Bug 379893 - valgrind segfault os x 10.12.4 (_pthread_body)
Summary: valgrind segfault os x 10.12.4 (_pthread_body)
Status: CONFIRMED
Alias: None
Product: valgrind
Classification: Developer tools
Component: general (show other bugs)
Version: 3.13 SVN
Platform: Compiled Sources macOS
: NOR normal
Target Milestone: ---
Assignee: Rhys Kidd
URL:
Keywords:
: 396367 399504 (view as bug list)
Depends on:
Blocks: 365327
  Show dependency treegraph
 
Reported: 2017-05-16 09:46 UTC by Per Mildner
Modified: 2018-11-03 18:13 UTC (History)
3 users (show)

See Also:
Latest Commit:
Version Fixed In:
Sentry Crash Report:

Attachments
Transcript (3.48 KB, text/plain)
2017-05-16 09:46 UTC, Per Mildner 		Details
OS X Problem Report details (3.04 KB, text/plain)
2017-05-16 09:47 UTC, Per Mildner 		Details
View All Add an attachment

Note You need to log in before you can comment on or make changes to this bug.
Description Per Mildner 2017-05-16 09:46:37 UTC 
Created attachment 105586 [details]
Transcript

valgrind --tool=lackey (and other tools) segfaults immediately.
Comment 1 Per Mildner 2017-05-16 09:47:11 UTC 
Created attachment 105587 [details]
OS X Problem Report details
Comment 2 Per Mildner 2017-05-16 09:50:59 UTC 
valgrind itself segfaults when I run it with my program as argument. This also happens with --tool=lackey.

valgrind successfully runs when passed "ls", so it is not completely broken.

svn log says:
r16385 | iraisr | 2017-05-16 10:54:31 +0200 (Tue, 16 May 2017) | 2 lines

Built valgrind today, with:
-bash$ cc --version
Apple LLVM version 8.1.0 (clang-802.0.42)
Target: x86_64-apple-darwin16.5.0
Thread model: posix
Comment 3 Per Mildner 2017-06-16 10:51:53 UTC 
The behavior is similar with todays valgrind (built with Xcode 8.3.3):

-bash$ svn log | head -10
------------------------------------------------------------------------
r16450 | mjw | 2017-06-16 11:33:35 +0200 (Fri, 16 Jun 2017) | 7 lines
Comment 4 Rhys Kidd 2018-08-20 00:41:35 UTC 
Thanks. We've seen other crashing errors with Valgrind's handling of pthread's on macOS (e.g. bz#380269 and bz#349128).

As they may potentially be related, could you try the patch posted there with your program?
Comment 5 Per Mildner 2018-08-20 06:47:01 UTC 
I am unsure exactly which patch to apply, and to which version of valgrind.

Is there a git branch I could try instead?

Also, I am now using macOS 10.13.6, so it is more interesting for me whether it works there. I have access to older macOS VMs, though, if necessary.
Comment 6 Per Mildner 2018-08-20 07:22:10 UTC 
I did try valgrind --tool=lackey myprogram with todays git (2b0aa0a5b88f900e986a3360952fcb3d2513419d) on macOS 10.13.6 and it crashes with:
==73034== Process terminating with default action of signal 11 (SIGSEGV)
==73034==  Access not within mapped region at address 0x18
==73034==    at 0x10195D5BA: _pthread_body (in /usr/lib/system/libsystem_pthread.dylib)
==73034==    by 0x10195D50C: _pthread_start (in /usr/lib/system/libsystem_pthread.dylib)
==73034==    by 0x10195CBF8: thread_start (in /usr/lib/system/libsystem_pthread.dylib)

But this is not with any extra patches.
Comment 7 Rhys Kidd 2018-08-20 14:25:29 UTC 
*** Bug 396367 has been marked as a duplicate of this bug. ***
Comment 8 Rhys Kidd 2018-10-12 17:55:16 UTC 
*** Bug 399504 has been marked as a duplicate of this bug. ***
Comment 9 Gonzalo BG 2018-11-03 18:13:02 UTC 
Trying to run jemalloc's tests under valgrind on OSX I think I'm running into this issue:

The output is:

running 1 test
test background_threads_runtime_defaults ... ==35051== Thread 2:
==35051== Invalid read of size 4
==35051==    at 0x100A145BA: _pthread_body (in /usr/lib/system/libsystem_pthread.dylib)
==35051==    by 0x100A1450C: _pthread_start (in /usr/lib/system/libsystem_pthread.dylib)
==35051==    by 0x100A13BF8: thread_start (in /usr/lib/system/libsystem_pthread.dylib)
==35051==  Address 0x18 is not stack'd, malloc'd or (recently) free'd
==35051== 
==35051== Invalid read of size 8
==35051==    at 0x1005D1FC8: tlv_get_addr (in /usr/lib/system/libdyld.dylib)
==35051==    by 0x258056FBD: ???
==35051==    by 0x100A1450C: _pthread_start (in /usr/lib/system/libsystem_pthread.dylib)
==35051==    by 0x100A13BF8: thread_start (in /usr/lib/system/libsystem_pthread.dylib)
==35051==  Address 0x808 is not stack'd, malloc'd or (recently) free'd
==35051== 
==35051== 
==35051== Process terminating with default action of signal 11 (SIGSEGV)
==35051==  Access not within mapped region at address 0x808
==35051==    at 0x1005D1FC8: tlv_get_addr (in /usr/lib/system/libdyld.dylib)
==35051==    by 0x258056FBD: ???
==35051==    by 0x100A1450C: _pthread_start (in /usr/lib/system/libsystem_pthread.dylib)
==35051==    by 0x100A13BF8: thread_start (in /usr/lib/system/libsystem_pthread.dylib)
==35051==  If you believe this happened as a result of a stack
==35051==  overflow in your program's main thread (unlikely but
==35051==  possible), you can try to increase the size of the
==35051==  main thread stack using the --main-stacksize= flag.
==35051==  The main thread stack size used in this run was 8388608.
--35051:0:schedule VG_(sema_down): read returned -4
==35051== 
==35051== HEAP SUMMARY:
==35051==     in use at exit: 18,912 bytes in 168 blocks
==35051==   total heap usage: 189 allocs, 21 frees, 27,360 bytes allocated
==35051== 
==35051== LEAK SUMMARY:
==35051==    definitely lost: 0 bytes in 0 blocks
==35051==    indirectly lost: 0 bytes in 0 blocks
==35051==      possibly lost: 72 bytes in 3 blocks
==35051==    still reachable: 408 bytes in 8 blocks
==35051==         suppressed: 18,432 bytes in 157 blocks
==35051== Rerun with --leak-check=full to see details of leaked memory
==35051== 
==35051== For counts of detected and suppressed errors, rerun with: -v
==35051== ERROR SUMMARY: 2 errors from 2 contexts (suppressed: 1 from 1)
error: process didn't exit successfully: `valgrind /Users/travis/build/gnzlbg/jemallocator/target/x86_64-apple-darwin/debug/deps/background_thread_defaults-e59065218f44f2e7` (signal: 11, SIGSEGV: invalid memory reference)