[valgrind] [Bug 452387] valgrind: m_debuginfo/readelf.c:717 (get_elf_symbol_info): Assertion 'in_rx' failed. [ARMV7]

bugzilla_noreply Tue, 19 Mar 2024 05:22:43 -0700

https://bugs.kde.org/show_bug.cgi?id=452387


--- Comment #5 from tdk2...@gmail.com ---
(In reply to Paul Floyd from comment #3)
> A few words on what is happening.
> 
> valgrind execs memcheck. memcheck loads the guest and ld.so and starts
> running them in the Valgrind VM. ld.so then loads dependenv shared libs.
> 
> I see libc being loaded (trimmed a bit):
> --2019-- di_notify_mmap-1: 0x4853000-0x499efff r-x
> --2019-- di_notify_mmap-2: /lib/libc-2.33.so
> --2019-- di_notify_mmap-1: 0x4995000-0x4997fff rw-
> --2019-- di_notify_mmap-2: /lib/libc-2.33.so
> --2019-- di_notify_mmap-5: achieved accept state for /lib/libc-2.33.so
> 
> The code that is failing is
> 
>       /* This could actually wrap around and cause
>          ML_(find_rx_mapping) to assert.  But that seems so unlikely,
>          let's wait for it to happen before fixing it. */
>       in_rx = (ML_(find_rx_mapping)(
>                       di,
>                       (*sym_avmas_out).main,
>                       (*sym_avmas_out).main + *sym_size_out - 1) != NULL);
>       if (in_text)
>          vg_assert(in_rx);
> 
> This is supposed to be finding the mapped memory for the rx mapping but for
> some reason it is failing.
> 
> Could you upload an attachment with the output when using '-d -d -d
> --trace-symtab=yes' please?

