You can subscribe to this list here.
2002 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
(1) |
Oct
(122) |
Nov
(152) |
Dec
(69) |
---|---|---|---|---|---|---|---|---|---|---|---|---|
2003 |
Jan
(6) |
Feb
(25) |
Mar
(73) |
Apr
(82) |
May
(24) |
Jun
(25) |
Jul
(10) |
Aug
(11) |
Sep
(10) |
Oct
(54) |
Nov
(203) |
Dec
(182) |
2004 |
Jan
(307) |
Feb
(305) |
Mar
(430) |
Apr
(312) |
May
(187) |
Jun
(342) |
Jul
(487) |
Aug
(637) |
Sep
(336) |
Oct
(373) |
Nov
(441) |
Dec
(210) |
2005 |
Jan
(385) |
Feb
(480) |
Mar
(636) |
Apr
(544) |
May
(679) |
Jun
(625) |
Jul
(810) |
Aug
(838) |
Sep
(634) |
Oct
(521) |
Nov
(965) |
Dec
(543) |
2006 |
Jan
(494) |
Feb
(431) |
Mar
(546) |
Apr
(411) |
May
(406) |
Jun
(322) |
Jul
(256) |
Aug
(401) |
Sep
(345) |
Oct
(542) |
Nov
(308) |
Dec
(481) |
2007 |
Jan
(427) |
Feb
(326) |
Mar
(367) |
Apr
(255) |
May
(244) |
Jun
(204) |
Jul
(223) |
Aug
(231) |
Sep
(354) |
Oct
(374) |
Nov
(497) |
Dec
(362) |
2008 |
Jan
(322) |
Feb
(482) |
Mar
(658) |
Apr
(422) |
May
(476) |
Jun
(396) |
Jul
(455) |
Aug
(267) |
Sep
(280) |
Oct
(253) |
Nov
(232) |
Dec
(304) |
2009 |
Jan
(486) |
Feb
(470) |
Mar
(458) |
Apr
(423) |
May
(696) |
Jun
(461) |
Jul
(551) |
Aug
(575) |
Sep
(134) |
Oct
(110) |
Nov
(157) |
Dec
(102) |
2010 |
Jan
(226) |
Feb
(86) |
Mar
(147) |
Apr
(117) |
May
(107) |
Jun
(203) |
Jul
(193) |
Aug
(238) |
Sep
(300) |
Oct
(246) |
Nov
(23) |
Dec
(75) |
2011 |
Jan
(133) |
Feb
(195) |
Mar
(315) |
Apr
(200) |
May
(267) |
Jun
(293) |
Jul
(353) |
Aug
(237) |
Sep
(278) |
Oct
(611) |
Nov
(274) |
Dec
(260) |
2012 |
Jan
(303) |
Feb
(391) |
Mar
(417) |
Apr
(441) |
May
(488) |
Jun
(655) |
Jul
(590) |
Aug
(610) |
Sep
(526) |
Oct
(478) |
Nov
(359) |
Dec
(372) |
2013 |
Jan
(467) |
Feb
(226) |
Mar
(391) |
Apr
(281) |
May
(299) |
Jun
(252) |
Jul
(311) |
Aug
(352) |
Sep
(481) |
Oct
(571) |
Nov
(222) |
Dec
(231) |
2014 |
Jan
(185) |
Feb
(329) |
Mar
(245) |
Apr
(238) |
May
(281) |
Jun
(399) |
Jul
(382) |
Aug
(500) |
Sep
(579) |
Oct
(435) |
Nov
(487) |
Dec
(256) |
2015 |
Jan
(338) |
Feb
(357) |
Mar
(330) |
Apr
(294) |
May
(191) |
Jun
(108) |
Jul
(142) |
Aug
(261) |
Sep
(190) |
Oct
(54) |
Nov
(83) |
Dec
(22) |
2016 |
Jan
(49) |
Feb
(89) |
Mar
(33) |
Apr
(50) |
May
(27) |
Jun
(34) |
Jul
(53) |
Aug
(53) |
Sep
(98) |
Oct
(206) |
Nov
(93) |
Dec
(53) |
2017 |
Jan
(65) |
Feb
(82) |
Mar
(102) |
Apr
(86) |
May
(187) |
Jun
(67) |
Jul
(23) |
Aug
(93) |
Sep
(65) |
Oct
(45) |
Nov
(35) |
Dec
(17) |
2018 |
Jan
(26) |
Feb
(35) |
Mar
(38) |
Apr
(32) |
May
(8) |
Jun
(43) |
Jul
(27) |
Aug
(30) |
Sep
(43) |
Oct
(42) |
Nov
(38) |
Dec
(67) |
2019 |
Jan
(32) |
Feb
(37) |
Mar
(53) |
Apr
(64) |
May
(49) |
Jun
(18) |
Jul
(14) |
Aug
(53) |
Sep
(25) |
Oct
(30) |
Nov
(49) |
Dec
(31) |
2020 |
Jan
(87) |
Feb
(45) |
Mar
(37) |
Apr
(51) |
May
(99) |
Jun
(36) |
Jul
(11) |
Aug
(14) |
Sep
(20) |
Oct
(24) |
Nov
(40) |
Dec
(23) |
2021 |
Jan
(14) |
Feb
(53) |
Mar
(85) |
Apr
(15) |
May
(19) |
Jun
(3) |
Jul
(14) |
Aug
(1) |
Sep
(57) |
Oct
(73) |
Nov
(56) |
Dec
(22) |
2022 |
Jan
(3) |
Feb
(22) |
Mar
(6) |
Apr
(55) |
May
(46) |
Jun
(39) |
Jul
(15) |
Aug
(9) |
Sep
(11) |
Oct
(34) |
Nov
(20) |
Dec
(36) |
2023 |
Jan
(79) |
Feb
(41) |
Mar
(99) |
Apr
(169) |
May
(48) |
Jun
(16) |
Jul
(16) |
Aug
(57) |
Sep
(83) |
Oct
(89) |
Nov
(97) |
Dec
(30) |
2024 |
Jan
(25) |
Feb
(73) |
Mar
(76) |
Apr
(122) |
May
(46) |
Jun
(44) |
Jul
(27) |
Aug
(30) |
Sep
(33) |
Oct
(67) |
Nov
(91) |
Dec
(70) |
2025 |
Jan
(44) |
Feb
(36) |
Mar
(85) |
Apr
(100) |
May
(138) |
Jun
(55) |
Jul
(107) |
Aug
(92) |
Sep
|
Oct
|
Nov
|
Dec
|
From: Paul F. <pa...@so...> - 2025-08-31 06:22:06
|
https://sourceware.org/cgit/valgrind/commit/?id=5f753c39ea6285fec27cc68cbaf6a629c5051f23 commit 5f753c39ea6285fec27cc68cbaf6a629c5051f23 Author: Paul Floyd <pj...@wa...> Date: Sun Aug 31 08:21:23 2025 +0200 Bug 507866 - fanotify_mark dirfd isn't checked Diff: --- NEWS | 1 + coregrind/m_syswrap/syswrap-linux.c | 5 +++-- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/NEWS b/NEWS index b1f4d8d11a..d9ac8bdcb8 100644 --- a/NEWS +++ b/NEWS @@ -76,6 +76,7 @@ are not entered into bugzilla tend to get forgotten about or ignored. 507720 Review syscalls returning file descriptors (other platforms) 507721 Wire up illumos and Solaris mallinfo 507853 faccessat and faccessat2 should handle AT_FDCWD and absolute paths +507866 fanotify_mark dirfd isn't checked 507868 futimesat doesn't handle AT_FDCWD 507869 Various at syscalls don't check dirfd argument 507873 Make fchmodat and fchmodat2 syscall wrappers accept AT_FDCWD diff --git a/coregrind/m_syswrap/syswrap-linux.c b/coregrind/m_syswrap/syswrap-linux.c index 785031c108..a511ccfe21 100644 --- a/coregrind/m_syswrap/syswrap-linux.c +++ b/coregrind/m_syswrap/syswrap-linux.c @@ -2862,11 +2862,12 @@ PRE(sys_fanotify_mark) int, dfd, const char *, pathname); if (ARG5) PRE_MEM_RASCIIZ( "fanotify_mark(path)", ARG5); - if ( !ML_(fd_allowed)(SARG1, "fanotify_mark", tid, False) ) - SET_STATUS_Failure( VKI_EBADF ); #else # error Unexpected word size #endif + if ( !ML_(fd_allowed)(SARG1, "fanotify_mark[fanotify_fd]", tid, False) ) + SET_STATUS_Failure( VKI_EBADF ); + ML_(fd_at_check_allowed)(SARG4, (const HChar*)ARG5, "mkdirat[firfd]", tid, status); } /* --------------------------------------------------------------------- |
From: Paul F. <pa...@so...> - 2025-08-31 06:03:46
|
https://sourceware.org/cgit/valgrind/commit/?id=d2dc973f136d2c66e8320bd871a9acf832605662 commit d2dc973f136d2c66e8320bd871a9acf832605662 Author: Paul Floyd <pj...@wa...> Date: Sun Aug 31 08:02:00 2025 +0200 illumos syscalls: refactor *at directory fd checks Mainly to reduyce the amount of copied and pasted code. Slight improvements to messages to syscalls that have two directory fds. Diff: --- coregrind/m_syswrap/syswrap-solaris.c | 101 +++++---------------------- memcheck/tests/solaris/syscall_at.stderr.exp | 8 +-- 2 files changed, 21 insertions(+), 88 deletions(-) diff --git a/coregrind/m_syswrap/syswrap-solaris.c b/coregrind/m_syswrap/syswrap-solaris.c index f620e85bd7..a4f243f8ad 100644 --- a/coregrind/m_syswrap/syswrap-solaris.c +++ b/coregrind/m_syswrap/syswrap-solaris.c @@ -1812,18 +1812,8 @@ PRE(sys_linkat) PRE_MEM_RASCIIZ("linkat(path2)", ARG4); /* Be strict but ignore fd1/fd2 for absolute path1/path2. */ - if (fd1 != VKI_AT_FDCWD - && ML_(safe_to_deref)((void *) ARG2, 1) - && ((HChar *) ARG2)[0] != '/' - && !ML_(fd_allowed)(fd1, "linkat", tid, False)) { - SET_STATUS_Failure(VKI_EBADF); - } - if (fd2 != VKI_AT_FDCWD - && ML_(safe_to_deref)((void *) ARG4, 1) - && ((HChar *) ARG4)[0] != '/' - && !ML_(fd_allowed)(fd2, "linkat", tid, False)) { - SET_STATUS_Failure(VKI_EBADF); - } + ML_(fd_at_check_allowed)(fd1, (const HChar*)ARG2, "linkat(efd)", tid, status); + ML_(fd_at_check_allowed)(fd2, (const HChar*)ARG4, "linkat(nfd)", tid, status); *flags |= SfMayBlock; } @@ -1844,11 +1834,7 @@ PRE(sys_symlinkat) PRE_MEM_RASCIIZ("symlinkat(path2)", ARG3); /* Be strict but ignore fd for absolute path2. */ - if (fd != VKI_AT_FDCWD - && ML_(safe_to_deref)((void *) ARG3, 1) - && ((HChar *) ARG3)[0] != '/' - && !ML_(fd_allowed)(fd, "symlinkat", tid, False)) - SET_STATUS_Failure(VKI_EBADF); + ML_(fd_at_check_allowed)(fd, (const HChar*)ARG3, "symlinkat", tid, status); *flags |= SfMayBlock; } @@ -2323,11 +2309,7 @@ PRE(sys_readlinkat) PRE_MEM_WRITE("readlinkat(buf)", ARG3, ARG4); /* Be strict but ignore dfd for absolute path. */ - if (dfd != VKI_AT_FDCWD - && ML_(safe_to_deref)((void *) ARG2, 1) - && ((HChar *) ARG2)[0] != '/' - && !ML_(fd_allowed)(dfd, "readlinkat", tid, False)) - SET_STATUS_Failure(VKI_EBADF); + ML_(fd_at_check_allowed)(dfd, (const HChar*)ARG2, "readlinkat", tid, status); /* Handle the case where readlinkat is looking at /proc/self/path/a.out or /proc/<pid>/path/a.out. */ @@ -2386,11 +2368,7 @@ PRE(sys_frealpathat) PRE_MEM_WRITE("frealpathat(buf)", ARG3, ARG4); /* Be strict but ignore fd for absolute path. */ - if (fd != VKI_AT_FDCWD - && ML_(safe_to_deref)((void *) ARG2, 1) - && ((HChar *) ARG2)[0] != '/' - && !ML_(fd_allowed)(fd, "frealpathat", tid, False)) - SET_STATUS_Failure(VKI_EBADF); + ML_(fd_at_check_allowed)(fd, (const