[valgrind] [Bug 511717] New: the 'impossible' happened: Killed by fatal signal (SIGSEGV)

Thu, 06 Nov 2025 06:43:55 -0800 

https://bugs.kde.org/show_bug.cgi?id=511717

            Bug ID: 511717
           Summary: the 'impossible' happened: Killed by fatal signal
                    (SIGSEGV)
    Classification: Developer tools
           Product: valgrind
      Version First 3.25.1
       Reported In:
          Platform: Ubuntu
                OS: Linux
            Status: REPORTED
          Severity: crash
          Priority: NOR
         Component: memcheck
          Assignee: [email protected]
          Reporter: [email protected]
  Target Milestone: ---

SUMMARY

Valgrind sometimes crashes under specific heavy load when stress testing our
Knot DNS project. This seems to be introduced by upgrading from Ubuntu 25.04 to
25.10.

STEPS TO REPRODUCE

1.  Install (K)Ubuntu 25.10
2.  Download Knot DNS from git https://gitlab.nic.cz/knot/knot-dns , download
the prerequisites (README.md), configure with --enable-static ,
CFLAGS="-gdwarf-4 -O0" , and build
3.  Install the prerequisites for testing (tests-extra/requirements.txt) and
run ./runtests.py ctl/concurrent repeatedly
4. Watch for the test to fail and examine
<home>/knottest-last/ctl/concurrent/knot1/valgrind

I do undrestand that actually perform the reproduction is problematic. At least
I can easily trigger the issue repeatedly despite it seems to be somewhat
random in appearance.

OBSERVED RESULT

Snippets from valgrind output. See the complete output in attachment.
...
==237772== 
--237772-- VALGRIND INTERNAL ERROR: Valgrind received a signal 11 (SIGSEGV) -
exiting
--237772-- si_code=1;  Faulting address: 0x28306000;  sp: 0x100f200a68

valgrind: the 'impossible' happened:
   Killed by fatal signal

host stacktrace:
==237772==    at 0x580470C7: vgPlain_memcpy (m_libcbase.c:692)
==237772==    by 0x5809EFC5: valgrind_read_memory (target.c:465)
==237772==    by 0x5809C94F: server_main (server.c:1383)
==237772==    by 0x580BED33: call_gdbserver (m_gdbserver.c:725)
==237772==    by 0x580BFAA1: vgPlain_gdbserver (m_gdbserver.c:792)
==237772==    by 0x580A2057: run_thread_for_a_while (scheduler.c:1113)
==237772==    by 0x580A368F: vgPlain_scheduler (scheduler.c:1484)
==237772==    by 0x58112DB4: thread_wrapper (syswrap-linux.c:102)
==237772==    by 0x58112DB4: run_a_thread_NORETURN (syswrap-linux.c:155)
==237772==    by 0x581130AE: vgModuleLocal_start_thread_NORETURN
(syswrap-linux.c:339)
==237772==    by 0x580B645D: ??? (in
/usr/libexec/valgrind/memcheck-amd64-linux)
==237772==    by 0xDEADBEEFDEADBEEE: ???
==237772==    by 0xDEADBEEFDEADBEEE: ???
==237772==    by 0xDEADBEEFDEADBEEE: ???

sched status:
  running_tid=19

Thread 1: status = VgTs_WaitSys syscall 230 (lwpid 237772)
...
Thread 19: status = VgTs_Runnable (lwpid 238690)
==237772==    at 0x5AB0490: __gmpn_add_n (in
/usr/lib/x86_64-linux-gnu/libgmp.so.10.5.0)
==237772==    by 0x59B4902: _nettle_ecc_dup_jj (in
/usr/lib/x86_64-linux-gnu/libhogweed.so.6.10)
==237772==    by 0x59B6EA8: _nettle_ecc_mul_a (in
/usr/lib/x86_64-linux-gnu/libhogweed.so.6.10)
==237772==    by 0x59B7CF3: nettle_ecc_ecdsa_verify (in
/usr/lib/x86_64-linux-gnu/libhogweed.so.6.10)
==237772==    by 0x59B7ED2: nettle_ecdsa_verify (in
/usr/lib/x86_64-linux-gnu/libhogweed.so.6.10)
==237772==    by 0x525F7C1: ??? (in
/usr/lib/x86_64-linux-gnu/libgnutls.so.30.40.3)
==237772==    by 0x5195C18: ??? (in
/usr/lib/x86_64-linux-gnu/libgnutls.so.30.40.3)
==237772==    by 0x519890E: gnutls_pubkey_verify_data2 (in
/usr/lib/x86_64-linux-gnu/libgnutls.so.30.40.3)
==237772==    by 0x40DEEF3: dnssec_sign_verify (sign.c:373)
==237772==    by 0x4073E8D: knot_check_signature (rrset-sign.c:415)
==237772==    by 0x407B9CD: valid_signature_exists (zone-sign.c:126)
==237772==    by 0x407B699: knot_validate_rrsigs (zone-sign.c:313)
==237772==    by 0x407DAE2: sign_node_rrsets (zone-sign.c:493)
==237772==    by 0x407D8DE: sign_node (zone-sign.c:557)
==237772==    by 0x4049043: tree_apply_cb (zone-tree.c:25)
==237772==    by 0x4113DE6: apply_nodes (trie.c:988)
==237772==    by 0x4113E24: apply_nodes (trie.c:991)
==237772==    by 0x4113E24: apply_nodes (trie.c:991)
==237772==    by 0x4113E24: apply_nodes (trie.c:991)
==237772==    by 0x4113D67: trie_apply (trie.c:1000)
==237772==    by 0x4048FB1: zone_tree_apply (zone-tree.c:291)
==237772==    by 0x407D7DA: tree_sign_thread (zone-sign.c:563)
==237772==    by 0x53E3D63: start_thread (pthread_create.c:448)
==237772==    by 0x54771C3: clone (clone.S:100)
client stack range: [0x30CC2000 0x324C3FFF] client SP: 0x324C2FE8
valgrind stack range: [0x100F101000 0x100F200FFF] top usage: 8312 of 1048576

Thread 21: status = VgTs_Init (lwpid 0)
...

EXPECTED RESULT

No crash, either no errors reported, or potentially report memory handling
errors in the tested piece of software (if any, I don't think so)

SOFTWARE/OS VERSIONS

Kubuntu 25.10, Plasma 6.4.5, uname 6.17.0-6-generic #6-Ubuntu SMP
PREEMPT_DYNAMIC Tue Oct  7 13:34:17 UTC 2025 x86_64 GNU/Linux
Using Valgrind-3.25.1-4441567fbe-20250520 and LibVEX

ADDITIONAL INFORMATION

This happens regardless if Knot DNS is built by gcc or clang.

-- 
You are receiving this mail because:
You are watching all bug changes.

Reply via email to