[root@unbm ~] $ /tmp/valgrind/bin/valgrind -d -d -d --trace-symtab=yes
--error-limit=no --leak-check=full --tool=memcheck /tmp/ld-2.15.so 
/usr/bin/last
--1637:1:debuglog DebugLog system started by Stage 1, level 3 logging requested
--1637:1:launcher tool 'memcheck' requested
--1637:2:launcher   selecting platform for '/tmp/ld-2.15.so'
--1637:2:launcher   opened '/tmp/ld-2.15.so'
--1637:2:launcher   read 4096 bytes from '/tmp/ld-2.15.so'
--1637:2:launcher   selected platform 'arm-linux'
--1637:1:launcher selected platform 'arm-linux'
--1637:1:launcher launching /tmp/valgrind/libexec/valgrind/memcheck-arm-linux
--1637:1:debuglog DebugLog system started by Stage 2 (main), level 3 logging
requested
--1637:1:    main Welcome to Valgrind version 3.22.0 debug logging
--1637:1:    main Checking current stack is plausible
--1637:1:    main Checking initial stack was noted
--1637:1:    main Starting the address space manager
--1637:2: aspacem           sp_at_startup = 0x00be962b40 (supplied)
--1637:2: aspacem                 minAddr = 0x0004000000 (computed)
--1637:2: aspacem                 maxAddr = 0x00be961fff (computed)
--1637:2: aspacem                  cStart = 0x0004000000 (computed)
--1637:2: aspacem                  vStart = 0x00614b1000 (computed)
--1637:2: aspacem   suggested_clstack_end = 0x00bd962fff (computed)
--1637:2: aspacem   <<< SHOW_SEGMENTS: Initial layout (5 segments)
--1637:2: aspacem   0 segment names in 0 slots
--1637:2: aspacem   freelist is empty
--1637:2: aspacem     0: RSVN 0000000000-0003ffffff     64m ----- SmFixed
--1637:2: aspacem     1:      0004000000-00614b0fff   1492m
--1637:2: aspacem     2: RSVN 00614b1000-00614b1fff    4096 ----- SmFixed
--1637:2: aspacem     3:      00614b2000-00be961fff   1492m
--1637:2: aspacem     4: RSVN 00be962000-00ffffffff   1046m ----- SmFixed
--1637:2: aspacem   >>>
--1637:2: aspacem   Reading /proc/self/maps
--1637:2: aspacem   <<< SHOW_SEGMENTS: With contents of /proc/self/maps (13
segments)
--1637:2: aspacem   1 segment names in 1 slots
--1637:2: aspacem   freelist is empty
--1637:2: aspacem   (0,4,3) /tmp/valgrind/libexec/valgrind/memcheck-arm-linux
--1637:2: aspacem     0: RSVN 0000000000-0003ffffff     64m ----- SmFixed
--1637:2: aspacem     1:      0004000000-0057ffffff   1344m
--1637:2: aspacem     2: FILE 0058000000-0058232fff 2306048 r-x-- d=0x001
i=47517   o=0       (0,4)
--1637:2: aspacem     3:      0058233000-005823afff   32768
--1637:2: aspacem     4: FILE 005823b000-005823cfff    8192 rw--- d=0x001
i=47517   o=2306048 (0,4)
--1637:2: aspacem     5: ANON 005823d000-0058bacfff 9895936 rw---
--1637:2: aspacem     6:      0058bad000-00614b0fff    137m
--1637:2: aspacem     7: RSVN 00614b1000-00614b1fff    4096 ----- SmFixed
--1637:2: aspacem     8:      00614b2000-00be941fff   1492m
--1637:2: aspacem     9: ANON 00be942000-00be962fff  135168 rw---
--1637:2: aspacem    10: RSVN 00be963000-00fffeffff   1046m ----- SmFixed
--1637:2: aspacem    11: anon 00ffff0000-00ffff0fff    4096 r-x--
--1637:2: aspacem    12: RSVN 00ffff1000-00ffffffff   61440 ----- SmFixed
--1637:2: aspacem   >>>
--1637:1:    main Address space manager is running
--1637:1:    main Starting the dynamic memory manager
--1637:1:mallocfr newSuperblock at 0x614B2000 (pszB 4194288)  owner
VALGRIND/core
--1637:1:mallocfr deferred_reclaimSuperblock at 0x614B2000 (pszB 4194288) 
(prev 0x0) owner VALGRIND/core
--1637:1:    main Dynamic memory manager is running
--1637:1:    main Initialise m_debuginfo
--1637:1:    main VG_(libdir) = /tmp/valgrind/libexec/valgrind
--1637:1:    main Getting launcher's name ...
--1637:1:    main ... /tmp/valgrind/bin/valgrind
--1637:1:    main Get hardware capabilities ...
--1637:1: machine ARMv7 VFP 1 VFP2 1 VFP3 1 NEON 1
--1637:1:   cache Could not autodetect cache info
--1637:1:    main ... arch = ARM, hwcaps = ARMv7-neon-vfp
--1637:1:    main Getting the working directory at startup
--1637:1:    main ... /root
--1637:1:    main Split up command line
--1637:1:    main (early_) Process Valgrind's command line options
--1637:1:    main Create initial image
--1637:1: initimg Loading client
--1637:1: initimg Setup client env
--1637:2: initimg   preload_string:
--1637:2: initimg    
"/tmp/valgrind/libexec/valgrind/vgpreload_core-arm-linux.so:/tmp/valgrind/libexec/valgrind/vgpreload_memcheck-arm-linux.so"
--1637:1: initimg Setup client stack: size will be 8388608
--1637:2: initimg   ARM has-neon from-auxv: YES
--1637:2: initimg   ARM has-tls from-auxv: YES
--1637:2: initimg   Client info: initial_IP=0x108C81 initial_TOC=0x0
brk_base=0x128000
--1637:2: initimg   Client info: initial_SP=0xBD962BB0 max_stack_size=8388608
--1637:1: initimg Setup client data (brk) segment
--1637:1:    main Setup file descriptors
--1637:1:    main Create fake /proc/<pid>/cmdline
--1637:1:    main Create fake /proc/<pid>/auxv
--1637:1:    main Initialise the tool part 1 (pre_clo_init)
--1637:1:mallocfr deferred_reclaimSuperblock NULL (prev 0x614B2000) owner
VALGRIND/core
--1637:1:mallocfr newSuperblock at 0x618B2000 (pszB 4194288)  owner
VALGRIND/core
--1637:1:    main Print help and quit, if requested
--1637:1:    main (main_) Process Valgrind's command line options, setup
logging
--1637:1:    main Print the preamble...
==1637== Memcheck, a memory error detector
==1637== Copyright (C) 2002-2022, and GNU GPL'd, by Julian Seward et al.
==1637== Using Valgrind-3.22.0 and LibVEX; rerun with -h for copyright info
==1637== Command: /tmp/ld-2.15.so /usr/bin/last
==1637== 
--1637:1:    main ...finished the preamble
--1637:1:    main Initialise the tool part 2 (post_clo_init)
--1637:1:    main Initialise TT/TC
--1637-- TT/TC: cache: ignoring --avg-transtab-entry-size=0, using tool
provided default 640
--1637-- TT/TC: cache: 32 sectors of 27,597,024 bytes each = 883,104,768 total
TC
--1637-- TT/TC: table: 32 tables[42588] of C 4,088,448 + H 851,760 bytes each =
158,086,656 total TT
--1637-- TT/TC: table: 42588 tt entries each = 1,362,816 total tt entries
--1637-- TT/TC: table: 32 htt[65521] of 131,042 bytes each = 4,193,344 total
HTT (htt[65521] 65% max occup)
--1637:1:    main Initialise redirects
--1637:1:mallocfr newSuperblock at 0x61D2D000 (pszB 1048560)  owner
VALGRIND/dinfo
--1637:1:    main Load initial debug info
--1637-- di_notify_mmap-0:
--1637-- di_notify_mmap-1: 0x108000-0x108fff r-x
--1637-- di_notify_mmap-2: /tmp/ld-2.15.so
--1637-- di_notify_mmap-3: is_rx_map 1, is_rw_map 0, is_ro_map 0
--1637-- check_elf_and_get_rw_loads: ++*rw_load_count to 1 for /tmp/ld-2.15.so
p_vaddr 0x1ed70 p_offset 28016, p_filesz 0
--1637-- di_notify_mmap-4: noting details in DebugInfo* at 0x61D2D330
--1637-- di_notify_mmap-6: no dinfo loaded /tmp/ld-2.15.so (no rx or no rw
mapping)
--1637-- di_notify_mmap-0:
--1637-- di_notify_mmap-1: 0x126000-0x126fff rw-
--1637-- di_notify_mmap-2: /tmp/ld-2.15.so
--1637-- di_notify_mmap-3: is_rx_map 0, is_rw_map 1, is_ro_map 0
--1637-- check_elf_and_get_rw_loads: ++*rw_load_count to 1 for /tmp/ld-2.15.so
p_vaddr 0x1ed70 p_offset 28016, p_filesz 0
--1637-- di_notify_mmap-4: noting details in DebugInfo* at 0x61D2D330
--1637-- di_notify_mmap-5: achieved accept state for /tmp/ld-2.15.so

