Add 436413 Warn about realloc of size zero to NEWS

[valgrind.git] / docs / internals / 3_3_BUGSTATUS.txt

---------- Legend --------------------------------------------------

n-i-bz  = not in bugzilla
pending = is scheduled to be fixed (or at least considered) on this branch
wontfix = will not fix on this branch
many    = fix composed of many commits
WF      = waiting for feedback from bug reporter

PRI: 33  = fix this for 3.3.1
     Vfd = fix has been verified on 3.3.X branch

***  definitely fix
###  merge fix to 3.3 branch
???  marginal
NNN  won't fix
Vfd  fix has been verified on 3.3.X branch
Fxd  fixed

---------- Bugs reported after (in) 3.3.1 --------------------------

LOW/MED/HIGH describe impact of bug
HIGH - major loss of functionality, no workaround
MED  - loss of functionality, not critical or workaround possible
LOW  - minor incorrectness, ought-to-fix etc

re Keller vpath bug, don't use attached patch; use Ashley's one
instead (on @dev ?)

disInstr(ppc): unhandled instruction: 0x7C1F42A6
                 primary 31(0x1F), secondary 678(0x2A6)
 "Gupta Richa", users@, 3 Apr 08
 dis_proc_ctl(ppc)(mfspr,SPR)(0x11F)
 (0x7C1F42A6 == mfsprg  r0,7)


BUG#    STAT  TRUNK  WHAT

// not fixed in 3.4.0 -- triaged, but low prio

126255  Wont  pend   vex x86->IR: 0xDF 0x75 (fbstp) (x87 BCD stores)

140939  MED   pend   --track-fds reports leakage of stdout/in/err and
                     doesn't respect -q, w/ patch

149878  LOW   pend   (proper) check for calloc integer overflow
                     (possibly with a viable patch now)

156065  LOW   pend   VALGRIND_MEMPOOL_ALLOC vs. zero-size allocs
                     triggers false "overlapping" error

158042  WF,LOW pend  --db-attach at invalid free() gives broken stack
                     trace on x86_64
                     Can't repro; reported queried

158730  Wont  pend   ppc: illegal opcode crash on instruction fctiwz
                     Not sure this does have anything to do with fctiwz.
                     VEX generates code that doesn't run on e500

159501  MED   pend   incorrect handling of ALSA ioctls
                     (has two patches, looks reasonable)

159659  Wont  pend   scas does not use ES segment selector

159720  Wont  pend   Opcode 0xFF 0x58 0xEB 0x5 unhandled on x86
                     (this is a "lcall" or callf -- far call)
                     (no test case)

160595  Wont  pend   Why my program hang-up when work with valgrind ?
                     (no info so far, probably a threading bug in client)

160872  MED   pend   race errors reported where libpthread.so
                     (might be a problem with pthread_setspecific)

161374  WF,HIGH pend SYS_readdir syscall not implemented
                     will fix if reporter supplies a test case

161609  LOW   pend   Results returned by VG_(get_StackTrace)() do not
                     match its documentation

162020  MED   pend   Valgrinding an empty/zero-byte file crashes valgrind

162229  LOW   pend   VALGRIND_DO_LEAK_CHECK emits false positive

162456  ???   pend   valgrind-3.2.3 on ppc fails
                     problem undetermined (probably close)

162630  Fixd  many   hg_main.c:926 (mk_SHVAL_fail): the 'impossible' happened.

162718  ???   pend   x86: avoid segment selector 0 in sys_set_thread_area()
                     decide if this is a problem or not

163253  ???   pend   canonicaliseSymtab forgot some fields in DiSym
                     is this correct?

163910  LOW   pend   Typo in Helgrind's Documentation

164298  Wont  pend   Valgrind asserts on finitel with long double using
                     gcc-4.3 -- closed as wontfix

164485  MED   pend   VG_N_SEGNAMES and VG_N_SEGMENTS are (still) too small

165417  LOW   pend   helgrind/tests/hg05_race2: VG_(get_data_description)()
                     succeeds on x86 and amd64 but fails on ppc

165468  LOW   pend   Inconsistent formatting in memcheck manual

165598  ???   pend   fixed mmap() regions (via MAP_FIXED) cause various
                     strange failures
                     (I think this should be closed as invalid)

166355  HIGH,WF  pend   unshare syscall not supported (amd64, #272)

167212  ???   pend   Valgrind does not attach to GDB correctly, traceback
                     spits garbage

