You can subscribe to this list here.
| 2002 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
(1) |
Oct
(122) |
Nov
(152) |
Dec
(69) |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2003 |
Jan
(6) |
Feb
(25) |
Mar
(73) |
Apr
(82) |
May
(24) |
Jun
(25) |
Jul
(10) |
Aug
(11) |
Sep
(10) |
Oct
(54) |
Nov
(203) |
Dec
(182) |
| 2004 |
Jan
(307) |
Feb
(305) |
Mar
(430) |
Apr
(312) |
May
(187) |
Jun
(342) |
Jul
(487) |
Aug
(637) |
Sep
(336) |
Oct
(373) |
Nov
(441) |
Dec
(210) |
| 2005 |
Jan
(385) |
Feb
(480) |
Mar
(636) |
Apr
(544) |
May
(679) |
Jun
(625) |
Jul
(810) |
Aug
(838) |
Sep
(634) |
Oct
(521) |
Nov
(965) |
Dec
(543) |
| 2006 |
Jan
(494) |
Feb
(431) |
Mar
(546) |
Apr
(411) |
May
(406) |
Jun
(322) |
Jul
(256) |
Aug
(401) |
Sep
(345) |
Oct
(542) |
Nov
(308) |
Dec
(481) |
| 2007 |
Jan
(427) |
Feb
(326) |
Mar
(367) |
Apr
(255) |
May
(244) |
Jun
(204) |
Jul
(223) |
Aug
(231) |
Sep
(354) |
Oct
(374) |
Nov
(497) |
Dec
(362) |
| 2008 |
Jan
(322) |
Feb
(482) |
Mar
(658) |
Apr
(422) |
May
(476) |
Jun
(396) |
Jul
(455) |
Aug
(267) |
Sep
(280) |
Oct
(253) |
Nov
(232) |
Dec
(304) |
| 2009 |
Jan
(486) |
Feb
(470) |
Mar
(458) |
Apr
(423) |
May
(696) |
Jun
(461) |
Jul
(551) |
Aug
(575) |
Sep
(134) |
Oct
(110) |
Nov
(157) |
Dec
(102) |
| 2010 |
Jan
(226) |
Feb
(86) |
Mar
(147) |
Apr
(117) |
May
(107) |
Jun
(203) |
Jul
(193) |
Aug
(238) |
Sep
(300) |
Oct
(246) |
Nov
(23) |
Dec
(75) |
| 2011 |
Jan
(133) |
Feb
(195) |
Mar
(315) |
Apr
(200) |
May
(267) |
Jun
(293) |
Jul
(353) |
Aug
(237) |
Sep
(278) |
Oct
(611) |
Nov
(274) |
Dec
(260) |
| 2012 |
Jan
(303) |
Feb
(391) |
Mar
(417) |
Apr
(441) |
May
(488) |
Jun
(655) |
Jul
(590) |
Aug
(610) |
Sep
(526) |
Oct
(478) |
Nov
(359) |
Dec
(372) |
| 2013 |
Jan
(467) |
Feb
(226) |
Mar
(391) |
Apr
(281) |
May
(299) |
Jun
(252) |
Jul
(311) |
Aug
(352) |
Sep
(481) |
Oct
(571) |
Nov
(222) |
Dec
(231) |
| 2014 |
Jan
(185) |
Feb
(329) |
Mar
(245) |
Apr
(238) |
May
(281) |
Jun
(399) |
Jul
(382) |
Aug
(500) |
Sep
(579) |
Oct
(435) |
Nov
(487) |
Dec
(256) |
| 2015 |
Jan
(338) |
Feb
(357) |
Mar
(330) |
Apr
(294) |
May
(191) |
Jun
(108) |
Jul
(142) |
Aug
(261) |
Sep
(190) |
Oct
(54) |
Nov
(83) |
Dec
(22) |
| 2016 |
Jan
(49) |
Feb
(89) |
Mar
(33) |
Apr
(50) |
May
(27) |
Jun
(34) |
Jul
(53) |
Aug
(53) |
Sep
(98) |
Oct
(206) |
Nov
(93) |
Dec
(53) |
| 2017 |
Jan
(65) |
Feb
(82) |
Mar
(102) |
Apr
(86) |
May
(187) |
Jun
(67) |
Jul
(23) |
Aug
(93) |
Sep
(65) |
Oct
(45) |
Nov
(35) |
Dec
(17) |
| 2018 |
Jan
(26) |
Feb
(35) |
Mar
(38) |
Apr
(32) |
May
(8) |
Jun
(43) |
Jul
(27) |
Aug
(30) |
Sep
(43) |
Oct
(42) |
Nov
(38) |
Dec
(67) |
| 2019 |
Jan
(32) |
Feb
(37) |
Mar
(53) |
Apr
(64) |
May
(49) |
Jun
(18) |
Jul
(14) |
Aug
(53) |
Sep
(25) |
Oct
(30) |
Nov
(49) |
Dec
(31) |
| 2020 |
Jan
(87) |
Feb
(45) |
Mar
(37) |
Apr
(51) |
May
(99) |
Jun
(36) |
Jul
(11) |
Aug
(14) |
Sep
(20) |
Oct
(24) |
Nov
(40) |
Dec
(23) |
| 2021 |
Jan
(14) |
Feb
(53) |
Mar
(85) |
Apr
(15) |
May
(19) |
Jun
(3) |
Jul
(14) |
Aug
(1) |
Sep
(57) |
Oct
(73) |
Nov
(56) |
Dec
(22) |
| 2022 |
Jan
(3) |
Feb
(22) |
Mar
(6) |
Apr
(55) |
May
(46) |
Jun
(39) |
Jul
(15) |
Aug
(9) |
Sep
(11) |
Oct
(34) |
Nov
(20) |
Dec
(36) |
| 2023 |
Jan
(79) |
Feb
(41) |
Mar
(99) |
Apr
(169) |
May
(48) |
Jun
(16) |
Jul
(16) |
Aug
(57) |
Sep
(19) |
Oct
|
Nov
|
Dec
|
