1 2 Bugs reported after the release of 3.8.0 3 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 4 5 This file lists bugs that were reported after 3.8.0 was released, both 6 in 3.8.0 and trunk, and that have not been closed. Bugs that have 7 been closed as "fixed" are listed in the top level NEWS file instead. 8 In other words they get listed here first and moved to NEWS if they 9 get fixed. 10 11 This file also tracks commits & fixes that should be pushed to the 3.8 12 branch. 13 14 -- PUSH TO 3_8_BRANCH 15 16 (B38=2500) 2469 Fix a mixup .. 17 (B38=12930) 12873 n-i-bz: Use -s USR1 instead of -10 to send SIGUSR1 signal 18 (B38=12931) 12874 n-i-bz: shmat of a segment > 4Gb does not work 19 (B38=12933) 12878 n-i-bz: On Darwin, use __NR_poll_nocancel rather than __NR_poll 20 (B38=12934) 12879 + 12882 + 12883 (301281, OSX hang on "system") 21 (B38=12936) 12881 ptrace mips stuff 22 (B38=12938) 12885 (Iop_DPBtoBCD and Iop_BCDtoDPB fix) 23 (B38=2502) 2475 (289584: Handle a reg-reg encoding of MOVAPS) 24 (B38=2503) 2476 (305042: Implement 0F 7F encoding of movq reg-reg) 25 (B38=12940) 12887 (n-i-bz: libmpiwrap.c fixes) 26 (B38=2504) 2477 (305321: Re-enable 'prefetch m8' and 'prefetchw m8') 27 (B38=2505) 2478 (295808: Fix LZCNT and TZCNT properly) 28 (B38=2506) 2479 (305199: Implement QDADD and QDSUB) 29 (B38=2507) 2480 (304867: Implement MOVBE in 32 bit mode) 30 (B38=12941) 12891 (304980: Fix up range checking in ML_(addLineInfo)) 31 (B38=12942) 12892 (305513: Fix skipping of block forms) 32 (B38=12943) 12893 (298281: Implement a wrapper for wcslen on Linux) 33 (B38=12944) 12894 (n-i-bz, exp-sgcheck memcpy) 34 (B38=12945) 12897/8 (305690: Handle non-zero sem_*wait() return values correctly) 35 (B38=2508) 2499 (305926: Invalid alignment checks for some AVX instructions) 36 (B38=12946) 12923 (304980: Guard against negative symbol sizes) 37 (B38=12948) 12947 (n-i-bz: volatile in stack check, re clang) 38 (B38=12984) 12964 (306310 3.8.0 release tarball missing some files) 39 (B38=2534) 2517/8 (n-i-bz: fix a couple of union tag-vs-field mixups) 40 (B38=2535) 2531 (306297: ARM: STM<c>.W <Rn>{!}, <registers> too strict) 41 (B38=2536) 2532 (306664: AMD64: Fix PCMPxSTRx variant $0x46) 42 (B38=12985) 12982 (306612: Intercept __GI_memmove) 43 (B38=2537,12986) 44 2533,12980 45 (304035: ARM: uqsub16 shadd16 uhsub8 uhsub16) 46 47 -------- Bugs brought forward from 3_7_BUGSTATUS.txt -------- 48 49 291310 FXSAVE instruction marks memory as undefined on amd64 50 x86 vs amd64 inconsistency? 51 **is fixed in 3.8.0, but was not marked as such 52 ** no it's not; v38BRANCH shows error, vTRUNK doesn't -- investigate 53 REOP 54 55 -------- Unfixed in 3.8.0 56 57 303741 sockaddr* parameter of recvfrom not handled correctly 58 (corruption not detected later on) 59 SYSCALL, HAS_TESTCASE 60 61 303877 valgrind doesn't support compressed debuginfo sections. 62 QUERIED 63 64 304259 support Darwin 12 (Mac OS 10.8, Mountain Lion) 65 OSX108 (Canonical) 66 67 304321 m_signals.c:2314 (sync_signalhandler_from_kernel): 68 Assertion 'tid != 0' failed 69 CLOSED as UNMAINTAINED. 70 71 304450 time logging tools ? 72 WISHLIST 73 74 304675 make install-strip fails when cross-compiling 75 w/ one-liner patch; but needs checking (should be more general? 76 assumes auto* version?) 77 78 304676 regtest hangs on mac OS X (mchelp, coolo_sigaction, system) 79 probably related to 301281 et al. Still valid. 80 OSX 81 82 305170 linux: add FIOCLEX and FIONCLEX ioctls 83 SYSCALL. w/ patch, looks pretty harmless 84 85 n-i-bz exp-sgcheck asserts on gcc-4.6.2 generated Dwarf3 86 87 305957 m_debuginfo/d3basics.c:965 (vgModuleLocal_evaluate_GX): 88 Assertion 'aMin == (Addr)0' failed. 