Bug 185816

Summary: Valgrind is unable to handle debug info for files with split debug info that are prelinked afterwards
Product: [Developer tools] valgrind Reporter: Arvid Norlander <anmaster>
Component: generalAssignee: Julian Seward <jseward>
Status: RESOLVED FIXED    
Severity: normal CC: tom
Priority: NOR    
Version: 3.4 SVN   
Target Milestone: ---   
Platform: Compiled Sources   
OS: Linux   
Latest Commit: Version Fixed In:
Sentry Crash Report:
Attachments: prelink-test.tar.gz
Handle split debuginfo when the main file then gets prelinked

Description Arvid Norlander 2009-02-28 18:29:37 UTC 
Created attachment 31702 [details]
prelink-test.tar.gz

As mentioned in some other bug report there were issues with valgrind and prelinking. I made some progress on tracking down the issue and feel that now is the time to open a bug report for this (as I don't think I have the knowledge needed to find out more details than this).

Attached is a multi-file test case that has an intentional memory violation to trigger a valgrind backtrace.

Some observations:
 * Valgrind can read debug info for for files with split debug info and for
   prelinked files.
 * Valgrind fails with split debug info + prelink with the prelinking step done
   last (as would be the case with split debug info for system libs).
 * Valgrind handles it fine when the library is first prelinked, then split.
 * GDB handles it fine for split debug and prelinked, even when the file is
   prelinked after the debug info was split.
 * In the Valgrind source in the file coregrind/m_debuginfo/readdwarf3.c there
   is a comment marked "Comment_Regarding_DWARF3_Text_Biasing" which seems to
   discuss this very issue! This comment seems to indicate that valgrind have a
   "kludge" to deal with the issue. However this kludge doesn't seem to work
   (or I wouldn't have been writing this bug report...).

Reproduced on two systems (all I have to test on):
Gentoo Linux x86_64
  gcc (GCC) 4.1.2 20070214 (  (gdc 0.24, using dmd 1.020)) (Gentoo 4.1.2 p1.1)
  glibc-2.8_p20080602-r1
  GNU objcopy (GNU Binutils) 2.18
  GNU gdb 6.8
  Linux tux.lan 2.6.27-gentoo-r8-1 #1 Sat Jan 31 04:55:36 CET 2009 x86_64 AMD
    Sempron(tm) Processor 3300+ AuthenticAMD GNU/Linux
  Valgrind r9393 compiled from VALGRIND_3_4_BRANCH
Arch Linux x86
  gcc (GCC) 4.3.3
  glibc-2.9-4
  GNU objcopy (GNU Binutils) 2.19.1.20090205
  GNU gdb 6.8
  Linux phoenix 2.6.28.4-L1 #3 Sun Feb 8 18:58:37 CET 2009 i686 Pentium III
    (Coppermine) GenuineIntel GNU/Linux
  valgrind-3.4.0


The output from running the attached test case (running valgrind after each stage to show when it broke) is included in full at the end of the report. However, first the important difference that makes me report the bug (line marked with *):
Without prelink:
  ==19129== Invalid read of size 1
  ==19129==    at 0x4A086C2: strlen (mc_replace_strmem.c:242)
  ==19129==    by 0x3377E45E4E: vfprintf (in /lib64/libc-2.8.so)
  ==19129==    by 0x3377E4C769: printf (in /lib64/libc-2.8.so)
* ==19129==    by 0x4C0D5DF: library_test (library.c:4)
  ==19129==    by 0x40068D: main (program.c:6)
  ==19129==  Address 0x4e4002f is 1 bytes before a block of size 13 alloc'd
  ==19129==    at 0x4A076E7: malloc (vg_replace_malloc.c:207)
  ==19129==    by 0x3377E78271: strdup (in /lib64/libc-2.8.so)
  ==19129==    by 0x400685: main (program.c:6)
With prelink:
  ==19135== Invalid read of size 1
  ==19135==    at 0x4A086C2: strlen (mc_replace_strmem.c:242)
  ==19135==    by 0x3377E45E4E: vfprintf (in /lib64/libc-2.8.so)
  ==19135==    by 0x3377E4C769: printf (in /lib64/libc-2.8.so)
* ==19135==    by 0x30000005DF: library_test (in /home/arvid/src/prelink-test/liblibrary.so)
  ==19135==    by 0x40068D: main (program.c:6)
  ==19135==  Address 0x4c3e02f is 1 bytes before a block of size 13 alloc'd
  ==19135==    at 0x4A076E7: malloc (vg_replace_malloc.c:207)
  ==19135==    by 0x3377E78271: strdup (in /lib64/libc-2.8.so)
  ==19135==    by 0x400685: main (program.c:6)


Output from running test case
-----------------------------
~/src/prelink-test $ make build
gcc -pipe -O0 -ggdb3 -std=gnu99 -fpic -shared -o liblibrary.so library.c
gcc -pipe -O0 -ggdb3 -std=gnu99 -o program program.c -L. -Wl,-rpath,. -llibrary
~/src/prelink-test $ ~/local/valgrind/bin/valgrind -v ./program
==19124== Memcheck, a memory error detector.