| S | M | T | W | T | F | S |
|---|---|---|---|---|---|---|
|
|
|
|
|
|
1
|
2
(1) |
|
3
|
4
(4) |
5
(4) |
6
|
7
|
8
|
9
|
|
10
(2) |
11
(2) |
12
(2) |
13
|
14
|
15
(2) |
16
(1) |
|
17
(2) |
18
(2) |
19
(3) |
20
(4) |
21
(1) |
22
|
23
|
|
24
(7) |
25
|
26
(4) |
27
(7) |
28
(2) |
29
(1) |
30
(2) |
|
31
|
|
|
|
|
|
|
|
From: <sv...@va...> - 2016-07-04 16:57:44
|
Author: sewardj
Date: Mon Jul 4 17:57:36 2016
New Revision: 15900
Log:
Initial triage of a bunch of bugs from Oct 2015 to Feb 2016, roughly.
Modified:
trunk/NEWS
trunk/docs/internals/3_11_BUGSTATUS.txt
Modified: trunk/NEWS
==============================================================================
--- trunk/NEWS (original)
+++ trunk/NEWS Mon Jul 4 17:57:36 2016
@@ -59,28 +59,34 @@
303877 valgrind doesn't support compressed debuginfo sections.
345307 Warning about "still reachable" memory when using libstdc++ from gcc 5
348345 Assertion fails for negative lineno
+351804 Crash on generating suppressions for "printf" call on OS X 10.10
353083 arm64 doesn't implement various xattr system calls
353084 arm64 doesn't support sigpending system call
+353137 www: update info for Supported Platforms
+353138 www: update "The Valgrind Developers" page
353370 don't advertise RDRAND in cpuid for Core-i7-4910-like avx2 machine
353398 WARNING: unhandled amd64-solaris syscall: 207
353660 XML in auxwhat tag not escaping reserved symbols properly
353680 s390x: Crash with certain glibc versions due to non-implemented TBEGIN
+353802 ELF debug info reader confused with multiple .rodata sections
353891 Assert 'bad_scanned_addr < VG_ROUNDDN(start+len, sizeof(Addr))' failed
353917 unhandled amd64-solaris syscall fchdir(120)
353920 unhandled amd64-solaris syscall: 170
354392 unhandled amd64-solaris syscall: 171
-354797 Added vbit tester support for PPC 64 isa 2.07 iops
+354797 Vbit test does not include Iops for Power 8 instruction support
354883 tst->os_state.pthread - magic_delta assertion failure on OSX 10.11
354933 Fix documentation of --kernel-variant=android-no-hw-tls option
355188 valgrind should intercept all malloc related global functions
-355455 stderr.exp of test cases wrapmalloc and wrapmallocstatic overconstrained
355454 do not intercept malloc related symbols from the runtime linker
+355455 stderr.exp of test cases wrapmalloc and wrapmallocstatic overconstrained
356044 Dwarf line info reader misinterprets is_stmt register
+356393 valgrind (vex) crashes because isZeroU happened
356817 valgrind.h triggers compiler errors on MSVC when defining NVALGRIND
357833 Setting RLIMIT_DATA to zero breaks with linux 4.5+
357871 pthread_spin_destroy not properly wrapped
-357887 Fix a file handle leak. VG_(fclose) did not close the file
+357887 Calls to VG_(fclose) do not close the file descriptor
358030 support direct socket calls on x86 32bit (new in linux 4.3)
+358478 drd/tests/std_thread.cpp doesn't build with GCC6
359133 Assertion 'eltSzB <= ddpa->poolSzB' failed
359201 futex syscall "skips" argument 5 if op is FUTEX_WAIT_BITSET
359289 s390x: popcnt (B9E1) not implemented
@@ -117,6 +123,10 @@
n-i-bz false positive leaks due to aspacemgr merging non heap segments with heap segments.
n-i-bz Fix ppoll_alarm exclusion on OS X
n-i-bz Document brk segment limitation, reference manual in limit reached msg.