------ start ELF OBJECT -------------------------------------------------------
------ name = /tmp/ld-2.15.so

Un-de-overlapped _DebugInfoMappings:
  [0]    avma 0x108000              size 4096        foff 0           rx -- --
  [1]    avma 0x126000              size 4096        foff 24576       -- rw --

De-overlapped DebugInfoMappings:
  [0]    avma 0x108000              size 4096        foff 0           rx -- --
  [1]    avma 0x126000              size 4096        foff 24576       -- rw --

Checking that there are no remaining overlaps.
Check successful.
------ Basic facts about the object ------
object:  n_oimage 598333
phdr:    ioff 52 nent 7 ent_szB 32
shdr:    ioff 571300 nent 33 ent_szB 40
rx_map:  avma 0x108000   size 4096  foff 0
rw_map:  avma 0x126000   size 4096  foff 24576
shdr:    string table at 570979

------ Examining the program headers ------
PT_LOAD[1]: p_vaddr 0x0 (prev 0x0)
PT_LOAD[1]:   p_offset 0, p_filesz 312, perms r-x
PT_LOAD[1]:   acquired as rx, bias 0x108000
PT_LOAD[2]: p_vaddr 0x1ed70 (prev 0x0)
PT_LOAD[2]:   p_offset 28016, p_filesz 0, perms rw-
PT_LOAD[2]:   acquired as rw, bias 0x108000
No soname found; using (fake) "NONE"