==19124== Copyright (C) 2002-2008, and GNU GPL'd, by Julian Seward et al.
==19124== Using LibVEX rev 1883, a library for dynamic binary translation.
==19124== Copyright (C) 2004-2008, and GNU GPL'd, by OpenWorks LLP.
==19124== Using valgrind-3.4.1.SVN, a dynamic binary instrumentation framework.
==19124== Copyright (C) 2000-2008, and GNU GPL'd, by Julian Seward et al.
==19124== 
--19124-- Command line
--19124--    ./program
--19124-- Startup, with flags:
--19124--    -v
--19124-- Contents of /proc/version:
--19124--   Linux version 2.6.27-gentoo-r8-1 (root@tux.lan) (gcc version 4.1.2 20070214 ( (gdc 0.24, using dmd 1.020)) (Gentoo 4.1.2 p1.1)) #1 Sat Jan 31 04:55:36 CET 2009
--19124-- Arch and hwcaps: AMD64, amd64-sse2
--19124-- Page sizes: currently 4096, max supported 4096
--19124-- Valgrind library directory: /home/arvid/local/valgrind/lib/valgrind
--19124-- Reading syms from /home/arvid/src/prelink-test/program (0x400000)
--19124-- Reading syms from /home/arvid/local/valgrind/lib/valgrind/amd64-linux/memcheck (0x38000000)
--19124--    object doesn't have a dynamic symbol table
--19124-- Reading syms from /lib64/ld-2.8.so (0x3377a00000)
--19124-- Reading debug info from /usr/lib/debug/lib64/ld-2.8.so.debug ..
--19124-- Reading suppressions file: /home/arvid/local/valgrind/lib/valgrind/default.supp
--19124-- Reading syms from /home/arvid/local/valgrind/lib/valgrind/amd64-linux/vgpreload_core.so (0x4802000)
--19124-- Reading syms from /home/arvid/local/valgrind/lib/valgrind/amd64-linux/vgpreload_memcheck.so (0x4a04000)
--19124-- Reading syms from /home/arvid/src/prelink-test/liblibrary.so (0x4c0d000)
--19124-- Reading syms from /lib64/libc-2.8.so (0x3377e00000)
--19124-- Reading debug info from /usr/lib/debug/lib64/libc-2.8.so.debug ..