89 QUERIED -- no info so far -- close? 90 91 306004 Wishlist: port valgrind to sparc 92 WISHLIST 93 94 -- Sat 1 Sept 2012 10pm 95 96 306171 Boost.Context appears to cause Valgrind to crash 97 Stack switching; should fix. (Conservative unwind?) 98 99 306235 unhandled syscall: 429 (freebsd) 100 Need to forward to FreeBSD port maintainers. 101 102 306299 Internal error when running a winelib application 103 Conservative unwind? 104 105 306340 parse_var_DIE confused by DWARF from clang-3.1 106 Might be quite simple to fix; need to investigate. 107 No action so far 108 109 306535 massif: force dump result every X minutes 110 Queried 111 112 306587 data cache line size is 128 and instruction cache line size is 32 113 PPC; obscure, needs investigatoin 114 115 306590 not support e500v2 spe 0x216 command 116 PPC SPE insns; with plausible looking patch? Need test cases, and 117 cc Mehafy. 118 119 286864 strlen function redirection error 120 Gentoo glibc "miscompilation"; is this important? 121 122 -- Mon 17 Sept 2012, 10 am 123 124 valgrind.spec diff at https://bugzilla.mozilla.org/show_bug.cgi?id=750856#c20 125 r13008 to 382 ? check 126 change of leak-check-counting? 307465 127 gkw extra suppression? 128 gcp libnss3.so debuginfo read hang 129 130 306947 s390x: BFP rounding mode improvements 131 Proposal, no action 132 133 306949 s390x: BFP condition code improvements 134 Proposal, no action 135 136 211352 helgrind races in helgrind's own mythread_wrapper 137 NEEDINFO 138 139 307367 amd64->IR: 0xF2 0x48 0xF 0x5F 0x3E 0xF2 0x48 0xF 140 redundant-REX, should be easy to fix 141 142 307399 amd64->IR: 0xC4 0x62 0x55 0x2E 0x18 0x44 0x39 0x87 143 (vmaskmovps %ymm11,%ymm5,(%rax)) 144 CONDITIONAL STORES -- probably fixed? 145 146 307415 3.8.1 build error - OSX Lion 10.7.4 duplicate symbol 147 _mach_make_memory_entry 148 OSX or XCode 4.5 149 150 307500 Valgrind docs have two <title> tags 151 QUERIED (unclear how to fix) 152 Severity: low 153 154 308027 Warning: negative range in .debug_loc section 155 QUERIED -- not sure this needs fixing or not 156 157 79362 Debug info is lost for .so files when they are dlclose'd 158 Still alive! 159 160 308158 running with --leack-check=full makes valgrind exit 161 FreeBSD -- although FreeBSD maintainers may not be aware 162 163 ------ Thu Oct 11 18:51:26 CEST 2012 164 165 197915 80-bit floats are not supported on x86 and x86-64 166 indeed, yes. 167 168 299316 Helgrind: hg_main.c:628 (map_threads_lookup): Assertion 'thr' 169 failed. 170 OSX Helgrind 171 172 308582 massif: wrong stack usage at exit of threaded program 173 No action so far 174 175 308668 pthread rwlock_rdlock doesn't understand modifications in 176 some cases (Helgrind) 177 Real; no action so far 178 179 308729 vex x86->IR: unhandled instruction bytes 0xf 0x5 180 HAS_PATCH, but NEEDINFO 181 182 243232 *Inconsistent Lock Orderings report with trylock (PBOS?) 183 Almost certainly real (+ probably a dup). No action so far. 184 185 237920 valgrind segfault on fork failure 186 Uninvestigated; filed by JJ 187 188 308816 valgrind GPF in signal handler context 3.8.1 (allignment 189 Needs investigation 190 Maybe fixed? 191 192 309100 s390x: Testcases for extended BFP 193 No action so far 194 195 309430 Self hosting ppc64 encounters a vassert error on operand type 196 No action so far. Sounds a bit strange. 