|
From: Logan G. <log...@gm...> - 2006-01-12 04:27:06
|
I'm not sure if this helps or not but I saw the large range 4294960294
before I wrote the ioctl wrappers. The ioctl wrappers do not actually
use the POST/PRE MEM_WRITE -- the ioctl's
do not actually use (read from or write to) the third param.
The real ioctl's are:
#define XX_IOCTL_1 _IO (0xE7, 0x00)
#define XX_IOCTL_2 _IO (0xE7, 0x01)
#define XX_IOCTL_3 _IO (0xE7, 0x06)
#define XX_IOCTL_4 _IO (0xE7, 0x07)
.... and so on.
The code I added was in:
coregrind/m_syswrap/syswrap-generic.c:
#define VKI_XX_IOCTL_1 _VKI_IO(0xE7, 0x00)
#define VKI_XX_IOCTL_2 _VKI_IO(0xE7, 0x01)
#define VKI_XX_IOCTL_3 _VKI_IO(0xE7, 0x06)
#define VKI_XX_IOCTL_4 _VKI_IO(0xE7, 0x07)
PRE(sys_ioctl)
{
....
switch (ARG2 /* request */) {
case VKI_XX_IOCTL_1:
case VKI_XX_IOCTL_2:
case VKI_XX_IOCTL_3:
case VKI_XX_IOCTL_4:
break;
....
}
However I (just now) noticed that in my haste to leave the office at a
decent hour (before 9pm) I forgot to add cases to POST(sys_ioctl).
Would this still be an issue --- even knowing that the ioctl's do not
read from or write to the third param?
On 1/11/06, Julian Seward <js...@ac...> wrote:
>
> > Memcheck: the 'impossible' happened:
> > create_MAC_Chunk: shadow area is accessible
> > =3D=3D1929=3D=3D at 0x70014FFC: report_and_quit (m_libcassert.c:136)
> > =3D=3D1929=3D=3D by 0x700152E0: panic (m_libcassert.c:209)
>
> is probably a side-effect of
>
> > =3D=3D1953=3D=3D Warning: set address range perms: large range 42949602=
94, a 0, v 0
> > =3D=3D1951=3D=3D Warning: set address range perms: large range 42949602=
94, a 0, v 0
>
> For some reason, valgrind is being told to mark almost the entirety
> of the process' address space as accessible. One place where address
> space permissions are changed is in syscall wrappers.
>
> Note that 4294960294 differs from 2^32 by just 7002 (iow, it's
> (unsigned int)(-7002))). Is it possible that your ioctl wrappers have
> some signedness error which is causing -7002 rather than 7002 to
> be passed as a length in POST_MEM_WRITE (not sure of the name) or similar
> macros in your ioctl wrappers?
>
> J
>
--
Thanks;
Logan Gabriel.
|