+n-i-bz Fix clobber list in none/tests/amd64/xacq_xrel.c [valgrind r15737]
+n-i-bz Bump allowed shift value for "add.w reg, sp, reg, lsl #N" [vex r3206]
+
+
Release 3.11.0 (22 September 2015)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
@@ -499,8 +509,7 @@
351140 arm64 syscalls setuid (146) and setresgid (149) not implemented
351386 Solaris: Cannot run ld.so.1 under Valgrind
351474 Fix VG_(iseqsigset) as obvious
-351534 Fix incorrect header guard
-351632 Fix UNKNOWN fcntl 97 on OS X 10.11
+351531 Typo in /include/vki/vki-xen-physdev.h header guard
351756 Intercept platform_memchr$VARIANT$Haswell on OS X
351858 ldsoexec support on Solaris
351873 Newer gcc doesn't allow __builtin_tabortdc[i] in ppc32 mode
Modified: trunk/docs/internals/3_11_BUGSTATUS.txt
==============================================================================
--- trunk/docs/internals/3_11_BUGSTATUS.txt (original)
+++ trunk/docs/internals/3_11_BUGSTATUS.txt Mon Jul 4 17:57:36 2016
@@ -5,40 +5,122 @@
=== VEX/amd64 ==========================================================
+351491 Unrecognised instruction in library compiled with -mavx -ffast-math -O3
+351726 vex amd64->IR: 0xC5 0xF3 0xC2 0x15 0xEB 0x7C 0x2 0x0
+ [JRS: potentially serious, miscalculated next %RIP]
+352549 Valgrind (whether with memchek or callgrind) crashes with
+ "unhandled instruction bytes"
+ [Probably invalid]
+353384 unhandled instruction bytes: 0x66 0xF 0x3A 0x62 0xD1 0x62 0x41 0x3B
+ __intel_sse4_strpbrk
+353727 unhandled instruction bytes: 0x66 0xF 0x3A 0x62 0xD1 0x72 0x45 0x3B
+ __intel_sse4_strspn
+354931 Analyze of qt app results in incompatible processor message
+ [Gentoo stupidity]
+356138 vex amd64->IR: 0x8F 0xEA 0x78 0x10 0xD2 0x6 0x6 0x0
+356392 FPU control word not updated on FYL2X with ST(0) = 0
+ [Also relevant for x86]
+356611 vex amd64->IR: 0x8F 0xEA 0xF8 0x10 0xC9 0x3 0x1D 0x0
+ [== 328357, still open]
+356715 vex amd64->IR: 0xC4 0xE2 0x7D 0x13 0x4 0x4A 0xC5 0xFC
+357873 libstdc++ unhandled instruction: 0xF 0xC7 0xF0 0x89
+ [== 353370, fixed, RDRAND ?]
+357932 vex amd64->IR: 0xF2 0x49 0xF 0x5D and 0xF2 0x49 0xF 0x5F
+
=== VEX/arm ============================================================
+352630 valgrind: Unrecognised instruction at address 0x4fc4d33.
+354274 arm: unhandled instruction: 0xEBAD 0x0AC1 (sub.w sl, sp, r1, lsl #3)
+355526 disInstr(arm): unhandled instruction: 0x1823E91
+n-i-bz Remove limit on strd's negative immediates
+ [dev@, Michael Daniels, 19 Nov 2015, easy fix, should land]
+356823 Unsupported ARM instruction: stlex
+357673 crash if I try to run valgrind with a binary link with libcurl
+ [IR sanity check failure]
+
=== VEX/arm64 ==========================================================
+357338 Unhandled instruction for SHA instructions libcrypto Boring SSL
+
=== VEX/x86 ============================================================
+355231 Unhandled Instruction Bytes (SSE4, vmovdqu, "0xC5 0xFA 0x6F 0x2")
+357059 x86: SSE cvtpi2ps with memory source does transition to MMX state
+ [Also relevant for amd64. Not sure this is really a bug.]
+
=== VEX/mips ===========================================================
+356112 mips: replace addi with addiu
+
=== VEX/ppc ============================================================
=== VEX/s390x ==========================================================
=== VEX general ========================================================
-=== Syscalls/ioctls ====================================================
+=== Syscalls/ioctls on Linux ===========================================
+
+351632 UNKNOWN fcntl 97 on OS X 10.11
+352742 Custom allocator using sbrk() fails after about 800MB when running
+ under memcheck
+352767 Wine/valgrind: Warning: noted but unhandled ioctl 0x5307 with
+ no size/direction hints. (CDROMSTOP)
+355803 Add Lustre's IOC_MDC_GETFILESTRIPE ioctl [has patch]
+356676 Unhandled arm64-linux syscalls: 125 and 126 (sched_get_priority_max/min)
+ [may already be fixed by 359503]
+356678 unhandled arm64-linux syscall: 232 (mincore)
+ [may already be fixed by 359503]
+357781 unhandled amd64-linux syscall: 317
+ [== 345414, still open]
+358620 WARNING: unhandled syscall: 357
+ [arm32, 3.7.0, also an unhandled insn]
+
+=== Syscalls/ioctls on OSX =============================================
+
+352021 Signals are ignored in OS X 10.10
+353346 WARNING: unhandled amd64-darwin syscall: unix:330
+ == 211362 [not fixed]
=== Debuginfo reader ===================================================
+353192 Debug info/data section not detected on AMD64
+355197 Too strong assert in variable debug info code
+
=== Tools/Memcheck =====================================================
+352364 ppc64: --expensive-definedness-checks=yes is not quite working here
+353282 False uninitialised memory after bittwiddling
+
=== Tools/DRD ==========================================================
+356374 Assertion 'DRD_(g_threadinfo)[tid].pt_threadid
+ != INVALID_POSIX_THREADID' failed
+
=== Tools/Helgrind =====================================================