197 198 309554 Unhandled syscall remap_file_pages (216) 199 No action so far 200 Possibly difficult to implement 201 202 309721 add client request returning current value of a statistic (e.g. Ir) 203 Wishlist. No action yet. 204 205 309783 Valgrind does not support separate source and build directories 206 Has patch, but needs further checking 207 Does not appear to be much enthusiasm for this 208 209 309827 *add support for nvidia (nvmem) ioctls 210 A bunch of Android hackery from VladV; needs pulling apart 211 FIX 3.9 (commit) 212 213 309831 3.8.1: disInstr(arm): unhandled instruction: 0xECECA102 214 (stcl, gdb disassembles to stfp) .. IWMMXT 215 ==309604 216 217 310188 need better diagnostic when mmap() fails with EINVAL 218 No patch so far 219 Severity: low 220 221 310692 [coregrind] Thread scheduling regression? 222 Spinlockery 223 Severity: med Audience: low 224 225 311093 massif and memcheck fail to redirect malloc calls on 226 statically linked application 227 Probably INVALID 228 229 -- Wed Dec 5 23:41:20 CET 2012 230 231 311544 sys_fork() calls VG_(do_atfork_pre)() AFTER forking() 232 FIX 3.9 (easy) 233 234 311649 exhausting fds can leak created files 235 Probably true; NEEDINFO; possible WONTFIX; QUERIED 236 237 311655 --log-file=FILE leads to apparent fd leak ("Open file 238 descriptor 3: $LOGFILE") 239 Probably true; should fix. 240 Severity: med Audience: low 241 242 311827 OS X 10.8.2 (eq_SyscallStatus): the 'impossible' happened. 243 OSX10.8 Maybe fixed in the trunk already. QUERIED 244 245 312989 ioctl handling needs to do POST handling on generic ioctls and 246 needs to handle BPF ioctls 247 OSX10.8 FIX 3.9 (commit) 248 249 313275 False positives for shared memory semaphores/mutexes/conditions 250 No action so far. Has testcase patches. 251 Potentially important to fix, but does not look easy. 252 253 313276 helgrind does not recognize shared memory initialized 254 semaphores, mutexes, conditions 255 == 313275, pretty much 256 Severity: med Audience: low 257 258 313875 cr_libinit.c:183 cri_init: sigaction() failed: Invalid argument 259 No action so far 260 Severity: high Audience: low 261 262 ** [Bug 291310] FXSAVE instruction marks memory as undefined on amd64 263 Severity: med Audience: low 264 265 314236 OS X 10.8 testsuite build failure: test million.o 266 OSX108 No action so far. 267 Severity: low Audience: med 268 269 314365 enable VEX to run asm helpers that do callee register saving 270 In progress; not sure whether this is a good idea 271 272 -- Thu Feb 28 09:54:56 CET 2013 273 274 315936 UNKNOWN task message [id 3403, to mach_task_self(), reply 275 0x2603] when running fork()ing tests on Mac OS X 276 OSX10.8 277 278 315952 tun/tap ioctls are not supported 279 QUERIED; leaving open for now 280 Severity: med Audience: low 281 282 316034 Building valgrind with gcc (4.7, trunk) fails on MacOS X 10.8 283 Probably WONTFIX. 284 285 -- Mon Mar 4 11:36:17 CET 2013 286 287 294285 --partial-loads-ok does not work for 16-byte SSE loads 288 FIXED (multiple commits) 289 Requires regtest hookup on ppc 290 291 316382 Support for AMDs FMA4 instructions seem to be missing 292 No action so far 293 Severity: high Audience: low 294 295 316528 Dump for cachegrind 296 Wishlist 297 298 316612 A -Wunused-value warning from Clang when including memcheck.h 299 Probably needs doc update 300 Severity: low Audience: med 301 302 316696 fluidanimate program of parsec 2.1 stuck (do not finish 303 for more than 5 hours) 304 No action so far (DRD specific) 305 NEEDINFO 306 Severity: high Audience: low 307 308 316874 amd64->IR: 0xC4 0xE2 0xF8 0xF2 0x85 0x30 0xFF 0xFF 309 Probably some AMD FMA insn? 310 Severity: high Audience: low 311 312 316903 