Hi all, I am trying to triage some strange segfaults on my Karmic system. It seems like I am seeing intermittent crashes in seemingly random programs.
Last night I found a reproducible crash. After installing the 'samba' package and running 'net usershare list', it *always* crashes. I tried debugging in gdb a few times, but the backtrace wasn't consistent, and I couldn't explain the crashes. It looked like something was wrong at a lower layer. (maybe libc, the, kernel, gcc etc.) Then I installed the "valgrind" and "libc-dbg" packages and did a basic test: $ valgrind echo foo ==13186== Memcheck, a memory error detector. ==13186== Copyright (C) 2002-2008, and GNU GPL'd, by Julian Seward et al. ==13186== Using LibVEX rev 1884, a library for dynamic binary translation. ==13186== Copyright (C) 2004-2008, and GNU GPL'd, by OpenWorks LLP. ==13186== Using valgrind-3.4.1-Debian, a dynamic binary instrumentation framework. ==13186== Copyright (C) 2000-2008, and GNU GPL'd, by Julian Seward et al. ==13186== For more details, rerun with: -v ==13186== ==13186== Conditional jump or move depends on uninitialised value(s) ==13186== at 0x40160F1: strlen (strlen.S:110) ==13186== by 0x4007C74: _dl_init_paths (dl-load.c:776) ==13186== by 0x4002A22: dl_main (rtld.c:1383) ==13186== by 0x4013DED: _dl_sysdep_start (dl-sysdep.c:243) ==13186== by 0x4000C6C: _dl_start (rtld.c:328) ==13186== by 0x4000856: (within /lib/ld-2.10.1.so) ==13186== ==13186== Conditional jump or move depends on uninitialised value(s) ==13186== at 0x40160FC: strlen (strlen.S:115) ==13186== by 0x4007C74: _dl_init_paths (dl-load.c:776) ==13186== by 0x4002A22: dl_main (rtld.c:1383) ==13186== by 0x4013DED: _dl_sysdep_start (dl-sysdep.c:243) ==13186== by 0x4000C6C: _dl_start (rtld.c:328) ==13186== by 0x4000856: (within /lib/ld-2.10.1.so) ==13186== ==13186== Conditional jump or move depends on uninitialised value(s) ==13186== at 0x400AEC6: _dl_relocate_object (do-rel.h:104) ==13186== by 0x4003200: dl_main (rtld.c:2224) ==13186== by 0x4013DED: _dl_sysdep_start (dl-sysdep.c:243) ==13186== by 0x4000C6C: _dl_start (rtld.c:328) ==13186== by 0x4000856: (within /lib/ld-2.10.1.so) ==13186== ==13186== Conditional jump or move depends on uninitialised value(s) ==13186== at 0x400ABA3: _dl_relocate_object (do-rel.h:117) ==13186== by 0x4003200: dl_main (rtld.c:2224) ==13186== by 0x4013DED: _dl_sysdep_start (dl-sysdep.c:243) ==13186== by 0x4000C6C: _dl_start (rtld.c:328) ==13186== by 0x4000856: (within /lib/ld-2.10.1.so) ==13186== ==13186== Conditional jump or move depends on uninitialised value(s) ==13186== at 0x400AF39: _dl_relocate_object (do-rel.h:127) ==13186== by 0x4003200: dl_main (rtld.c:2224) ==13186== by 0x4013DED: _dl_sysdep_start (dl-sysdep.c:243) ==13186== by 0x4000C6C: _dl_start (rtld.c:328) ==13186== by 0x4000856: (within /lib/ld-2.10.1.so) ==13186== ==13186== Conditional jump or move depends on uninitialised value(s) ==13186== at 0x400A27E: _dl_relocate_object (do-rel.h:65) ==13186== by 0x400312E: dl_main (rtld.c:2287) ==13186== by 0x4013DED: _dl_sysdep_start (dl-sysdep.c:243) ==13186== by 0x4000C6C: _dl_start (rtld.c:328) ==13186== by 0x4000856: (within /lib/ld-2.10.1.so) ==13186== ==13186== Conditional jump or move depends on uninitialised value(s) ==13186== at 0x400A286: _dl_relocate_object (do-rel.h:68) ==13186== by 0x400312E: dl_main (rtld.c:2287) ==13186== by 0x4013DED: _dl_sysdep_start (dl-sysdep.c:243) ==13186== by 0x4000C6C: _dl_start (rtld.c:328) ==13186== by 0x4000856: (within /lib/ld-2.10.1.so) ==13186== ==13186== Conditional jump or move depends on uninitialised value(s) ==13186== at 0x400ABA3: _dl_relocate_object (do-rel.h:117) ==13186== by 0x400312E: dl_main (rtld.c:2287) ==13186== by 0x4013DED: _dl_sysdep_start (dl-sysdep.c:243) ==13186== by 0x4000C6C: _dl_start (rtld.c:328) ==13186== by 0x4000856: (within /lib/ld-2.10.1.so) foo ==13186== ==13186== ERROR SUMMARY: 13 errors from 8 contexts (suppressed: 0 from 0) ==13186== malloc/free: in use at exit: 0 bytes in 0 blocks. ==13186== malloc/free: 1,387 allocs, 1,387 frees, 64,390 bytes allocated. ==13186== For counts of detected errors, rerun with: -v ==13186== Use --track-origins=yes to see where uninitialised values come from ==13186== All heap blocks were freed -- no leaks are possible. I am seeing this on two separate systems running Karmic. On a different (Jaunty) system, the same output is as follows: $ valgrind echo foo ==13258== Memcheck, a memory error detector. ==13258== Copyright (C) 2002-2008, and GNU GPL'd, by Julian Seward et al. ==13258== Using LibVEX rev 1884, a library for dynamic binary translation. ==13258== Copyright (C) 2004-2008, and GNU GPL'd, by OpenWorks LLP. ==13258== Using valgrind-3.4.1-Debian, a dynamic binary instrumentation framework. ==13258== Copyright (C) 2000-2008, and GNU GPL'd, by Julian Seward et al. ==13258== For more details, rerun with: -v ==13258== foo ==13258== ==13258== ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 11 from 1) ==13258== malloc/free: in use at exit: 0 bytes in 0 blocks. ==13258== malloc/free: 1,387 allocs, 1,387 frees, 64,390 bytes allocated. ==13258== For counts of detected errors, rerun with: -v ==13258== All heap blocks were freed -- no leaks are possible. Can anyone else recreate this? Any thoughts about what to look at next? Regards, Mike -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