167483  LOW   pend   __libc_freeres error valgrind with shared libraries with
                     multiple --rpath (w/ repro case)

167640  HIGH,WF pend un-efficient memory management cause segmentation fault
                     w/ test case
                     Can't reproduce

167676  ???   pend   Valgrind loads wrong threading library on Red Hat 9

167700  HIGH,WF pend  vex x86->IR: unhandled instruction bytes: 0xD5 0x36 0x5B
                      0xC3 (aad)

168538  ???   pend   Poor detection of stacks for clone can lead to
                     bad results, w/ patch
                     Looks plausible

169539  WF    pend   mremap fails on specific address on 32-bit memcheck
                     w/ test case
                     (not clear if this is still valid)

169562  MED   pend   memcheck warns on some unaligned bcopy()s
                     w/ test case

169957  LOW   pend   Bad report about stack memory after long jump
                     from signal handler, w/ test case

170510  MED   pend   Don't warn about ioctl of size 0 without
                     direction hint, w/ patch

171627  ???   pend   Valgrind macros change program behavior

175138  WF    pend   aspacem assertion failed: segment_is_sane at
                     m_aspacemgr/aspacemgr-linux.c:1412 (add_segment)

FAQ.html and FAQ.html (Greg Czajknowski, @users, 21 Nov 08)

Better return values from VG_(record_error) (kcc)

%gs register not implemented in amd64 (test prog, 15 Dec)

// not fixed in 3.4.0 -- not triaged

175721 unexpected summarise_context messages
175819 Support for ipv6 socket reporting with --track-fds
175984 LDT is process-shared, not per-thread
175985 missing modify_ldt syscall support on x86_64
176641 The 'impossible' happened (dup of kernel bug)
176926 memcheck floating point exception at valgrind startup with PPC 440EPX
178092 Incomplete stack traces when using makecontext/swapcontext

// 22 Dec 2008


---------- Bugs fixed in 3.4.0 -------------------------------------

n-i-bz  Fixd  8048   Make return types for some of the requests 64-bit clean

n-i-bz  Fixd  8760   glibc 2.9 support

n-i-bz  Fixd  8800   ignore unsafe .valgrindrc's (CVE-2008-4865)

n-i-bz  Fixd   8812  MPI_Init(0,0) is valid but libmpiwrap.c segfaults

n-i-bz  Fixd  ????   Building in an env without gdb gives bogus gdb attach

92456   Fixd  many   Tracing the origin of uninitialised memory

106497  Fixd  ????   Valgrind does not demangles some C++template symbols
162222  Fixd  ????   ==106497

151612  Fixd  8725-7 Suppression with "..." (w/ good patch)

156404  Fixd  8712/3 Unable to start oocalc under memcheck on openSUSE
                     10.3 (64-bit)
159285  Fixd  8736   unhandled syscall:25 (stime, on x86-linux)

159452  Fixd  8734   unhandled ioctl 0x8B01 on "valgrind iwconfig"
                     w/ plausible-looking patch
160954  Fixd  1870,1  ppc build of valgrind crashes with illegal instruction
                     (isel)
                     == 161251

160956  Fixd  7888   mallinfo implementation, w/ patch

162092  Fixd  8729,32  Valgrind fails to start gnome-system-monitor

162819  ???   8285/6 malloc_free_fill test doesn't pass on glibc2.8 x86
                     need to look at this
163794  Fixd  8228   assertion failure with "--track-origins=yes"