HChar*)ARG2, "frealpathat", tid, status); } POST(sys_frealpathat) @@ -2529,11 +2507,7 @@ PRE(sys_faccessat) PRE_MEM_RASCIIZ("faccessat(path)", ARG2); /* Be strict but ignore fd for absolute path. */ - if (fd != VKI_AT_FDCWD - && ML_(safe_to_deref)((void *) ARG2, 1) - && ((HChar *) ARG2)[0] != '/' - && !ML_(fd_allowed)(fd, "faccessat", tid, False)) - SET_STATUS_Failure(VKI_EBADF); + ML_(fd_at_check_allowed)(fd, (const HChar*)ARG2, "faccessat", tid, status); } PRE(sys_mknodat) @@ -2551,11 +2525,7 @@ PRE(sys_mknodat) PRE_MEM_RASCIIZ("mknodat(fname)", ARG2); /* Be strict but ignore fd for absolute path. */ - if (fd != VKI_AT_FDCWD - && ML_(safe_to_deref)((void *) ARG2, 1) - && ((HChar *) ARG2)[0] != '/' - && !ML_(fd_allowed)(fd, "mknodat", tid, False)) - SET_STATUS_Failure(VKI_EBADF); + ML_(fd_at_check_allowed)(fd, (const HChar*)ARG2, "mknodat", tid, status); *flags |= SfMayBlock; } @@ -3593,11 +3563,7 @@ PRE(sys_fchownat) PRE_MEM_RASCIIZ("fchownat(path)", ARG2); /* Be strict but ignore fd for absolute path. */ - if (fd != VKI_AT_FDCWD - && ML_(safe_to_deref)((void *) ARG2, 1) - && ((HChar *) ARG2)[0] != '/' - && !ML_(fd_allowed)(fd, "fchownat", tid, False)) - SET_STATUS_Failure(VKI_EBADF); + ML_(fd_at_check_allowed)(fd, (const HChar*)ARG2, "fchownat", tid, status); } PRE(sys_fdsync) @@ -4141,18 +4107,8 @@ PRE(sys_renameat) PRE_MEM_RASCIIZ("renameat(new)", ARG4); /* Be strict but ignore fromfd/tofd for absolute old/new. */ - if (fromfd != VKI_AT_FDCWD - && ML_(safe_to_deref)((void *) ARG2, 1) - && ((HChar *) ARG2)[0] != '/' - && !ML_(fd_allowed)(fromfd, "renameat", tid, False)) { - SET_STATUS_Failure(VKI_EBADF); - } - if (tofd != VKI_AT_FDCWD - && ML_(safe_to_deref)((void *) ARG4, 1) - && ((HChar *) ARG4)[0] != '/' - && !ML_(fd_allowed)(tofd, "renameat", tid, False)) { - SET_STATUS_Failure(VKI_EBADF); - } + ML_(fd_at_check_allowed)(fromfd, (const HChar*)ARG2, "renameat(fromfd)", tid, status); + ML_(fd_at_check_allowed)(tofd, (const HChar*)ARG4, "renameat(tofd)", tid, status); } PRE(sys_unlinkat) @@ -4171,11 +4127,7 @@ PRE(sys_unlinkat) PRE_MEM_RASCIIZ("unlinkat(pathname)", ARG2); /* Be strict but ignore dfd for absolute pathname. */ - if (dfd != VKI_AT_FDCWD - && ML_(safe_to_deref)((void *) ARG2, 1) - && ((HChar *) ARG2)[0] != '/' - && !ML_(fd_allowed)(dfd, "unlinkat", tid, False)) - SET_STATUS_Failure(VKI_EBADF); + ML_(fd_at_check_allowed)(dfd, (const HChar*)ARG2, "unlinkat", tid, status); } PRE(sys_fstatat) @@ -4199,11 +4151,7 @@ PRE(sys_fstatat) PRE_MEM_WRITE("fstatat(buf)", ARG3, sizeof(struct vki_stat)); /* Be strict but ignore fildes for absolute path. */ - if (fd != VKI_AT_FDCWD - && ML_(safe_to_deref)((void *) ARG2, 1) - && ((HChar *) ARG2)[0] != '/' - && !ML_(fd_allowed)(fd, "fstatat", tid, False)) - SET_STATUS_Failure(VKI_EBADF); + ML_(fd_at_check_allowed)(fd, (const HChar*)ARG2, "fstatat", tid, status); } POST(sys_fstatat) @@ -4237,6 +4185,7 @@ PRE(sys_openat) PRE_MEM_RASCIIZ("openat(filename)", ARG2); + // @todo PJF use ML_(fd_at_check) and not return early here /* Be strict but ignore fildes for absolute pathname. */ if (fd != VKI_AT_FDCWD && ML_(safe_to_deref)((void *) ARG2, 1) @@ -5055,11 +5004,7 @@ PRE(sys_fchmodat) PRE_MEM_RASCIIZ("fchmodat(path)", ARG2); /* Be strict but ignore fd for absolute path. */ - if (fd != VKI_AT_FDCWD - && ML_(safe_to_deref)((void *) ARG2, 1) - && ((HChar *) ARG2)[0] != '/' - && !ML_(fd_allowed)(fd, "fchmodat", tid, False)) - SET_STATUS_Failure(VKI_EBADF); + ML_(fd_at_check_allowed)(fd, (const HChar*)ARG2, "fchmodat", tid, status); } PRE(sys_mkdirat) @@ -5077,11 +5022,7 @@ PRE(sys_mkdirat) PRE_MEM_RASCIIZ("mkdirat(path)", ARG2); /* Be strict but ignore fd for absolute path. */ - if (fd != VKI_AT_FDCWD - && ML_(safe_to_deref)((void *) ARG2, 1) - && ((HChar *) ARG2)[0] != '/' - && !ML_(fd_allowed)(fd, "mkdirat", tid, False)) - SET_STATUS_Failure(VKI_EBADF); + ML_(fd_at_check_allowed)(fd, (const HChar*)ARG2, "mkdirat", tid, status); } static void do_statvfs_post(struct vki_statvfs *stats, ThreadId tid) @@ -5273,11 +5214,7 @@ PRE(sys_utimesys) PRE_MEM_READ("utimesys(times)", ARG4, 2 * sizeof(vki_timespec_t)); /* Be strict but ignore fd for absolute path. */ - if (fd != VKI_AT_FDCWD - && ML_(safe_to_deref)((void *) ARG3, 1) - && ((HChar *) ARG3)[0] != '/' - && !ML_(fd_allowed)(fd, "utimesys", tid, False)) - SET_STATUS_Failure(VKI_EBADF); + ML_(fd_at_check_allowed)(fd, (const HChar*)ARG3, "utimesys", tid, status); break; } default: @@ -5309,11 +5246,7 @@ PRE(sys_utimensat) PRE_MEM_READ("utimensat(times)", ARG3, 2 * sizeof(vki_timespec_t)); /* Be strict but ignore fd for absolute path. */ - if (fd != VKI_AT_FDCWD - && ML_(safe_to_deref)((void *) ARG2, 1) - && ((HChar *) ARG2)[0] != '/' - && !ML_(fd_allowed)(fd, "utimensat", tid, False)) - SET_STATUS_Failure(VKI_EBADF); + ML_(fd_at_check_allowed)(fd, (const HChar*)ARG2, "utimensat", tid, status); } #endif /* SOLARIS_UTIMENSAT_SYSCALL */ diff --git a/memcheck/tests/solaris/syscall_at.stderr.exp b/memcheck/tests/solaris/syscall_at.stderr.exp index b49fda289f..59815bfa98 100644 --- a/memcheck/tests/solaris/syscall_at.stderr.exp +++ b/memcheck/tests/solaris/syscall_at.stderr.exp @@ -1,12 +1,12 @@ -Warning: invalid file descriptor 159879507 in syscall linkat() -Warning: invalid file descriptor 159879508 in syscall linkat() +Warning: invalid file descriptor 159879507 in syscall linkat(efd)() +Warning: invalid file descriptor 159879508 in syscall linkat(nfd)() Warning: invalid file descriptor 646349138 in syscall symlinkat() Warning: invalid file descriptor 70680914 in syscall readlinkat() Warning: invalid file descriptor 68362578 in syscall faccessat() Warning: invalid file descriptor 70685266 in syscall fchownat() -Warning: invalid file descriptor 70717779 in syscall renameat() -Warning: invalid file descriptor 70717780 in syscall renameat() +Warning: invalid file descriptor 70717779 in syscall renameat(fromfd)() +Warning: invalid file descriptor 70717780 in syscall renameat(tofd)() Warning: invalid file descriptor 123765074 in syscall unlinkat() Warning: invalid file descriptor 1112625490 in syscall fstatat() Warning: invalid file descriptor 151224658 in syscall openat() |
From: Paul F. <pa...@so...> - 2025-08-30 20:09:20
|
https://sourceware.org/cgit/valgrind/commit/?id=66ab1212649a9e4f2a3bdce187ef8cfc44da7b10 commit 66ab1212649a9e4f2a3bdce187ef8cfc44da7b10 Author: Paul Floyd <pj...@wa...> Date: Sat Aug 30 22:05:12 2025 +0200 FreeBSD realpathat syscall: fix length of written memory and add a testcase There were no tests for /proc/currrproc/file and the length written in post was out by one Diff: --- .gitignore | 1 + coregrind/m_syswrap/syswrap-freebsd.c | 52 ++++++++++------------------ none/tests/freebsd/Makefile.am | 6 +++- none/tests/freebsd/readlinkat2.cpp | 57 +++++++++++++++++++++++++++++++ none/tests/freebsd/readlinkat2.stderr.exp | 0 none/tests/freebsd/readlinkat2.vgtest | 4 +++ 6 files changed, 85 insertions(+), 35 deletions(-) diff --git a/.gitignore b/.gitignore index 80924f997c..4eb477c089 100644 --- a/.gitignore +++ b/.gitignore @@ -2331,6 +2331,7 @@ none/tests/freebsd/bug499212 /none/tests/freebsd/osrel /none/tests/freebsd/readlinkat +/none/tests/freebsd/readlinkat2 /none/tests/freebsd/swapcontext /none/tests/freebsd/fexecve /none/tests/freebsd/hello_world diff --git a/coregrind/m_syswrap/syswrap-freebsd.c b/coregrind/m_syswrap/syswrap-freebsd.c index 1a3bbe2143..6679e58fb5 100644 --- a/coregrind/m_syswrap/syswrap-freebsd.c +++ b/coregrind/m_syswrap/syswrap-freebsd.c @@ -1183,7 +1183,8 @@ PRE(sys_revoke) // SYS_symlink 57 // generic -static void do_readlink(const HChar* path, HChar *buf, SizeT bufsize, SyscallStatus* status, Bool* curproc_file) +// returns whether caller needs to set SfMayBlock in flags +static Bool do_readlink(const HChar* path, HChar *buf, SizeT bufsize, SyscallStatus* status) { HChar name[30]; VG_(sprintf)(name, "/proc/%d/file", VG_(getpid)()); @@ -1191,43 +1192,32 @@ static void do_readlink(const HChar* path, HChar *buf, SizeT