+358213 helgrind bar_bad testcase hangs
+ with new glibc pthread barrier implementation
+ [Also DRD is affected]
+
=== Tools/SGCheck ======================================================
=== Tools/Massif =======================================================
=== Tools/Cachegrind ===================================================
+=== Tools/Callgrind ====================================================
+
+356675 callgrind test apk in android 5.0.2
+ [Unclear what this is. Might also be ARM or Android specific]
+
=== Tools/Lackey =======================================================
=== other/mips =========================================================
+351282 valgrind 3.10.1 MIPS softfloat build broken with GCC 4.9.3 /
+ binutils 2.25.1
+352197 mips: mmap2() not wrapped correctly for page size > 4096
+
=== other/ppc ==========================================================
=== other/arm ==========================================================
@@ -51,18 +133,42 @@
=== other/OS X ========================================================
+351855 Possible false positive on OS X with setlocale
+352384 mmap-FIXED failed in UME (load_segment2)
+352567 Assertion tres.status == VexTransOK failed in m_translate.c
+ vgPlain_translate
+353470 memcheck/tests/execve2 fails on OS X 10.11
+353471 memcheck/tests/x86/xor-undef-x86 fails on OS X 10.11
+354428 Bad report memory leak in OS X 10.11
+ == 258140 [still open]
+354809 Error message for unsupported platform is unhelpful
+356122 Apparent infinite loop calling GLib g_get_user_special_dir() function
+
=== other/Win32 =======================================================
=== GDB server =========================================================
+351792 vgdb doesn't support remote file transfers
+356174 Enhance the embedded gdbserver to allow LLDB to use it
+
=== Output =============================================================
+351857 confusing error message about valid command line option
+352395 Please provide SVN revision info in --version
+358569 Unhandled instructions cause creation of "orphan" stack traces
+ in XML output
+
=== MPI ================================================================
=== Documentation ======================================================
=== Uncategorised/run ==================================================
+351692 Dumps created by valgrind are not readable by gdb
+356457 valgrind: m_mallocfree.c:2042 (vgPlain_arena_free):
+ Assertion 'blockSane(a, b)' failed.
+ [Possible V memory corruption?]
+
=== Uncategorised/build=================================================
========================================================================
@@ -73,120 +179,8 @@
========================================================================
========================================================================
-351140 arm64 syscalls setuid (146) and setresgid (149) not implemented
-351282 valgrind 3.10.1 MIPS softfloat build broken with GCC 4.9.3 /
- binutils 2.25.1
-351386 Cannot run ld.so.1 under Valgrind
-351391 Some blog CSS does not render properly under Firefox or Safari
-351474 coregrind/m_libcsignal.c:134: bad test ?
-351491 Unrecognised instruction in library compiled with -mavx -ffast-math -O3
-351531 Typo in /include/vki/vki-xen-physdev.h header guard
-351536 Valgrind should track map areas of unloaded libraries
-351632 UNKNOWN fcntl 97 on OS X 10.11
-351692 Dumps created by valgrind are not readable by gdb
-351726 vex amd64->IR: 0xC5 0xF3 0xC2 0x15 0xEB 0x7C 0x2 0x0
-351742 jump to illegal address without stack backtrace
-351756 Spurious errors on OS X 10.10.5 using Valgrind 3.11 SVN
-351792 vgdb doesn't support remote file transfers
-351804 Crash on generating suppressions for `printf`
- call on OS X 10.10 / Valgrind 3.11 SVN
-351848 Option for showing addresses of memory leaks?
-351855 Possible false positive on OS X with setlocale
-351857 confusing error message about valid command line option
-351858 ldsoexec support on Solaris
-351873 Newer gcc doesn't allow __builtin_tabortdc[i] in ppc32 mode
-352021 Signals are ignored in OS X 10.10
-352059 Fix unhandled sysarch cmd 132 (AMD64_GET_XFPUSTATE) on FreeBSD/amd64
-352130 helgrind reports false races for printfs using mempcpy
- manipulating FILE* state
-352183 s390x: none/tests/s390x/fpext is failing
-352197 mips: mmap2() not wrapped correctly for page size > 4096
-352284 s390 Conditional jump or move depends on uninitialised value(s)
- in vfprintf
-352320 arm64 crash on none/tests/nestedfs
-352364 ppc64: --expensive-definedness-checks=yes is not quite working here
-352384 mmap-FIXED failed in UME (load_segment2)
-352395 Please provide SVN revision info in --version
-352549 Valgrind (whether with memchek or callgrind) crashes with
- "unhandled instruction bytes"
-352567 Assertion tres.status == VexTransOK failed in m_translate.c
- vgPlain_translate
-352586 Missing emulation of the PowerPC "mbar" instruction
-352630 valgrind: Unrecognised instruction at address 0x4fc4d33.