163933  Fixd  8229   sigcontext.err and .trapno must be set together

163955  Fixd  8722   remove pointless constraint !(--db-attach=yes &&
                     --trace-children=yes)

164476  Fixd  8263,6 Missing kernel module loading system calls

164669  Fixd  r8747  SVN regression: mmap() drops posix file locks

166581  Fixd  8704   Callgrind output corruption when program forks

167288  Fixd  8731   Patch file for missing system calls on Cell BE

168943  Fixd  vx1872 unsupported scas instruction pentium

171645  Fixd  vx1869 Unrecognised instruction (MOVSD, non-binutils
                     encoding)

172417  Fixd  vx1867 x86->IR: 0x82 ...

172563  Fixd  vx???? amd64->IR: 0xD9 0xF5  -  fprem1

173099  Fixd  8758   .lds linker script generation error

173177  Fixd  8720   [x86_64] WARNING: unhandled syscall: 125/126/179
                     (capget/capset/quotactl)

173751  Fixd  vx1876 amd64->IR: 0x48 0xF 0x6F 0x45
                     (even more redundant prefixes)

174532  WF    DUP    amd64->IR: 0x48 0xF 0xED 0x0 
              == 173751

174908  Fixd  8774   --log-file value not expanded correctly for core file

175044  Fixd  8769   Add lookup_dcookie for amd64

175150  Fixd  vx1873 x86->IR: 0xF2 0xF 0x11 0xC1 (movss xmm1, xmm0)
                     non-binutils encoding


---------- Bugs fixed in 3.3.1 -------------------------------------

/////////////////////////////////////////////////////////////////
//
// Changes in 3.3.1 only below here

r1816 (x86 CondNS after SUBB)
r1817 (amd64 CondNS after SUBB)
r1833 (both, CondNZ after SUBW)
merged; 1847

r7795 (handle r-x mapped .bss sections - merge to trunk)


TRUNK   33BRANCH  PRI    BUG#  WHAT

r8058   r8059     Vfd  n-i-bz  Massif segfaults at exit

vx1832  vx1839    Vfd  n-i-bz  Memcheck asserts on Altivec code

r7299   r8081     Mgd  n-i-bz  fix sizeof bug in Helgrind
r7322   r8073     Mgd  n-i-bz  check fd on sys_llseek
r7323   r8082     Mgd  n-i-bz  update syscall lists to kernel 2.6.23.1
r7324   r8076     Mgd  n-i-bz  support sys_sync_file_range

r7334   r8078     Mgd  n-i-bz  handle sys_sysinfo, sys_getresuid,
                               sys_getresgid on ppc64-linux

r7350   r8080     Mgd  n-i-bz  intercept memcpy in 64-bit ld.so's

r8047   r8148     Mgd  n-i-bz  Fix wrappers for sys_{futimesat,utimensat}


vx1836/7 vx1845   Vfd  126389  vex x86->IR: 0xF 0xAE (FXRSTOR)
                       == 158525

vx1838  vx1846    Vfd  152818  vex x86->IR: 0xF3 0xAC (repz lodsb) 

vx1834  vx1843    Vfd  153196  vex x86->IR: 0xF2 0xA6 (repnz cmpsb) 

vx1807  vx1840    Mgd  155011  vex x86->IR: 0xCF (iret)

r7347   r8085     Mgd  155091  Warning [...] unhandled DW_OP_ opcode 0x23
                       ==156960

vx1808/9/10,r7384/5/7/9
        vx1841,r8056
                  Vfd  155528  support Core2/SSSE3 insns on x86/amd64

r7355   r7356     Mgd  155929  ms_print fails on massif outputs 
                               containing long lines

r7399   r8083     Mgd  157665  valgrind fails on shmdt(0) after shmat to 0

vx1835  vx1844    Vfd  157748  support x86 PUSHFW/POPFW

r7454   r8084     Mgd  158212  hg: handle pthread_rwlock_try{rd,wr}lock.

r8049   r8086     Vfd  158425  sys_poll incorrectly emulated when RES==0

vx1848  vx1849    Vfd  158744  vex amd64->IR: 0xF0 0x41 0xF 0xC0 (xaddb)

r7917,8051 OR r7942,r7983,r8051
        r8148     Mgd  160907  Support for a couple of recent Linux syscalls

r7917   r8148     Mgd  161285  Patch -- support for eventfd() syscall

vx1826  vx1842    Vfd  161378  illegal opcode in debug libm (FUCOMPP)
                       == 160136

r8065/8 r8069     Mgd  161487  number of suppressions files is limited to 10

r7361   r7362     Mgd  162386  ms_print typo in milliseconds time unit for
                               massif

r7895   r8063     Mgd  161036  exp-drd: client allocated memory was never freed

r8092   r8143     Mgd  n-i-bz  libmpiwrap.c: add a wrapper for MPI_Waitany

r8140   r8145     Mgd  n-i-bz  helgrind support for glibc-2.8

r8144   r8146     Vfd  n-i-bz  partial fix for mc_leakcheck.c:698 assert:
                               'lc_shadows[i]->data + lc_shadows[i] ...

various r8148     Mgd  162663  signalfd_wrapper fails on 64bit linux

r8154   r8155     Mgd  n-i-bz  Massif/Cachegrind output corruption when
                               programs fork

vx1853  vx1854     33  n-i-bz  regalloc: don't incorrectly omit spill stores