bufsize, SyscallSta && (VG_(strcmp)(path, name) == 0 || VG_(strcmp)(path, "/proc/curproc/file") == 0)) { vg_assert(VG_(resolved_exename)); - Int len = VG_(snprintf)(buf, bufsize, "%s", VG_(resolved_exename)); + Int len = VG_(snprintf)(buf, bufsize, "%s", VG_(resolved_exename)) + 1; SET_STATUS_Success(len); - *curproc_file = True; + return False; } + return True; } // SYS_readlink 58 // ssize_t readlink(const char *restrict path, char *restrict buf, size_t bufsiz); PRE(sys_readlink) { - FUSE_COMPATIBLE_MAY_BLOCK(); - Word saved = SYSNO; - Bool curproc_file = False; - PRINT("sys_readlink ( %#" FMT_REGWORD "x(%s), %#" FMT_REGWORD "x, %llu )", ARG1, (char*)(Addr)ARG1, ARG2, (ULong)ARG3); PRE_REG_READ3(long, "readlink", const char *, path, char *, buf, int, bufsiz); - PRE_MEM_RASCIIZ( "readlink(path)", ARG1 ); - PRE_MEM_WRITE( "readlink(buf)", ARG2,ARG3 ); + PRE_MEM_RASCIIZ("readlink(path)", ARG1); + PRE_MEM_WRITE("readlink(buf)", ARG2, ARG3); - if (VG_(have_slash_proc) == True) - { - /* - * Handle the case where readlink is looking at /proc/curproc/file or - * /proc/<pid>/file - */ - do_readlink((const HChar *)ARG1, (HChar *)ARG2, (SizeT)ARG3, status, &curproc_file); + if (VG_(have_slash_proc) == False || do_readlink((const HChar *)ARG1, (HChar *)ARG2, (SizeT)ARG3, status)) { + *flags |= SfMayBlock; } +} - if (!curproc_file) { - /* Normal case */ - SET_STATUS_from_SysRes( VG_(do_syscall3)(saved, ARG1, ARG2, ARG3)); - } - if (SUCCESS && RES > 0) { - POST_MEM_WRITE( ARG2, RES ); - } +POST(sys_readlink) +{ + POST_MEM_WRITE(ARG2, RES); } // SYS_execve 59 @@ -5447,29 +5437,23 @@ POST(sys_openat) } } -// @todo PJF make this generic? // SYS_readlinkat 500 // ssize_t readlinkat(int fd, const char *restrict path, char *restrict buf, // size_t bufsize); PRE(sys_readlinkat) { - Bool curproc_file = False; - - PRINT("sys_readlinkat ( %" FMT_REGWORD "u, %#" FMT_REGWORD "x(%s), %#" FMT_REGWORD "x, %llu )", ARG1,ARG2,(char*)ARG2,ARG3,(ULong)ARG4); + PRINT("sys_readlinkat ( %" FMT_REGWORD "u, %#" FMT_REGWORD "x(%s), %#" FMT_REGWORD "x, %llu )", + ARG1, ARG2, (char*)ARG2, ARG3, (ULong)ARG4); PRE_REG_READ4(ssize_t, "readlinkat", int, fd, const char *, path, char *, buf, int, bufsize); ML_(fd_at_check_allowed)(SARG1, (const HChar*)ARG2, "readlinkat", tid, status); PRE_MEM_RASCIIZ( "readlinkat(path)", ARG2 ); PRE_MEM_WRITE("readlinkat(buf)", ARG3, ARG4); - if (VG_(have_slash_proc) == True) { - /* - * Handle the case where readlinkat is looking at /proc/curproc/file or - * /proc/<pid>/file. - */ + if (VG_(have_slash_proc) == False || do_readlink((const HChar *)ARG2, (HChar *)ARG3, (SizeT)ARG4, status)) { // @todo PJF there is still the case where fd refers to / or /proc or /proc/pid // or /proc/curproc and path is relative pid/file, curproc/file or just file - do_readlink((const HChar *)ARG2, (HChar *)ARG3, (SizeT)ARG4, status, &curproc_file); + *flags |= SfMayBlock; } } @@ -7294,7 +7278,7 @@ const SyscallTableEntry ML_(syscall_table)[] = { BSDX_(__NR_revoke, sys_revoke), // 56 GENX_(__NR_symlink, sys_symlink), // 57 - BSDX_(__NR_readlink, sys_readlink), // 58 + BSDXY(__NR_readlink, sys_readlink), // 58 GENX_(__NR_execve, sys_execve), // 59 GENX_(__NR_umask, sys_umask), // 60 diff --git a/none/tests/freebsd/Makefile.am b/none/tests/freebsd/Makefile.am index 5c46d27d36..66ef0c47ca 100644 --- a/none/tests/freebsd/Makefile.am +++ b/none/tests/freebsd/Makefile.am @@ -57,6 +57,8 @@ EXTRA_DIST = \ open_client.stderr.exp \ readlinkat.vgtest \ readlinkat.stderr.exp \ + readlinkat2.vgtest \ + readlinkat2.stderr.exp \ sanity_level_thread.vgtest \ sanity_level_thread.stderr.exp \ swapcontext.vgtest \ @@ -74,7 +76,7 @@ EXTRA_DIST = \ check_PROGRAMS = \ auxv bug452274 bug498317 bug499212 fexecve hello_world open_client \ - osrel proc_pid_file readlinkat sanity_level_thread swapcontext \ + osrel proc_pid_file readlinkat readlinkat2 sanity_level_thread swapcontext \ umtx_shm_creat usrstack AM_CFLAGS += $(AM_FLAG_M3264_PRI) @@ -89,6 +91,8 @@ open_client_SOURCES = open_client.cpp proc_pid_file_SOURCES = proc_pid_file.cpp readlinkat_SOURCES = readlinkat.cpp readlinkat_CXXFLAGS = ${AM_CXXFLAGS} @FLAG_W_NO_UNINITIALIZED@ +readlinkat2_SOURCES = readlinkat2.cpp +readlinkat2_CXXFLAGS = ${AM_CXXFLAGS} @FLAG_W_NO_UNINITIALIZED@ sanity_level_thread_SOURCES = sanity_level_thread.cpp sanity_level_thread_LDFLAGS = ${AM_LDFLAGS} -pthread diff --git a/none/tests/freebsd/readlinkat2.cpp b/none/tests/freebsd/readlinkat2.cpp new file mode 100644 index 0000000000..0aef71d7f7 --- /dev/null +++ b/none/tests/freebsd/readlinkat2.cpp @@ -0,0 +1,57 @@ +#include <unistd.h> +#include <fcntl.h> +#include <sys/types.h> +#include <sys/param.h> +#include <iostream> +#include <cstring> +#include <cstdlib> + +int main(int argc, char** argv) +{ + char linkedPath[MAXPATHLEN]; + char selfAbsolutePath[MAXPATHLEN]; + auto pid{getpid()}; + std::string pidString{std::to_string(pid)}; + std::string procPidFile{std::string("/proc/") + pidString + "/file"}; + realpath(argv[0], selfAbsolutePath); + std::string selfAbsolutePathString(selfAbsolutePath); + + ssize_t res = readlinkat(AT_FDCWD, "/proc/curproc/file", linkedPath, MAXPATHLEN); + if (res == -1) + { + std::cerr << "Error: readlinkat test 1 failed\n"; + } + else + { + if (selfAbsolutePathString != linkedPath) + { + std::cerr << "Error: readlinkat test 1 unexpected resolved path - " << linkedPath << '\n'; + } + } + + res = readlinkat(AT_FDCWD, procPidFile.c_str(), linkedPath, MAXPATHLEN); + if (res == -1) + { + std::cerr << "Error: readlinkat test 2 failed\n"; + } + else + { + if (selfAbsolutePathString != linkedPath) + { + std::cerr << "Error: readlinkat test 2 unexpected resolved path - " << linkedPath << '\n'; + } + } + + // @todo PJF do some tests with cwd as /proc /proc/PID and /proc/curproc + // and a rlative path to 'file' + // not yet implemented in Valgrind + chdir("/proc"); + + // @todo PJF do some tests as above but with fd as /proc /proc/PID and /proc/curproc + int slash; + if ((slash = open("/", O_DIRECTORY | O_RDONLY)) == -1) + { + throw std::runtime_error("failed to open /"); + } + close(slash); +} diff --git a/none/tests/freebsd/readlinkat2.stderr.exp b/none/tests/freebsd/readlinkat2.stderr.exp new file mode 100644 index 0000000000..e69de29bb2 diff --git a/none/tests/freebsd/readlinkat2.vgtest b/none/tests/freebsd/readlinkat2.vgtest new file mode 100644 index 0000000000..1decb1ee0b --- /dev/null +++ b/none/tests/freebsd/readlinkat2.vgtest @@ -0,0 +1,4 @@ +# FreeBSD doesn't always have a /proc filesystem +prereq: test -d /proc +prog: readlinkat2 +vgopts: -q |
From: Florian K. <fk...@so...> - 2025-08-30 13:39:42
|
https://sourceware.org/cgit/valgrind/commit/?id=88fb0079cfabcba839b1f63f947910748db79b76 commit 88fb0079cfabcba839b1f63f947910748db79b76 Author: Florian Krohm <fl...@ei...> Date: Sat Aug 30 13:39:04 2025 +0000 libvex_ir.h: Clarify semantics of division and modulo operation. Diff: --- VEX/pub/libvex_ir.h | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/VEX/pub/libvex_ir.h b/VEX/pub/libvex_ir.h index 750ba07018..8c68fab441 100644 --- a/VEX/pub/libvex_ir.h +++ b/VEX/pub/libvex_ir.h @@ -492,7 +492,13 @@ typedef Iop_CmpORD32S, Iop_CmpORD64S, /* Division */ - /* TODO: clarify semantics wrt rounding, negative values, whatever */ + /* Semantics of division as per C standard: + If the value of the divisor is zero, the behaviour is undefined. + When integers are divided, the result of division is the algebraic + quotient with any fractional part discarded. In other words: + truncation towards zero. If the quotient a/b is representable, + the expression (a/b)*b + a%b shall equal a; otherwise, the behaviour + of division and modulo operation is undefined. */ Iop_DivU32, // :: I32,I32 -> I32 (simple div, no mod) Iop_DivS32, // ditto, signed Iop_DivU64, // :: I64,I64 -> I64 (simple div, no mod) |
From: Florian K. <fk...@so...> - 2025-08-30 11:30:21
|
