We hit an assertion in ld.so about every 6000 runs of the cluster manager slurmstepd on SiCortex hardware. This is evidently the same bug as http://www.redhat.com/archives/phil-list/2003-December/msg00008.html Evidently it has reappeared because of ld.so consistency checking and because our chip (6 way SMP at 500 MHz) has a wider window of vulnerability. We've adapted the previously reported test case so that it fails about half the time (attached) and developed a patch (attached) that resolves the problem. The test case doesn't fail for us on opterons, the only other systems we have available. The failure message we get on our machines is: Inconsistency detected by ld.so: dl-open.c: 215: dl_open_worker: Assertion `_dl_debug_initialize (0, args->nsid)->r_state == RT_CONSISTENT' failed! Details: If a thread happens to hold dl_load_lock and have r_state set to RT_ADD or RT_DELETE at the time another thread calls fork(), then the child exit code from fork (in nptl/sysdeps/unix/sysv/linux/fork.c in our case) re-initializes dl_load_lock but does not restore r_state to RT_CONSISTENT. If the child subsequently requires ld.so functionality before calling exec(), then the assertion will fire. The patch acquires dl_load_lock on entry to fork() and releases it on exit from the parent path. The child path is initialized as currently done. This is essentially pthreads_atfork, but forced to be first because the acquisition of dl_load_lock must happen before malloc_atfork is active to avoid a deadlock.
Created attachment 1873 [details] test case
Created attachment 1874 [details] proposed patch
I think this is a dupe of bug 3429.
Actually it isn't a duplicate of 3429. The assertion failure message is the same, but it occurs on a different line of the source file, and we applied the patch for 3429 without fixing our bug. Sorry I didn't make a more complete report.
Does this bug still exists?
Does this bug still exists? I came across this assertion, which I was running my C program via an application running on heroku.
I have run into this bug in glibc-2.16.0 and can also confirm that it is still present in glibc-2.22. The assertion was removed Jan 21st 2015 in changeset ccdb048, but the underlying bug is still present. The bug occurs because there is no protection to ensure that the loader's internal structures are not being modified when a fork occurs and the child process receives a snapshot of those structures. I have created a new test case that reliably reproduces the bug as long as there are at least two CPUs available so that the threads can run in parallel. The existing patch from Larry Stewart fixes this issue for me, though I've also updated it to acquire the new dl_load_write_lock. While investigating this issue I also discovered a deadlock due to dl_load_write_lock not being reinitialised for the child process during fork. I will open a new bug for this.
Created attachment 8804 [details] reliable test case
Created attachment 8805 [details] updated patch for glibc-2.22
I've opened bug 19282 for the related issue of dl_load_write_lock not being reinitialised during fork