-352742 Custom allocator using sbrk() fails after about 800MB when running
- under memcheck
-352765 Vbit test fails on Power 6
-352767 Wine/valgrind: Warning: noted but unhandled ioctl 0x5307 with
- no size/direction hints. (CDROMSTOP)
-352768 The mbar instruction is missing from the Power PC support
-352769 Power PC program priority register (PPR) is not supported
-353083 arm64 doesn't implement various xattr system calls
-353084 arm64 doesn't support sigpending system call
-353137 www: update info for Supported Platforms
-353138 www: update "The Valgrind Developers" page
-353192 Debug info/data section not detected on AMD64
-353282 False uninitialised memory after bittwiddling
-353346 WARNING: unhandled amd64-darwin syscall: unix:330
-353370 amd64->IR: 0x48 0xF 0xC7 0xF0 0x72 0x4 0xFF 0xC9
-353384 unhandled instruction bytes: 0x66 0xF 0x3A 0x62 0xD1 0x62 0x41 0x3B
- __intel_sse4_strpbrk
-353470 memcheck/tests/execve2 fails on OS X 10.11
-353471 memcheck/tests/x86/xor-undef-x86 fails on OS X 10.11
-353660 XML in auxwhat tag not escaping ampersand properly
-353680 s390x: Crash with certain glibc versions due to non-implemented TBEGIN
-353727 unhandled instruction bytes: 0x66 0xF 0x3A 0x62 0xD1 0x72 0x45 0x3B
- __intel_sse4_strspn
-353802 ELF debug info reader confused with multiple .rodata sections
-353891 testcase memcheck/tests/leak-segv-jmp: Memcheck: mc_leakcheck.c:1045
- (lc_scan_memory): Assertion 'bad_scanned_addr < VG_ROUNDDN(start+len,
- sizeof(Addr))' failed.
-353920 unhandled amd64-solaris syscall: 170
-354274 arm: unhandled instruction: 0xEBAD 0x0AC1 (sub.w sl, sp, r1, lsl #3)
-354392 unhandled amd64-solaris syscall: 171
-354428 Bad report memory leak in OS X 10.11
-354797 Vbit test does not include Iops for Power 8 instruction support
-354809 Error message for unsupported platform is unhelpful
-354882 Valgrind 3.11.0 (and 3.12.0-SVN) fails to build on OSX 10.11 El Capitan
-354883 Assertion failure with valgrind-3.11.0 on OSX 10.11
-354909 strlen() provokes false positives on icc -O2 (Linux)
-354931 Analyze of qt app results in incompatible processor message
-354933 Android READMEs talk of --kernel-variant=android-emulator-no-hw-tls,
- which doesn't exist
-
-Mon 9 Nov 21:57:00 CET 2015
-
-355188 valgrind should intercept all malloc related global functions by default
-355197 Too strong assert in variable debug info code
-355231 Unhandled Instruction Bytes (SSE4, vmovdqu, "0xC5 0xFA 0x6F 0x2")
-355454 do not intercept malloc related symbols from the runtime linker
-355455 expected stderr of test cases wrapmalloc and wrapmallocstatic
- overconstrained
-355526 disInstr(arm): unhandled instruction: 0x1823E91
-355803 Add Lustre's IOC_MDC_GETFILESTRIPE ioctl
-356044 Dwarf line info reader misinterprets is_stmt register
-n-i-bz [PATCH] Fix clobber list in none/tests/amd64/xacq_xrel.c
-n-i-bz [PATCH][VEX] Bump allowed shift value for "add.w reg, sp, reg, lsl #N"
-n-i-bz [PATCH][VEX] Remove limit on strd's negative immediates
-356112 mips: replace addi with addiu
-356122 Apparent infinite loop calling the GLib g_get_user_special_dir() function
-356138 vex amd64->IR: 0x8F 0xEA 0x78 0x10 0xD2 0x6 0x6 0x0
-356174 Enhance the embedded gdbserver to allow LLDB to use it
-
Wed 2 Dec 16:01:07 CET 2015
-356374 Assertion 'DRD_(g_threadinfo)[tid].pt_threadid
- != INVALID_POSIX_THREADID' failed
-356392 FPU control word not updated on FYL2X with ST(0) = 0
-356393 valgrind (vex) crashes because isZeroU happened
-356457 valgrind: m_mallocfree.c:2042 (vgPlain_arena_free):
- Assertion 'blockSane(a, b)' failed.
-356611 vex amd64->IR: 0x8F 0xEA 0xF8 0x10 0xC9 0x3 0x1D 0x0
-356675 callgrind test apk in android 5.0.2
-356676 Unhandled arm64-linux syscalls: 125 and 126 (sched_get_priority_max/min)
-356678 unhandled arm64-linux syscall: 232 (mincore)
-356715 vex amd64->IR: 0xC4 0xE2 0x7D 0x13 0x4 0x4A 0xC5 0xFC
-356817 valgrind.h triggers compiler errors on MSVC when defining NVALGRIND
-356823 Unsupported ARM instruction: stlex
357010 drd regression tests fail to compile with Intel compiler
357011 Memcheck regression tests do not generate expected frame numbers
if compiled with intel compiler
@@ -201,26 +195,6 @@
in intel-compiled application.
