Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 22 Sep 2011 18:06:50 GMT
From:      KS Braunsdorf <ksb@sac.fedex.com>
To:        freebsd-gnats-submit@FreeBSD.org
Subject:   ports/160918: valgrind's memcheck-x86-freebs module drops core when wait(2) is called
Message-ID:  <201109221806.p8MI6ohv000177@red.freebsd.org>
Resent-Message-ID: <201109221810.p8MIAAm7049289@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help 

>Number:         160918
>Category:       ports
>Synopsis:       valgrind's memcheck-x86-freebs module drops core when wait(2) is called
>Confidential:   no
>Severity:       serious
>Priority:       low
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Thu Sep 22 18:10:10 UTC 2011
>Closed-Date:
>Last-Modified:
>Originator:     KS Braunsdorf
>Release:        7.3-STABLE
>Organization:
FedEx Services
>Environment:
FreeBSD w02.sac.fedex.com 7.3-STABLE FreeBSD 7.3-STABLE #1: Wed Jun 30 15:20:35 CDT 2010     ksb@w02.sac.fedex.com:/usr/src/sys/i386/compile/KSB2  i386
>Description:
I got it down to a short repeat-by.  Basically fork and execvp a date command
then call a function with a large local frame (> 8192 bytes) and call wait(2)
with a (void *)0 to wait for the process started in the parent.

Valgrind's memory checker cores.  I don't know why.  But if you
reduce the size of the stack-frame in the "burn" function it doesn't
crash.
>How-To-Repeat:
#include <sys/types.h>
#include <sys/wait.h>
#include <unistd.h>
#include <stdlib.h>

burn()
{
        auto char accrash[8192];
        wait((void *)0);
}

main(int argc, char **argv, char **envp)
{
        if (0 == fork())
                execve("/bin/date", argv, envp);
        burn();
        exit(0);
}


--- output

valgrind ./a.out +%m:%M:%Y
==15212== Memcheck, a memory error detector
==15212== Copyright (C) 2002-2010, and GNU GPL'd, by Julian Seward et al.
==15212== Using Valgrind-3.6.1 and LibVEX; rerun with -h for copyright info
==15212== Command: ./a.out +%m:%M:%Y
==15212== 
09:02:2011
Memory fault (core dumped) 

gdb shows a stack depth of 75, most of which is trash. (0xdeadbeef)

>Fix:
I don't know how to fix it.

>Release-Note:
>Audit-Trail:
>Unformatted:

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201109221806.p8MI6ohv000177>