--19124-- REDIR: 0x3377e78900 (rindex) redirected to 0x4a08420 (rindex)
--19124-- REDIR: 0x3377e784f0 (strlen) redirected to 0x4a086c0 (strlen)
--19124-- REDIR: 0x3377e75250 (malloc) redirected to 0x4a07680 (malloc)
--19124-- REDIR: 0x3377e7ac10 (memcpy) redirected to 0x4a09910 (memcpy)
--19124-- REDIR: 0x3377e7b980 (strchrnul) redirected to 0x4a08a20 (strchrnul)
==19124== Invalid read of size 1
==19124==    at 0x4A086C2: strlen (mc_replace_strmem.c:242)
==19124==    by 0x3377E45E4E: vfprintf (in /lib64/libc-2.8.so)
==19124==    by 0x3377E4C769: printf (in /lib64/libc-2.8.so)
==19124==    by 0x4C0D5DF: library_test (library.c:4)
==19124==    by 0x40068D: main (program.c:6)
==19124==  Address 0x4e4002f is 1 bytes before a block of size 13 alloc'd
==19124==    at 0x4A076E7: malloc (vg_replace_malloc.c:207)
==19124==    by 0x3377E78271: strdup (in /lib64/libc-2.8.so)
==19124==    by 0x400685: main (program.c:6)
library: 
--19124-- REDIR: 0x3377e72be0 (free) redirected to 0x4a071e0 (free)
--19124-- REDIR: 0x3377e79810 (memset) redirected to 0x4a08970 (memset)
==19124== 
==19124== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 4 from 1)
==19124== 
==19124== 1 errors in context 1 of 1:
==19124== Invalid read of size 1
==19124==    at 0x4A086C2: strlen (mc_replace_strmem.c:242)
==19124==    by 0x3377E45E4E: vfprintf (in /lib64/libc-2.8.so)
==19124==    by 0x3377E4C769: printf (in /lib64/libc-2.8.so)
==19124==    by 0x4C0D5DF: library_test (library.c:4)
==19124==    by 0x40068D: main (program.c:6)
==19124==  Address 0x4e4002f is 1 bytes before a block of size 13 alloc'd
==19124==    at 0x4A076E7: malloc (vg_replace_malloc.c:207)
==19124==    by 0x3377E78271: strdup (in /lib64/libc-2.8.so)
==19124==    by 0x400685: main (program.c:6)
--19124-- 
--19124-- supp:      4 dl-hack3-cond-1
==19124== 
==19124== IN SUMMARY: 1 errors from 1 contexts (suppressed: 4 from 1)
==19124== 
==19124== malloc/free: in use at exit: 13 bytes in 1 blocks.
==19124== malloc/free: 1 allocs, 0 frees, 13 bytes allocated.
==19124== 
==19124== searching for pointers to 1 not-freed blocks.
==19124== checked 72,616 bytes.
==19124== 
==19124== LEAK SUMMARY:
==19124==    definitely lost: 13 bytes in 1 blocks.
==19124==      possibly lost: 0 bytes in 0 blocks.
==19124==    still reachable: 0 bytes in 0 blocks.
==19124==         suppressed: 0 bytes in 0 blocks.
==19124== Rerun with --leak-check=full to see details of leaked memory.
--19124--  memcheck: sanity checks: 0 cheap, 1 expensive
--19124--  memcheck: auxmaps: 56 auxmap entries (3584k, 3M) in use
--19124--  memcheck: auxmaps_L1: 1865 searches, 9762 cmps, ratio 52:10
--19124--  memcheck: auxmaps_L2: 69 searches, 56 nodes
--19124--  memcheck: SMs: n_issued      = 16 (256k, 0M)
--19124--  memcheck: SMs: n_deissued    = 0 (0k, 0M)
--19124--  memcheck: SMs: max_noaccess  = 524287 (8388592k, 8191M)
--19124--  memcheck: SMs: max_undefined = 0 (0k, 0M)
--19124--  memcheck: SMs: max_defined   = 148 (2368k, 2M)
--19124--  memcheck: SMs: max_non_DSM   = 16 (256k, 0M)
--19124--  memcheck: max sec V bit nodes:    0 (0k, 0M)
--19124--  memcheck: set_sec_vbits8 calls: 0 (new: 0, updates: 0)
--19124--  memcheck: max shadow mem size:   4400k, 4M
--19124-- translate:            fast SP updates identified: 1,326 ( 86.8%)
--19124-- translate:   generic_known SP updates identified: 128 (  8.3%)
--19124-- translate: generic_unknown SP updates identified: 72 (  4.7%)
--19124--     tt/tc: 3,508 tt lookups requiring 3,527 probes
--19124--     tt/tc: 3,508 fast-cache updates, 2 flushes
--19124--  transtab: new        1,752 (40,045 -> 684,407; ratio 170:10) [0 scs]
--19124--  transtab: dumped     0 (0 -> ??)
--19124--  transtab: discarded  0 (0 -> ??)
--19124-- scheduler: 23,859 jumps (bb entries).
--19124-- scheduler: 0/1,820 major/minor sched events.
--19124--    sanity: 1 cheap, 1 expensive checks.