357037 Line numbers are occasionally displayed incorrectly
in intel-compiled applications
-357059 x86: SSE cvtpi2ps with memory source does transition to MMX state
-357294 cannot start valgrind with tool dhat
-357338 Unhandled instruction for SHA instructions libcrypto Boring SSL
-357673 crash if I try to run valgrind with a binary link with libcurl
-357734 "unhandled instruction 0x1AC12D8C" for ARM64/AARCH64
-357781 unhandled amd64-linux syscall: 317
-357833 Valgrind is broken on recent linux kernel
-357871 pthread_spin_destroy not properly
-357873 libstdc++ unhandled instruction: 0xF 0xC7 0xF0 0x89
-357887 Calls to VG_(fclose) does not close the file descriptor
-357928 Thread 1: status = VgTs_Runnable
-357932 vex amd64->IR: 0xF2 0x49 0xF 0x5D and 0xF2 0x49 0xF 0x5F
-358030 support direct socket calls on x86 32bit (new in linux 4.3)
-358213 helgrind bar_bad testcase hangs
- with new glibc pthread barrier implementation
-358478 drd/tests/std_thread.cpp doesn't build with GCC6
-358569 Unhandled instructions cause creation of "orphan" stack traces
- in XML output
-358620 WARNING: unhandled syscall: 357
-358637 produces invalid xml
Thu 28 Jan 13:20:02 CET 2016
|
|
From: Earl C. <ear...@ya...> - 2016-07-04 16:13:38
|
> I believe I have found a problem with handling of signals in a
> multithreaded program.
Here is a candidate patch against 3.11, though I'm unsure if it's taking
the right approach:
+ /home/earl/bin/git diff coregrind/m_signals.c
diff --git a/coregrind/m_signals.c b/coregrind/m_signals.c
index e105afa..66fffa9 100644
--- a/coregrind/m_signals.c
+++ b/coregrind/m_signals.c
@@ -2515,10 +2515,11 @@ Bool VG_(extend_stack)(ThreadId tid, Addr addr)
VG_(debugLog)(1, "signals",
"extending a stack base 0x%lx down by %lu\n",
seg_next->start, udelta);
+
+ Addr new_stack_base = seg_next->start - udelta;
Bool overflow;
if (! VG_(am_extend_into_adjacent_reservation_client)
( seg_next->start, -(SSizeT)udelta, &overflow )) {
- Addr new_stack_base = seg_next->start - udelta;
if (overflow)
VG_(umsg)("Stack overflow in thread #%u: can't grow stack to
%#lx\n",
tid, new_stack_base);
@@ -2530,7 +2531,7 @@ Bool VG_(extend_stack)(ThreadId tid, Addr addr)
/* When we change the main stack, we have to let the stack handling
code know about it. */
- VG_(change_stack)(VG_(clstk_id), addr, VG_(clstk_end));
+ VG_(change_stack)(VG_(clstk_id), new_stack_base, VG_(clstk_end));
if (VG_(clo_sanity_level) > 2)
VG_(sanity_check_general)(False);
Earl
|
|
From: <sv...@va...> - 2016-07-04 11:17:46
|
Author: sewardj
Date: Mon Jul 4 12:17:37 2016
New Revision: 15899
Log:
Update the bug list.
Modified:
trunk/docs/internals/3_11_BUGSTATUS.txt
Modified: trunk/docs/internals/3_11_BUGSTATUS.txt
==============================================================================
--- trunk/docs/internals/3_11_BUGSTATUS.txt (original)
+++ trunk/docs/internals/3_11_BUGSTATUS.txt Mon Jul 4 12:17:37 2016
@@ -223,3 +223,106 @@
358637 produces invalid xml
Thu 28 Jan 13:20:02 CET 2016
+
+358697 valgrind.h: Some code remains even when defining NVALGRIND
+358856 unhandled instruction bytes: 0xC4 0xE2 0x7B 0xF7
+358980 32 byte leak reported when code uses dlopen and links against pthread
+358988 rdrand support missing: 0x48 0xF 0xC7 0xF1 ...
+359133 m_deduppoolalloc.c:258 (vgPlain_allocEltDedupPA):
+ Assertion 'eltSzB <= ddpa->poolSzB' failed.
+359181 Buffer Overflow during Demangling
+359201 futex syscall "skips" argument 5 if op is FUTEXT_WAIT_BITSET
+359202 Add musl libc configure/compile
+359249 valgrind unable to load 64-bit linux executable
+ linked with -mcmodel=medium
+359264 Memcheck shows 2,064 bytes possibly lost and 20,036 suppressed bytes
+ in simplistic program on OS X El Capitan
+359289 s390x: popcnt (B9E1) not implemented
+359472 The Power PC vsubuqm instruction doesn't always give the correct result.
+359503 Add missing syscalls for aarch64 (arm64)
+359524 bt, btc, btr and bts instruction improperly translated by VEX on x86-64
+359645 [patch] "You need libc6-dbg" help message could be more helpful
+ with 32-bit target on-64-bit arch
+359703 s390: wire up separate socketcalls system calls
+359705 memcheck causes segfault on a dynamically-linked test from
+ rustlang's test suite on i686
+359724 getsockname syscall might crash - deref_UInt should check make
+ sure it is safe to deref
+359733 amd64 implement strchr/index override to avoid need for suppression
+ and redirection like x86
+359767 Valgrind does not support the IBM POWER ISA 3.0 instructions
+359829 Power PC test suite none/tests/ppc64/test_isa_2_07.c uses
+ uninitialzed data
+359838 arm64: Unhandled instruction 0xD5033F5F (clrex)
+359871 Incorrect mask handling in ppoll
+359920 Configure fails with relative DESTDIR
+359950 Wrong result comparing doubles on x87
+359952 Unrecognised PCMPESTRM variants
+360008 Contents of Power vr registers contents is not printed correctly
+ when the --vgdb-shadow-registers=yes option is used.