memcheck/tests/origin5-bz2 FAIL with gcc-4.5+ 313 Possibly a real bug 314 Severity: med Audience: med 315 316 317078 _mm_madd_epi16, undefined * 0 should not give uninitialised result 317 True, but probably difficult to fix without perf hit 318 Prio: low 319 320 317127 Fedora18/x86_64 --sanity-level=3 : aspacem segment mismatch 321 Diagnosed (BTRFS specific); unclear what to do, if anything 322 323 317208 vex x86->IR: unhandled instruction bytes: 0xC8 0x0 0x0 0x0 324 "enter $0,$0" created by D language compiler 325 Severity: high Audience: low 326 327 317381 helgrind warns about xchg vs suppressed store 328 No action so far. Not sure there's an easy fix for this. 329 Severity: med Audience: low 330 331 317390 Patch for FBLD/FBSTP/FTST 332 Needs cleanup+test cases. Queried. 333 Severity: high Audience: low 334 335 317441 Add support for AMD's LWP (LightWeight Profiling) architecture 336 extension 337 Contains plausible infrastructure patch; no insns so far tho 338 This is going to need some working through. Probably OK. 339 Not sure if can make 3.9. 340 Severity: high Audience: low 341 342 317698 parse_var_DIE: confused by: DW_TAG_compile_unit using 343 Intel 13.0 update 3 compiler 344 Reporter has queried Intel since this might be an ICC bug 345 NEEDINFO 346 Severity: med Audience: low 347 348 317893 massif terminates without any message 349 Probably just a memory limit thing. Close as a dup, but of what? 350 NEEDINFO 351 352 318030 addHRegUse takes a lot of CPU time; band-aid speedup 353 patch within 354 No action so far 355 Needs review; would be nice to redo this with a more robust API 356 357 Thu Apr 11 18:16:04 CEST 2013 358 359 319237 [PATCH] Added support for ELF injection 360 FreeBSD-specific 361 362 319274 unhandled syscall: unix:410 363 OSX108-specific 364 365 319306 gdbserver tests call vgdb without path; patch within 366 Needs further discussion? 367 368 319307 Patches to let test suite run in parallel 369 Looks plausible 370 Wishlist, effectively (has patch) 371 372 319393 bad rounding in cvtsi2ss instruction 373 Not started. Looks valid. (double rounding) 374 Severity: med Audience: low 375 376 319419 unhandled syscall: unix:369 377 OSX108-specific 378 379 319547 helgrind gives false positives on rwlocks 380 Needs investigation. Quite possibly a real bug. 381 Severity: med Audience: med 382 383 319896 vex amd64->IR: 0x8C 0xE0 384 Probably requires proper segment support, but need to check. 385 Severity: high Audience: low 386 387 320082 disInstr(thumb): unhandled instruction on instruction LDRB 388 Has patch 389 LDRB; surely already supported? Queried. 390 MMhmh, untestable? 391 Severity: high Audience: low 392 393 320100 Add nanosecond timer support 394 A bigger patch depends on it, but that has not appeared yet 395 Wishlist, + as yet incomplete 396 397 320546 valgrind exits with "Assertion 'in_rx' failed" 398 for /system/lib/libva-android.so on Android 4.0.4 399 Need more info (the .so); queried. 400 MAYBE FIX 3.9 (potentially serious) 401 402 320965 Unrecognised instruction __ieee754_pow_sse2 403 Not sure what this is. Queried. 404 Severity: high Audience: low (??) 405 406 321396 Add Support for Freescale e500v2 SPE Architecture. 407 Is metabug? -- no patch, no details 408 409 321400 Add Support for Freescale e5500 Architecture. 410 No patch, no details 411 412 321401 Add Support for Freescale e6500 Architecture. 413 No patch, no details 414 415 321681 printf false positive 416 Severity: med Audience: low 417 418 321836 valgrind cross compilation failure on Ubuntu machine 419 MIPS specific? 