[valgrind] [Bug 469783] New: ARM32: Process terminating with default action of signal 11 (SIGSEGV): _dl_discover_osversion (in /lib/ld-linux-armhf.so.3)
https://bugs.kde.org/show_bug.cgi?id=469783 Bug ID: 469783 Summary: ARM32: Process terminating with default action of signal 11 (SIGSEGV): _dl_discover_osversion (in /lib/ld-linux-armhf.so.3) Classification: Developer tools Product: valgrind Version: 3.17.0 Platform: Other OS: Linux Status: REPORTED Severity: normal Priority: NOR Component: memcheck Assignee: jsew...@acm.org Reporter: v...@altlinux.org Target Milestone: --- On ARM32 (ALT Linux) any tool of valgrind (even `none`) reports SIGSEGV and crashes target binary (which is perfectly working otherwise): ``` # valgrind --tool=none ls ==2125518== Nulgrind, the minimal Valgrind tool ==2125518== Copyright (C) 2002-2017, and GNU GPL'd, by Nicholas Nethercote. ==2125518== Using Valgrind-3.17.0 and LibVEX; rerun with -h for copyright info ==2125518== Command: ls ==2125518== ==2125518== ==2125518== Process terminating with default action of signal 11 (SIGSEGV) ==2125518== Access not within mapped region at address 0xFEB7FFAC ==2125518==at 0x4012068: _dl_discover_osversion (in /lib/ld-linux-armhf.so.3) ==2125518== If you believe this happened as a result of a stack ==2125518== overflow in your program's main thread (unlikely but ==2125518== possible), you can try to increase the size of the ==2125518== main thread stack using the --main-stacksize= flag. ==2125518== The main thread stack size used in this run was 8388608. ==2125518== Segmentation fault ``` When run under another user reported function is different: ``` $ valgrind --tool=none ls ==2127882== Nulgrind, the minimal Valgrind tool ==2127882== Copyright (C) 2002-2017, and GNU GPL'd, by Nicholas Nethercote. ==2127882== Using Valgrind-3.17.0 and LibVEX; rerun with -h for copyright info ==2127882== Command: ls ==2127882== ==2127882== ==2127882== Process terminating with default action of signal 11 (SIGSEGV): dumping core ==2127882== Access not within mapped region at address 0xFE8D325C ==2127882==at 0x40134B8: handle_preload_list (in /lib/ld-linux-armhf.so.3) ==2127882== If you believe this happened as a result of a stack ==2127882== overflow in your program's main thread (unlikely but ==2127882== possible), you can try to increase the size of the ==2127882== main thread stack using the --main-stacksize= flag. ==2127882== The main thread stack size used in this run was 8388608. ==2127882== Segmentation fault ``` ``` /# ls bin boot dev etc home lib media mnt opt proc root run sbin selinux srv sys tmp usr var ``` -- You are receiving this mail because: You are watching all bug changes.
[valgrind] [Bug 469783] ARM32: Process terminating with default action of signal 11 (SIGSEGV): _dl_discover_osversion (in /lib/ld-linux-armhf.so.3)
https://bugs.kde.org/show_bug.cgi?id=469783 Vitaly Chikunov changed: What|Removed |Added See Also||https://bugs.kde.org/show_b ||ug.cgi?id=452575 -- You are receiving this mail because: You are watching all bug changes.
[valgrind] [Bug 452575] Valgrind crashes with segmentation fault and a lot invalid writes on Raspberry Pi 4B
https://bugs.kde.org/show_bug.cgi?id=452575 Vitaly Chikunov changed: What|Removed |Added See Also||https://bugs.kde.org/show_b ||ug.cgi?id=469783 -- You are receiving this mail because: You are watching all bug changes.
[valgrind] [Bug 469783] ARM32: Process terminating with default action of signal 11 (SIGSEGV): _dl_discover_osversion (in /lib/ld-linux-armhf.so.3)
https://bugs.kde.org/show_bug.cgi?id=469783 --- Comment #1 from Vitaly Chikunov --- Stack traces with debuginfo installed: ``` ==2137208== Process terminating with default action of signal 11 (SIGSEGV) ==2137208== Access not within mapped region at address 0xFEAD6FAC ==2137208==at 0x4012068: _dl_discover_osversion (dl-sysdep.c:260) ==2137208==by 0x40144BB: dl_main (rtld.c:1768) ==2137208==by 0x4011E43: _dl_sysdep_start (dl-sysdep.c:142) ==2137208==by 0x4013271: _dl_start (rtld.c:507) ==2137208==by 0x401266F: ??? (in /lib/ld-linux-armhf.so.3) ``` ``` ==2137268== Process terminating with default action of signal 11 (SIGSEGV): dumping core ==2137268== Access not within mapped region at address 0xFE90E25C ==2137268==at 0x40134B8: handle_preload_list (rtld.c:894) ==2137268==by 0x401579D: dl_main (rtld.c:1891) ==2137268==by 0x4011E43: _dl_sysdep_start (dl-sysdep.c:142) ==2137268==by 0x4013271: _dl_start (rtld.c:507) ==2137268==by 0x401266F: ??? (in /lib/ld-linux-armhf.so.3) ``` -- You are receiving this mail because: You are watching all bug changes.
