From: Julian Seward Date: Mon, 4 Jul 2016 16:57:36 +0000 (+0000) Subject: Initial triage of a bunch of bugs from Oct 2015 to Feb 2016, roughly. X-Git-Tag: svn/VALGRIND_3_12_0~123 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=259caf2e10eea2290f998157ae0b7854c6899ef2;p=thirdparty%2Fvalgrind.git Initial triage of a bunch of bugs from Oct 2015 to Feb 2016, roughly. git-svn-id: svn://svn.valgrind.org/valgrind/trunk@15900 --- diff --git a/NEWS b/NEWS index 0df38cb6cb..ab36bdcdff 100644 --- a/NEWS +++ b/NEWS @@ -59,28 +59,34 @@ where XXXXXX is the bug number as listed below. 303877 valgrind doesn't support compressed debuginfo sections. 345307 Warning about "still reachable" memory when using libstdc++ from gcc 5 348345 Assertion fails for negative lineno +351804 Crash on generating suppressions for "printf" call on OS X 10.10 353083 arm64 doesn't implement various xattr system calls 353084 arm64 doesn't support sigpending system call +353137 www: update info for Supported Platforms +353138 www: update "The Valgrind Developers" page 353370 don't advertise RDRAND in cpuid for Core-i7-4910-like avx2 machine 353398 WARNING: unhandled amd64-solaris syscall: 207 353660 XML in auxwhat tag not escaping reserved symbols properly 353680 s390x: Crash with certain glibc versions due to non-implemented TBEGIN +353802 ELF debug info reader confused with multiple .rodata sections 353891 Assert 'bad_scanned_addr < VG_ROUNDDN(start+len, sizeof(Addr))' failed 353917 unhandled amd64-solaris syscall fchdir(120) 353920 unhandled amd64-solaris syscall: 170 354392 unhandled amd64-solaris syscall: 171 -354797 Added vbit tester support for PPC 64 isa 2.07 iops +354797 Vbit test does not include Iops for Power 8 instruction support 354883 tst->os_state.pthread - magic_delta assertion failure on OSX 10.11 354933 Fix documentation of --kernel-variant=android-no-hw-tls option 355188 valgrind should intercept all malloc related global functions -355455 stderr.exp of test cases wrapmalloc and wrapmallocstatic overconstrained 355454 do not intercept malloc related symbols from the runtime linker +355455 stderr.exp of test cases wrapmalloc and wrapmallocstatic overconstrained 356044 Dwarf line info reader misinterprets is_stmt register +356393 valgrind (vex) crashes because isZeroU happened 356817 valgrind.h triggers compiler errors on MSVC when defining NVALGRIND 357833 Setting RLIMIT_DATA to zero breaks with linux 4.5+ 357871 pthread_spin_destroy not properly wrapped -357887 Fix a file handle leak. VG_(fclose) did not close the file +357887 Calls to VG_(fclose) do not close the file descriptor 358030 support direct socket calls on x86 32bit (new in linux 4.3) +358478 drd/tests/std_thread.cpp doesn't build with GCC6 359133 Assertion 'eltSzB <= ddpa->poolSzB' failed 359201 futex syscall "skips" argument 5 if op is FUTEX_WAIT_BITSET 359289 s390x: popcnt (B9E1) not implemented @@ -117,6 +123,10 @@ n-i-bz massif --pages-as-heap=yes does not report peak caused by mmap+munmap n-i-bz false positive leaks due to aspacemgr merging non heap segments with heap segments. n-i-bz Fix ppoll_alarm exclusion on OS X n-i-bz Document brk segment limitation, reference manual in limit reached msg. +n-i-bz Fix clobber list in none/tests/amd64/xacq_xrel.c [valgrind r15737] +n-i-bz Bump allowed shift value for "add.w reg, sp, reg, lsl #N" [vex r3206] + + Release 3.11.0 (22 September 2015) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ @@ -499,8 +509,7 @@ where XXXXXX is the bug number as listed below. 