--19124--    exectx: 769 lists, 175 contexts (avg 0 per list)
--19124--    exectx: 207 searches, 50 full compares (241 per 1000)
--19124--    exectx: 0 cmp2, 6 cmp4, 0 cmpAll
--19124--  errormgr: 5 supplist searches, 106 comparisons during search
--19124--  errormgr: 5 errlist searches, 10 comparisons during search
~/src/prelink-test $ make splitdebug
objcopy --only-keep-debug liblibrary.so liblibrary.so.debug
objcopy --strip-debug liblibrary.so
objcopy --add-gnu-debuglink=liblibrary.so.debug liblibrary.so
~/src/prelink-test $ ~/local/valgrind/bin/valgrind -v ./program
==19129== Memcheck, a memory error detector.
==19129== Copyright (C) 2002-2008, and GNU GPL'd, by Julian Seward et al.
==19129== Using LibVEX rev 1883, a library for dynamic binary translation.
==19129== Copyright (C) 2004-2008, and GNU GPL'd, by OpenWorks LLP.
==19129== Using valgrind-3.4.1.SVN, a dynamic binary instrumentation framework.
==19129== Copyright (C) 2000-2008, and GNU GPL'd, by Julian Seward et al.
==19129== 
--19129-- Command line
--19129--    ./program
--19129-- Startup, with flags:
--19129--    -v
--19129-- Contents of /proc/version:
--19129--   Linux version 2.6.27-gentoo-r8-1 (root@tux.lan) (gcc version 4.1.2 20070214 ( (gdc 0.24, using dmd 1.020)) (Gentoo 4.1.2 p1.1)) #1 Sat Jan 31 04:55:36 CET 2009
--19129-- Arch and hwcaps: AMD64, amd64-sse2
--19129-- Page sizes: currently 4096, max supported 4096
--19129-- Valgrind library directory: /home/arvid/local/valgrind/lib/valgrind
--19129-- Reading syms from /home/arvid/src/prelink-test/program (0x400000)
--19129-- Reading syms from /home/arvid/local/valgrind/lib/valgrind/amd64-linux/memcheck (0x38000000)
--19129--    object doesn't have a dynamic symbol table
--19129-- Reading syms from /lib64/ld-2.8.so (0x3377a00000)
--19129-- Reading debug info from /usr/lib/debug/lib64/ld-2.8.so.debug ..
--19129-- Reading suppressions file: /home/arvid/local/valgrind/lib/valgrind/default.supp
--19129-- Reading syms from /home/arvid/local/valgrind/lib/valgrind/amd64-linux/vgpreload_core.so (0x4802000)
--19129-- Reading syms from /home/arvid/local/valgrind/lib/valgrind/amd64-linux/vgpreload_memcheck.so (0x4a04000)
--19129-- Reading syms from /home/arvid/src/prelink-test/liblibrary.so (0x4c0d000)
--19129-- Reading debug info from /home/arvid/src/prelink-test/liblibrary.so.debug ..
--19129-- Reading syms from /lib64/libc-2.8.so (0x3377e00000)
--19129-- Reading debug info from /usr/lib/debug/lib64/libc-2.8.so.debug ..