[valgrind] [Bug 482358] New: Feature Request: Add --track-fds=error
https://bugs.kde.org/show_bug.cgi?id=482358 Bug ID: 482358 Summary: Feature Request: Add --track-fds=error Classification: Developer tools Product: valgrind Version: unspecified Platform: Other OS: Linux Status: REPORTED Severity: wishlist Priority: NOR Component: general Assignee: jsew...@acm.org Reporter: v...@altlinux.org Target Milestone: --- Now --track-fds=yes is only informational message (and it's even suppressed with -q), but sometimes (for using valgrind in CI testing) it's useful to consider it's an error if fd is leaked. Please add --track-fds=error which would output (not suppressible) error message and exit with --error-exitcode if fd leak is occurred. Thanks, -- You are receiving this mail because: You are watching all bug changes.
[valgrind] [Bug 469783] ARM32: Process terminating with default action of signal 11 (SIGSEGV): _dl_discover_osversion (in /lib/ld-linux-armhf.so.3)
https://bugs.kde.org/show_bug.cgi?id=469783 --- Comment #2 from Vitaly Chikunov --- This is still true for valgrind-3.22.0: ``` builder@armv7l:~/RPM/BUILD/valgrind-3.22.0$ ./vg-in-place /bin/true ==228878== Memcheck, a memory error detector ==228878== Copyright (C) 2002-2022, and GNU GPL'd, by Julian Seward et al. ==228878== Using Valgrind-3.22.0 and LibVEX; rerun with -h for copyright info ==228878== Command: /bin/true ==228878== ==228878== Invalid write of size 4 ==228878==at 0x10568: ??? (in /bin/true) ==228878==by 0xFEC454E3: ??? ==228878== Address 0xfec454b4 is on thread 1's stack ==228878== 24 bytes below stack pointer ==228878== ==228878== Invalid write of size 4 ==228878==at 0x18D72: ??? (in /bin/true) ==228878== Address 0xfec453d4 is on thread 1's stack ==228878== 224 bytes below stack pointer ==228878== ==228878== Invalid write of size 4 ==228878==at 0x1876A: ??? (in /bin/true) ==228878== Address 0xfec45434 is on thread 1's stack ==228878== 104 bytes below stack pointer ==228878== ==228878== Invalid write of size 4 ==228878==at 0x107F0: ??? (in /bin/true) ==228878== Address 0xfec4545c is on thread 1's stack ==228878== 64 bytes below stack pointer ==228878== ==228878== Invalid write of size 4 ==228878==at 0x17FDE: ??? (in /bin/true) ==228878== Address 0xfec45458 is on thread 1's stack ==228878== 24 bytes below stack pointer ==228878== ==228878== Invalid write of size 4 ==228878==at 0x18D0E: ??? (in /bin/true) ==228878== Address 0xfec45460 is on thread 1's stack ==228878== 16 bytes below stack pointer ==228878== ==228878== Invalid write of size 4 ==228878==at 0x1854E: ??? (in /bin/true) ==228878== Address 0xfec45458 is on thread 1's stack ==228878== 24 bytes below stack pointer ==228878== ==228878== Syscall param set_robust_list(head) points to uninitialised byte(s) ==228878==at 0x10A16: ??? (in /bin/true) ==228878==by 0x185B1: ??? (in /bin/true) ==228878== Address 0x474 is in the brk data segment 0x400-0x4000873 ==228878== ==228878== Invalid write of size 4 ==228878==at 0x19652: ??? (in /bin/true) ==228878== Address 0xfec45490 is on thread 1's stack ==228878== 32 bytes below stack pointer ==228878== ==228878== Invalid write of size 4 ==228878==at 0x21ADE: ??? (in /bin/true) ==228878== Address 0xfec45488 is on thread 1's stack ==228878== 16 bytes below stack pointer ==228878== ==228878== Invalid write of size 4 ==228878==at 0x19722: ??? (in /bin/true) ==228878== Address 0xfec454a0 is on thread 1's stack ==228878== 16 bytes below stack pointer ==228878== ==228878== Invalid write of size 4 ==228878==at 0x18EA0: ??? (in /bin/true) ==228878== Address 0xfec4543c is on thread 1's stack ==228878== 80 bytes below stack pointer ==228878== ==228878== Invalid write of size 4 ==228878==at 0x2991A: ??? (in /bin/true) ==228878== Address 0xfec44450 is not stack'd, malloc'd or (recently) free'd ==228878== ==228878== ==228878== Process terminating with default action of signal 11 (SIGSEGV): dumping core ==228878== Access not within mapped region at address 0xFEC44450 ==228878==at 0x2991A: ??? (in /bin/true) ==228878== If you believe this happened as a result of a stack ==228878== overflow in your program's main thread (unlikely but ==228878== possible), you can try to increase the size of the ==228878== main thread stack using the --main-stacksize= flag. ==228878== The main thread stack size used in this run was 8388608. ==228878== ==228878== HEAP SUMMARY: ==228878== in use at exit: 0 bytes in 0 blocks ==228878== total heap usage: 0 allocs, 0 frees, 0 bytes allocated ==228878== ==228878== All heap blocks were freed -- no leaks are possible ==228878== ==228878== Use --track-origins=yes to see where uninitialised values come from ==228878== For lists of detected and suppressed errors, rerun with: -s ==228878== ERROR SUMMARY: 13 errors from 13 contexts (suppressed: 0 from 0) Segmentation fault ``` -- You are receiving this mail because: You are watching all bug changes.
