[valgrind] [Bug 444571] New: ppc64le dlclose_leak fails (when lxsibzx is used)

Thu, 28 Oct 2021 15:59:15 -0700 

https://bugs.kde.org/show_bug.cgi?id=444571

            Bug ID: 444571
           Summary: ppc64le dlclose_leak fails (when lxsibzx is used)
           Product: valgrind
           Version: unspecified
          Platform: Other
                OS: Linux
            Status: REPORTED
          Severity: normal
          Priority: NOR
         Component: memcheck
          Assignee: jsew...@acm.org
          Reporter: m...@klomp.org
                CC: c...@us.ibm.com
  Target Milestone: ---

on ppc64le memcheck/tests/linux/dlclose_leak fails:

--- dlclose_leak.stderr.exp     2021-10-28 17:52:34.597615502 -0400
+++ dlclose_leak.stderr.out     2021-10-28 18:27:39.453343651 -0400
@@ -2,13 +2,6 @@
    at 0x........: jmp_on_uninit (dlclose_leak_so.c:10)
    by 0x........: main (dlclose_leak.c:29)

-Invalid read of size 1
-   at 0x........: main (dlclose_leak.c:32)
- Address 0x........ is 1 bytes before a block of size 1 alloc'd
-   at 0x........: malloc (vg_replace_malloc.c:...)
-   by 0x........: alloc_1_byte (dlclose_leak_so.c:20)
-   by 0x........: main (dlclose_leak.c:30)
-
 Conditional jump or move depends on uninitialised value(s)
    at 0x........: jmp_on_uninit (dlclose_leak_so.c:10)
    by 0x........: main (dlclose_leak.c:29)

It is missing the invalid read at dlclose_leak.c:32

32              x = memToLeak[-1];

This can also be seen with this much simpler program:

# cat b.c 
#include <malloc.h>

int main ()
{
  char *a = malloc (1);
  char x = a[-1];
}

gcc (GCC) 11.2.1 20210728 (Red Hat 11.2.1-2)

# gcc -g -o b b.c 

# valgrind -q ./b

(nothing)

On other arches this shows:

==102542== Invalid read of size 1
==102542==    at 0x4005CC: main (b.c:6)
==102542==  Address 0x4a4303f is 1 bytes before a block of size 1 alloc'd
==102542==    at 0x48680D8: malloc (vg_replace_malloc.c:381)
==102542==    by 0x4005C3: main (b.c:5)

On ppc64le the disassembly looks like:

Dump of assembler code for function main:
4       {
   0x000000001000064c <+0>:     lis     r2,4098
   0x0000000010000650 <+4>:     addi    r2,r2,32512
   0x0000000010000654 <+8>:     mflr    r0
   0x0000000010000658 <+12>:    std     r0,16(r1)
   0x000000001000065c <+16>:    std     r31,-8(r1)
   0x0000000010000660 <+20>:    stdu    r1,-64(r1)
   0x0000000010000664 <+24>:    mr      r31,r1

5         char *a = malloc (1);
   0x0000000010000668 <+28>:    li      r3,1
   0x000000001000066c <+32>:    bl      0x10000460
<0000002a.plt_call.malloc@@GLIBC_2.17>
   0x0000000010000670 <+36>:    ld      r2,24(r1)
   0x0000000010000674 <+40>:    mr      r9,r3
   0x0000000010000678 <+44>:    std     r9,32(r31)

6         char x = a[-1];
=> 0x000000001000067c <+48>:    ld      r9,32(r31)
   0x0000000010000680 <+52>:    addi    r9,r9,-1
   0x0000000010000684 <+56>:    lxsibzx vs0,0,r9
   0x0000000010000688 <+60>:    addi    r9,r31,40
   0x000000001000068c <+64>:    stxsibx vs0,0,r9
   0x0000000010000690 <+68>:    li      r9,0

7       }
   0x0000000010000694 <+72>:    mr      r3,r9
   0x0000000010000698 <+76>:    addi    r1,r31,64
   0x000000001000069c <+80>:    ld      r0,16(r1)
   0x00000000100006a0 <+84>:    mtlr    r0
   0x00000000100006a4 <+88>:    ld      r31,-8(r1)
   0x00000000100006a8 <+92>:    blr
   0x00000000100006ac <+96>:    .long 0x0
   0x00000000100006b0 <+100>:   .long 0x1000000
   0x00000000100006b4 <+104>:   .long 0x1000180

-- 
You are receiving this mail because:
You are watching all bug changes.

Reply via email to