351140 arm64 syscalls setuid (146) and setresgid (149) not implemented 351386 Solaris: Cannot run ld.so.1 under Valgrind 351474 Fix VG_(iseqsigset) as obvious -351534 Fix incorrect header guard -351632 Fix UNKNOWN fcntl 97 on OS X 10.11 +351531 Typo in /include/vki/vki-xen-physdev.h header guard 351756 Intercept platform_memchr$VARIANT$Haswell on OS X 351858 ldsoexec support on Solaris 351873 Newer gcc doesn't allow __builtin_tabortdc[i] in ppc32 mode diff --git a/docs/internals/3_11_BUGSTATUS.txt b/docs/internals/3_11_BUGSTATUS.txt index 773a1c4c7a..206596f3bd 100644 --- a/docs/internals/3_11_BUGSTATUS.txt +++ b/docs/internals/3_11_BUGSTATUS.txt @@ -5,40 +5,122 @@ of 3.11.0 go in here. Bugs that didn't get fixed in 3.11.0 remain in === VEX/amd64 ========================================================== +351491 Unrecognised instruction in library compiled with -mavx -ffast-math -O3 +351726 vex amd64->IR: 0xC5 0xF3 0xC2 0x15 0xEB 0x7C 0x2 0x0 + [JRS: potentially serious, miscalculated next %RIP] +352549 Valgrind (whether with memchek or callgrind) crashes with + "unhandled instruction bytes" + [Probably invalid] +353384 unhandled instruction bytes: 0x66 0xF 0x3A 0x62 0xD1 0x62 0x41 0x3B + __intel_sse4_strpbrk +353727 unhandled instruction bytes: 0x66 0xF 0x3A 0x62 0xD1 0x72 0x45 0x3B + __intel_sse4_strspn +354931 Analyze of qt app results in incompatible processor message + [Gentoo stupidity] +356138 vex amd64->IR: 0x8F 0xEA 0x78 0x10 0xD2 0x6 0x6 0x0 +356392 FPU control word not updated on FYL2X with ST(0) = 0 + [Also relevant for x86] +356611 vex amd64->IR: 0x8F 0xEA 0xF8 0x10 0xC9 0x3 0x1D 0x0 + [== 328357, still open] +356715 vex amd64->IR: 0xC4 0xE2 0x7D 0x13 0x4 0x4A 0xC5 0xFC +357873 libstdc++ unhandled instruction: 0xF 0xC7 0xF0 0x89 + [== 353370, fixed, RDRAND ?] +357932 vex amd64->IR: 0xF2 0x49 0xF 0x5D and 0xF2 0x49 0xF 0x5F + === VEX/arm ============================================================ +352630 valgrind: Unrecognised instruction at address 0x4fc4d33. +354274 arm: unhandled instruction: 0xEBAD 0x0AC1 (sub.w sl, sp, r1, lsl #3) +355526 disInstr(arm): unhandled instruction: 0x1823E91 +n-i-bz Remove limit on strd's negative immediates + [dev@, Michael Daniels, 19 Nov 2015, easy fix, should land] +356823 Unsupported ARM instruction: stlex +357673 crash if I try to run valgrind with a binary link with libcurl + [IR sanity check failure] + === VEX/arm64 ========================================================== +357338 Unhandled instruction for SHA instructions libcrypto Boring SSL + === VEX/x86 ============================================================ +355231 Unhandled Instruction Bytes (SSE4, vmovdqu, "0xC5 0xFA 0x6F 0x2") +357059 x86: SSE cvtpi2ps with memory source does transition to MMX state + [Also relevant for amd64. Not sure this is really a bug.] + === VEX/mips =========================================================== +356112 mips: replace addi with addiu + === VEX/ppc ============================================================ === VEX/s390x ========================================================== === VEX general ======================================================== -=== Syscalls/ioctls ==================================================== +=== Syscalls/ioctls on Linux =========================================== + +351632 UNKNOWN fcntl 97 on OS X 10.11 +352742 Custom allocator using sbrk() fails after about 800MB when running + under memcheck +352767 Wine/valgrind: Warning: noted but unhandled ioctl 0x5307 with + no size/direction hints. (CDROMSTOP) +355803 Add Lustre's IOC_MDC_GETFILESTRIPE ioctl [has patch] +356676 Unhandled arm64-linux syscalls: 125 and 126 (sched_get_priority_max/min) + [may already be fixed by 359503] +356678 unhandled arm64-linux syscall: 232 (mincore) + [may already be fixed by 359503] +357781 unhandled amd64-linux syscall: 317 + [== 345414, still open] +358620 WARNING: unhandled syscall: 357 + [arm32, 3.7.0, also an unhandled insn] + +=== Syscalls/ioctls on OSX ============================================= + +352021 