Bug 68588 - Assertion `sz == 4' failed in vg_to_ucode.c (disInstr) in v2.0.0 but not v1.9.6
Summary: Assertion `sz == 4' failed in vg_to_ucode.c (disInstr) in v2.0.0 but not v1.9.6
Status: RESOLVED FIXED
Alias: None
Product: valgrind
Classification: Developer tools
Component: general (show other bugs)
Version: 2.0.0
Platform: unspecified Linux
: NOR crash
Target Milestone: ---
Assignee: Julian Seward
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2003-11-19 17:48 UTC by Simon Clift
Modified: 2003-11-20 16:15 UTC (History)
0 users

See Also:
Latest Commit:
Version Fixed In:

Attachments
Add an attachment

Note You need to log in before you can comment on or make changes to this bug.
Description Simon Clift 2003-11-19 17:48:31 UTC 
Version:           2.0.0 (using KDE KDE 3.1)
Installed from:    Unspecified
Compiler:          gcc (GCC) 3.2.2 20030222 (Red Hat Linux 3.2.2-5) 
OS:          Linux

Redhat 9, gcc 3.2.2

A test I'm performing is clean in 1.9.6 but seems to cause a crash
in 2.0.0.  The bug in the application is apparently deep in a Fourier
Transform library which, in an attempt to be hyper efficient, is doing
some funky memory alignment stuff.  The code for the FFT library is
macro-strewn and pretty opaque (FFTW-3.0) so I can't quite point to the
exact point of the problem, but it appears to be related to some blocks
lost when an re-alignment was done.

There may well be SSE code involved here, since FFTW does try to use
the facilities of any machine's CPU (P4 in this case) vector 
capabilities.

Following: 1. valgrind 2.0.0 output with -v
           2. valgrind 1.9.6 output with -v --leak-check

---------------------------------------1.------------------------------
==24410== Memcheck, a.k.a. Valgrind, a memory error detector for x86-linux.
==24410== Copyright (C) 2002-2003, and GNU GPL'd, by Julian Seward.
==24410== Using valgrind-2.0.0, a program supervision framework for x86-linux.
==24410== Copyright (C) 2000-2003, and GNU GPL'd, by Julian Seward.
==24410== Command line:
==24410==    exec/test/TestConvolution2D
==24410== Startup, with flags:
==24410==    --suppressions=/usr/local/lib/valgrind/default.supp
==24410==    -v
==24410== Reading syms from /home/ssclift/Projects/sjopt.1.0.C015/exec/test/TestConvolution2D
==24410== Reading syms from /lib/ld-2.3.2.so
==24410==    object doesn't have any debug info
==24410== Reading syms from /usr/local/lib/valgrind/vgskin_memcheck.so
==24410== Reading syms from /usr/local/lib/valgrind/valgrind.so
==24410== Reading syms from /usr/local/lib/libfftw3.so.3.0.0
==24410== Reading syms from /usr/local/lib/libboost_date_time.so.1.30.2
==24410==    object doesn't have a symbol table
==24410==    object doesn't have any debug info
==24410== Reading syms from /usr/lib/libgsl.so.0.5.0
==24410== Reading syms from /usr/lib/libstdc++.so.5.0.3
==24410==    object doesn't have a symbol table
==24410==    object doesn't have any debug info
==24410== Reading syms from /lib/libm-2.3.2.so
==24410==    object doesn't have any debug info
==24410== Reading syms from /lib/libc-2.3.2.so
==24410==    object doesn't have any debug info
==24410== Reading syms from /lib/libgcc_s-3.2.2-20030225.so.1
==24410==    object doesn't have a symbol table
==24410==    object doesn't have any debug info
==24410== Reading suppressions file: /usr/local/lib/valgrind/default.supp
==24410== Estimated CPU clock rate is 1595 MHz
==24410==
Testing 2D Convolution


valgrind: vg_to_ucode.c:3913 (disInstr): Assertion `sz == 4' failed.

sched status:

Thread 1: status = Runnable, associated_mx = 0x0, associated_cv = 0x0
==24410==    at 0x40277457: n1fv_8 (in /usr/local/lib/libfftw3.so.3.0.0)


---------------------------------------2.------------------------------

==24494== Memcheck, a.k.a. Valgrind, a memory error detector for x86-linux.
==24494== Copyright (C) 2002, and GNU GPL'd, by Julian Seward.
==24494== Using valgrind-1.9.6, a program instrumentation system for x86-linux.
==24494== Copyright (C) 2000-2002, and GNU GPL'd, by Julian Seward.
==24494== Startup, with flags:
==24494==    --suppressions=/usr/local/lib/valgrind/default.supp
==24494==    -v
==24494==    --leak-check=yes
==24494== Reading suppressions file: /usr/local/lib/valgrind/default.supp
==24494== Estimated CPU clock rate is 1599 MHz
==24494==

             ... meaningless program output to stdout ...