[valgrind] [Bug 469783] ARM32: Process terminating with default action of signal 11 (SIGSEGV): _dl_discover_osversion (in /lib/ld-linux-armhf.so.3)
https://bugs.kde.org/show_bug.cgi?id=469783
--- Comment #4 from Vitaly Chikunov ---
It's still crashes with tool none:
```
builder@armv7l:~/RPM/BUILD/valgrind-3.22.0$ ./vg-in-place --tool=none /bin/true
==1347567== Nulgrind, the minimal Valgrind tool
==1347567== Copyright (C) 2002-2017, and GNU GPL'd, by Nicholas Nethercote.
==1347567== Using Valgrind-3.22.0 and LibVEX; rerun with -h for copyright info
==1347567== Command: /bin/true
==1347567==
==1347567==
==1347567== Process terminating with default action of signal 11 (SIGSEGV):
dumping core
==1347567== Access not within mapped region at address 0xFEF1C4A0
==1347567==at 0x2991A: ??? (in /bin/true)
==1347567== If you believe this happened as a result of a stack
==1347567== overflow in your program's main thread (unlikely but
==1347567== possible), you can try to increase the size of the
==1347567== main thread stack using the --main-stacksize= flag.
==1347567== The main thread stack size used in this run was 8388608.
==1347567==
Segmentation fault
```
With suppressor from Debian:
```
builder@armv7l:~/RPM/BUILD/valgrind-3.22.0$ ./vg-in-place
--suppressions=armhf-stackclash.supp /bin/true
==1355694== Memcheck, a memory error detector
==1355694== Copyright (C) 2002-2022, and GNU GPL'd, by Julian Seward et al.
==1355694== Using Valgrind-3.22.0 and LibVEX; rerun with -h for copyright info
==1355694== Command: /bin/true
==1355694==
==1355694== Syscall param set_robust_list(head) points to uninitialised byte(s)
==1355694==at 0x10A16: ??? (in /bin/true)
==1355694==by 0x185B1: ??? (in /bin/true)
==1355694== Address 0x474 is in the brk data segment 0x400-0x4000873
==1355694==
==1355694==
==1355694== Process terminating with default action of signal 11 (SIGSEGV):
dumping core
==1355694== Access not within mapped region at address 0xFEF00450
==1355694==at 0x2991A: ??? (in /bin/true)
==1355694== If you believe this happened as a result of a stack
==1355694== overflow in your program's main thread (unlikely but
==1355694== possible), you can try to increase the size of the
==1355694== main thread stack using the --main-stacksize= flag.
==1355694== The main thread stack size used in this run was 8388608.
==1355694==
==1355694== HEAP SUMMARY:
==1355694== in use at exit: 0 bytes in 0 blocks
==1355694== total heap usage: 0 allocs, 0 frees, 0 bytes allocated
==1355694==
==1355694== All heap blocks were freed -- no leaks are possible
==1355694==
==1355694== Use --track-origins=yes to see where uninitialised values come from
==1355694== For lists of detected and suppressed errors, rerun with: -s
==1355694== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 12 from 12)
Segmentation fault
builder@armv7l:~/RPM/BUILD/valgrind-3.22.0$ cat armhf-stackclash.supp
# On armhf, stack-clash-protector is implemented by writing out of stack
# bounds. https://bugzilla.redhat.com/show_bug.cgi?id=1522678
{
stack-clash-protection-armhf
Memcheck:Addr4
obj:*
}
```
--
You are receiving this mail because:
You are watching all bug changes.
