[valgrind] [Bug 454925] New: Stracktraces contain addresses that are off by one, except frame 0

Mon, 06 Jun 2022 01:45:02 -0700 

https://bugs.kde.org/show_bug.cgi?id=454925

            Bug ID: 454925
           Summary: Stracktraces contain addresses that are off by one,
                    except frame 0
           Product: valgrind
           Version: unspecified
          Platform: Debian stable
                OS: Linux
            Status: REPORTED
          Severity: minor
          Priority: NOR
         Component: general
          Assignee: jsew...@acm.org
          Reporter: bernha...@mailbox.org
  Target Milestone: ---

Created attachment 149505
  --> https://bugs.kde.org/attachment.cgi?id=149505&action=edit
Attempt-to-fix-EIP-pointer-in-stacktrace.patch

The addresses in stacktraces shown by valgrind are off by one, except for frame
0.
This seems to be explained in this commit: 
https://sourceware.org/git/?p=valgrind.git;a=patch;f=coregrind/m_stacktrace.c;h=efaaa0b74a695a68ef5e758102d3fe3920e121fd

So valgrind is decrementing the address by one to get into the call
instruction.
But when showing the stacktrace this decremention gets not corrected later.
Below example shows the same process, one with the valgrind stacktrace and one
with the gdb stacktrace.
A disassemble shows valgrind's address in the last byte of the call
instruction, while
gdb shows the next byte, the return address of the call instruction.

$ valgrind --vgdb=yes --vgdb-error=0 rc
==4357== Invalid free() / delete / delete[] / realloc()
==4357==    at 0x4840EB7: free (vg_replace_malloc.c:872)
==4357==    by 0x1134BF: ??? (in /usr/bin/rc.byron)
==4357==    by 0x118B7C: ??? (in /usr/bin/rc.byron)
==4357==    by 0x118473: ??? (in /usr/bin/rc.byron)
==4357==    by 0x486F6E5: rl_completion_matches (in
/usr/lib/i386-linux-gnu/libreadline.so.8.1)
==4357==    by 0x118760: ??? (in /usr/bin/rc.byron)
...

$ gdb $(which rc)
(gdb) target remote | /usr/bin/vgdb --pid=4357
(gdb) cont
(gdb) bt
#0  0x04840eb7 in _vgr10050ZU_VgSoSynsomalloc_free (p=0x4b2e758) at
m_replacemalloc/vg_replace_malloc.c:872
#1  0x001134c0 in ?? ()
#2  0x00118b7d in ?? ()
#3  0x00118474 in ?? ()
#4  0x0486f6e6 in rl_completion_matches () from
/lib/i386-linux-gnu/libreadline.so.8
#5  0x00118761 in ?? ()
...
Dump of assembler code from 0x4840eb5 to 0x4840ebd:
   0x04840eb5 <_vgr10050ZU_VgSoSynsomalloc_free+101>:   87 db   xchg  
%ebx,%ebx
   0x04840eb7 <_vgr10050ZU_VgSoSynsomalloc_free+103>:   89 55 e0        mov   
%edx,-0x20(%ebp)
   0x04840eba <_vgr10050ZU_VgSoSynsomalloc_free+106>:   8b 45 e0        mov   
-0x20(%ebp),%eax
End of assembler dump.
...
(gdb) disassemble /r 0x001134ba,0x001134c6
Dump of assembler code from 0x1134ba to 0x1134c6:
   0x001134ba:  50      push   %eax
   0x001134bb:  e8 c0 6b ff ff  call   0x10a080 <free@plt>
   0x001134c0:  83 c4 10        add    $0x10,%esp
   0x001134c3:  83 c4 08        add    $0x8,%esp
End of assembler dump.


Attached patch is an attempt to correct just the output of the stacktrace in
`VG_(describe_IP)`
while leaving the internal used address unchanged.


SOFTWARE/OS VERSIONS
Linux: 
valgrind 1:3.16.1-1 amd64 (Bullseye)
valgrind 1:3.18.1-1 i386  (Bookworm)

-- 
You are receiving this mail because:
You are watching all bug changes.

Reply via email to