Signals are ignored in OS X 10.10 +353346 WARNING: unhandled amd64-darwin syscall: unix:330 + == 211362 [not fixed] === Debuginfo reader =================================================== +353192 Debug info/data section not detected on AMD64 +355197 Too strong assert in variable debug info code + === Tools/Memcheck ===================================================== +352364 ppc64: --expensive-definedness-checks=yes is not quite working here +353282 False uninitialised memory after bittwiddling + === Tools/DRD ========================================================== +356374 Assertion 'DRD_(g_threadinfo)[tid].pt_threadid + != INVALID_POSIX_THREADID' failed + === Tools/Helgrind ===================================================== +358213 helgrind bar_bad testcase hangs + with new glibc pthread barrier implementation + [Also DRD is affected] + === Tools/SGCheck ====================================================== === Tools/Massif ======================================================= === Tools/Cachegrind =================================================== +=== Tools/Callgrind ==================================================== + +356675 callgrind test apk in android 5.0.2 + [Unclear what this is. Might also be ARM or Android specific] + === Tools/Lackey ======================================================= === other/mips ========================================================= +351282 valgrind 3.10.1 MIPS softfloat build broken with GCC 4.9.3 / + binutils 2.25.1 +352197 mips: mmap2() not wrapped correctly for page size > 4096 + === other/ppc ========================================================== === other/arm ========================================================== @@ -51,18 +133,42 @@ of 3.11.0 go in here. Bugs that didn't get fixed in 3.11.0 remain in === other/OS X ======================================================== +351855 Possible false positive on OS X with setlocale +352384 mmap-FIXED failed in UME (load_segment2) +352567 Assertion tres.status == VexTransOK failed in m_translate.c + vgPlain_translate +353470 memcheck/tests/execve2 fails on OS X 10.11 +353471 memcheck/tests/x86/xor-undef-x86 fails on OS X 10.11 +354428 Bad report memory leak in OS X 10.11 + == 258140 [still open] +354809 Error message for unsupported platform is unhelpful +356122 Apparent infinite loop calling GLib g_get_user_special_dir() function + === other/Win32 ======================================================= === GDB server ========================================================= +351792 vgdb doesn't support remote file transfers +356174 Enhance the embedded gdbserver to allow LLDB to use it + === Output ============================================================= +351857 confusing error message about valid command line option +352395 Please provide SVN revision info in --version +358569 Unhandled instructions cause creation of "orphan" stack traces + in XML output + === MPI ================================================================ === Documentation ====================================================== === Uncategorised/run ================================================== +351692 Dumps created by valgrind are not readable by gdb +356457 valgrind: m_mallocfree.c:2042 (vgPlain_arena_free): + Assertion 'blockSane(a, b)' failed. + [Possible V memory corruption?] + === Uncategorised/build================================================= ======================================================================== @@ -73,120 +179,8 @@ of 3.11.0 go in here. Bugs that didn't get fixed in 3.11.0 remain in ======================================================================== ======================================================================== -351140 arm64 syscalls setuid (146) and setresgid (149) not implemented -351282 valgrind 3.10.1 MIPS softfloat build broken with GCC 4.9.3 / - binutils 2.25.1 -351386 Cannot run ld.so.1 under Valgrind -351391 Some blog CSS does not render properly under Firefox or Safari -351474 coregrind/m_libcsignal.c:134: bad test ? -351491 Unrecognised instruction in library compiled with -mavx -ffast-math -O3 -351531 Typo in /include/vki/vki-xen-physdev.h header guard -351536 Valgrind should track map areas of unloaded libraries -351632 UNKNOWN fcntl 97 on OS X 10.11 -351692 Dumps created by valgrind are not readable by gdb -351726 vex amd64->IR: 0xC5 0xF3 0xC2 0x15 0xEB 0x7C 0x2 0x0 -351742 jump to illegal address without stack backtrace -351756 Spurious errors on OS X 10.10.5 using Valgrind 3.11 SVN -351792 vgdb doesn't support remote file transfers -351804 Crash on generating suppressions for `printf` - call on OS X 10.10 / Valgrind 3.11 SVN -351848 Option for showing addresses of memory leaks? -351855 Possible false positive on OS X with setlocale -351857 confusing error message about valid command line option -351858 ldsoexec support on Solaris -351873 Newer gcc doesn't allow __builtin_tabortdc[i] in ppc32 mode -352021 Signals are ignored in OS X 10.10 -352059 Fix unhandled sysarch cmd 132 (AMD64_GET_XFPUSTATE) on FreeBSD/amd64 -352130 helgrind reports false races for printfs using mempcpy - manipulating FILE* state -352183 s390x: none/tests/s390x/fpext is failing -352197 mips: mmap2() not wrapped correctly for page size > 4096 -352284 s390 Conditional jump or move depends on uninitialised value(s) - in vfprintf -352320 arm64 crash on none/tests/nestedfs -352364 ppc64: --expensive-definedness-checks=yes is not quite working here -352384 mmap-FIXED failed in UME (load_segment2) -352395 Please provide SVN revision info in --version -352549 Valgrind (whether with memchek or callgrind) crashes with - "unhandled instruction bytes" -352567 Assertion tres.status == VexTransOK failed in m_translate.c - vgPlain_translate -352586 Missing emulation of the PowerPC "mbar" instruction -352630 valgrind: Unrecognised instruction at address 0x4fc4d33. -352742 Custom allocator using sbrk() fails after about 800MB when running - under memcheck -352765 Vbit test fails on Power 6 -352767 Wine/valgrind: Warning: noted but unhandled ioctl 0x5307 with - no size/direction hints. (CDROMSTOP) -352768 The mbar instruction is missing from the Power PC support -352769 Power PC program priority register (PPR) is not supported -353083 arm64 doesn't implement various xattr system calls -353084 arm64 doesn't support sigpending system call -353137 www: update info for Supported Platforms -353138 www: update "The Valgrind Developers" page -353192 Debug info/data section not detected on AMD64 -353282 False uninitialised memory after bittwiddling -353346 WARNING: unhandled amd64-darwin syscall: unix:330 -353370 amd64->IR: 0x48 0xF 0xC7 0xF0 0x72 0x4 0xFF 0xC9 -353384 unhandled instruction bytes: 0x66 0xF 0x3A 0x62 0xD1 0x62 0x41 0x3B - __intel_sse4_strpbrk -353470 memcheck/tests/execve2 fails on OS X 10.11 -353471 memcheck/tests/x86/xor-undef-x86 fails on OS X 10.11 -353660 XML in auxwhat tag not escaping ampersand properly -353680 s390x: Crash with certain glibc versions due to non-implemented TBEGIN -353727 unhandled instruction bytes: 0x66 0xF 0x3A 0x62 0xD1 0x72 0x45 0x3B - __intel_sse4_strspn -353802 ELF debug info reader confused with multiple .rodata sections -353891 testcase memcheck/tests/leak-segv-jmp: Memcheck: mc_leakcheck.c:1045 - (lc_scan_memory): Assertion 'bad_scanned_addr < VG_ROUNDDN(start+len, - sizeof(Addr))' failed. -353920 unhandled amd64-solaris syscall: 170 -354274 arm: unhandled instruction: 0xEBAD 0x0AC1 (sub.w sl, sp, r1, lsl #3) -354392 unhandled