------ Examining the section headers ------
rx: at 0x108000 are mapped foffsets 0 .. 4095
rx: contains these svma regions:
  svmas 0x0 .. 0x16b8f with bias 0x108000
rw: at 0x126000 are mapped foffsets 24576 .. 28671
rw: contains these svma regions:
  svmas 0x1ed70 .. 0x1f95f with bias 0x108000
 [sec  0]  rx        al   0  foff      0 ..      0    svma 0x0  name ""
zero sized section "", ignoring
 [sec  1]  rx        al   4  foff    276 ..    311    svma 0x114  name
".note.gnu.build-id"
 [sec  2]  rx        al   4  foff    312 ..    499    svma 0x138  name ".hash"
 [sec  3]  rx        al   4  foff    312 ..    527    svma 0x1F4  name
".gnu.hash"
 [sec  4]  rx        al   4  foff    312 ..    759    svma 0x2CC  name
".dynsym"
 [sec  5]  rx        al   1  foff    312 ..    706    svma 0x48C  name
".dynstr"
 [sec  6]  rx        al   2  foff    312 ..    367    svma 0x618  name
".gnu.version"
 [sec  7]  rx        al   4  foff    312 ..    403    svma 0x650  name
".gnu.version_d"
 [sec  8]  rx        al   4  foff    312 ..    463    svma 0x6AC  name
".rel.dyn"
 [sec  9]  rx        al   4  foff    312 ..    359    svma 0x744  name
".rel.plt"
 [sec 10]  rx        al   4  foff    312 ..    415    svma 0x774  name ".plt"
acquiring .plt avma = 0x108774
 [sec 11]  rx        al  16  foff    312 ..  75819    svma 0x7E0  name ".text"
acquiring .text svma = 0x7e0 .. 0x12ed3
acquiring .text avma = 0x1087e0 .. 0x11aed3
acquiring .text bias = 0x108000
 [sec 12]  rx        al   4  foff    312 ..  15559    svma 0x12ED4  name
".rodata"
acquiring .rodata svma = 0x12ed4 .. 0x16a63
acquiring .rodata avma = 0x11aed4 .. 0x11ea63
acquiring .rodata bias = 0x108000
 [sec 13]  rx        al   4  foff    312 ..    395    svma 0x16A64  name
".ARM.extab"
acquiring .extab svma = 0x16a64 .. 0x16ab7
acquiring .extab avma = 0x11ea64 .. 0x11eab7
acquiring .extab bias = 0x108000
 [sec 14]  rx        al   4  foff    312 ..    527    svma 0x16AB8  name
".ARM.exidx"
acquiring .exidx svma = 0x16ab8 .. 0x16b8f
acquiring .exidx avma = 0x11eab8 .. 0x11eb8f
acquiring .exidx bias = 0x108000
 [sec 15]     rw     al   8  foff  28016 ..  28487    svma 0x1ED70  name
".data.rel.ro"
 [sec 16]     rw     al   4  foff  28016 ..  28199    svma 0x1EF48  name
".dynamic"
 [sec 17]     rw     al   4  foff  28016 ..  28087    svma 0x1F000  name ".got"
acquiring .got avma = 0x127000
 [sec 18]     rw     al   8  foff  28016 ..  30115    svma 0x1F048  name
".data"
acquiring .data svma = 0x1f048 .. 0x1f87b
acquiring .data avma = 0x127048 .. 0x12787b
acquiring .data bias = 0x108000
 [sec 19]     rw     al   4  foff  28016 ..  28243    svma 0x1F87C  name ".bss"
acquiring .bss svma = 0x1f87c .. 0x1f95f
acquiring .bss avma = 0x12787c .. 0x12795f
acquiring .bss bias = 0x108000
 [sec 20]  rx        al   1  foff    312 ..    353    svma 0x0  name ".comment"
 [sec 21]  rx        al   1  foff    354 ..    408    svma 0x0  name
".ARM.attributes"
 [sec 22]  rx        al   8  foff    416 ..   3127    svma 0x0  name
".debug_aranges"
 [sec 23]  rx        al   1  foff   3128 .. 333824    svma 0x0  name
".debug_info"
 [sec 24]  rx        al   1  foff 333825 .. 366463    svma 0x0  name
".debug_abbrev"
 [sec 25]  rx        al   1  foff 366464 .. 417693    svma 0x0  name
".debug_line"
 [sec 26]  rx        al   4  foff 417696 .. 425975    svma 0x0  name
".debug_frame"
 [sec 27]  rx        al   1  foff 425976 .. 447239    svma 0x0  name
".debug_str"
 [sec 28]  rx        al   1  foff 447240 .. 548714    svma 0x0  name
".debug_loc"
 [sec 29]  rx        al   1  foff 548715 .. 570978    svma 0x0  name
".debug_ranges"
 [sec 30]  rx        al   1  foff 570979 .. 571297    svma 0x0  name
".shstrtab"
 [sec 31]  rx        al   4  foff 572620 .. 590459    svma 0x0  name ".symtab"
 [sec 32]  rx        al   1  foff 590460 .. 598332    svma 0x0  name ".strtab"
.dynsym           :  ioff 312 .. 759
.dynstr           :  ioff 312 .. 706
.symtab           :  ioff 572620 .. 590459
.strtab           :  ioff 590460 .. 598332