+360035 POWER PC instruction bcdadd and bcdsubtract generate result with
+ non-zero shadow bits
+360188 Valgrind does not build
+360378 arm64: Unhandled instruction 0x5E280844 (sha1h s4, s2)
+360415 amd64 instructions ADCX and ADOX are not implemented in VEX
+360425 arm64 unsupported instruction ldpsw
+360429 Warning: noted but unhandled ioctl 0x530d with no size/direction hints.
+360519 none/tests/arm64/memory.vgtest might fail with newer gcc
+360557 helgrind reports data race which I can't see (involves rwlocks)
+360571 Error about the Android Runtime reading below the stack pointer on ARM
+360574 Wrong parameter type for an ashmem ioctl() call on Android and ARM64
+360749 kludge for multiple .rodata sections on Solaris no longer needed
+360752 raise the number of reserved fds in m_main.c from 10 to 12
+361207 Valgrind does not support the IBM POWER ISA 3.0 instructions, part 2
+361226 s390x: risbgn (EC59) not implemented
+361253 [s390x] ex_clone.c:42: undefined reference to `pthread_create'
+361351 Assertion failure analyzing SDL_Init()
+361354 ppc64[le]: wire up separate socketcalls system calls
+361405 disInstr(ppc): unhandled instruction: 0xFF81010C
+361504 dlopen()/dlclose() and shared object usage check
+361615 Inconsistent termination when an instrumented multithreaded process
+ is terminated by signal
+361726 WARNING:unhandled syscall on ppc64
+361770 Missing F_ADD_SEALS
+361810 valgrind duplicate stdin after fork
+361926 unhandled x86-solaris syscall: 84
+362009 Valgrind dumps core on unimplemented functionality before threads
+ are created
+362033 undeclared identifier build failures for getpid(), usleep(),
+ and getuid()
+362223 valgrind: m_commandline.c:79 (read_dot_valgrindrc):
+ Assertion 'n >= 0 && n <= stat_buf.size+1' failed.
+362329 Valgrind does not support the IBM POWER ISA 3.0 instructions, part 3
+362680 --error-exitcode not honored when file descriptor leaks are found
+362892 test apk in android5.0.2,after fix the bug 344802,android log
+ "Unable to create protected region in stack for implicit overflow
+ check. Reason: Out of memory size: 4096"
+362894 missing (broken) support for wbit field on mtfsfi instruction (ppc64)
+362920 valgrind refuses to execute pkcs11-tool binary from OpenSC:
+ assertion 'tst->os_state.pthread - magic_delta == self' failed
+362934 [AsusWRT] Arm v7 illegal instruction
+362935 [AsusWRT] Assertion 'sizeof(TTEntryC) <= 88' failed
+362939 test apk in android 5.0 or most,at 0x6A23AB4:
+ art::Thread::InstallImplicitProtection() (in /system/lib/libart.so)
+362953 Request for an update to the Valgrind Developers page
+363123 SIGSEGV on Mac OS with very simple threaded code
+363497 Crash if i run valgrind on any working program -> valgrind:
+ the 'impossible' happened: LibVEX called failure_exit()
+363680 add renameat2() support
+363705 arm64 missing syscall name_to_handle_at and open_by_handle_at
+363714 ppc64 missing syscalls sync, waitid and name_to/open_by_handle_at
+363740 Possible data race in vgPlain_amd64_linux_REDIR_FOR_vgettimeofday
+363858 Add IBM ISA 3.0 support, patch set 4
+364058 array overruns are not detected
+364279 False "Uninitialized" on atomic_compare_exchange
+364359 Valgrind crashes on fcntl(F_SETFL, O_NONBLOCK, fd)
+364413 pselect sycallwrapper mishandles NULL sigmask
+364435 Crash - Unrecognized instruction for Arm64 LDPSW
+364497 Run valgrind on nginx
+364533 Process terminating with default action of signal 4 (SIGILL): dumping
+ core, : at 0x4000E7C: ??? (in /lib/ld-uClibc.so.0)
+364728 Power PC, missing support for several HW registrs i
+ n get_otrack_shadow_offset_wrk()
+364948 Add IBM ISA 3.0 support, patch set 5
+
+Mon 4 Jul 13:10:42 CEST 2016
|
|
From: Earl C. <ear...@ya...> - 2016-07-04 08:56:55
|
