|
From: <sv...@va...> - 2012-10-23 21:39:01
|
philippe 2012-10-23 22:38:52 +0100 (Tue, 23 Oct 2012)
New Revision: 13082
Log:
fix 123837 semctl system call: 4rth argument is optional, depending on cmd
Depending on the semctl command (arg3), arg4 might or might not be needed.
The PRE(sys_ipc) multiplexed syscall for semctl was always checking
all 4 args.
The fix consists in dereferencing the 4th arg (which in sys_ipc is ARG5)
only if the semctl syscall cmd implies 4 arguments.
This avoids the false positive on linux x86.
Note that PRE(sys_ipc) is still too simplistic as it assumes
that 6 args are always read, which is not the case.
This seems to cause false positive on mips:
memcheck on none/tests/sem gives:
Syscall param ipc(fifth) contains uninitialised byte(s)
It would be nice to implement the multiplexed PRE(sys_ipc) by
calling the PRE(sys_xxxx) similar PRE, depending on ARG1 of sys_ipc.
This would then avoid the simplistic PRE(sys_ipc) logic without duplicating
the logic in PRE(sys_semctl) (and all other sys_ipc multiplexed syscalls).
However, I found no easy way to do that.
With the current fix, some logic about semctl is partially duplicated between
the PRE(sys_ipc) (for platforms such as x86 having a multiplexed sys call)
and PRE(sys_semctl) (for platforms such as amd64, having a direct sys call)
to fix the false positive encountered on x86.
Modified files:
trunk/NEWS
trunk/coregrind/m_syswrap/syswrap-linux.c
Modified: trunk/coregrind/m_syswrap/syswrap-linux.c (+27 -2)
===================================================================
--- trunk/coregrind/m_syswrap/syswrap-linux.c 2012-10-23 19:03:28 +01:00 (rev 13081)
+++ trunk/coregrind/m_syswrap/syswrap-linux.c 2012-10-23 22:38:52 +01:00 (rev 13082)
@@ -3301,6 +3301,23 @@
return *a_p;
}
+Bool semctl_cmd_has_4args (UWord cmd)
+{
+ switch (cmd & ~VKI_IPC_64)
+ {
+ case VKI_IPC_INFO:
+ case VKI_SEM_INFO:
+ case VKI_IPC_STAT:
+ case VKI_SEM_STAT:
+ case VKI_IPC_SET:
+ case VKI_GETALL:
+ case VKI_SETALL:
+ return True;
+ default:
+ return False;
+ }
+}
+
PRE(sys_ipc)
{
PRINT("sys_ipc ( %ld, %ld, %ld, %ld, %#lx, %ld )",
@@ -3319,7 +3336,11 @@
break;
case VKI_SEMCTL:
{
- UWord arg = deref_Addr( tid, ARG5, "semctl(arg)" );
+ UWord arg;
+ if (semctl_cmd_has_4args(ARG4))
+ arg = deref_Addr( tid, ARG5, "semctl(arg)" );
+ else
+ arg = 0;
ML_(generic_PRE_sys_semctl)( tid, ARG2, ARG3, ARG4, arg );
break;
}
@@ -3391,7 +3412,11 @@
break;
case VKI_SEMCTL:
{
- UWord arg = deref_Addr( tid, ARG5, "semctl(arg)" );
+ UWord arg;
+ if (semctl_cmd_has_4args(ARG4))
+ arg = deref_Addr( tid, ARG5, "semctl(arg)" );
+ else
+ arg = 0;
ML_(generic_POST_sys_semctl)( tid, RES, ARG2, ARG3, ARG4, arg );
break;
}
Modified: trunk/NEWS (+1 -0)
===================================================================
--- trunk/NEWS 2012-10-23 19:03:28 +01:00 (rev 13081)
+++ trunk/NEWS 2012-10-23 22:38:52 +01:00 (rev 13082)
@@ -29,6 +29,7 @@
[381] = fixed in trunk and in 3_8_BRANCH, for 3.8.1
[382] = fixed in trunk and needs to be made available for 3.8.2 too
+123837 [390] semctl system call: 4rth argument is optional, depending on cmd
252955 [390] Impossible to compile with ccache
274695 [390] s390x: Support "compare to/from logical" instructions (z196)
275800 [390] s390x: Add support for the ecag instruction (part 1)
|