==24494==
==24494== ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 0 from 0)
==24494== malloc/free: in use at exit: 14372 bytes in 374 blocks.
==24494== malloc/free: 3755 allocs, 3381 frees, 2730116 bytes allocated.
==24494==
==24494== searching for pointers to 374 not-freed blocks.
==24494== checked 10583716 bytes.
==24494== Reading syms from /home/ssclift/Projects/sjopt.1.0.C015/exec/test/TestConvolution2D
==24494== Reading syms from /lib/ld-2.3.2.so
==24494==    object doesn't have any debug info
==24494== Reading syms from /usr/local/lib/valgrind/vgskin_memcheck.so
==24494== Reading syms from /usr/local/lib/valgrind/valgrind.so
==24494== Reading syms from /usr/local/lib/libfftw3.so.3.0.0
==24494== Reading syms from /usr/local/lib/libboost_date_time.so.1.30.2
==24494==    object doesn't have a symbol table
==24494==    object doesn't have any debug info
==24494== Reading syms from /usr/lib/libgsl.so.0.5.0
==24494== Reading syms from /usr/lib/libstdc++.so.5.0.3
==24494==    object doesn't have a symbol table
==24494==    object doesn't have any debug info
==24494== Reading syms from /lib/libm-2.3.2.so
==24494==    object doesn't have any debug info
==24494== Reading syms from /lib/libc-2.3.2.so
==24494==    object doesn't have any debug info
==24494== Reading syms from /lib/libgcc_s-3.2.2-20030225.so.1
==24494==    object doesn't have a symbol table
==24494==    object doesn't have any debug info
==24494==
==24494== 612 bytes in 51 blocks are definitely lost in loss record 1 of 3
==24494==    at 0x401619BC: memalign (vg_clientfuncs.c:299)
==24494==    by 0x4022BDF5: fftw_malloc (in /usr/local/lib/libfftw3.so.3.0.0)
==24494==    by 0x402C6B5E: fftw_plan_many_dft (in /usr/local/lib/libfftw3.so.3.0.0)
==24494==
==24494== LEAK SUMMARY:
==24494==    definitely lost: 612 bytes in 51 blocks.
==24494==    possibly lost:   0 bytes in 0 blocks.
==24494==    still reachable: 13760 bytes in 323 blocks.
==24494==         suppressed: 0 bytes in 0 blocks.
==24494== Reachable blocks (those to which a pointer was found) are not shown.
==24494== To see them, rerun with: --show-reachable=yes
==24494==
--24494--     TT/TC: 0 tc sectors discarded.
--24494--            4629 chainings, 0 unchainings.
--24494-- translate: new     6376 (107884 -> 1344234; ratio 124:10)
--24494--            discard 0 (0 -> 0; ratio 0:10).
--24494--  dispatch: 9350000 jumps (bb entries), of which 3611434 (38%) were unchained.
--24494--            189/50659 major/minor sched events.  43119 tt_fast misses.
--24494-- reg-alloc: 1164 t-req-spill, 247554+8085 orig+spill uis, 34142 total-reg-r.
--24494--    sanity: 190 cheap, 8 expensive checks.
--24494--    ccalls: 30156 C calls, 55% saves+restores avoided (98162 bytes)
--24494--            40884 args, avg 0.89 setup instrs each (8656 bytes)
--24494--            0% clear the stack (90468 bytes)
--24494--            9898 retvals, 34% of reg-reg movs avoided (6590 bytes)
Comment 1 Dirk Mueller 2003-11-19 23:02:35 UTC 
Subject: valgrind/coregrind

CVS commit by mueller: 

SHUFPD support

MERGE TO STABLE
CCMAIL: 68588-done@bugs.kde.org


  M +7 -0      vg_to_ucode.c   1.109


--- valgrind/coregrind/vg_to_ucode.c  #1.108:1.109
@@ -3927,4 +3927,11 @@ static Addr disInstr ( UCodeBlock* cb, A
    }
 
+   /* SHUFPD */
+   if (sz == 2 && insn[0] == 0x0F && insn[1] == 0xC6) {
+      eip = dis_SSE3_reg_or_mem_Imm8 ( cb, sorb, eip+2, 16, "shufpd",
+                                           0x66, insn[0], insn[1] );
+      goto decode_success;
+   }
+
    /* SHUFPS */
    if (insn[0] == 0x0F && insn[1] == 0xC6) {
Comment 2 Simon Clift 2003-11-20 16:15:42 UTC 
The patch has corrected the problem I reported.  2.0.0 is now working
nicely again.

Thanks folks!
--- Simon