I believe I have found a problem with handling of signals in a multithreaded program. I think I'm close to the root cause and would appreciate advice in where to look next. I have been seeing an intermittent error message regarding an invalid write to a stack location reported by valgrind. Near the time of failure, two threads are running (main thread, and one other), and a signal (SIGCHLD) is delivered to a signal handler which runs in the main thread. The invalid write is reported after the signal handler returns. I see this problem on valgrind 3.11 and earlier. ==25683== Invalid write of size 4 ==25683== at 0x806E19A: eventclockTime (timekeeping_.c:249) ... ==25683== Address 0xbeb6e680 is on thread 1's stack ==25683== in frame #0, created by eventclockTime (timekeeping_.c:246) This problem seems sensitive to stack layout (eg removing environment variables seems to make the problem go away), architecture (eg I see this on x86 Linux, but I have not observed this on x86_64), and timing (ie the problem does not occur on every run, and the functions in question are called frequently). Just before the failure, the main thread runs. I've added some extra instrumentation that is prefixed with "+ " showing stack activation around the failing address (which in this case is 0xbeb6e680): + mc_new_mem_stack 0xbeb6e650 0x5c 0x0 current_stack 0xBEB6E000-0xBEB6FFFF 0 new_SP 0xBEB6E62C old_SP 0xBEB6E640 current_stack 0xBEB6E000-0xBEB6FFFF 0 new_SP 0xBEB6E640 old_SP 0xBEB6E62C + mc_storev32 25683 4960 vbits32 0x0 0xbeb6e680 vabits8 0x55 + mc_storev32 25683 4973 0xbeb6e680 vabits8 0xaa current_stack 0xBEB6E000-0xBEB6FFFF 0 new_SP 0xBEB6E6AC old_SP 0xBEB6E650 + mc_die_mem_stack 0xbeb6e650 0x5c 0x0 + set_address_range_perms 1738 3514 0xbeb6e680 len 44 smoff 7376 vabits16 0 current_stack 0xBEB6E000-0xBEB6FFFF 0 new_SP 0xBEB6E670 old_SP 0xBEB6E6AC + mc_new_mem_stack 0xbeb6e670 0x3c 0x0 current_stack 0xBEB6E000-0xBEB6FFFF 0 new_SP 0xBEB6E6AC old_SP 0xBEB6E670 + mc_die_mem_stack 0xbeb6e670 0x3c 0x0 + set_address_range_perms 1738 3514 0xbeb6e680 len 44 smoff 7376 vabits16 0 current_stack 0xBEB6E000-0xBEB6FFFF 0 new_SP 0x482C494 old_SP 0x482C494 new current_stack 0x4630000-0x482EFFF 1 At this point, the other thread runs, and execution seems to switch between the two: ... current_stack 0x4630000-0x482EFFF 1 new_SP 0x482C4A4 old_SP 0x482C480 current_stack 0xBEB6E000-0xBEB6FFFF 0 new_SP 0xBEB6E490 old_SP 0xBEB6E4CC current_stack 0x4630000-0x482EFFF 1 new_SP 0x482C4A4 old_SP 0x482C4A4 ... Eventually, the SIGCHLD is delivered: current_stack 0x4630000-0x482EFFF 1 new_SP 0xBEB6E6B0 old_SP 0xBEB6E6B0 new current_stack 0xBEB6E000-0xBEB6FFFF 0 + sigframe_create prev eip 0x40010b2 + mc_new_mem_stack_signal 1911 0xbeb6dfd0 0x6d8 + sigframe_create esp 0xbeb6dfd0 top esp 0xbeb6e6b0 size 0x6e0 pushed signal frame; %ESP now = 0xbeb6dfd0, next %EIP = 0x806a110, status=2 current_stack 0xBEB6DFD0-0xBEB6FFFF 0 new_SP 0xBEB6DF44 old_SP 0xBEB6DFC0 new current_stack not found The messages about "new current_stack not found" continue, presumably because the signal frame is not part of the recognised stack area for the main thread. While handing the signal, at some point, the other thread runs: ... current_stack 0xBEB6DFD0-0xBEB6FFFF 0 new_SP 0xBEB6DCA0 old_SP 0xBEB6DC64 new current_stack not found current_stack 0xBEB6DFD0-0xBEB6FFFF 0 new_SP 0x482C410 old_SP 0x482C410 new current_stack 0x4630000-0x482EFFF 1 current_stack 0x4630000-0x482EFFF 1 new_SP 0x482C3D0 old_SP 0x482C40C ... And some time after that, execution returns to the main thread, but it seems that the current_stack remains bound to the other thread and the "Invalid write" error follows: ... current_stack 0x4630000-0x482EFFF 1 new_SP 0x482C628 old_SP 0x482C63C current_stack 0x4630000-0x482EFFF 1 new_SP 0xBEB6DC80 old_SP 0xBEB6DC80 new current_stack not found current_stack 0x4630000-0x482EFFF 1 new_SP 0xBEB6DCA0 old_SP 0xBEB6DC84 new current_stack not found ... current_stack 0x4630000-0x482EFFF 1 new_SP 0xBEB6DFC0 old_SP 0xBEB6DF44 new current_stack not found + sigframe_destroy isRT 0 signo 17 esp 0xbeb6dfd0 size 0x6d8 redzone 0 + calling from track_die_mem_stack_signal 1845 0xbeb6dfd0 0x6d8 + set_address_range_perms 1738 1846 0xbeb6e680 len 40 smoff 7376 vabits16 0 current_stack 0x4630000-0x482EFFF 1 new_SP 0xBEB6E680 old_SP 0xBEB6E6AC ... ==25683== Invalid write of size 4 ==25683== at 0x806E19A: eventclockTime (timekeeping_.c:249) I suspect the key to the problem is that the current_stack no longer tracks the main thread after the other thread runs while signal delivery is still occurring in the main thread. Is this a plausible explanation? The signal frame itself seems to also cause "new current_stack not found" to be reported when handling. Should stack tracking know about signal frames? Earl |