https://sourceware.org/cgit/valgrind/commit/?id=773544211c10a81773200864ba2b57cea7886e9e commit 773544211c10a81773200864ba2b57cea7886e9e Author: Florian Krohm <fl...@ei...> Date: Sat Aug 30 11:28:03 2025 +0000 iropt-test: Constant folding for DivModU32to32 and DivModS32to32 Needed for Mips. Mips is still disabled in iropt-test because there are miscompares between the folded the result and the result computed by the insn sequence that implements the IROp. Several IRops are affected. Part of fixing https://bugs.kde.org/show_bug.cgi?id=506211 Diff: --- VEX/priv/ir_opt.c | 25 +++++++++++++++++++++++++ none/tests/iropt-test/binary.c | 25 +++++++++++++++++++++++++ none/tests/iropt-test/irops.tab | 4 ++-- none/tests/iropt-test/main.c | 5 ++++- 4 files changed, 56 insertions(+), 3 deletions(-) diff --git a/VEX/priv/ir_opt.c b/VEX/priv/ir_opt.c index 5056b677be..925524e158 100644 --- a/VEX/priv/ir_opt.c +++ b/VEX/priv/ir_opt.c @@ -2193,6 +2193,31 @@ static IRExpr* fold_Expr_WRK ( IRExpr** env, IRExpr* e ) } break; } + case Iop_DivModU32to32: { + UInt u32a = e->Iex.Binop.arg1->Iex.Const.con->Ico.U32; + UInt u32b = e->Iex.Binop.arg2->Iex.Const.con->Ico.U32; + if (u32b != 0) { + UInt q = u32a / u32b; + UInt r = u32a % u32b; + e2 = IRExpr_Const(IRConst_U64(((ULong)r << 32) | q)); + } + break; + } + case Iop_DivModS32to32: { + Int s32a = e->Iex.Binop.arg1->Iex.Const.con->Ico.U32; + Int s32b = e->Iex.Binop.arg2->Iex.Const.con->Ico.U32; + if (s32b != 0) { + /* Division may trap when result overflows i.e. when + attempting: INT32_MAX / -1 */ + if (e->Iex.Binop.arg1->Iex.Const.con->Ico.U32 == (1UL << 31) + && s32b == -1) + break; + Int q = s32a / s32b; + Int r = s32a % s32b; + e2 = IRExpr_Const(IRConst_U64(((ULong)(UInt)r << 32) | (UInt)q)); + } + break; + } /* -- Shl -- */ case Iop_Shl8: diff --git a/none/tests/iropt-test/binary.c b/none/tests/iropt-test/binary.c index 1fbe1341fc..d8d3618b29 100644 --- a/none/tests/iropt-test/binary.c +++ b/none/tests/iropt-test/binary.c @@ -215,6 +215,20 @@ get_expected_value(const irop_t *op, const test_data_t *data) expected = (int64_t)(opnd_l << 32) / (int32_t)opnd_r; break; + case Iop_DivModU32to32: { + uint32_t q = opnd_l / opnd_r; + uint32_t r = opnd_l % opnd_r; + expected = ((uint64_t)r << 32) | q; + break; + } + + case Iop_DivModS32to32: { + int32_t q = (int32_t)opnd_l / (int32_t)opnd_r; + int32_t r = (int32_t)opnd_l % (int32_t)opnd_r; + expected = ((uint64_t)r << 32) | (uint32_t)q; + break; + } + case Iop_DivModU64to32: { uint64_t q = opnd_l / opnd_r; uint64_t r = opnd_l % opnd_r; @@ -424,6 +438,7 @@ ok_to_run(IROp op, uint64_t o1, uint64_t o2) case Iop_DivS32: case Iop_DivS64: case Iop_DivU32E: case Iop_DivS32E: + case Iop_DivModU32to32: return o2 != 0; /* Check that result can be represented */ @@ -448,6 +463,16 @@ ok_to_run(IROp op, uint64_t o1, uint64_t o2) return q <= INT32_MAX && q >= INT32_MIN; } + case Iop_DivModS32to32: { + int32_t divisor = o2; + + if (divisor == 0) return 0; + /* Division may trap on overflow */ + if (divisor == -1 && o1 == (0x1UL << 31)) // INT32_MIN + return 0; + return 1; + } + default: return 1; } diff --git a/none/tests/iropt-test/irops.tab b/none/tests/iropt-test/irops.tab index 954654b7cd..882ba59ba9 100644 --- a/none/tests/iropt-test/irops.tab +++ b/none/tests/iropt-test/irops.tab @@ -176,12 +176,12 @@ // { OPNAME(DivS64E), Ity_I32, 2, Ity_I32, Ity_I32, }, // 128 bit // { OPNAME(DivS128E), Ity_I128, 2, Ity_I128, Ity_I128 }, // 128 bit -// { OPNAME(DivModU32to32), Ity_I64, 2, Ity_I32, Ity_I64 }, // mips no folding yet + { OPNAME(DivModU32to32), Ity_I64, 2, Ity_I32, Ity_I32, ONLY(mipsx) }, { OPNAME(DivModU64to32), Ity_I64, 2, Ity_I64, Ity_I32, EXCEPT2(ppc, mipsx) }, // { OPNAME(DivModU64to64), Ity_I64, 2, Ity_I64, Ity_I128 }, // 128 bit // { OPNAME(DivModU128to64), Ity_I128, 2, Ity_I64, Ity_I128 }, // 128 bit -// { OPNAME(DivModS32to32), Ity_I64, 2, Ity_I32, Ity_I32 }, // mips no folding yet + { OPNAME(DivModS32to32), Ity_I64, 2, Ity_I32, Ity_I32, ONLY(mipsx) }, { OPNAME(DivModS64to32), Ity_I64, 2, Ity_I64, Ity_I32, EXCEPT2(ppc, mipsx) }, // { OPNAME(DivModS64to64), Ity_I64, 2, Ity_I64, Ity_I128 }, // 128 bit // { OPNAME(DivModU128to64), Ity_I128, 2, Ity_I64, Ity_I128 }, // 128 bit diff --git a/none/tests/iropt-test/main.c b/none/tests/iropt-test/main.c index 1ca97e9c03..64ad44d876 100644 --- a/none/tests/iropt-test/main.c +++ b/none/tests/iropt-test/main.c @@ -45,7 +45,7 @@ unsigned num_random_tests; int main(int argc, char *argv[]) { -// FIXME: temporarily until ppc has been fixed +// FIXME: temporarily until ppc and mips have been fixed #if !defined(__s390x__) && !defined(__i386__) && !defined(__x86_64__) return 0; #endif @@ -164,6 +164,9 @@ is_enabled(const irop_t *op) #ifdef __s390x__ return op->enabled_arch & ARCH_s390; #endif +#ifdef __mips__ + return op->enabled_arch & ((__mips == 64) ? ARCH_mips64 : ARCH_mips32); +#endif #ifdef __powerpc__ /* defined for both 32-bit and 64-bit */ #define MIN_POWER_ISA "../../../tests/min_power_isa" int rc; |
From: Florian K. <fk...@so...> - 2025-08-29 21:28:48
|
https://sourceware.org/cgit/valgrind/commit/?id=be8ca2b326f53b97d6ff031f7165fa2c8906dedb commit be8ca2b326f53b97d6ff031f7165fa2c8906dedb Author: Florian Krohm <fl...@ei...> Date: Fri Aug 29 21:28:05 2025 +0000 iropt-test: Prepare IROp table for mips. Part of fixing https://bugs.kde.org/show_bug.cgi?id=506211 Diff: --- none/tests/iropt-test/irops.tab | 75 +++++++++++++++++++++-------------------- 1 file changed, 38 insertions(+), 37 deletions(-) diff --git a/none/tests/iropt-test/irops.tab b/none/tests/iropt-test/irops.tab index 9f833b5cb5..954654b7cd 100644 --- a/none/tests/iropt-test/irops.tab +++ b/none/tests/iropt-test/irops.tab @@ -34,14 +34,14 @@ #define ARCH_amd64 0x0008 #define ARCH_x86 0x0010 #define ARCH_s390 0x0020 -#define ARCH_ALL 0x003F // OR of all above +#define ARCH_mips32 0x0040 +#define ARCH_mips64 0x0080 +#define ARCH_mipsx (ARCH_mips32 | ARCH_mips64) // ARCH_mips does not work +#define ARCH_ALL 0x00FF // OR of all above -/* FIXME: Add support for mips, arm, and riscv. +/* FIXME: Add support for nanomips, arm, and riscv. When doing so ARCH_ALL needs to be adjusted */ #if 0 -#define ARCH_mips32 0x0040 -#define ARCH_mips64 0x0080 -#define ARCH_mips (mips32 | mips64) #define ARCH_nanomips 0x0100 #define ARCH_arm 0x0200 #define ARCH_arm64 0x0400 @@ -52,6 +52,7 @@ #define ONLY2(x1,x2) .enabled_arch = A(x1) | A(x2) #define EXCEPT(x) .enabled_arch = ARCH_ALL & ~A(x) #define EXCEPT2(x1,x2) .enabled_arch = ARCH_ALL & ~(A(x1) | A(x2)) +#define EXCEPT3(x1,x2,x3) .enabled_arch = ARCH_ALL & ~(A(x1) | A(x2) | A(x3)) /* Definition of IROps: - no IROps having floating point operands or result @@ -68,7 +69,7 @@ { OPNAME(1Uto8), Ity_I8, 1, Ity_I1, }, // { OPNAME(1Uto16), Ity_I16, 1, Ity_I1, }, // missing in libvex_ir.h { OPNAME(1Uto32), Ity_I32, 1, Ity_I1, }, - { OPNAME(1Uto64), Ity_I64, 1, Ity_I1, EXCEPT2(ppc32,x86) }, + { OPNAME(1Uto64), Ity_I64, 1, Ity_I1, EXCEPT3(ppc32,x86,mips32) }, { OPNAME(1Sto8), Ity_I8, 1, Ity_I1, }, { OPNAME(1Sto16), Ity_I16, 1, Ity_I1, }, @@ -92,6 +93,7 @@ { OPNAME(32Sto64), Ity_I64, 1, Ity_I32, }, // { OPNAME(8to1), Ity_I1, 1, Ity_I8, }, // missing in libvex_ir.h + // { OPNAME(16to1), Ity_I1, 1, Ity_I16, }, // missing in libvex_ir.h { OPNAME(16to8), Ity_I8, 1, Ity_I16, }, { OPNAME(16HIto8), Ity_I8, 1, Ity_I16, }, @@ -103,8 +105,7 @@ { OPNAME(64to1), Ity_I1, 1, Ity_I64, EXCEPT2(ppc32, x86) }, { OPNAME(64to8), Ity_I8, 1, Ity_I64, EXCEPT2(ppc32, x86) }, - { OPNAME(64to16), Ity_I16, 1, Ity_I64, EXCEPT2(ppc32, x86) }, - + { OPNAME(64to16), Ity_I16, 1, Ity_I64, EXCEPT3(ppc32, x86, mips32) }, { OPNAME(64to32), Ity_I32, 1, Ity_I64, }, { OPNAME(64HIto32), Ity_I32, 1, Ity_I64, }, @@ -124,8 +125,8 @@ { OPNAME(Left32), Ity_I32, 1, Ity_I32 }, { OPNAME(Left64), Ity_I64, 1, Ity_I64 }, - { OPNAME(ClzNat32), Ity_I32, 1, Ity_I32, ONLY2(ppc, x86) }, - { OPNAME(ClzNat64), Ity_I64, 1, Ity_I64, EXCEPT2(ppc32, x86) }, + { OPNAME(ClzNat32), Ity_I32, 1, Ity_I32, EXCEPT2(amd64, s390) }, + { OPNAME(ClzNat64), Ity_I64, 1, Ity_I64, EXCEPT3(ppc32, x86, mips32) }, { OPNAME(CtzNat32), Ity_I32, 1, Ity_I32, ONLY2(ppc, x86) }, { OPNAME(CtzNat64), Ity_I64, 1, Ity_I64, ONLY2(ppc64, amd64) }, @@ -145,7 +146,7 @@ { OPNAME(Sub64), Ity_I64, 2, Ity_I64, Ity_I64, EXCEPT(ppc32) }, { OPNAME(Mul8), Ity_I8, 2, Ity_I8, Ity_I8, ONLY(s390) }, - { OPNAME(Mul16), Ity_I16, 2, Ity_I16, Ity_I16, EXCEPT(ppc) }, + { OPNAME(Mul16), Ity_I16, 2, Ity_I16, Ity_I16, EXCEPT2(ppc, mipsx) }, { OPNAME(Mul32), Ity_I32, 2, Ity_I32, Ity_I32, }, { OPNAME(Mul64), Ity_I64, 2, Ity_I64, Ity_I64, EXCEPT2(ppc32, x86) }, @@ -159,12 +160,12 @@ { OPNAME(MullS32), Ity_I64, 2, Ity_I32, Ity_I32, }, // { OPNAME(MullS64), Ity_I128, 2, Ity_I64, Ity_I64, }, // 128 bit - { OPNAME(DivU32), Ity_I32, 2, Ity_I32, Ity_I32, ONLY(ppc) }, - { OPNAME(DivU64), Ity_I64, 2, Ity_I64, Ity_I64, ONLY(ppc64) }, + { OPNAME(DivU32), Ity_I32, 2, Ity_I32, Ity_I32, ONLY2(ppc, mipsx) }, + { OPNAME(DivU64), Ity_I64, 2, Ity_I64, Ity_I64, ONLY2(ppc64, mips64) }, // { OPNAME(DivU128), Ity_I128, 2, Ity_I128, Ity_I128 }, // 128 bit - { OPNAME(DivS32), Ity_I32, 2, Ity_I32, Ity_I32, ONLY(ppc) }, - { OPNAME(DivS64), Ity_I64, 2, Ity_I64, Ity_I64, ONLY(ppc64) }, + { OPNAME(DivS32), Ity_I32, 2, Ity_I32, Ity_I32, ONLY2(ppc, mipsx) }, + { OPNAME(DivS64), Ity_I64, 2, Ity_I64, Ity_I64, ONLY2(ppc64, mips64) }, // { OPNAME(DivS128), Ity_I128, 2, Ity_I128, Ity_I128 }, // 128 bit { OPNAME(DivU32E), Ity_I32, 2, Ity_I32, Ity_I32, ONLY(ppc) }, @@ -175,30 +176,30 @@ // { OPNAME(DivS64E), Ity_I32, 2, Ity_I32, Ity_I32, }, // 128 bit // { OPNAME(DivS128E), Ity_I128, 2, Ity_I128, Ity_I128 }, // 128 bit -// { OPNAME(DivModU32to32), Ity_I64, 2, Ity_I32, Ity_I64 }, // no folding yet - { OPNAME(DivModU64to32), Ity_I64, 2, Ity_I64, Ity_I32, EXCEPT(ppc) }, +// { OPNAME(DivModU32to32), Ity_I64, 2, Ity_I32, Ity_I64 }, // mips no folding yet + { OPNAME(DivModU64to32), Ity_I64, 2, Ity_I64, Ity_I32, EXCEPT2(ppc, mipsx) }, // { OPNAME(DivModU64to64), Ity_I64, 2, Ity_I64, Ity_I128 }, // 128 bit // { OPNAME(DivModU128to64), Ity_I128, 2, Ity_I64, Ity_I128 }, // 128 bit -// { OPNAME(DivModS32to32), Ity_I64, 2, Ity_I32, Ity_I32 }, // no folding yet - { OPNAME(DivModS64to32), Ity_I64, 2, Ity_I64, Ity_I32, EXCEPT(ppc) }, +// { OPNAME(DivModS32to32), Ity_I64, 2, Ity_I32, Ity_I32 }, // mips no folding yet + { OPNAME(DivModS64to32), Ity_I64, 2, Ity_I64, Ity_I32, EXCEPT2(ppc, mipsx) }, // { OPNAME(DivModS64to64), Ity_I64, 2, Ity_I64, Ity_I128 }, // 128 bit // { OPNAME(DivModU128to64), Ity_I128, 2, Ity_I64, Ity_I128 }, // 128 bit // { OPNAME(ModU128), Ity_I128, 2, Ity_I128, Ity_I128 }, // 128 bit // { OPNAME(ModS128), Ity_I128, 2, Ity_I128, Ity_I128 }, // 128 bit - { OPNAME(Shl8), Ity_I8, 2, Ity_I8, Ity_I8 }, - { OPNAME(Shl16), Ity_I16, 2, Ity_I16, Ity_I8 }, + { OPNAME(Shl8), Ity_I8, 2, Ity_I8, Ity_I8, EXCEPT(mipsx) }, + { OPNAME(Shl16), Ity_I16, 2, Ity_I16, Ity_I8, EXCEPT(mipsx) }, { OPNAME(Shl32), Ity_I32, 2, Ity_I32, Ity_I8 }, { OPNAME(Shl64), Ity_I64, 2, Ity_I64, Ity_I8, EXCEPT(ppc32) }, - { OPNAME(Shr8), Ity_I8, 2, Ity_I8, Ity_I8 }, + { OPNAME(Shr8), Ity_I8, 2, Ity_I8, Ity_I8, EXCEPT(mipsx) }, { OPNAME(Shr16), Ity_I16, 2, Ity_I16, Ity_I8 }, { OPNAME(Shr32), Ity_I32, 2, Ity_I32, Ity_I8 }, { OPNAME(Shr64), Ity_I64, 2, Ity_I64, Ity_I8, EXCEPT(ppc32) }, - { OPNAME(Sar8), Ity_I8, 2, Ity_I8, Ity_I8 }, + { OPNAME(Sar8), Ity_I8, 2, Ity_I8, Ity_I8, EXCEPT(mipsx) }, { OPNAME(Sar16), Ity_I16, 2, Ity_I16, Ity_I8 }, { OPNAME(Sar32), Ity_I32, 2, Ity_I32, Ity_I8 }, { OPNAME(Sar64), Ity_I64, 2, Ity_I64, Ity_I8, EXCEPT(ppc32) }, @@ -226,36 +227,36 @@ { OPNAME(CmpEQ32), Ity_I1, 2, Ity_I32, Ity_I32, }, { OPNAME(CmpEQ64), Ity_I1, 2, Ity_I64, Ity_I64, EXCEPT(ppc32) }, - { OPNAME(CmpNE8), Ity_I1, 2, Ity_I8, Ity_I8, EXCEPT(ppc) }, - { OPNAME(CmpNE16), Ity_I1, 2, Ity_I16, Ity_I16, EXCEPT(ppc) }, + { OPNAME(CmpNE8), Ity_I1, 2, Ity_I8, Ity_I8, EXCEPT2(ppc, mipsx) }, + { OPNAME(CmpNE16), Ity_I1, 2, Ity_I16, Ity_I16, EXCEPT2(ppc, mipsx) }, { OPNAME(CmpNE32), Ity_I1, 2, Ity_I32, Ity_I32, }, - { OPNAME(CmpNE64), Ity_I1, 2, Ity_I64, Ity_I64, EXCEPT(ppc32) }, + { OPNAME(CmpNE64), Ity_I1, 2, Ity_I64, Ity_I64, EXCEPT2(ppc32, mips32) }, { OPNAME(CmpLT32U), Ity_I1, 2, Ity_I32, Ity_I32, }, - { OPNAME(CmpLT64U), Ity_I1, 2, Ity_I64, Ity_I64, EXCEPT2(ppc32, x86) }, + { OPNAME(CmpLT64U), Ity_I1, 2, Ity_I64, Ity_I64, EXCEPT3(ppc32, x86, mips32) }, { OPNAME(CmpLT32S), Ity_I1, 2, Ity_I32, Ity_I32, }, - { OPNAME(CmpLT64S), Ity_I1, 2, Ity_I64, Ity_I64, EXCEPT2(ppc32, x86) }, + { OPNAME(CmpLT64S), Ity_I1, 2, Ity_I64, Ity_I64, EXCEPT3(ppc32, x86, mips32) }, { OPNAME(CmpLE32U), Ity_I1, 2, Ity_I32, Ity_I32, }, - { OPNAME(CmpLE64U), Ity_I1, 2, Ity_I64, Ity_I64, EXCEPT2(ppc32, x86) }, + { OPNAME(CmpLE64U), Ity_I1, 2, Ity_I64, Ity_I64, EXCEPT3(ppc32, x86, mipsx) }, { OPNAME(CmpLE32S), Ity_I1, 2, Ity_I32, Ity_I32, }, - { OPNAME(CmpLE64S), Ity_I1, 2, Ity_I64, Ity_I64, EXCEPT2(ppc32, x86) }, + { OPNAME(CmpLE64S), Ity_I1, 2, Ity_I64, Ity_I64, EXCEPT3(ppc32, x86, mips32) }, - { OPNAME(CasCmpEQ8), Ity_I1, 2, Ity_I8, Ity_I8, EXCEPT(ppc) }, - { OPNAME(CasCmpEQ16), Ity_I1, 2, Ity_I16, Ity_I16, EXCEPT(ppc) }, + { OPNAME(CasCmpEQ8), Ity_I1, 2, Ity_I8, Ity_I8, EXCEPT2(ppc, mipsx) }, + { OPNAME(CasCmpEQ16), Ity_I1, 2, Ity_I16, Ity_I16, EXCEPT2(ppc, mipsx) }, { OPNAME(CasCmpEQ32), Ity_I1, 2, Ity_I32, Ity_I32, EXCEPT(ppc) }, - { OPNAME(CasCmpEQ64), Ity_I1, 2, Ity_I64, Ity_I64, ONLY2(s390, amd64) }, + { OPNAME(CasCmpEQ64), Ity_I1, 2, Ity_I64, Ity_I64, EXCEPT2(ppc, x86) }, - { OPNAME(CasCmpNE8), Ity_I1, 2, Ity_I8, Ity_I8, EXCEPT(ppc) }, - { OPNAME(CasCmpNE16), Ity_I1, 2, Ity_I16, Ity_I16, EXCEPT(ppc) }, - { OPNAME(CasCmpNE32), Ity_I1, 2, Ity_I32, Ity_I32, EXCEPT(ppc) }, + { OPNAME(CasCmpNE8), Ity_I1, 2, Ity_I8, Ity_I8, EXCEPT2(ppc, mipsx) }, + { OPNAME(CasCmpNE16), Ity_I1, 2, Ity_I16, Ity_I16, EXCEPT2(ppc, mipsx) }, + { OPNAME(CasCmpNE32), Ity_I1, 2, Ity_I32, Ity_I32, EXCEPT2(ppc, mipsx) }, { OPNAME(CasCmpNE64), Ity_I1, 2, Ity_I64, Ity_I64, ONLY2(s390, amd64) }, { OPNAME(ExpCmpNE8), Ity_I1, 2, Ity_I8, Ity_I8, ONLY(s390) }, { OPNAME(ExpCmpNE16), Ity_I1, 2, Ity_I16, Ity_I16, ONLY2(s390, x86) }, - { OPNAME(ExpCmpNE32), Ity_I1, 2, Ity_I32, Ity_I32, EXCEPT(ppc) }, + { OPNAME(ExpCmpNE32), Ity_I1, 2, Ity_I32, Ity_I32, EXCEPT2(ppc, mipsx) }, { OPNAME(ExpCmpNE64), Ity_I1, 2, Ity_I64, Ity_I64, ONLY2(s390, amd64) }, { OPNAME(CmpORD32U), Ity_I32, 2, Ity_I32, Ity_I32, ONLY(ppc) }, |
From: Paul F. <pa...@so...> - 2025-08-29 19:44:15
|
https://sourceware.org/cgit/valgrind/commit/?id=700e78f257ad161b4bd040de2d6bd9f1de4ff0b2 commit 700e78f257ad161b4bd040de2d6bd9f1de4ff0b2 Author: Matthias Schwarzott <zz...@ge...> Date: Sat Aug 23 13:37:46 2025 +0200 Bug 508779 - PRE(sys_prlimit64): reorder check for memory validity so all errors are displayed and not just the first Diff: --- NEWS | 1 + coregrind/m_syswrap/syswrap-linux.c | 14 ++- memcheck/tests/amd64-linux/scalar.c | 22 +++++ memcheck/tests/amd64-linux/scalar.stderr.exp | 128 +++++++++++++++++++++++++++ memcheck/tests/x86-linux/scalar.c | 14 +++ memcheck/tests/x86-linux/scalar.stderr.exp | 96 ++++++++++++++++++++ 6 files changed, 267 insertions(+), 8 deletions(-) diff --git a/NEWS b/NEWS index 0d6e10ee90..b1f4d8d11a 100644 --- a/NEWS +++ b/NEWS @@ -89,6 +89,7 @@ are not entered into bugzilla tend to get forgotten about or ignored. 