Re: Issue with musl and valgrind

[Rich Felker <dalias@libc.org>]

On Mon, Jan 06, 2020 at 05:24:35PM +0100, d.dorau@avm.de wrote:
> "Rich Felker" <dalias@aerifal.cx> schrieb am 06.01.2020 14:56:23:
> [...]
> > 
> > This is really a bug in valgrind, that it's relying on a mix of the
> > dynamic linker and its own mechanism for interposing malloc. Either
> > the interposition should not take place until after line 1913 of
> > __dls3 in dynlink.c (this is what would happen if you did it via
> > LD_PRELOAD without valgrind), or valgrind should do its own loading
> > and relocation of vgpreload_memcheck-*.so independent of the tracee's
> > dynamic linker.
> > 
> > On most archs, the problem does not manifest as things are setup so
> > that it's safe to call free in an unrelocated context. However
> > realloc is gratuitously not safe and Adélie Linux has a patch for it
> > to do it like free:
> > 
> > 
> https://code.foxkit.us/adelie/packages/blob/master/user/valgrind/realloc.patch
> 
> > 
> > But on MIPS, where there are no PC-relative references and everything
> > goes through the GOT, this blows up.
> > 
> > I'm not sure how practical it is to get valgrind to fix this upstream.
> > In the either/or above, if the first course of action is taken, the
> > mechanism should probably be by inserting a breakpoint (or valgrind's
> > equivalent) at the main program's e_entry address and not doing the
> > replacement hack until then. Alternatively, it could just rely on
> > LD_PRELOAD working without trying to do additional tricks, but maybe
> > they have a good reason they're not doing that.
> > 
> > Rich
> 
> I was not aware of this when debugging the crash, but after looking at 
> additional
> debug statements and valgrind code my current understanding is that 
> valgrind
> actually inserts
> 
> LD_PRELOAD="
> /usr/lib/valgrind/vgpreload_core-mips32-linux.so:/usr/lib/valgrind/vgpreload_memcheck-mips32-linux.so"
> 
> into the environment before loading the executable to test.
> (coregrind/m_initimg/initimg-linux.c:123)
> 
> 425:11:32:696 --4757:1:    main Split up command line
> 425:11:32:696 --4757:1:    main (early_) Process Valgrind's command line 
> options
> 425:11:32:696 --4757:1:    main Create initial image
> 425:11:32:712 --4757:1: initimg Loading client
> 425:11:32:712 --4757:1: initimg Setup client env
> 425:11:32:712 --4757:2: initimg   preload_string:
> 425:11:32:728 --4757:2: initimg 
> "/usr/lib/valgrind/vgpreload_core-mips32-linux.so:/usr/lib/valgrind/vgpreload_memcheck-mips32-linux.so"
> 425:11:32:728 --4757:1: initimg Setup client stack: size will be 1048576
> 
> 
> Is my understanding correct that you would expect it to not run into
> the crash I described earlier then?

No, it does something explicitly wrong that causes the crash, and now
I'm starting to remember. What it does is hook the mmap of
vgpreload_memcheck-*.so and activate its redirections as soon as it's
mapped into memory. This activation should instead be moved to e_entry
point time.

BTW you accidentally un-CC'd the list; I bounced the email back on to
reply. Please keep replies on-list so others can follow.

Rich