Version: (using KDE 3.5.8) Installed from: SuSE RPMs Compiler: gcc version 4.2.1 OS: Linux Version: trunk revision 8119. $ ./vg-in-place -v --tool=none memcheck/tests/deep_templates ==25132== Nulgrind, a binary JIT-compiler. ==25132== Copyright (C) 2002-2008, and GNU GPL'd, by Nicholas Nethercote. ==25132== Using LibVEX rev 1849, a library for dynamic binary translation. ==25132== Copyright (C) 2004-2008, and GNU GPL'd, by OpenWorks LLP. ==25132== Using valgrind-3.4.0.SVN, a dynamic binary instrumentation framework. ==25132== Copyright (C) 2000-2008, and GNU GPL'd, by Julian Seward et al. ==25132== --25132-- Command line --25132-- memcheck/tests/deep_templates --25132-- Startup, with flags: --25132-- -v --25132-- --tool=none --25132-- Contents of /proc/version: --25132-- Linux version 2.6.22.17-0.1-ppc64 (geeko@buildhost) (gcc version 4.2.1 (SUSE Linux)) #1 SMP 2008/02/10 20:01:04 UTC --25132-- Arch and hwcaps: PPC64, ppc64-int-flt-vmx-FX-GX --25132-- Page sizes: currently 4096, max supported 65536 --25132-- Valgrind library directory: ./.in_place --25132-- Reading syms from /lib64/ld-2.6.1.so (0x4000000) --25132-- object doesn't have a symbol table --25132-- Reading syms from /home/bart/software/valgrind-trunk/memcheck/tests/deep_templates (0x10000000) ./vg-in-place: line 10: 25132 Segmentation fault VALGRIND_LIB=$d/.in_place VALGRIND_LIB_INNER=$d/.in_place $d/coregrind/valgrind "$@" Call stack obtained via gdb: Program received signal SIGSEGV, Segmentation fault. 0x000000003802cfec in vgPlain_strlen ( str=0x680015a0 <Address 0x680015a0 out of bounds>) at m_libcbase.c:232 232 while (str[i] != 0) i++; (gdb) where #0 0x000000003802cfec in vgPlain_strlen ( str=0x680015a0 <Address 0x680015a0 out of bounds>) at m_libcbase.c:232 #1 0x0000000038086d88 in vgModuleLocal_read_debuginfo_stabs (di=0x4026902f0, debug_offset=0, stabC=0x4000d50 "", stab_sz=<value optimized out>, stabstr=0x400159c "", stabstr_sz=222187) at m_debuginfo/readstabs.c:151 #2 0x000000003807b418 in vgModuleLocal_read_elf_debug_info (di=0x4026902f0) at m_debuginfo/readelf.c:1881 #3 0x4400202200000000 in ?? () #4 0x000000003804fca8 in vgPlain_di_notify_mmap (a=268500992, allow_SkFileV=<value optimized out>) at m_debuginfo/debuginfo.c:668 #5 0x0000000038034958 in valgrind_main (argc=<value optimized out>, argv=<value optimized out>, envp=<value optimized out>) at m_main.c:1693 #6 0x0000000200000000 in ?? () #7 0x0000000038036cdc in _start_in_C_linux (pArgc=0xffffd59f590) at m_main.c:2378 #8 0x0000000038033160 in ._start () at m_main.c:2195 Previous frame inner to this frame (corrupt stack?) (gdb)
Exactly the same results with trunk r8880, Fedora Core release 6 and gcc 4.1.1.
I can't reproduce with trunk r10378 on Linux or Mac. Do you still see this?
I can't reproduce this issue either with r10378.
(In reply to comment #3) > I can't reproduce this issue either with r10378. Can reproduce this with trunk r10857 on openSUSE 10.3 PPC.
After having applied the patch below the crash does no longer occur but the stabs reader complains about a bad stabstr size: $ ./vg-in-place --tool=none memcheck/tests/deep_templates ==5370== Nulgrind, the minimal Valgrind tool ==5370== Copyright (C) 2002-2009, and GNU GPL'd, by Nicholas Nethercote. ==5370== Using Valgrind-3.6.0.SVN and LibVEX; rerun with -h for copyright info ==5370== Command: memcheck/tests/deep_templates ==5370== @@ bad stabstr size -268215147 It's not NULL. How DULL. ==5370== $ svn diff coregrind/m_debuginfo/readstabs.c Index: coregrind/m_debuginfo/readstabs.c =================================================================== --- coregrind/m_debuginfo/readstabs.c (revision 10857) +++ coregrind/m_debuginfo/readstabs.c (working copy) @@ -143,12 +143,15 @@ Char *string; if (di->trace_symtab) { + vg_assert(st); + VG_(printf) ( "st->n_un.n_strx = %ld\n", st->n_un.n_strx ); + vg_assert(0 <= st->n_un.n_strx && (st->n_un.n_strx & 0xffffff) < stabstr_sz); VG_(printf) ( "%2d type=%d othr=%d desc=%d " "value=0x%x strx=%d %s\n", i, st->n_type, st->n_other, st->n_desc, (Int)st->n_value, (Int)st->n_un.n_strx, - stabstr + st->n_un.n_strx ); + stabstr + (st->n_un.n_strx & 0xffffff) ); } /* handle continued string stabs */ @@ -160,7 +163,7 @@ Bool qcontinuing = False; UInt qstringidx; - qstringidx = st->n_un.n_strx; + qstringidx = (st->n_un.n_strx & 0xffffff); string = stabstr + qstringidx; qlen = VG_(strlen)(string); @@ -211,8 +214,8 @@ if (i >= n_stab_entries) break; - if (stab[i].n_un.n_strx) { - string = stabstr + stab[i].n_un.n_strx; + if ((stab[i].n_un.n_strx & 0xffffff)) { + string = stabstr + (stab[i].n_un.n_strx & 0xffffff); qlen = VG_(strlen)(string); } else { string = NULL;
Support for reading stabs debug info has been removed from the valgrind source