420 421 Tue Jul 2 12:15:07 CEST 2013 422 423 321888 *Unhandled instruction: LDRH (Thumb) 424 Has patch; plausible (needs checking) 425 FIX 3.9 (commit) 426 427 321892 *Unhandled instruction: LDRSH (Thumb) 428 Has patch; plausible (needs checking) 429 FIX 3.9 (commit) 430 431 321902 *disInstr(ARM): 0xECECA102 432 321903 == 321902 433 MAYBE 3.9 (query vgolubev) 434 435 322150 Add Support for Cavium Octeon Instructions 436 MIPS64; has patch; assigned to Petar 437 MAYBE 3.9 (query Petar) 438 439 322256 Provide more callstacks on memory pool related errors 440 Contains plausible patch; needs looking at 441 Severity: low Audience: low 442 443 322258 No thread notification is printed if new thread reused tid of 444 old thread that triggered last error 445 Contains plausible patch. Is bug fix. (should take) 446 FIX 3.9 (commit) 447 448 322586 Unknown instruction (bextr) in ld-2.15.so with --march=native on AMD FX-8350 449 AMD specific. Uninvestigated. 450 Severity: high Audience: low (??) 451 452 322593 Power 8 code to implement Transactional support 453 Implements pass-to-host scheme; not intended to land. 454 Severity: low (right now) Audience: low 455 456 322621 False positives with pthread_barrier_wait / helgrind 457 Severity: med Audience: low 458 459 323020 more mysteries in valgrind thread stack handling 460 QUERIED 461 Severity: med Audience: low 462 463 323046 Implement ANNOTATE_THREAD_NAME() Hellgrind annotation 464 Request for implementation 465 QUERIED .. is 322254 good enough? 466 Severity: low Audience: med 467 468 323178 *Unhandled instruction: PLDW register (ARM) 469 Has patch; plausible (needs checking) 470 FIX 3.9 (commit) 471 472 323179 *Unhandled instruction: PLDW immediate (ARM) 473 Has patch; plausible (needs checking) 474 FIX 3.9 (commit) 475 476 323268 New calls for custom memory allocators 477 Obscure; needs investigation 478 Severity: low Audience: low 479 480 323431 vex amd64->IR: 0x8F 0xE8 0x78 0xA2 0xC1 0x40 0xC5 0xFB 481 AMD-specific? 482 Severity: high Audience: low (??) 483 FIX 3.9 if can do it at no risk and no CPUID hassle 484 -- ask mjw 485 486 323448 Check for memory overlap in sprintf()-like functions 487 Severity: low Wishlist 488 489 323464 VALGRIND_MEMPOOL_ALLOC problems with size >= 2^32 490 64-bit uncleanness; no action so far; QUERIED 491 Severity: med Audience: low 492 493 323777 *Documentation does not warn of sgcheck+darwin incompatibility 494 FIX 3.9 495 496 324050 Helgrind: SEGV because of unaligned stack when using movdqa 497 Needs to be looked at. Is this real, or some Gentoo-caused 498 breakage? 499 Severity: high (hg crash) Audience: low 500 501 324078 Track and show in logs which thread allocated memory 502 Probably sync-event-loss in Helgrind 503 Severity: high (hg correctness bug?) Audience: low 504 505 324081 3.8.1 Valgrind periodically hangs in long-running application 506 NEEDINFO (requested) 507 508 324261 errorcount in xml output remains empty (no error pairs mentioned) 509 Hmm, looks like a real bug. 510 Severity: med Audience: low 511 512 324486 WARNING: unhandled syscall: 310 513 == 166355 514 Hmm, tricky, sys_unshare. 515 Severity: high Audience: low 516 517 324525 valgrind can not detect any leak 518 PROBABLE INVALID; needs closing. 519 Severity: med Audience: low 520 521 324809 show nightly regression tests results (and later performance) in a 522 nice html page on valgrind.org 523 In progress 524 Severity: low Audience: low 525 526 324882 CPUID should depend on VEX capabilities, not on underlying CPU 527 Middle-term cleanup; not urgent 528 529 Thu Sep 19 10:34:49 CEST 2013 530