--19129-- REDIR: 0x3377e78900 (rindex) redirected to 0x4a08420 (rindex)
--19129-- REDIR: 0x3377e784f0 (strlen) redirected to 0x4a086c0 (strlen)
--19129-- REDIR: 0x3377e75250 (malloc) redirected to 0x4a07680 (malloc)
--19129-- REDIR: 0x3377e7ac10 (memcpy) redirected to 0x4a09910 (memcpy)
--19129-- REDIR: 0x3377e7b980 (strchrnul) redirected to 0x4a08a20 (strchrnul)
==19129== Invalid read of size 1
==19129==    at 0x4A086C2: strlen (mc_replace_strmem.c:242)
==19129==    by 0x3377E45E4E: vfprintf (in /lib64/libc-2.8.so)
==19129==    by 0x3377E4C769: printf (in /lib64/libc-2.8.so)
==19129==    by 0x4C0D5DF: library_test (library.c:4)
==19129==    by 0x40068D: main (program.c:6)
==19129==  Address 0x4e4002f is 1 bytes before a block of size 13 alloc'd
==19129==    at 0x4A076E7: malloc (vg_replace_malloc.c:207)
==19129==    by 0x3377E78271: strdup (in /lib64/libc-2.8.so)
==19129==    by 0x400685: main (program.c:6)
library: 
--19129-- REDIR: 0x3377e72be0 (free) redirected to 0x4a071e0 (free)
--19129-- REDIR: 0x3377e79810 (memset) redirected to 0x4a08970 (memset)
==19129== 
==19129== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 4 from 1)
==19129== 
==19129== 1 errors in context 1 of 1:
==19129== Invalid read of size 1
==19129==    at 0x4A086C2: strlen (mc_replace_strmem.c:242)
==19129==    by 0x3377E45E4E: vfprintf (in /lib64/libc-2.8.so)
==19129==    by 0x3377E4C769: printf (in /lib64/libc-2.8.so)
==19129==    by 0x4C0D5DF: library_test (library.c:4)
==19129==    by 0x40068D: main (program.c:6)
==19129==  Address 0x4e4002f is 1 bytes before a block of size 13 alloc'd
==19129==    at 0x4A076E7: malloc (vg_replace_malloc.c:207)
==19129==    by 0x3377E78271: strdup (in /lib64/libc-2.8.so)
==19129==    by 0x400685: main (program.c:6)
--19129-- 
--19129-- supp:      4 dl-hack3-cond-1
==19129== 
==19129== IN SUMMARY: 1 errors from 1 contexts (suppressed: 4 from 1)
==19129== 
==19129== malloc/free: in use at exit: 13 bytes in 1 blocks.
==19129== malloc/free: 1 allocs, 0 frees, 13 bytes allocated.
==19129== 
==19129== searching for pointers to 1 not-freed blocks.
==19129== checked 72,616 bytes.
==19129== 
==19129== LEAK SUMMARY:
==19129==    definitely lost: 13 bytes in 1 blocks.
==19129==      possibly lost: 0 bytes in 0 blocks.
==19129==    still reachable: 0 bytes in 0 blocks.
==19129==         suppressed: 0 bytes in 0 blocks.
==19129== Rerun with --leak-check=full to see details of leaked memory.
--19129--  memcheck: sanity checks: 0 cheap, 1 expensive
--19129--  memcheck: auxmaps: 56 auxmap entries (3584k, 3M) in use
--19129--  memcheck: auxmaps_L1: 1865 searches, 9762 cmps, ratio 52:10
--19129--  memcheck: auxmaps_L2: 69 searches, 56 nodes
--19129--  memcheck: SMs: n_issued      = 16 (256k, 0M)
--19129--  memcheck: SMs: n_deissued    = 0 (0k, 0M)
--19129--  memcheck: SMs: max_noaccess  = 524287 (8388592k, 8191M)
--19129--  memcheck: SMs: max_undefined = 0 (0k, 0M)
--19129--  memcheck: SMs: max_defined   = 148 (2368k, 2M)
--19129--  memcheck: SMs: max_non_DSM   = 16 (256k, 0M)
--19129--  memcheck: max sec V bit nodes:    0 (0k, 0M)
--19129--  memcheck: set_sec_vbits8 calls: 0 (new: 0, updates: 0)
--19129--  memcheck: max shadow mem size:   4400k, 4M
--19129-- translate:            fast SP updates identified: 1,326 ( 86.8%)
--19129-- translate:   generic_known SP updates identified: 128 (  8.3%)
--19129-- translate: generic_unknown SP updates identified: 72 (  4.7%)
--19129--     tt/tc: 3,508 tt lookups requiring 3,527 probes
--19129--     tt/tc: 3,508 fast-cache updates, 2 flushes
--19129--  transtab: new        1,752 (40,045 -> 684,407; ratio 170:10) [0 scs]
--19129--  transtab: dumped     0 (0 -> ??)
--19129--  transtab: discarded  0 (0 -> ??)
--19129-- scheduler: 23,859 jumps (bb entries).
--19129-- scheduler: 0/1,820 major/minor sched events.
--19129--    sanity: 1 cheap, 1 expensive checks.
