[Valgrind-users] [PATCH] enable capget/capset handling for amd64

[Denys V. <dvl...@re...>]

Currently valgrind complains on the following program:

#include <sys/capability.h>
#include <stdio.h>
int main() {
        struct __user_cap_header_struct h;
        struct __user_cap_data_struct d;
        h.version = _LINUX_CAPABILITY_VERSION;
        h.pid = 0;
        capget(&h, &d);
        /* unpatched valgrind complains that we use uninitialized data: */
        printf("effective %x\n", d.effective);
        printf("permitted %x\n", d.permitted);
        printf("inheritable %x\n", d.inheritable);
        return 0;
}

# gcc t.c -lcap
# valgrind ./a.out
==22535== Memcheck, a memory error detector.
==22535== Copyright (C) 2002-2007, and GNU GPL'd, by Julian Seward et al.
==22535== Using LibVEX rev 1804, a library for dynamic binary translation.
==22535== Copyright (C) 2004-2007, and GNU GPL'd, by OpenWorks LLP.
==22535== Using valgrind-3.3.0, a dynamic binary instrumentation framework.
==22535== Copyright (C) 2000-2007, and GNU GPL'd, by Julian Seward et al.
==22535== For more details, rerun with: -v
==22535==
--22535-- WARNING: unhandled syscall: 125
--22535-- You may be able to write your own handler.
--22535-- Read the file README_MISSING_SYSCALL_OR_IOCTL.
--22535-- Nevertheless we consider this a bug.  Please report
--22535-- it at http://valgrind.org/support/bug_reports.html.
==22535== Use of uninitialised value of size 8
==22535==    at 0x3824845E89: _itoa_word (in /lib64/libc-2.8.so)
==22535==    by 0x382484900D: vfprintf (in /lib64/libc-2.8.so)
==22535==    by 0x3824851079: printf (in /lib64/libc-2.8.so)
==22535==    by 0x400640: main (in /root/srcdevel/valgrind/fix/a.out)
==22535==
==22535== Conditional jump or move depends on uninitialised value(s)
==22535==    at 0x3824845E90: _itoa_word (in /lib64/libc-2.8.so)
==22535==    by 0x382484900D: vfprintf (in /lib64/libc-2.8.so)
==22535==    by 0x3824851079: printf (in /lib64/libc-2.8.so)
==22535==    by 0x400640: main (in /root/srcdevel/valgrind/fix/a.out)
==22535==
==22535== Conditional jump or move depends on uninitialised value(s)
==22535==    at 0x382484908E: vfprintf (in /lib64/libc-2.8.so)
==22535==    by 0x3824851079: printf (in /lib64/libc-2.8.so)
==22535==    by 0x400640: main (in /root/srcdevel/valgrind/fix/a.out)
effective 0
==22535==
==22535== Use of uninitialised value of size 8
==22535==    at 0x3824845E89: _itoa_word (in /lib64/libc-2.8.so)
==22535==    by 0x382484900D: vfprintf (in /lib64/libc-2.8.so)
==22535==    by 0x3824851079: printf (in /lib64/libc-2.8.so)
==22535==    by 0x400652: main (in /root/srcdevel/valgrind/fix/a.out)
==22535==
==22535== Conditional jump or move depends on uninitialised value(s)
==22535==    at 0x3824845E90: _itoa_word (in /lib64/libc-2.8.so)
==22535==    by 0x382484900D: vfprintf (in /lib64/libc-2.8.so)
==22535==    by 0x3824851079: printf (in /lib64/libc-2.8.so)
==22535==    by 0x400652: main (in /root/srcdevel/valgrind/fix/a.out)
==22535==
==22535== Conditional jump or move depends on uninitialised value(s)
==22535==    at 0x382484908E: vfprintf (in /lib64/libc-2.8.so)
==22535==    by 0x3824851079: printf (in /lib64/libc-2.8.so)
==22535==    by 0x400652: main (in /root/srcdevel/valgrind/fix/a.out)
permitted 0
...


Attached patch fixes it:

# ./vg-in-place /root/srcdevel/valgrind/fix/a.out
==22602== Memcheck, a memory error detector.
==22602== Copyright (C) 2002-2008, and GNU GPL'd, by Julian Seward et al.
==22602== Using LibVEX rev exported, a library for dynamic binary translation.
==22602== Copyright (C) 2004-2008, and GNU GPL'd, by OpenWorks LLP.
==22602== Using valgrind-3.4.0.SVN, a dynamic binary instrumentation framework.
==22602== Copyright (C) 2000-2008, and GNU GPL'd, by Julian Seward et al.
==22602== For more details, rerun with: -v
==22602==
effective ffffffff
permitted ffffffff
inheritable 0
==22602==
==22602== ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 4 from 1)
==22602== malloc/free: in use at exit: 0 bytes in 0 blocks.
==22602== malloc/free: 0 allocs, 0 frees, 0 bytes allocated.
==22602== For counts of detected errors, rerun with: -v
==22602== All heap blocks were freed -- no leaks are possible.

Please comment or apply.
--
vda


diff -d -urpN valgrind.0/coregrind/m_syswrap/syswrap-amd64-linux.c valgrind.1/coregrind/m_syswrap/syswrap-amd64-linux.c
--- valgrind.0/coregrind/m_syswrap/syswrap-amd64-linux.c	2008-08-22 15:39:54.000000000 +0200
+++ valgrind.1/coregrind/m_syswrap/syswrap-amd64-linux.c	2008-08-22 16:51:47.000000000 +0200
@@ -1165,8 +1165,8 @@ const SyscallTableEntry ML_(syscall_tabl
    LINX_(__NR_setfsgid,          sys_setfsgid),       // 123 
    GENX_(__NR_getsid,            sys_getsid),         // 124 
 
-   // LINXY(__NR_capget,            sys_capget),         // 125 
-   // LINX_(__NR_capset,            sys_capset),         // 126 
+   LINXY(__NR_capget,            sys_capget),         // 125 
+   LINX_(__NR_capset,            sys_capset),         // 126 
    LINXY(__NR_rt_sigpending,     sys_rt_sigpending),  // 127 
    LINXY(__NR_rt_sigtimedwait,   sys_rt_sigtimedwait),// 128 
    LINXY(__NR_rt_sigqueueinfo,   sys_rt_sigqueueinfo),// 129