--- Reading (ELF, standard) symbol table (1115 entries) ---
raw symbol [   1]: LOC SEC : svma 0x0000000114, sz    0  NONAME
raw symbol [   2]: LOC SEC : svma 0x0000000138, sz    0  NONAME
raw symbol [   3]: LOC SEC : svma 0x00000001f4, sz    0  NONAME
raw symbol [   4]: LOC SEC : svma 0x00000002cc, sz    0  NONAME
raw symbol [   5]: LOC SEC : svma 0x000000048c, sz    0  NONAME
raw symbol [   6]: LOC SEC : svma 0x0000000618, sz    0  NONAME
raw symbol [   7]: LOC SEC : svma 0x0000000650, sz    0  NONAME
raw symbol [   8]: LOC SEC : svma 0x00000006ac, sz    0  NONAME
raw symbol [   9]: LOC SEC : svma 0x0000000744, sz    0  NONAME
raw symbol [  10]: LOC SEC : svma 0x0000000774, sz    0  NONAME
raw symbol [  11]: LOC SEC : svma 0x00000007e0, sz    0  NONAME
raw symbol [  12]: LOC SEC : svma 0x0000012ed4, sz    0  NONAME
raw symbol [  13]: LOC SEC : svma 0x0000016a64, sz    0  NONAME
raw symbol [  14]: LOC SEC : svma 0x0000016ab8, sz    0  NONAME
raw symbol [  15]: LOC SEC : svma 0x000001ed70, sz    0  NONAME
raw symbol [  16]: LOC SEC : svma 0x000001ef48, sz    0  NONAME
raw symbol [  17]: LOC SEC : svma 0x000001f000, sz    0  NONAME
raw symbol [  18]: LOC SEC : svma 0x000001f048, sz    0  NONAME
raw symbol [  19]: LOC SEC : svma 0x000001f87c, sz    0  NONAME
raw symbol [  20]: LOC SEC : svma 0x0000000000, sz    0  NONAME
raw symbol [  21]: LOC SEC : svma 0x0000000000, sz    0  NONAME
raw symbol [  22]: LOC SEC : svma 0x0000000000, sz    0  NONAME
raw symbol [  23]: LOC SEC : svma 0x0000000000, sz    0  NONAME
raw symbol [  24]: LOC SEC : svma 0x0000000000, sz    0  NONAME
raw symbol [  25]: LOC SEC : svma 0x0000000000, sz    0  NONAME
raw symbol [  26]: LOC SEC : svma 0x0000000000, sz    0  NONAME
raw symbol [  27]: LOC SEC : svma 0x0000000000, sz    0  NONAME
raw symbol [  28]: LOC SEC : svma 0x0000000000, sz    0  NONAME
raw symbol [  29]: LOC SEC : svma 0x0000000000, sz    0  NONAME
raw symbol [  30]: LOC FIL : svma 0x0000000000, sz    0  rtld.c
raw symbol [  31]: LOC NOT : svma 0x0000000c80, sz    0  $t
raw symbol [  32]: LOC FUN : svma 0x00000039d5, sz 1296  _dl_start

valgrind: m_debuginfo/readelf.c:719 (get_elf_symbol_info): Assertion 'in_rx'
failed.
Segmentation fault (core dumped)

-- 
You are receiving this mail because:
You are watching all bug changes.

[valgrind] [Bug 452387] valgrind: m_debuginfo/readelf.c:717 (get_elf_symbol_info): Assertion 'in_rx' failed. [ARMV7]

Reply via email to