amd64-solaris syscall: 171 -354428 Bad report memory leak in OS X 10.11 -354797 Vbit test does not include Iops for Power 8 instruction support -354809 Error message for unsupported platform is unhelpful -354882 Valgrind 3.11.0 (and 3.12.0-SVN) fails to build on OSX 10.11 El Capitan -354883 Assertion failure with valgrind-3.11.0 on OSX 10.11 -354909 strlen() provokes false positives on icc -O2 (Linux) -354931 Analyze of qt app results in incompatible processor message -354933 Android READMEs talk of --kernel-variant=android-emulator-no-hw-tls, - which doesn't exist - -Mon 9 Nov 21:57:00 CET 2015 - -355188 valgrind should intercept all malloc related global functions by default -355197 Too strong assert in variable debug info code -355231 Unhandled Instruction Bytes (SSE4, vmovdqu, "0xC5 0xFA 0x6F 0x2") -355454 do not intercept malloc related symbols from the runtime linker -355455 expected stderr of test cases wrapmalloc and wrapmallocstatic - overconstrained -355526 disInstr(arm): unhandled instruction: 0x1823E91 -355803 Add Lustre's IOC_MDC_GETFILESTRIPE ioctl -356044 Dwarf line info reader misinterprets is_stmt register -n-i-bz [PATCH] Fix clobber list in none/tests/amd64/xacq_xrel.c -n-i-bz [PATCH][VEX] Bump allowed shift value for "add.w reg, sp, reg, lsl #N" -n-i-bz [PATCH][VEX] Remove limit on strd's negative immediates -356112 mips: replace addi with addiu -356122 Apparent infinite loop calling the GLib g_get_user_special_dir() function -356138 vex amd64->IR: 0x8F 0xEA 0x78 0x10 0xD2 0x6 0x6 0x0 -356174 Enhance the embedded gdbserver to allow LLDB to use it - Wed 2 Dec 16:01:07 CET 2015 -356374 Assertion 'DRD_(g_threadinfo)[tid].pt_threadid - != INVALID_POSIX_THREADID' failed -356392 FPU control word not updated on FYL2X with ST(0) = 0 -356393 valgrind (vex) crashes because isZeroU happened -356457 valgrind: m_mallocfree.c:2042 (vgPlain_arena_free): - Assertion 'blockSane(a, b)' failed. -356611 vex amd64->IR: 0x8F 0xEA 0xF8 0x10 0xC9 0x3 0x1D 0x0 -356675 callgrind test apk in android 5.0.2 -356676 Unhandled arm64-linux syscalls: 125 and 126 (sched_get_priority_max/min) -356678 unhandled arm64-linux syscall: 232 (mincore) -356715 vex amd64->IR: 0xC4 0xE2 0x7D 0x13 0x4 0x4A 0xC5 0xFC -356817 valgrind.h triggers compiler errors on MSVC when defining NVALGRIND -356823 Unsupported ARM instruction: stlex 357010 drd regression tests fail to compile with Intel compiler 357011 Memcheck regression tests do not generate expected frame numbers if compiled with intel compiler @@ -201,26 +195,6 @@ Wed 2 Dec 16:01:07 CET 2015 in intel-compiled application. 357037 Line numbers are occasionally displayed incorrectly in intel-compiled applications -357059 x86: SSE cvtpi2ps with memory source does transition to MMX state -357294 cannot start valgrind with tool dhat -357338 Unhandled instruction for SHA instructions libcrypto Boring SSL -357673 crash if I try to run valgrind with a binary link with libcurl -357734 "unhandled instruction 0x1AC12D8C" for ARM64/AARCH64 -357781 unhandled amd64-linux syscall: 317 -357833 Valgrind is broken on recent linux kernel -357871 pthread_spin_destroy not properly -357873 libstdc++ unhandled instruction: 0xF 0xC7 0xF0 0x89 -357887 Calls to VG_(fclose) does not close the file descriptor -357928 Thread 1: status = VgTs_Runnable -357932 vex amd64->IR: 0xF2 0x49 0xF 0x5D and 0xF2 0x49 0xF 0x5F -358030 support direct socket calls on x86 32bit (new in linux 4.3) -358213 helgrind bar_bad testcase hangs - with new glibc pthread barrier implementation -358478 drd/tests/std_thread.cpp doesn't build with GCC6 -358569 Unhandled instructions cause creation of "orphan" stack traces - in XML output -358620 WARNING: unhandled syscall: 357 -358637 produces invalid xml Thu 28 Jan 13:20:02 CET 2016