Valgrind errors with boost::thread_specific_ptr on GCC 8.3 + Linux
Please check the version of all the tools you had use. It seems like there is some version compatibility issue in this. Try using 3.15.0 version of valgrind.
See here for the usage of valgrind.
If I modify the glibc upstream test case around the pthread_setspecific call like this (and compile it with g++):
void *ptr = new char;
printf("Setting thread local to ptr.\n");
if (pthread_setspecific(key, ptr) != 0) {
perror("pthread_setspecific");
exit(1);
}
delete ptr;
I get this error when running against glibc from right before the fix (at commit 5b06f538c5aee0389ed034f60d90a8884d6d54de, using ./testrun.sh --tool=valgrind /path/to/test from the glibc build tree):
==14143== Invalid read of size 8
==14143== at 0x483B550: check_free (dlerror.c:188)
==14143== by 0x483BA21: free_key_mem (dlerror.c:221)
==14143== by 0x483BA21: __dlerror_main_freeres (dlerror.c:239)
==14143== by 0x4D06AD1: __libc_freeres (in /home/fweimer/src/gnu/glibc/build/libc.so)
==14143== by 0x48031DE: _vgnU_freeres (vg_preloaded.c:77)
==14143== by 0x4BDD331: __run_exit_handlers (exit.c:132)
==14143== by 0x4BDD3C9: exit (exit.c:139)
==14143== by 0x4BC7E21: (below main) (libc-start.c:342)
==14143== Address 0x4d750d8 is 23 bytes after a block of size 1 free'd
==14143== at 0x480CEFC: operator delete(void*) (vg_replace_malloc.c:586)
==14143== by 0x401344: main (t.c:93)
==14143== Block was alloc'd at
==14143== at 0x480BE86: operator new(unsigned long) (vg_replace_malloc.c:344)
==14143== by 0x4012F4: main (t.c:87)
==14143==
==14143== Invalid free() / delete / delete[] / realloc()
==14143== at 0x480CA0C: free (vg_replace_malloc.c:540)
==14143== by 0x483BA29: free_key_mem (dlerror.c:223)
==14143== by 0x483BA29: __dlerror_main_freeres (dlerror.c:239)
==14143== by 0x4D06AD1: __libc_freeres (in /home/fweimer/src/gnu/glibc/build/libc.so)
==14143== by 0x48031DE: _vgnU_freeres (vg_preloaded.c:77)
==14143== by 0x4BDD331: __run_exit_handlers (exit.c:132)
==14143== by 0x4BDD3C9: exit (exit.c:139)
==14143== by 0x4BC7E21: (below main) (libc-start.c:342)
==14143== Address 0x4d750c0 is 0 bytes inside a block of size 1 free'd
==14143== at 0x480CEFC: operator delete(void*) (vg_replace_malloc.c:586)
==14143== by 0x401344: main (t.c:93)
==14143== Block was alloc'd at
==14143== at 0x480BE86: operator new(unsigned long) (vg_replace_malloc.c:344)
==14143== by 0x4012F4: main (t.c:87)
This is pretty much the same error that you got, minus the nesting of the operator new allocation within Boost. So it looks indeed like the two bugs are the same.
This makes sense: Due to bug 24476, libdl uses an uninitialized pthread_key_t value (without previously calling pthread_key_create on it). For the data segment (where internal key for libdl is stored0, uninitialized means zero, of course, and as you can see from the diagnostic output in the test, the key allocated by the test (and Boost in your case) was in fact key 0:
key = 0
This libdl code is rather convoluted, and I posted a patch which moves dlerror into libc (from libdl) and also avoids using POSIX threads thread-local storage altogether.
To summarize: Whoever maintains the glibc version you use needs to backport the upstream fix into their source tree and release an update. We had to do this as well. On the plus side, this bug only happens when you run your application under valgrind and similar tools because during regular process shutdown, __libc_freeres is not invoked: the process will exit soon anyway, and the kernel cleans up all the resources for us. Unless you use valgrind in production, this means that you will never encounter this bug there. Of course, it's still an annoying issue when you are using valgrind for debugging. Sorry about that.