508638 Self-hosting not working on FreeBSD 508777 amd64-linux: add minimal scalar test 508778 syscall-wrapper waitid warns about infop=null +508779 PRE(sys_prlimit64): reorder check for memory validity 508869 x86-linux: simplify scalar test output To see details of a given bug, visit diff --git a/coregrind/m_syswrap/syswrap-linux.c b/coregrind/m_syswrap/syswrap-linux.c index a740912f80..785031c108 100644 --- a/coregrind/m_syswrap/syswrap-linux.c +++ b/coregrind/m_syswrap/syswrap-linux.c @@ -2307,17 +2307,15 @@ PRE(sys_prlimit64) struct rlimit64 *, old_rlim); if (ARG3) { PRE_MEM_READ( "rlimit64(new_rlim)", ARG3, sizeof(struct vki_rlimit64) ); - if (!ML_(safe_to_deref)((void*)(Addr)ARG3, sizeof(struct vki_rlimit64))) { - SET_STATUS_Failure(VKI_EFAULT); - return; - } } if (ARG4) { PRE_MEM_WRITE( "rlimit64(old_rlim)", ARG4, sizeof(struct vki_rlimit64) ); - if (!ML_(safe_to_deref)((void*)(Addr)ARG4, sizeof(struct vki_rlimit64))) { - SET_STATUS_Failure(VKI_EFAULT); - return; - } + } + + if ((ARG3 && !ML_(safe_to_deref)((void*)(Addr)ARG3, sizeof(struct vki_rlimit64))) + || (ARG4 && !ML_(safe_to_deref)((void*)(Addr)ARG4, sizeof(struct vki_rlimit64)))) { + SET_STATUS_Failure(VKI_EFAULT); + return; } if (ARG3 && diff --git a/memcheck/tests/amd64-linux/scalar.c b/memcheck/tests/amd64-linux/scalar.c index 5167fde2d7..fe133d8d2a 100644 --- a/memcheck/tests/amd64-linux/scalar.c +++ b/memcheck/tests/amd64-linux/scalar.c @@ -3,6 +3,7 @@ #include "../../memcheck.h" #include "scalar.h" #include <unistd.h> +#include <sys/resource.h> // Here we are trying to trigger every syscall error (scalar errors and // memory errors) for every syscall. We do this by passing a lot of bogus @@ -45,6 +46,14 @@ int main(void) GO(__NR_exit, "below"); // (see below) + // __NR_getrlimit 97 + GO(__NR_getrlimit, "2s 1m"); + SY(__NR_getrlimit, x0, x0); FAIL; + + // __NR_setrlimit 160 + GO(__NR_setrlimit, "2s 1m"); + SY(__NR_setrlimit, x0, x0); FAILx(EFAULT); + // __NR_waitid 247 GO(__NR_waitid, "5s 0m"); SY(__NR_waitid, x0, x0, x0, x0, x0); FAIL; @@ -52,6 +61,19 @@ int main(void) GO(__NR_waitid, "(infop,ru) 5s 2m"); SY(__NR_waitid, x0, x0, x0 + 1, x0, x0 + 1); FAIL; + // __NR_prlimit64 302 + GO(__NR_prlimit64, "(nop) 4s 0m"); + SY(__NR_prlimit64, x0, x0 + RLIMIT_NOFILE, x0, x0); SUCC; + + GO(__NR_prlimit64, "(set) 4s 1m"); + SY(__NR_prlimit64, x0, x0 + RLIMIT_NOFILE, x0 + 1, x0); FAILx(EFAULT); + + GO(__NR_prlimit64, "(get) 4s 1m"); + SY(__NR_prlimit64, x0, x0 + RLIMIT_NOFILE, x0, x0 + 1); FAILx(EFAULT); + + GO(__NR_prlimit64, "(get+set) 4s 2m"); + SY(__NR_prlimit64, x0, x0 + RLIMIT_NOFILE, x0 + 1, x0 + 1); FAILx(EFAULT); + // no such syscall... GO(9999, "1e"); SY(9999); FAIL; diff --git a/memcheck/tests/amd64-linux/scalar.stderr.exp b/memcheck/tests/amd64-linux/scalar.stderr.exp index 12f6fcba37..1757cc3eb4 100644 --- a/memcheck/tests/amd64-linux/scalar.stderr.exp +++ b/memcheck/tests/amd64-linux/scalar.stderr.exp @@ -45,6 +45,38 @@ Syscall param write(buf) points to unaddressable byte(s) ----------------------------------------------------- 60: __NR_exit below ----------------------------------------------------- +----------------------------------------------------- + 97: __NR_getrlimit 2s 1m +----------------------------------------------------- +Syscall param getrlimit(resource) contains uninitialised byte(s) + ... + by 0x........: main (scalar.c) + +Syscall param getrlimit(rlim) contains uninitialised byte(s) + ... + by 0x........: main (scalar.c) + +Syscall param getrlimit(rlim) points to unaddressable byte(s) + ... + by 0x........: main (scalar.c) + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +----------------------------------------------------- +160: __NR_setrlimit 2s 1m +----------------------------------------------------- +Syscall param setrlimit(resource) contains uninitialised byte(s) + ... + by 0x........: main (scalar.c) + +Syscall param setrlimit(rlim) contains uninitialised byte(s) + ... + by 0x........: main (scalar.c) + +Syscall param setrlimit(rlim) points to unaddressable byte(s) + ... + by 0x........: main (scalar.c) + Address 0x........ is not stack'd, malloc'd or (recently) free'd + ----------------------------------------------------- 247: __NR_waitid 5s 0m ----------------------------------------------------- @@ -101,6 +133,102 @@ Syscall param waitid(ru) points to unaddressable byte(s) by 0x........: main (scalar.c) Address 0x........ is not stack'd, malloc'd or (recently) free'd +----------------------------------------------------- +302: __NR_prlimit64 (nop) 4s 0m +----------------------------------------------------- +Syscall param prlimit64(pid) contains uninitialised byte(s) + ... + by 0x........: main (scalar.c) + +Syscall param prlimit64(resource) contains uninitialised byte(s) + ... + by 0x........: main (scalar.c) + +Syscall param prlimit64(new_rlim) contains uninitialised byte(s) + ... + by 0x........: main (scalar.c) + +Syscall param prlimit64(old_rlim) contains uninitialised byte(s) + ... + by 0x........: main (scalar.c) + +----------------------------------------------------- +302: __NR_prlimit64 (set) 4s 1m +----------------------------------------------------- +Syscall param prlimit64(pid) contains uninitialised byte(s) + ... + by 0x........: main (scalar.c) + +Syscall param prlimit64(resource) contains uninitialised byte(s) + ... + by 0x........: main (scalar.c) + +Syscall param prlimit64(new_rlim) contains uninitialised byte(s) + ... + by 0x........: main (scalar.c) + +Syscall param prlimit64(old_rlim) contains uninitialised byte(s) + ... + by 0x........: main (scalar.c) + +Syscall param rlimit64(new_rlim) points to unaddressable byte(s) + ... + by 0x........: main (scalar.c) + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +----------------------------------------------------- +302: __NR_prlimit64 (get) 4s 1m +----------------------------------------------------- +Syscall param prlimit64(pid) contains uninitialised byte(s) + ... + by 0x........: main (scalar.c) + +Syscall param prlimit64(resource) contains uninitialised byte(s) + ... + by 0x........: main (scalar.c) + +Syscall param prlimit64(new_rlim) contains uninitialised byte(s) + ... + by 0x........: main (scalar.c) + +Syscall param prlimit64(old_rlim) contains uninitialised byte(s) + ... + by 0x........: main (scalar.c) + +Syscall param rlimit64(old_rlim) points to unaddressable byte(s) + ... + by 0x........: main (scalar.c) + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +----------------------------------------------------- +302: __NR_prlimit64 (get+set) 4s 2m +----------------------------------------------------- +Syscall param prlimit64(pid) contains uninitialised byte(s) + ... + by 0x........: main (scalar.c) + +Syscall param prlimit64(resource) contains uninitialised byte(s) + ... + by 0x........: main (scalar.c) + +Syscall param prlimit64(new_rlim) contains uninitialised byte(s) + ... + by 0x........: main (scalar.c) + +Syscall param prlimit64(old_rlim) contains uninitialised byte(s) + ... + by 0x........: main (scalar.c) + +Syscall param rlimit64(new_rlim) points to unaddressable byte(s) + ... + by 0x........: main (scalar.c) + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +Syscall param rlimit64(old_rlim) points to unaddressable byte(s) + ... + by 0x........: main (scalar.c) + Address 0x........ is not stack'd, malloc'd or (recently) free'd + ----------------------------------------------------- 9999: 9999 1e ----------------------------------------------------- diff --git a/memcheck/tests/x86-linux/scalar.c b/memcheck/tests/x86-linux/scalar.c index 5141f0496c..e6ff44fe0e 100644 --- a/memcheck/tests/x86-linux/scalar.c +++ b/memcheck/tests/x86-linux/scalar.c @@ -7,6 +7,7 @@ #include <signal.h> #include <sys/mman.h> // MREMAP_FIXED #include <sys/prctl.h> +#include <sys/resource.h> // Here we are trying to trigger every syscall error (scalar errors and // memory errors) for every syscall. We do this by passing a lot of bogus @@ -1283,6 +1284,19 @@ int main(void) GO(__NR_epoll_create1, "1s 0m"); SY(__NR_epoll_create1, x0); SUCC_OR_FAIL; + // __NR_prlimit64 340 + GO(__NR_prlimit64, "(nop) 4s 0m"); + SY(__NR_prlimit64, x0, x0 + RLIMIT_NOFILE, x0, x0); SUCC; + + GO(__NR_prlimit64, "(set) 4s 1m"); + SY(__NR_prlimit64, x0, x0 + RLIMIT_NOFILE, x0 + 1, x0); FAILx(EFAULT); + + GO(__NR_prlimit64, "(get) 4s 1m"); + SY(__NR_prlimit64, x0, x0 + RLIMIT_NOFILE, x0, x0 + 1); FAILx(EFAULT); + + GO(__NR_prlimit64, "(get+set) 4s 2m"); + SY(__NR_prlimit64, x0, x0 + RLIMIT_NOFILE, x0 + 1, x0 + 1); FAILx(EFAULT); + // __NR_process_vm_readv 347 GO(__NR_process_vm_readv, "6s 2m"); SY(__NR_process_vm_readv, x0, x0, x0+1, x0, x0+1, x0); FAIL; diff --git a/memcheck/tests/x86-linux/scalar.stderr.exp b/memcheck/tests/x86-linux/scalar.stderr.exp index b755075470..3cbb0c6ff5 100644 --- a/memcheck/tests/x86-linux/scalar.stderr.exp +++ b/memcheck/tests/x86-linux/scalar.stderr.exp @@ -4208,6 +4208,102 @@ Syscall param epoll_create1(flags) contains uninitialised byte(s) ... by 0x........: main (scalar.c) +----------------------------------------------------- +340: __NR_prlimit64 (nop) 4s 0m +----------------------------------------------------- +Syscall param prlimit64(pid) contains uninitialised byte(s) + ... + by 0x........: main (scalar.c) + +Syscall param prlimit64(resource) contains uninitialised byte(s) + ... + by 0x........: main (scalar.c) + +Syscall param prlimit64(new_rlim) contains uninitialised byte(s) + ... + by 0x........: main (scalar.c) + +Syscall param prlimit64(old_rlim) contains uninitialised byte(s) + ... + by 0x........: main (scalar.c) + +----------------------------------------------------- +340: __NR_prlimit64 (set) 4s 1m +----------------------------------------------------- +Syscall param prlimit64(pid) contains uninitialised byte(s) + ... + by 0x........: main (scalar.c) + +Syscall param prlimit64(resource) contains uninitialised byte(s) + ... + by 0x........: main (scalar.c) + +Syscall param prlimit64(new_rlim) contains uninitialised byte(s) + ... + by 0x........: main (scalar.c) + +Syscall param prlimit64(old_rlim) contains uninitialised byte(s) + ... + by 0x........: main (scalar.c) + +Syscall param rlimit64(new_rlim) points to unaddressable byte(s) + ... + by 0x........: main (scalar.c) + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +----------------------------------------------------- +340: __NR_prlimit64 (get) 4s 1m +----------------------------------------------------- +Syscall param prlimit64(pid) contains uninitialised byte(s) + ... + by 0x........: main (scalar.c) + +Syscall param prlimit64(resource) contains uninitialised byte(s) + ... + by 0x........: main (scalar.c) + +Syscall param prlimit64(new_rlim) contains uninitialised byte(s) + ... + by 0x........: main (scalar.c) + +Syscall param prlimit64(old_rlim) contains uninitialised byte(s) + ... + by 0x........: main (scalar.c) + +Syscall param rlimit64(old_rlim) points to unaddressable byte(s) + ... + by 0x........: main (scalar.c) + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +----------------------------------------------------- +340: __NR_prlimit64 (get+set) 4s 2m +----------------------------------------------------- +Syscall param prlimit64(pid) contains uninitialised byte(s) + ... + by 0x........: main (scalar.c) + +Syscall param prlimit64(resource) contains uninitialised byte(s) + ... + by 0x........: main (scalar.c) + +Syscall param prlimit64(new_rlim) contains uninitialised byte(s) + ... + by 0x........: main (scalar.c) + +Syscall param prlimit64(old_rlim) contains uninitialised byte(s) + ... + by 0x........: main (scalar.c) + +Syscall param rlimit64(new_rlim) points to unaddressable byte(s) + ... + by 0x........: main (scalar.c) + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +Syscall param rlimit64(old_rlim) points to unaddressable byte(s) + ... + by 0x........: main (scalar.c) + Address 0x........ is not stack'd, malloc'd or (recently) free'd + ----------------------------------------------------- 347:__NR_process_vm_readv 6s 2m ----------------------------------------------------- |
From: Paul F. <pa...@so...> - 2025-08-29 19:32:31
|
https://sourceware.org/cgit/valgrind/commit/?id=405fb0daaf329068a5219ef4c0e645cea872cf75 commit 405fb0daaf329068a5219ef4c0e645cea872cf75 Author: Matthias Schwarzott <zz...@ge...> Date: Sat Aug 23 13:37:46 2025 +0200 Bug 508778 - syscall-wrapper waitid warns about infop=null This is used by e.g. Qt: https://github.com/qt/qtbase/blob/e17798560b107b7abd5f2cf472d942e8ac4213ff/src/3rdparty/forkfd/forkfd_linux.c#L128 Diff: --- NEWS | 1 + coregrind/m_syswrap/syswrap-linux.c | 6 ++- memcheck/tests/amd64-linux/scalar.c | 7 ++++ memcheck/tests/amd64-linux/scalar.stderr.exp | 56 ++++++++++++++++++++++++++++ memcheck/tests/x86-linux/scalar.c | 7 ++++ memcheck/tests/x86-linux/scalar.stderr.exp | 56 ++++++++++++++++++++++++++++ 6 files changed, 131 insertions(+), 2 deletions(-) diff --git a/NEWS b/NEWS index b3bce54003..0d6e10ee90 100644 --- a/NEWS +++ b/NEWS @@ -88,6 +88,7 @@ are not entered into bugzilla tend to get forgotten about or ignored. 508154 PRE(sys_fchownat) not handling VKI_AT_FDCWD 508638 Self-hosting not working on FreeBSD 508777 amd64-linux: add minimal scalar test +508778 syscall-wrapper waitid warns about infop=null 508869 x86-linux: simplify scalar test output To see details of a given bug, visit diff --git a/coregrind/m_syswrap/syswrap-linux.c b/coregrind/m_syswrap/syswrap-linux.c index f5723f8cda..a740912f80 100644 --- a/coregrind/m_syswrap/syswrap-linux.c +++ b/coregrind/m_syswrap/syswrap-linux.c @@ -4087,13 +4087,15 @@ PRE(sys_waitid) PRE_REG_READ5(int32_t, "sys_waitid", int, which, vki_pid_t, pid, struct vki_siginfo *, infop, int, options, struct vki_rusage *, ru); - PRE_MEM_WRITE( "waitid(infop)", ARG3, sizeof(struct vki_siginfo) ); + if (ARG3 != 0) + PRE_MEM_WRITE( "waitid(infop)", ARG3, sizeof(struct vki_siginfo) ); if (ARG5 != 0) PRE_MEM_WRITE( "waitid(ru)", ARG5, sizeof(struct vki_rusage) ); } POST(sys_waitid) { - POST_MEM_WRITE( ARG3, sizeof(struct vki_siginfo) ); + if (ARG3 != 0) + POST_MEM_WRITE( ARG3, sizeof(struct vki_siginfo) ); if (ARG5 != 0) POST_MEM_WRITE( ARG5, sizeof(struct vki_rusage) ); } diff --git a/memcheck/tests/amd64-linux/scalar.c b/memcheck/tests/amd64-linux/scalar.c index 703d46860d..5167fde2d7 100644 --- a/memcheck/tests/amd64-linux/scalar.c +++ b/memcheck/tests/amd64-linux/scalar.c @@ -45,6 +45,13 @@ int main(void) GO(__NR_exit, "below"); // (see below) + // __NR_waitid 247 + GO(__NR_waitid, "5s 0m"); + SY(__NR_waitid, x0, x0, x0, x0, x0); FAIL; + + GO(__NR_waitid, "(infop,ru) 5s 2m"); + SY(__NR_waitid, x0, x0, x0 + 1, x0, x0 + 1); FAIL; + // no such syscall... GO(9999, "1e"); SY(9999); FAIL; diff --git a/memcheck/tests/amd64-linux/scalar.stderr.exp b/memcheck/tests/amd64-linux/scalar.stderr.exp index 8f7c3073c1..12f6fcba37 100644 --- a/memcheck/tests/amd64-linux/scalar.stderr.exp +++ b/memcheck/tests/amd64-linux/scalar.stderr.exp @@ -45,6 +45,62 @@ Syscall param write(buf) points to unaddressable byte(s) ----------------------------------------------------- 60: __NR_exit below ----------------------------------------------------- +----------------------------------------------------- +247: __NR_waitid 5s 0m +----------------------------------------------------- +Syscall param sys_waitid(which) contains uninitialised byte(s) + ... + by 0x........: main (scalar.c) + +Syscall param sys_waitid(pid) contains uninitialised byte(s) + ... + by 0x........: main (scalar.c) + +Syscall param sys_waitid(infop) contains uninitialised byte(s) + ... + by 0x........: main (scalar.c) + +Syscall param sys_waitid(options) contains uninitialised byte(s) + ... + by 0x........: main (scalar.c) + +Syscall param sys_waitid(ru) contains uninitialised byte(s) + ... + by 0x........: main (scalar.c) + +----------------------------------------------------- +247: __NR_waitid (infop,ru) 5s 2m +----------------------------------------------------- +Syscall param sys_waitid(which) contains uninitialised byte(s) + ... + by 0x........: main (scalar.c) + +Syscall param sys_waitid(pid) contains uninitialised byte(s) + ... + by 0x........: main (scalar.c) + +Syscall param sys_waitid(infop) contains uninitialised byte(s) + ... + by 0x........: main (scalar.c) + +Syscall param sys_waitid(options) contains uninitialised byte(s) + ... + by 0x........: main (scalar.c) + +Syscall param sys_waitid(ru) contains uninitialised byte(s) + ... + by 0x........: main (scalar.c) + +Syscall param waitid(infop) points to unaddressable byte(s) + ... + by 0x........: main (scalar.c) + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +Syscall param waitid(ru) points to unaddressable byte(s) + ... + by 0x........: main (scalar.c) + Address 0x........ is not stack'd, malloc'd or (recently) free'd + ----------------------------------------------------- 9999: 9999 1e ----------------------------------------------------- diff --git a/memcheck/tests/x86-linux/scalar.c