
--10966-- REDIR: 0x8bef010 (libstdc++.so.6:operator new[](unsigned long)) redirected to 0x4c2b821 (operator new[](unsigned long))
SYSCALL[10966,1](13) sys_rt_sigaction ( 13, 0xffeffe840, 0xffeffe8e0, 8 )--10966-- sys_sigaction: sigNo 13, new 0xffeffe840, old 0xffeffe8e0, new flags 0x14000000
--10966-- sync signal handler: signal=11, si_code=1, EIP=0x93c95d5, eip=0x80bf2124e, from kernel
--10966-- sync signal handler: signal=11, si_code=1, EIP=0x93c4527, eip=0x80bf21a45, from kernel
--10966--   SCHED[2]:  acquired lock (async_signalhandler)
--10966-- async signal handler: signal=15, tid=2, si_code=0
--10966-- delivering signal 15 (SIGTERM):0 to thread 2
--10966-- push_signal_frame (thread 2): signal 15
==10966==    at 0x93B3702: sigsuspend (in /opt/x-tool/x86_64-unknown-linux-gnu/x86_64-unknown-linux-gnu/sysroot/lib/libc-2.19.so)
Comment 20 Philippe Waroquiers 2016-11-17 21:24:35 UTC
The below trace might show that the special signal (64) used by valgrind to
get a thread out of a syscall has been masked.
If that is the case, it should be relatively easy to write a reproducer:
* launch a thread that masks the signal 64 and then calls sigsuspend
* have the main thread calling exit once this thread is in sigsuspend.

Note that I have filed bug 372600, which is also a process not dying
(but I do not think it is your problem)

SYSCALL[10966,1](14) sys_rt_sigprocmask ( 0, 0xffeffeaf0, 0x0, 8 )--10966-- do_setmask: tid = 1 how = 0 (SIG_BLOCK), newset = 0xFFEFFEAF0 (fffffffe7ffffb77)
SYSCALL[10966,2](14) sys_rt_sigprocmask ( 2, 0x4039e90, 0x0, 8 )--10966-- do_setmask: tid = 2 how = 2 (SIG_SETMASK), newset = 0x4039E90 (fffffffe7fffbffb)
SYSCALL[10966,2](130) sys_rt_sigsuspend ( 0x4039e90, 8 ) --> [async] ... 
SYSCALL[10966,3](14) sys_rt_sigprocmask ( 2, 0x403de90, 0x0, 8 )--10966-- do_setmask: tid = 3 how = 2 (SIG_SETMASK), newset = 0x403DE90 (fffffffe7ffeffff)
SYSCALL[10966,3](130) sys_rt_sigsuspend ( 0x403de90, 8 ) --> [async] ... 
SYSCALL[10966,1](13) sys_rt_sigaction ( 15, 0xffeffe9a0, 0x0, 8 )--10966--
Comment 21 Tom Hughes 2016-11-17 22:16:20 UTC
Presumably valgrind should be excluding the signals that it reserves for internal use when it does the mapping from the user requested mask to the mask that we pass on to the kernel...

To be honest I thought that was all virtualised through m_signal and the system call wrappers all called into that and let it work out how to synchronise that to the kernel?
Comment 22 Philippe Waroquiers 2016-11-17 22:23:10 UTC
(In reply to Tom Hughes from comment #21)
> Presumably valgrind should be excluding the signals that it reserves for
> internal use when it does the mapping from the user requested mask to the
> mask that we pass on to the kernel...
> 
> To be honest I thought that was all virtualised through m_signal and the
> system call wrappers all called into that and let it work out how to
> synchronise that to the kernel?

Yes, I think that is the idea.
But I suspect a bug in this area as we see a call to
 VG_(get_thread_out_of_syscall)
and the thread stays in wait syscall state.
So, I am wondering if we do not one way or another end up
with this signal masked
Comment 23 Philippe Waroquiers 2016-11-19 09:03:37 UTC
Created attachment 102315 [details]
program not dying because it masks sigvgkill
Comment 24 Philippe Waroquiers 2016-11-19 09:05:19 UTC
The attached file maskvgkill.c reproduces the problem.
It terminates when run natively, under V, it loops.
It seems that effectively, it is enough to mask sigvgkill 
to have exit causing an infinite loop.
Comment 25 Philippe Waroquiers 2016-11-19 10:31:32 UTC
Looking in m_signals.c : it looks like some special support
for sigsuspend/rt_sigsuspend is supported to be done, e.g. using
tmp_sig_mast. See a.o. the following comments in m_signals.c:2012

      /* At this point:
	 tst->sig_mask is the current signal mask
	 tst->tmp_sig_mask is the same as sig_mask, unless we're in sigsuspend
and the declaration of tmp_sig_mask in pub_core_threadstate.h

However, in syswrap-linux.c PRE(sys_rt_sigsuspend) (and in the various
duplicated PRE(sys_sigsuspened) in syswrap-<platforms>-linux.c
and in syswrap-darwin.c, I see nothing that seems to activate
such a 'special' sigsuspend plan.
It looks like the syscall is just called, without e.g. (at least) removing
VKI_SIGVGKILL from the set of masked signals.

To the contrary, PRE(sys_sigprocmask) is calling
VG_(do_sys_sigprocmask), which calls do_setmask,
which touches the thread state sig_mask (later on used 
by syswrap-main.c when really executing a client syscall).

So, it looks like we minimum need to remove VKI_SIGVGKILL from the
masked signals when calling sigsuspend. Or maybe we really need
a cunning plan with tmp_sig_mask etc for sigsuspend ?
Comment 26 Philippe Waroquiers 2016-11-19 14:55:11 UTC
Fixed in revision 16141