--19129--    exectx: 769 lists, 175 contexts (avg 0 per list)
--19129--    exectx: 207 searches, 50 full compares (241 per 1000)
--19129--    exectx: 0 cmp2, 6 cmp4, 0 cmpAll
--19129--  errormgr: 5 supplist searches, 106 comparisons during search
--19129--  errormgr: 5 errlist searches, 10 comparisons during search
~/src/prelink-test $ make prelink
/usr/sbin/prelink -qvN ./liblibrary.so
/usr/sbin/prelink: /usr/lib32/misc/glibc/getconf/POSIX_V6_ILP32_OFF32: Using /lib32/ld-linux.so.2, not /lib/ld-linux.so.2 as dynamic linker
/usr/sbin/prelink: /usr/lib32/misc/glibc/getconf/POSIX_V6_ILP32_OFFBIG: Using /lib32/ld-linux.so.2, not /lib/ld-linux.so.2 as dynamic linker
Laying out 1 libraries in virtual address space 0000003000000000-0000004000000000
Assigned virtual address space slots for 64-bit x86-64 ELF libraries:
/lib64/ld-2.8.so                                             0000003377a00000-0000003377c1bc68
./liblibrary.so                                              0000003000000000-0000003000201028
/lib64/libc-2.8.so                                           0000003377e00000-0000003378147298
[... lots of other libraries cut from this listing ...]
Assigned virtual address space slots for 32-bit i386 ELF libraries:
/lib32/ld-2.8.so                                             4218e000-421aa658
/lib32/libc-2.8.so                                           421ad000-422e6650
[... lots of other libraries cut from this listing ...]
Prelinking /home/arvid/src/prelink-test/liblibrary.so
~/src/prelink-test $ ~/local/valgrind/bin/valgrind -v ./program
==19135== Memcheck, a memory error detector.
==19135== Copyright (C) 2002-2008, and GNU GPL'd, by Julian Seward et al.
==19135== Using LibVEX rev 1883, a library for dynamic binary translation.
==19135== Copyright (C) 2004-2008, and GNU GPL'd, by OpenWorks LLP.
==19135== Using valgrind-3.4.1.SVN, a dynamic binary instrumentation framework.
==19135== Copyright (C) 2000-2008, and GNU GPL'd, by Julian Seward et al.
==19135== 
--19135-- Command line
--19135--    ./program
--19135-- Startup, with flags:
--19135--    -v
--19135-- Contents of /proc/version:
--19135--   Linux version 2.6.27-gentoo-r8-1 (root@tux.lan) (gcc version 4.1.2 20070214 ( (gdc 0.24, using dmd 1.020)) (Gentoo 4.1.2 p1.1)) #1 Sat Jan 31 04:55:36 CET 2009
--19135-- Arch and hwcaps: AMD64, amd64-sse2
--19135-- Page sizes: currently 4096, max supported 4096
--19135-- Valgrind library directory: /home/arvid/local/valgrind/lib/valgrind
--19135-- Reading syms from /home/arvid/src/prelink-test/program (0x400000)
--19135-- Reading syms from /home/arvid/local/valgrind/lib/valgrind/amd64-linux/memcheck (0x38000000)
--19135--    object doesn't have a dynamic symbol table
--19135-- Reading syms from /lib64/ld-2.8.so (0x3377a00000)
--19135-- Reading debug info from /usr/lib/debug/lib64/ld-2.8.so.debug ..
--19135-- Reading suppressions file: /home/arvid/local/valgrind/lib/valgrind/default.supp
--19135-- Reading syms from /home/arvid/local/valgrind/lib/valgrind/amd64-linux/vgpreload_core.so (0x4802000)
--19135-- Reading syms from /home/arvid/local/valgrind/lib/valgrind/amd64-linux/vgpreload_memcheck.so (0x4a04000)
--19135-- Reading syms from /home/arvid/src/prelink-test/liblibrary.so (0x3000000000)
--19135-- Reading debug info from /home/arvid/src/prelink-test/liblibrary.so.debug ..
--19135-- Reading syms from /lib64/libc-2.8.so (0x3377e00000)
--19135-- Reading debug info from /usr/lib/debug/lib64/libc-2.8.so.debug ..
