Bug#903581: marked as done (valgrind: can't understand libc6 symbols: ELF section outside all mapped regions)

Wed, 18 Jul 2018 15:10:10 -0700 

Your message dated Wed, 18 Jul 2018 22:06:41 +0000
with message-id <[email protected]>
and subject line Bug#903389: fixed in valgrind 1:3.13.0-2.1
has caused the Debian Bug report #903389,
regarding valgrind: can't understand libc6 symbols: ELF section outside all 
mapped regions
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
903389: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=903389
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message --- 
Package: valgrind
Version: 1:3.13.0-2+b1
Severity: grave
Justification: doesn't appear to be usable

valgrind in unstable doesn't seem to be able to load the symbol table for
libc6 correctly, resulting in it not instrumenting malloc()
(false negative) and not applying its own default suppressions to
libc6 (false positives). I think this is RC, but please downgrade the
severity if you disagree.

As a baseline, if I run `valgrind ls` in a stretch chroot, I get:

> ==22578== Using Valgrind-3.12.0.SVN and LibVEX; rerun with -h for copyright 
> info
...
> --22578-- Reading syms from /lib/x86_64-linux-gnu/ld-2.24.so
> --22578--   Considering 
> /usr/lib/debug/.build-id/26/3f909dbe11a66f7c6233e3ff0521148d9f8370.debug ..
> --22578--   .. build-id is valid
...
> --22578-- REDIR: 0x401af80 (ld-linux-x86-64.so.2:strlen) redirected to 
> 0x3809de81 (vgPlain_amd64_linux_REDIR_FOR_strlen)
> --22578-- REDIR: 0x4019830 (ld-linux-x86-64.so.2:index) redirected to 
> 0x3809de9b (vgPlain_amd64_linux_REDIR_FOR_index)
...
> --22578-- REDIR: 0x50daf10 (libc.so.6:malloc) redirected to 0x4c2bb40 (malloc)
...
> ==22578==   total heap usage: 23 allocs, 9 frees, 56,446 bytes allocated

That makes sense to me: valgrind has injected its instrumented strlen(),
index(), malloc(), etc., and was able to monitor memory allocation
and leaks.

Doing the same thing on unstable, I get:

> ==22631== Using Valgrind-3.13.0 and LibVEX; rerun with -h for copyright info
...
> --22631-- Reading syms from /bin/ls
> --22631--    object doesn't have a symbol table
> --22631-- Reading syms from /lib/x86_64-linux-gnu/ld-2.27.so
> --22631-- ELF section outside all mapped regions
> --22631-- Reading syms from /usr/lib/valgrind/memcheck-amd64-linux
> --22631--   Considering /usr/lib/valgrind/memcheck-amd64-linux ..
> --22631--   .. CRC mismatch (computed 98de4825 wanted 55353537)
> --22631--   Considering /usr/lib/debug/usr/lib/valgrind/memcheck-amd64-linux 
> ..
> --22631--   .. CRC is valid
> --22631--    object doesn't have a dynamic symbol table
...
> --22631-- Reading syms from /lib/x86_64-linux-gnu/libselinux.so.1
> --22631--    object doesn't have a symbol table
> --22631-- Reading syms from /lib/x86_64-linux-gnu/libc-2.27.so
> --22631-- ELF section outside all mapped regions
> --22631-- Reading syms from /lib/x86_64-linux-gnu/libpcre.so.3.13.3
> --22631--   Considering /lib/x86_64-linux-gnu/libpcre.so.3.13.3 ..
> --22631--   .. CRC mismatch (computed 0f3a11e2 wanted b2e3bba6)
> --22631--    object doesn't have a symbol table
> --22631-- Reading syms from /lib/x86_64-linux-gnu/libdl-2.27.so
> --22631-- ELF section outside all mapped regions
> --22631-- Reading syms from /lib/x86_64-linux-gnu/libpthread-2.27.so
> --22631-- ELF section outside all mapped regions
> ==22631== Use of uninitialised value of size 8
> ==22631==    at 0x4FF24AA: ??? (in /lib/x86_64-linux-gnu/libc-2.27.so)
> ==22631==    by 0x4F1FAF5: ??? (in /lib/x86_64-linux-gnu/libc-2.27.so)
> ==22631== 
> ==22631== Conditional jump or move depends on uninitialised value(s)
> ==22631==    at 0x4FEE987: ??? (in /lib/x86_64-linux-gnu/libc-2.27.so)
> ==22631==    by 0x4F1FE53: ??? (in /lib/x86_64-linux-gnu/libc-2.27.so)
> ==22631==    by 0x77: ???
> ==22631==    by 0x6: ???
> ==22631==    by 0x2: ???
> ==22631==    by 0x402A49B: ???
> ==22631== 
> ==22631== Conditional jump or move depends on uninitialised value(s)
> ==22631==    at 0x4F1FE57: ??? (in /lib/x86_64-linux-gnu/libc-2.27.so)
> ==22631==    by 0x77: ???
> ==22631==    by 0x6: ???
> ==22631==    by 0x2: ???
> ==22631==    by 0x402A49B: ???
[many more uses of unitialized values elided]
...
> ==22631== HEAP SUMMARY:
> ==22631==     in use at exit: 0 bytes in 0 blocks
> ==22631==   total heap usage: 0 allocs, 0 frees, 0 bytes allocated

I think those uses of uninitialized values were meant to be suppressed
by /usr/lib/valgrind/default.supp, but were not suppressed because valgrind
couldn't recognise which symbols were involved? And valgrind didn't observe
any memory allocation or deallocation.

