345887 – r15034 causes assertion nsegments[segA].kind == SkAnonC at aspacemgr-linux.c:2845 (vgPlain_am_extend_into_adjacent_reservation_client)

Bug 345887 - r15034 causes assertion nsegments[segA].kind == SkAnonC at aspacemgr-linux.c:2845 (vgPlain_am_extend_into_adjacent_reservation_client)

Summary: r15034 causes assertion nsegments[segA].kind == SkAnonC at aspacemgr-linux.c:...

Status:	RESOLVED FIXED

Alias:	None

Product:	valgrind
Classification:	Developer tools
Component:	general (show other bugs)
Version:	unspecified
Platform:	Compiled Sources Linux

Importance:	NOR crash
Target Milestone:	---
Assignee:	Julian Seward

URL:
Keywords:

Depends on:
Blocks:

Reported:	2015-04-05 10:23 UTC by Ivo Raisr
Modified:	2015-04-24 00:34 UTC (History)
CC List:	2 users (show)

See Also:
Latest Commit:
Version Fixed In:
Sentry Crash Report:

Attachments
test case for amd64 (1.21 KB, text/x-csrc) 2015-04-05 10:23 UTC, Ivo Raisr	Details
test case for x86 (1.37 KB, text/x-csrc) 2015-04-05 10:24 UTC, Ivo Raisr	Details
proposed patch including test cases (10.12 KB, patch) 2015-04-12 19:44 UTC, Ivo Raisr	Details
View All Add an attachment

Note You need to log in before you can comment on or make changes to this bug.

Description Ivo Raisr 2015-04-05 10:23:53 UTC

Created attachment 91894 [details]
test case for amd64

I think r15034 (changes adding VG_(am_is_bogus_client_stack_pointer)())
causes some form of regression in stack extending.

Please see attached test cases for x86/linux and amd64/linux.
On Valgrind r15033 these finish successfully with:
==19090== Process terminating with default action of signal 11 (SIGSEGV)
==19090==  Access not within mapped region at address 0x101
Segmentation fault (core dumped)
(Which is expected behaviour because they test dumping core.)

However on Valgrind r15034 these crash Valgrind with an assertion:
--19128:0: aspacem Valgrind: FATAL: aspacem assertion failed:
--19128:0: aspacem   nsegments[segA].kind == SkAnonC
--19128:0: aspacem   at m_aspacemgr/aspacemgr-linux.c:2845 (vgPlain_am_extend_into_adjacent_reservation_client)
--19128:0: aspacem Exiting now.

The attached test cases are simply built with gcc -m32/-m64.

Comment 1 Ivo Raisr 2015-04-05 10:24:27 UTC

Created attachment 91895 [details]
test case for x86

Comment 2 Ivo Raisr 2015-04-12 19:44:19 UTC

Created attachment 91994 [details]
proposed patch including test cases

Patch fixes regression caused by Valgrind r15034.
VG_(am_is_bogus_client_stack_pointer)() is called prior VG_(extend_stack)()
in signal handling code for thread 1.

Regression test cases for x86-linux and amd64-linux are also part of the patch.
Tested on x86/linux and amd64/linux, everything is ok.

Comment 3 Florian Krohm 2015-04-23 15:21:12 UTC

Thanks for the testcases!
Fixed in r15138

Comment 4 Ivo Raisr 2015-04-24 00:34:00 UTC

Thank you for fixing this!