--19135-- REDIR: 0x3377e78900 (rindex) redirected to 0x4a08420 (rindex)
--19135-- REDIR: 0x3377e784f0 (strlen) redirected to 0x4a086c0 (strlen)
--19135-- REDIR: 0x3377e75250 (malloc) redirected to 0x4a07680 (malloc)
--19135-- REDIR: 0x3377e7ac10 (memcpy) redirected to 0x4a09910 (memcpy)
--19135-- REDIR: 0x3377e7b980 (strchrnul) redirected to 0x4a08a20 (strchrnul)
==19135== Invalid read of size 1
==19135==    at 0x4A086C2: strlen (mc_replace_strmem.c:242)
==19135==    by 0x3377E45E4E: vfprintf (in /lib64/libc-2.8.so)
==19135==    by 0x3377E4C769: printf (in /lib64/libc-2.8.so)
==19135==    by 0x30000005DF: library_test (in /home/arvid/src/prelink-test/liblibrary.so)
==19135==    by 0x40068D: main (program.c:6)
==19135==  Address 0x4c3e02f is 1 bytes before a block of size 13 alloc'd
==19135==    at 0x4A076E7: malloc (vg_replace_malloc.c:207)
==19135==    by 0x3377E78271: strdup (in /lib64/libc-2.8.so)
==19135==    by 0x400685: main (program.c:6)
library: 
--19135-- REDIR: 0x3377e72be0 (free) redirected to 0x4a071e0 (free)
--19135-- REDIR: 0x3377e79810 (memset) redirected to 0x4a08970 (memset)
==19135== 
==19135== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 4 from 1)
==19135== 
==19135== 1 errors in context 1 of 1:
==19135== Invalid read of size 1
==19135==    at 0x4A086C2: strlen (mc_replace_strmem.c:242)
==19135==    by 0x3377E45E4E: vfprintf (in /lib64/libc-2.8.so)
==19135==    by 0x3377E4C769: printf (in /lib64/libc-2.8.so)
==19135==    by 0x30000005DF: library_test (in /home/arvid/src/prelink-test/liblibrary.so)
==19135==    by 0x40068D: main (program.c:6)
==19135==  Address 0x4c3e02f is 1 bytes before a block of size 13 alloc'd
==19135==    at 0x4A076E7: malloc (vg_replace_malloc.c:207)
==19135==    by 0x3377E78271: strdup (in /lib64/libc-2.8.so)
==19135==    by 0x400685: main (program.c:6)
--19135-- 
--19135-- supp:      4 dl-hack3-cond-1
==19135== 
==19135== IN SUMMARY: 1 errors from 1 contexts (suppressed: 4 from 1)
==19135== 
==19135== malloc/free: in use at exit: 13 bytes in 1 blocks.
==19135== malloc/free: 1 allocs, 0 frees, 13 bytes allocated.
==19135== 
==19135== searching for pointers to 1 not-freed blocks.
==19135== checked 72,616 bytes.
==19135== 
==19135== LEAK SUMMARY:
==19135==    definitely lost: 13 bytes in 1 blocks.
==19135==      possibly lost: 0 bytes in 0 blocks.
==19135==    still reachable: 0 bytes in 0 blocks.
==19135==         suppressed: 0 bytes in 0 blocks.
==19135== Rerun with --leak-check=full to see details of leaked memory.
--19135--  memcheck: sanity checks: 0 cheap, 1 expensive
--19135--  memcheck: auxmaps: 89 auxmap entries (5696k, 5M) in use
--19135--  memcheck: auxmaps_L1: 2516 searches, 14727 cmps, ratio 58:10
--19135--  memcheck: auxmaps_L2: 103 searches, 89 nodes
--19135--  memcheck: SMs: n_issued      = 15 (240k, 0M)
--19135--  memcheck: SMs: n_deissued    = 0 (0k, 0M)
--19135--  memcheck: SMs: max_noaccess  = 524287 (8388592k, 8191M)
--19135--  memcheck: SMs: max_undefined = 0 (0k, 0M)
--19135--  memcheck: SMs: max_defined   = 149 (2384k, 2M)
--19135--  memcheck: SMs: max_non_DSM   = 15 (240k, 0M)
--19135--  memcheck: max sec V bit nodes:    0 (0k, 0M)
--19135--  memcheck: set_sec_vbits8 calls: 0 (new: 0, updates: 0)
--19135--  memcheck: max shadow mem size:   4384k, 4M
--19135-- translate:            fast SP updates identified: 1,326 ( 86.8%)
--19135-- translate:   generic_known SP updates identified: 128 (  8.3%)
--19135-- translate: generic_unknown SP updates identified: 72 (  4.7%)
--19135--     tt/tc: 3,510 tt lookups requiring 3,529 probes
--19135--     tt/tc: 3,510 fast-cache updates, 2 flushes
--19135--  transtab: new        1,753 (40,107 -> 685,423; ratio 170:10) [0 scs]
--19135--  transtab: dumped     0 (0 -> ??)