I get similar results when using valgrind to run newly-compiled binaries,
including this stupid test program: I don't see the uninitialized symbols
for this one, presumably because it's too trivial, but I also don't see
the 1024-byte leak being diagnosed.

----8<----
#include <stdio.h>
int main (void) { malloc(1024); return puts("hello"); }
----8<----

Regards,
    smcv

-- System Information:
Debian Release: buster/sid
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'buildd-unstable'), (500, 
'unstable'), (500, 'testing'), (500, 'stable'), (1, 'experimental-debug'), (1, 
'buildd-experimental'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.17.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_GB.utf8, LC_CTYPE=en_GB.utf8 (charmap=UTF-8), LANGUAGE=en_GB:en 
(charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages valgrind depends on:
ii  libc6      2.27-4
ii  libc6-dbg  2.27-4

Versions of packages valgrind recommends:
ii  gdb           7.12-6+b2
ii  valgrind-dbg  1:3.13.0-2+b1

Versions of packages valgrind suggests:
pn  alleyoop      <none>
pn  kcachegrind   <none>
pn  valgrind-mpi  <none>
pn  valkyrie      <none>

-- no debconf information

--- End Message ---
--- Begin Message --- 
Source: valgrind
Source-Version: 1:3.13.0-2.1

We believe that the bug you reported is fixed in the latest version of
valgrind, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Ansgar Burchardt <[email protected]> (supplier of updated valgrind package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 18 Jul 2018 23:21:57 +0200
Source: valgrind
Binary: valgrind valgrind-dbg valgrind-mpi
Architecture: source
Version: 1:3.13.0-2.1
Distribution: unstable
Urgency: high
Maintainer: Alessandro Ghedini <[email protected]>
Changed-By: Ansgar Burchardt <[email protected]>
Description:
 valgrind   - instrumentation framework for building dynamic analysis tools
 valgrind-dbg - instrumentation framework for building dynamic analysis tools 
(de
 valgrind-mpi - instrumentation framework for building dynamic analysis tools 
(MP
Closes: 903389
Changes:
 valgrind (1:3.13.0-2.1) unstable; urgency=high
 .
   * Non-maintainer upload.
   * backport: Accept read-only PT_LOAD segments and .rodata (Closes: #903389)
     + new patch: 12_Accept-read-only-PT_LOAD-segments-and-.rodata.patch
Checksums-Sha1:
 e874c9d07204ddbcc4390e1511bece09400bf4e0 2448 valgrind_3.13.0-2.1.dsc
 d66a839b9ec5432e20fe9b7647f252a5916cf802 28300 
valgrind_3.13.0-2.1.debian.tar.xz
Checksums-Sha256:
 ce9f54d5d12b377c1a8554369c4366a94bc2a9a819ac2283d02f035a47c3ad45 2448 
valgrind_3.13.0-2.1.dsc
 d353075b6faa7054451f21c294da1c156defff8137a14d27e0b8e7aaf5169f7c 28300 
valgrind_3.13.0-2.1.debian.tar.xz
Files:
 f7dd84aa5a73039f7cac4c8d4eb1b7f1 2448 devel optional valgrind_3.13.0-2.1.dsc
 6e8b66ce0e7298f0579a840cc24f4ad3 28300 devel optional 
valgrind_3.13.0-2.1.debian.tar.xz

-----BEGIN PGP SIGNATURE-----

iQJGBAEBCgAwFiEE6XYjQ9o8g2p4zSVKamMCj1p06JMFAltPuFESHGFuc2dhckBk
ZWJpYW4ub3JnAAoJEGpjAo9adOiTAuEP/j211d17lbrbg+98dEsec1ruuWc8++Wv
1HxOwwLBGFySrdb5QZe1GTQqO+deFiQ72d1lt+VygUpetka8kX8OTCzIqknQjRbu
VinRah2J/edrwT/mLSzyoQpxa3NbKUNtkZQ9POIlJf53lqYvKQYWNGCg2X6lHQX/
7KaUZV4EEOXbk8aJnImwad4Zi5Fzra5c4ZuXTGk4GAXjKs1zF/SXWbR2Ce8xZkUQ
EF+3Cyaskr4GM0CURp9qCOQL4R7C9chrU1AyaXZm02Ttf3B8hLSh++4j9EztmCPr
QASTWvLXWGwBx9ML/1q1zk4Z8gyA/6ei6gCgoDKPZ/w/ZuzVVIvcKg2uWMi0PfLj
Xn3qdcOUsVW5u74RotcU+pPSGDbJ5l6NUkQgi8IGadBCzC/AwOrtgeU55R8Q/YPX
TDBMDAAkgaEE817yE7er8Poi/Ryj26HkLv1X69u0861cfoHRb581liMVJ1DyywHw
WdQ3fi90HUzUb6deoUXn/1Kc3rWJJrhA5J+eax0wUZS1YNKFiJX0RkSuKo3xgfOj
xG/wA/7EWp7FWtdAMy6TWH5eMYACLZ7wnD11DocBb+hLxvTvz8cMOFKSQJQi0/o3
/91bGGwExt5YCyoJwNAVloTAaGHmcnuNRGGuXH5c7h5Qp0+gwKnU3+2PTZHVP/jg
jxCFYOSs6gYa
=nrQt
-----END PGP SIGNATURE-----

--- End Message ---

Reply via email to