Bug 25583

Summary: memcheck crashes when running in an armv7hl chroot on armv8 hardware
Product: Mageia Reporter: Pascal Terjan <pterjan>
Component: RPM PackagesAssignee: Pascal Terjan <pterjan>
Status: RESOLVED INVALID QA Contact:
Severity: normal    
Priority: Normal    
Version: Cauldron   
Target Milestone: ---   
Hardware: armv7hl   
OS: Linux   
Whiteboard:
Source RPM: valgrind CVE:
Status comment:

Description Pascal Terjan 2019-10-18 01:12:37 CEST 
For example on drpm package:

[iurt@localhost test]$ /usr/bin/valgrind "--error-exitcode=1" "--read-var-info=yes" "--leak-check=full" "--show-leak-kinds=all" "--track-origins=yes" "--suppressions=/home/iurt/drpm/BUILD/drpm-0.3.0/test/lzma.supp" "./drpm_api_tests"
==7987== Memcheck, a memory error detector
==7987== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al.
==7987== Using Valgrind-3.15.0 and LibVEX; rerun with -h for copyright info
==7987== Command: ./drpm_api_tests
==7987==

vex: priv/host_arm_defs.c:4917 (chainXDirect_ARM): Assertion `is_imm32_to_ireg_EXACTLY2( p, 12, (UInt)(Addr)disp_cp_chain_me_EXPECTED)' failed.
vex storage: T total 334904 bytes allocated
vex storage: P total 0 bytes allocated

valgrind: the 'impossible' happened:
   LibVEX called failure_exit().

host stacktrace:
==7987==    at 0x58043D3C: show_sched_status_wrk (m_libcassert.c:388)
==7987==    by 0x58043E97: report_and_quit (m_libcassert.c:459)
==7987==    by 0x5804405F: panic (m_libcassert.c:535)
==7987==    by 0x5804405F: vgPlain_core_panic_at (m_libcassert.c:540)
==7987==    by 0x5804407B: vgPlain_core_panic (m_libcassert.c:545)
==7987==    by 0x5805B05F: failure_exit (m_translate.c:751)
==7987==    by 0x58143357: vex_assert_fail (main_util.c:247)
==7987==    by 0x581BA293: chainXDirect_ARM (host_arm_defs.c:4916)
==7987==    by 0x58141173: LibVEX_Chain (main_main.c:1211)
==7987==    by 0x58060B7F: vgPlain_tt_tc_do_chaining (m_transtab.c:920)
==7987==    by 0x580A608F: handle_chain_me (scheduler.c:1188)
==7987==    by 0x580A91CB: vgPlain_scheduler (scheduler.c:1516)
==7987==    by 0x580F88BF: thread_wrapper (syswrap-linux.c:103)
==7987==    by 0x580F88BF: run_a_thread_NORETURN (syswrap-linux.c:156)
==7987==    by 0xFFFFFFFF: ???

sched status:
  running_tid=1
--7987-- VALGRIND INTERNAL ERROR: Valgrind received a signal 11 (SIGSEGV) - exiting
--7987-- si_code=1;  Faulting address: 0xA0;  sp: 0x89c9bb30

valgrind: the 'impossible' happened:
   Killed by fatal signal

host stacktrace:
==7987==    at 0x580AAAB8: vgPlain_is_in_syscall (syswrap-main.c:1642)
==7987==    by 0x58043973: print_thread_state (m_libcassert.c:326)
==7987==    by 0x58043BD7: show_sched_status_wrk (m_libcassert.c:422)
==7987==    by 0x58043E97: report_and_quit (m_libcassert.c:459)
==7987==    by 0x5804405F: panic (m_libcassert.c:535)
==7987==    by 0x5804405F: vgPlain_core_panic_at (m_libcassert.c:540)
==7987==    by 0x5804407B: vgPlain_core_panic (m_libcassert.c:545)
==7987==    by 0x5805B05F: failure_exit (m_translate.c:751)
==7987==    by 0x58143357: vex_assert_fail (main_util.c:247)
==7987==    by 0x581BA293: chainXDirect_ARM (host_arm_defs.c:4916)
==7987==    by 0x58141173: LibVEX_Chain (main_main.c:1211)
==7987==    by 0x58060B7F: vgPlain_tt_tc_do_chaining (m_transtab.c:920)
==7987==    by 0x580A608F: handle_chain_me (scheduler.c:1188)
==7987==    by 0x580A91CB: vgPlain_scheduler (scheduler.c:1516)
==7987==    by 0x580F88BF: thread_wrapper (syswrap-linux.c:103)
==7987==    by 0x580F88BF: run_a_thread_NORETURN (syswrap-linux.c:156)
==7987==    by 0xFFFFFFFF: ???

sched status:
  running_tid=1
Segmentation fault (core dumped)
Comment 1 Pascal Terjan 2019-10-18 01:31:34 CEST 
This is not a regression, same problem on Mageia 7:

3: Test command: /usr/bin/valgrind "--error-exitcode=1" "--read-var-info=yes" "--leak-check=full" "--show-leak-kinds=all" "--track-origins=yes" "--suppressions=/home/iurt/drpm/BUILD/drpm-0.3.0/test/lzma.supp" "./drpm_api_tests"
3: Test timeout computed to be: 10000000
3: ==1884== Memcheck, a memory error detector
3: ==1884== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al.
3: ==1884== Using Valgrind-3.15.0 and LibVEX; rerun with -h for copyright info
3: ==1884== Command: ./drpm_api_tests
3: ==1884== 
3: 
3: vex: priv/host_arm_defs.c:4917 (chainXDirect_ARM): Assertion `is_imm32_to_ireg_EXACTLY2( p, 12, (UInt)(Addr)disp_cp_chain_me_EXPECTED)' failed.
3: vex storage: T total 611800 bytes allocated
3: vex storage: P total 0 bytes allocated
3: 
3: valgrind: the 'impossible' happened:
3:    LibVEX called failure_exit().
3: 
3: host stacktrace:
3: ==1884==    at 0x58043D3C: show_sched_status_wrk (m_libcassert.c:388)
3: ==1884==    by 0x58043E97: report_and_quit (m_libcassert.c:459)
3: ==1884==    by 0x5804405F: panic (m_libcassert.c:535)
3: ==1884==    by 0x5804405F: vgPlain_core_panic_at (m_libcassert.c:540)
3: ==1884==    by 0x5804407B: vgPlain_core_panic (m_libcassert.c:545)
3: ==1884==    by 0x5805B05F: failure_exit (m_translate.c:751)
3: ==1884==    by 0x58143357: vex_assert_fail (main_util.c:247)
3: ==1884==    by 0x581BA293: chainXDirect_ARM (host_arm_defs.c:4916)
3: ==1884==    by 0x58141173: LibVEX_Chain (main_main.c:1211)
3: ==1884==    by 0x58060B7F: vgPlain_tt_tc_do_chaining (m_transtab.c:920)
3: ==1884==    by 0x580A608F: handle_chain_me (scheduler.c:1188)
3: ==1884==    by 0x580A91B7: vgPlain_scheduler (scheduler.c:1510)
3: ==1884==    by 0x580F88BF: thread_wrapper (syswrap-linux.c:103)
3: ==1884==    by 0x580F88BF: run_a_thread_NORETURN (syswrap-linux.c:156)
3: ==1884==    by 0xFFFFFFFF: ???
3: 
3: sched status:
3:   running_tid=1
3: --1884-- VALGRIND INTERNAL ERROR: Valgrind received a signal 11 (SIGSEGV) - exiting
3: --1884-- si_code=1;  Faulting address: 0xA0;  sp: 0x89dcdb30
3: 
3: valgrind: the 'impossible' happened:
3:    Killed by fatal signal
3: 
3: host stacktrace:
3: ==1884==    at 0x580AAAB8: vgPlain_is_in_syscall (syswrap-main.c:1642)
3: ==1884==    by 0x58043973: print_thread_state (m_libcassert.c:326)
3: ==1884==    by 0x58043BD7: show_sched_status_wrk (m_libcassert.c:422)
3: ==1884==    by 0x58043E97: report_and_quit (m_libcassert.c:459)
3: ==1884==    by 0x5804405F: panic (m_libcassert.c:535)
3: ==1884==    by 0x5804405F: vgPlain_core_panic_at (m_libcassert.c:540)
3: ==1884==    by 0x5804407B: vgPlain_core_panic (m_libcassert.c:545)
3: ==1884==    by 0x5805B05F: failure_exit (m_translate.c:751)
3: ==1884==    by 0x58143357: vex_assert_fail (main_util.c:247)
3: ==1884==    by 0x581BA293: chainXDirect_ARM (host_arm_defs.c:4916)
3: ==1884==    by 0x58141173: LibVEX_Chain (main_main.c:1211)
3: ==1884==    by 0x58060B7F: vgPlain_tt_tc_do_chaining (m_transtab.c:920)
3: ==1884==    by 0x580A608F: handle_chain_me (scheduler.c:1188)
3: ==1884==    by 0x580A91B7: vgPlain_scheduler (scheduler.c:1510)
3: ==1884==    by 0x580F88BF: thread_wrapper (syswrap-linux.c:103)
3: ==1884==    by 0x580F88BF: run_a_thread_NORETURN (syswrap-linux.c:156)
3: ==1884==    by 0xFFFFFFFF: ???
3: 
3: sched status:
3:   running_tid=1
3/3 Test #3: drpm_memcheck ....................***Exception: SegFault  1.94 sec

67% tests passed, 1 tests failed out of 3

Total Test time (real) =   2.29 sec

The following tests FAILED:
	  3 - drpm_memcheck (SEGFAULT)
Errors while running CTest
Pascal Terjan 2019-10-18 11:05:18 CEST

Assignee: bugsquad => pterjan

Comment 2 Pascal Terjan 2019-10-20 17:48:33 CEST 
Crash was happening with Ubuntu kernel but not with Debian kernel

Linux armlet10.mageia.org 4.9.0-8-arm64 #1 SMP Debian 4.9.144-3.1 (2019-02-19) armv8l armv8l armv8l GNU/Linux
Comment 3 Pascal Terjan 2019-10-20 17:49:19 CEST 
Closing the bug

Status: NEW => RESOLVED
Resolution: (none) => INVALID