--19135--  transtab: discarded  0 (0 -> ??)
--19135-- scheduler: 23,863 jumps (bb entries).
--19135-- scheduler: 0/1,821 major/minor sched events.
--19135--    sanity: 1 cheap, 1 expensive checks.
--19135--    exectx: 769 lists, 175 contexts (avg 0 per list)
--19135--    exectx: 207 searches, 50 full compares (241 per 1000)
--19135--    exectx: 0 cmp2, 6 cmp4, 0 cmpAll
--19135--  errormgr: 5 supplist searches, 106 comparisons during search
--19135--  errormgr: 5 errlist searches, 10 comparisons during search
~/src/prelink-test $
Comment 1 Julian Seward 2009-03-01 02:00:43 UTC 
Probably TomH can comment more on this.  I'd guess it's something
to do with needing to maintain different text_bias values for the
main object and the debuginfo object.
Comment 2 Tom Hughes 2009-03-04 11:48:06 UTC 
Created attachment 31764 [details]
Handle split debuginfo when the main file then gets prelinked

That is indeed the problem, yes. There is a great comment about the problem in readelf.c in fact:

                  // FIXME: update di->text_bias at this point?
                  // or can we assume the SVMAs in the debuginfo
                  // file (hence, the biases) are the same as
                  // established from the main file?

Also your essay in readdwarf.c entitled "Comment_Regarding_DWARF3_Text_Biasing" describing the massive kludge we are currently using to (partially) try and work round the problem.

This patch should fix things - it tracks the svma and bias values properly for the debug info and uses them as appropriate. That also allows the kludge to be removed.
Comment 3 Arvid Norlander 2009-03-05 14:48:00 UTC 
I tried to test the patch (against the 3.4 branch) but I got failed hunks.
$ wget http://bugsfiles.kde.org/attachment.cgi?id=31764
$ mv attachment.cgi\?id\=31764 prelink-patch.patch
$ patch -p0 --dry-run < prelink-patch.patch
patching file coregrind/m_debuginfo/readdwarf.c
Hunk #7 succeeded at 3630 (offset 1 line).
Hunk #8 succeeded at 3677 (offset 1 line).
Hunk #9 succeeded at 3686 (offset 1 line).
Hunk #10 succeeded at 3715 (offset 1 line).
Hunk #11 succeeded at 3748 (offset 1 line).
patching file coregrind/m_debuginfo/readelf.c
patching file coregrind/m_debuginfo/readstabs.c
Hunk #1 FAILED at 336.
1 out of 1 hunk FAILED -- saving rejects to file coregrind/m_debuginfo/readstabs.c.rej
patching file coregrind/m_debuginfo/priv_storage.h
Hunk #1 FAILED at 354.
1 out of 1 hunk FAILED -- saving rejects to file coregrind/m_debuginfo/priv_storage.h.rej
patching file coregrind/m_debuginfo/readdwarf3.c
Hunk #1 FAILED at 474.
1 out of 6 hunks FAILED -- saving rejects to file coregrind/m_debuginfo/readdwarf3.c.rej
patching file coregrind/m_debuginfo/d3basics.c


Using clean r9321. I guess the patch is against trunk or something. I would be happy to test the patch if I knew what to patch against. The 3.4 branch would be easiest to test against.
Comment 4 Tom Hughes 2009-03-05 15:08:33 UTC 
The patch is against trunk, not the 3.4 branch. You need to checkout svn://svn.valgrind.org/valgrind/trunk and try it against that.
Comment 5 Arvid Norlander 2009-03-07 13:44:52 UTC 
The patch works for me. Used trunk revision 9324.
Comment 6 Tom Hughes 2009-03-09 10:19:24 UTC 
Committed as r9329.