[Bug 2088460] [NEW] valgrind falsely reports "Invalid read" on ppc64el

Julian Andres Klode 2088460 at bugs.launchpad.net
Mon Nov 18 14:15:38 UTC 2024 

Public bug reported:

valgrind has a problem on ppc64el, similar to when stack clash
protection is enabled on armhf in that a 32 KB buffer on the stack
causes it to generate incorrect "Invalid read of size 8" (16 in Debian):

442s -==46196== Invalid read of size 8
442s -==46196==    at 0x4CDF9B0: ExtractTar::Go(pkgDirStream&) (in /usr/lib/powerpc64le-linux-gnu/libapt-pkg.so.6.0.0)
442s -==46196==    by 0x4D0C823: debDebFile::MemControlExtract::Read(debDebFile&) (in /usr/lib/powerpc64le-linux-gnu/libapt-pkg.so.6.0.0)
442s -==46196==    by 0x1938EB: ??? (in /usr/bin/apt-ftparchive)
442s -==46196==    by 0x19B6FF: ??? (in /usr/bin/apt-ftparchive)
442s -==46196==    by 0x1894D7: ??? (in /usr/bin/apt-ftparchive)
442s -==46196==    by 0x19AA5B: ??? (in /usr/bin/apt-ftparchive)
442s -==46196==    by 0x19B20F: ??? (in /usr/bin/apt-ftparchive)
442s -==46196==    by 0x19549F: ??? (in /usr/bin/apt-ftparchive)
442s -==46196==    by 0x4CCDFA7: CommandLine::DispatchArg(CommandLine::Dispatch const*, bool) (in /usr/lib/powerpc64le-linux-gnu/libapt-pkg.so.6.0.0)
442s -==46196==    by 0x491FD4F: DispatchCommandLine(CommandLine&, std::vector<CommandLine::Dispatch, std::allocator<CommandLine::Dispatch> > const&) (in /usr/lib/powerpc64le-linux-gnu/libapt-private.so.0.0.0)
442s -==46196==    by 0x18762F: ??? (in /usr/bin/apt-ftparchive)
442s -==46196==    by 0x5356C43: (below main) (libc_start_call_main.h:58)
442s -==46196==  Address 0x1fff00d820 is on thread 1's stack
442s -==46196==  336 bytes below stack pointer


This was fixed in APT in

https://salsa.debian.org/apt-
team/apt/-/commit/a5d029ea6474db4f7edf8e9b6d73afd2ae583250

But we have since reached the conclusion in Debian to remove valgrind
for armhf and ppc64el, hence the workaround has been reverted and the
test suite changed to depend on valgrind-if-available.

For Ubuntu, armhf is not affected, and we don't need to patch out the
valgrind binary itself, but we can just drop ppc64el from the valgrind-
if-available architecture list.

** Affects: valgrind (Ubuntu)
     Importance: Undecided
         Status: New

** Affects: valgrind-if-available (Ubuntu)
     Importance: Undecided
         Status: Fix Committed

** Also affects: valgrind-if-available (Ubuntu)
   Importance: Undecided
       Status: New

** Changed in: valgrind-if-available (Ubuntu)
       Status: New => Fix Committed

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to valgrind in Ubuntu.
https://bugs.launchpad.net/bugs/2088460

Title:
  valgrind falsely reports "Invalid read" on ppc64el

Status in valgrind package in Ubuntu:
  New
Status in valgrind-if-available package in Ubuntu:
  Fix Committed

Bug description:
  valgrind has a problem on ppc64el, similar to when stack clash
  protection is enabled on armhf in that a 32 KB buffer on the stack
  causes it to generate incorrect "Invalid read of size 8" (16 in
  Debian):

  442s -==46196== Invalid read of size 8
  442s -==46196==    at 0x4CDF9B0: ExtractTar::Go(pkgDirStream&) (in /usr/lib/powerpc64le-linux-gnu/libapt-pkg.so.6.0.0)
  442s -==46196==    by 0x4D0C823: debDebFile::MemControlExtract::Read(debDebFile&) (in /usr/lib/powerpc64le-linux-gnu/libapt-pkg.so.6.0.0)
  442s -==46196==    by 0x1938EB: ??? (in /usr/bin/apt-ftparchive)
  442s -==46196==    by 0x19B6FF: ??? (in /usr/bin/apt-ftparchive)
  442s -==46196==    by 0x1894D7: ??? (in /usr/bin/apt-ftparchive)
  442s -==46196==    by 0x19AA5B: ??? (in /usr/bin/apt-ftparchive)
  442s -==46196==    by 0x19B20F: ??? (in /usr/bin/apt-ftparchive)
  442s -==46196==    by 0x19549F: ??? (in /usr/bin/apt-ftparchive)
  442s -==46196==    by 0x4CCDFA7: CommandLine::DispatchArg(CommandLine::Dispatch const*, bool) (in /usr/lib/powerpc64le-linux-gnu/libapt-pkg.so.6.0.0)
  442s -==46196==    by 0x491FD4F: DispatchCommandLine(CommandLine&, std::vector<CommandLine::Dispatch, std::allocator<CommandLine::Dispatch> > const&) (in /usr/lib/powerpc64le-linux-gnu/libapt-private.so.0.0.0)
  442s -==46196==    by 0x18762F: ??? (in /usr/bin/apt-ftparchive)
  442s -==46196==    by 0x5356C43: (below main) (libc_start_call_main.h:58)
  442s -==46196==  Address 0x1fff00d820 is on thread 1's stack
  442s -==46196==  336 bytes below stack pointer

  
  This was fixed in APT in

  https://salsa.debian.org/apt-
  team/apt/-/commit/a5d029ea6474db4f7edf8e9b6d73afd2ae583250

  But we have since reached the conclusion in Debian to remove valgrind
  for armhf and ppc64el, hence the workaround has been reverted and the
  test suite changed to depend on valgrind-if-available.

  For Ubuntu, armhf is not affected, and we don't need to patch out the
  valgrind binary itself, but we can just drop ppc64el from the
  valgrind-if-available architecture list.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/valgrind/+bug/2088460/+subscriptions

More information about the foundations-bugs mailing list