ports/160918: valgrind's memcheck-x86-freebs module drops core when wait(2) is called
KS Braunsdorf
ksb at sac.fedex.com
Thu Sep 22 18:10:11 UTC 2011
>Number: 160918
>Category: ports
>Synopsis: valgrind's memcheck-x86-freebs module drops core when wait(2) is called
>Confidential: no
>Severity: serious
>Priority: low
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Thu Sep 22 18:10:10 UTC 2011
>Closed-Date:
>Last-Modified:
>Originator: KS Braunsdorf
>Release: 7.3-STABLE
>Organization:
FedEx Services
>Environment:
FreeBSD w02.sac.fedex.com 7.3-STABLE FreeBSD 7.3-STABLE #1: Wed Jun 30 15:20:35 CDT 2010 ksb at w02.sac.fedex.com:/usr/src/sys/i386/compile/KSB2 i386
>Description:
I got it down to a short repeat-by. Basically fork and execvp a date command
then call a function with a large local frame (> 8192 bytes) and call wait(2)
with a (void *)0 to wait for the process started in the parent.
Valgrind's memory checker cores. I don't know why. But if you
reduce the size of the stack-frame in the "burn" function it doesn't
crash.
>How-To-Repeat:
#include <sys/types.h>
#include <sys/wait.h>
#include <unistd.h>
#include <stdlib.h>
burn()
{
auto char accrash[8192];
wait((void *)0);
}
main(int argc, char **argv, char **envp)
{
if (0 == fork())
execve("/bin/date", argv, envp);
burn();
exit(0);
}
--- output
valgrind ./a.out +%m:%M:%Y
==15212== Memcheck, a memory error detector
==15212== Copyright (C) 2002-2010, and GNU GPL'd, by Julian Seward et al.
==15212== Using Valgrind-3.6.1 and LibVEX; rerun with -h for copyright info
==15212== Command: ./a.out +%m:%M:%Y
==15212==
09:02:2011
Memory fault (core dumped)
gdb shows a stack depth of 75, most of which is trash. (0xdeadbeef)
>Fix:
I don't know how to fix it.
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list