search

wmkhoo / taintgrind

A taint-tracking plugin for the Valgrind memory checking tool
GNU General Public License v2.0
249 stars 42 forks source link

Taintgrind crashes on Fedora 24 #10

Closed dpoetzsch closed 8 years ago

dpoetzsch commented 8 years ago

Hi,

since I upgraded from Fedora 23 to Fedora 24 taintgrind crashes (see log below).

OS: Fedora 24 x64 Valgrind: 3.11.0

==27564== Taintgrind, the taint analysis tool
==27564== Copyright (C) 2010-2014, and GNU GPL'd, by Wei Ming Khoo.
==27564== Using Valgrind-3.11.0 and LibVEX; rerun with -h for copyright info
==27564== Command: ./sign32
==27564== 
--27564-- Valgrind options:
--27564--    --tool=taintgrind
--27564--    -v
--27564-- Contents of /proc/version:
--27564--   Linux version 4.6.3-300.fc24.x86_64 (mockbuild@bkernel02.phx2.fedoraproject.org) (gcc version 6.1.1 20160510 (Red Hat 6.1.1-2) (GCC) ) #1 SMP Fri Jun 24 20:52:41 UTC 2016
--27564-- 
--27564-- Arch and hwcaps: AMD64, LittleEndian, amd64-cx16-rdtscp-sse3-avx
--27564-- Page sizes: currently 4096, max supported 4096
--27564-- Valgrind library directory: /home/cui/gits/master/valgrind-3.11.0/inst/lib/valgrind
--27564-- Reading syms from /home/cui/gits/master/foo/sign32
--27564-- warning: addVar: unknown size (vargs)
--27564-- warning: addVar: unknown size (vargs)
--27564-- Reading syms from /usr/lib64/ld-2.23.so
--27564-- Reading syms from /home/cui/gits/master/valgrind-3.11.0/inst/lib/valgrind/taintgrind-amd64-linux
--27564--    object doesn't have a dynamic symbol table
--27564-- warning: addVar: unknown size (sps)
--27564-- warning: addVar: unknown size (sps)
--27564-- warning: addVar: unknown size (ips)
--27564-- warning: addVar: unknown size (vargs)
--27564-- warning: addVar: unknown size (vargs)
--27564-- warning: addVar: unknown size (vargs_copy)
--27564-- warning: addVar: unknown size (vargs)
--27564-- warning: addVar: unknown size (vargs)
--27564-- Scheduler: using generic scheduler lock implementation.
==27564== embedded gdbserver: reading from /tmp/vgdb-pipe-from-vgdb-to-27564-by-cui-on-sunlight
==27564== embedded gdbserver: writing to   /tmp/vgdb-pipe-to-vgdb-from-27564-by-cui-on-sunlight
==27564== embedded gdbserver: shared mem   /tmp/vgdb-pipe-shared-mem-vgdb-27564-by-cui-on-sunlight
==27564== 
==27564== TO CONTROL THIS PROCESS USING vgdb (which you probably
==27564== don't want to do, unless you know exactly what you're doing,
==27564== or are doing some strange experiment):
==27564==   /home/cui/gits/master/valgrind-3.11.0/inst/lib/valgrind/../../bin/vgdb --pid=27564 ...command...
==27564== 
==27564== TO DEBUG THIS PROCESS USING GDB: start GDB like this
==27564==   /path/to/gdb ./sign32
==27564== and then give GDB the following command
==27564==   target remote | /home/cui/gits/master/valgrind-3.11.0/inst/lib/valgrind/../../bin/vgdb --pid=27564
==27564== --pid is optional if only one valgrind process is running
==27564== 
--27564-- Reading syms from /home/cui/gits/master/valgrind-3.11.0/inst/lib/valgrind/vgpreload_core-amd64-linux.so
--27564-- Reading syms from /home/cui/gits/master/valgrind-3.11.0/inst/lib/valgrind/vgpreload_taintgrind-amd64-linux.so
--27564-- Reading syms from /usr/lib64/libc-2.23.so
V256
Taintgrind: the 'impossible' happened:
   tnt_translate.c: convert_Value

host stacktrace:
==27564==    at 0x38076A08: show_sched_status_wrk (m_libcassert.c:343)
==27564==    by 0x38076B24: report_and_quit (m_libcassert.c:415)
==27564==    by 0x38076DC4: vgPlain_tool_panic (m_libcassert.c:491)
==27564==    by 0x3805ABE0: convert_Value (tnt_translate.c:5808)
==27564==    by 0x380664CE: create_dirty_GET (tnt_translate.c:6272)
==27564==    by 0x38067D24: vgTaintgrind_instrument (tnt_translate.c:4509)
==27564==    by 0x38091AAF: tool_instrument_then_gdbserver_if_needed (m_translate.c:238)
==27564==    by 0x3813AEFC: LibVEX_Translate (main_main.c:934)
==27564==    by 0x38094385: vgPlain_translate (m_translate.c:1765)
==27564==    by 0x380C6D8E: vgPlain_scheduler (scheduler.c:1048)
==27564==    by 0x380D5E86: run_a_thread_NORETURN (syswrap-linux.c:102)

sched status:
  running_tid=1

Thread 1: status = VgTs_Runnable (lwpid 27564)
==27564==    at 0x4016C80: _dl_runtime_resolve_avx (in /usr/lib64/ld-2.23.so)
==27564==    by 0x400408: _start (in /home/cui/gits/master/foo/sign32)
==27564==    by 0xFFEFFFEB7: ???
==27564==    by 0x4224F7F: ??? (in /usr/lib64/ld-2.23.so)
dpoetzsch commented 8 years ago

Awesome, it works again! Thanks :)