b/memcheck/tests/x86-linux/scalar.c index fe36a47ef0..5141f0496c 100644 --- a/memcheck/tests/x86-linux/scalar.c +++ b/memcheck/tests/x86-linux/scalar.c @@ -1272,6 +1272,13 @@ int main(void) GO(__NR_sys_kexec_load, "ni"); SY(__NR_sys_kexec_load); FAIL; + // __NR_waitid 284 + GO(__NR_waitid, "5s 0m"); + SY(__NR_waitid, x0, x0, x0, x0, x0); FAIL; + + GO(__NR_waitid, "(infop,ru) 5s 2m"); + SY(__NR_waitid, x0, x0, x0 + 1, x0, x0 + 2); FAIL; + // __NR_epoll_create1 329 GO(__NR_epoll_create1, "1s 0m"); SY(__NR_epoll_create1, x0); SUCC_OR_FAIL; diff --git a/memcheck/tests/x86-linux/scalar.stderr.exp b/memcheck/tests/x86-linux/scalar.stderr.exp index c878e4465c..b755075470 100644 --- a/memcheck/tests/x86-linux/scalar.stderr.exp +++ b/memcheck/tests/x86-linux/scalar.stderr.exp @@ -4145,6 +4145,62 @@ Syscall param mq_getsetattr(omqstat) points to unaddressable byte(s) ----------------------------------------------------- 283: __NR_sys_kexec_load ni ----------------------------------------------------- +----------------------------------------------------- +284: __NR_waitid 5s 0m +----------------------------------------------------- +Syscall param sys_waitid(which) contains uninitialised byte(s) + ... + by 0x........: main (scalar.c) + +Syscall param sys_waitid(pid) contains uninitialised byte(s) + ... + by 0x........: main (scalar.c) + +Syscall param sys_waitid(infop) contains uninitialised byte(s) + ... + by 0x........: main (scalar.c) + +Syscall param sys_waitid(options) contains uninitialised byte(s) + ... + by 0x........: main (scalar.c) + +Syscall param sys_waitid(ru) contains uninitialised byte(s) + ... + by 0x........: main (scalar.c) + +----------------------------------------------------- +284: __NR_waitid (infop,ru) 5s 2m +----------------------------------------------------- +Syscall param sys_waitid(which) contains uninitialised byte(s) + ... + by 0x........: main (scalar.c) + +Syscall param sys_waitid(pid) contains uninitialised byte(s) + ... + by 0x........: main (scalar.c) + +Syscall param sys_waitid(infop) contains uninitialised byte(s) + ... + by 0x........: main (scalar.c) + +Syscall param sys_waitid(options) contains uninitialised byte(s) + ... + by 0x........: main (scalar.c) + +Syscall param sys_waitid(ru) contains uninitialised byte(s) + ... + by 0x........: main (scalar.c) + +Syscall param waitid(infop) points to unaddressable byte(s) + ... + by 0x........: main (scalar.c) + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +Syscall param waitid(ru) points to unaddressable byte(s) + ... + by 0x........: main (scalar.c) + Address 0x........ is not stack'd, malloc'd or (recently) free'd + ----------------------------------------------------- 329: __NR_epoll_create1 1s 0m ----------------------------------------------------- |
From: Paul F. <pa...@so...> - 2025-08-29 17:26:13
|
https://sourceware.org/cgit/valgrind/commit/?id=446ee179cec7dae91534bb781ef3defae26a4e10 commit 446ee179cec7dae91534bb781ef3defae26a4e10 Author: Matthias Schwarzott <zz...@ge...> Date: Sat Aug 23 13:37:46 2025 +0200 Bug 508777 - amd64-linux: add minimal scalar test Diff: --- .gitignore | 1 + NEWS | 1 + memcheck/tests/amd64-linux/Makefile.am | 9 +++- memcheck/tests/amd64-linux/filter_scalar | 7 +++ memcheck/tests/amd64-linux/scalar.c | 58 +++++++++++++++++++++++++ memcheck/tests/amd64-linux/scalar.h | 65 ++++++++++++++++++++++++++++ memcheck/tests/amd64-linux/scalar.stderr.exp | 62 ++++++++++++++++++++++++++ memcheck/tests/amd64-linux/scalar.vgtest | 6 +++ 8 files changed, 207 insertions(+), 2 deletions(-) diff --git a/.gitignore b/.gitignore index 569a8fd5c7..80924f997c 100644 --- a/.gitignore +++ b/.gitignore @@ -1102,6 +1102,7 @@ /memcheck/tests/amd64-linux/defcfaexpr /memcheck/tests/amd64-linux/int3-amd64 /memcheck/tests/amd64-linux/reallocarray +/memcheck/tests/amd64-linux/scalar /memcheck/tests/amd64-linux/Makefile /memcheck/tests/amd64-linux/Makefile.in diff --git a/NEWS b/NEWS index 0d0ed35ba2..b3bce54003 100644 --- a/NEWS +++ b/NEWS @@ -87,6 +87,7 @@ are not entered into bugzilla tend to get forgotten about or ignored. 508093 VALGRIND_CLO_CHANGE does not update vex_control 508154 PRE(sys_fchownat) not handling VKI_AT_FDCWD 508638 Self-hosting not working on FreeBSD +508777 amd64-linux: add minimal scalar test 508869 x86-linux: simplify scalar test output To see details of a given bug, visit diff --git a/memcheck/tests/amd64-linux/Makefile.am b/memcheck/tests/amd64-linux/Makefile.am index 26e8c8ed54..a3b5df5a67 100644 --- a/memcheck/tests/amd64-linux/Makefile.am +++ b/memcheck/tests/amd64-linux/Makefile.am @@ -2,7 +2,9 @@ include $(top_srcdir)/Makefile.tool-tests.am dist_noinst_SCRIPTS = \ - filter_stderr filter_defcfaexpr + filter_defcfaexpr filter_scalar filter_stderr + +noinst_HEADERS = scalar.h EXTRA_DIST = \ access_below_sp_1.vgtest \ @@ -11,12 +13,14 @@ EXTRA_DIST = \ access_below_sp_2.stderr.exp access_below_sp_2.stdout.exp \ defcfaexpr.vgtest defcfaexpr.stderr.exp \ int3-amd64.vgtest int3-amd64.stderr.exp int3-amd64.stdout.exp \ + scalar.stderr.exp scalar.vgtest \ reallocarray.vgtest reallocarray.stderr.exp check_PROGRAMS = \ access_below_sp \ defcfaexpr \ - int3-amd64 + int3-amd64 \ + scalar if HAVE_REALLOCARRAY check_PROGRAMS += reallocarray @@ -29,3 +33,4 @@ AM_CCASFLAGS += @FLAG_M64@ defcfaexpr_SOURCES = defcfaexpr.S defcfaexpr_CFLAGS = $(AM_CFLAGS) @FLAG_NO_PIE@ reallocarray_CFLAGS = $(AM_CFLAGS) @FLAG_W_NO_ALLOC_SIZE_LARGER_THAN@ +scalar_CFLAGS = $(AM_CFLAGS) @FLAG_W_NO_UNINITIALIZED@ diff --git a/memcheck/tests/amd64-linux/filter_scalar b/memcheck/tests/amd64-linux/filter_scalar new file mode 100755 index 0000000000..ee19ffaf25 --- /dev/null +++ b/memcheck/tests/amd64-linux/filter_scalar @@ -0,0 +1,7 @@ +#! /bin/sh + +# remove line numbers as they just cause larger patches +sed "/: main /s/\(scalar.c\):[0-9]*)/\1)/" | + +../filter_stderr "$@" + diff --git a/memcheck/tests/amd64-linux/scalar.c b/memcheck/tests/amd64-linux/scalar.c new file mode 100644 index 0000000000..703d46860d --- /dev/null +++ b/memcheck/tests/amd64-linux/scalar.c @@ -0,0 +1,58 @@ +#define _GNU_SOURCE + +#include "../../memcheck.h" +#include "scalar.h" +#include <unistd.h> + +// Here we are trying to trigger every syscall error (scalar errors and +// memory errors) for every syscall. We do this by passing a lot of bogus +// arguments, mostly 0 and 1 (often it's 1 because NULL ptr args often aren't +// checked for memory errors, or in order to have a non-zero length used +// with some buffer). So most of the syscalls don't actually succeed and do +// anything. +// +// Occasionally we have to be careful not to cause Valgrind to seg fault in +// its pre-syscall wrappers; it does so because it can't know in general +// when memory is unaddressable, and so tries to dereference it when doing +// PRE_MEM_READ/PRE_MEM_WRITE calls. (Note that Memcheck will +// always issue an error message immediately before these seg faults occur). +// +// The output has numbers like "3s 2m" for each syscall. "s" is short for +// "scalar", ie. the argument itself is undefined. "m" is short for "memory", +// ie. the argument points to memory which is unaddressable. + +int main(void) +{ + // uninitialised, but we know px[0] is 0x0 + long* px = malloc(sizeof(long)); + long x0 = px[0]; + long res; + + // All __NR_xxx numbers are taken from amd64 + + /* Check the syscall number 0 and 1 two trivial generic syscalls. */ + + /* __NR_read 0 */ + /* Nb: here we are also getting an error from the syscall arg itself. */ + GO(__NR_read, "1+3s 1m"); + SY(__NR_read + x0, x0, x0, x0 + 1); FAIL; + + /* __NR_write 1 */ + GO(__NR_write, "3s 1m"); + SY(__NR_write, x0, x0, x0 + 1); FAIL; + + // __NR_exit 60 + GO(__NR_exit, "below"); + // (see below) + + // no such syscall... + GO(9999, "1e"); + SY(9999); FAIL; + + // __NR_exit 1 + GO(__NR_exit, "1s 0m"); + SY(__NR_exit, x0); FAIL; + + assert(0); +} + diff --git a/memcheck/tests/amd64-linux/scalar.h b/memcheck/tests/amd64-linux/scalar.h new file mode 100644 index 0000000000..52f742e4ac --- /dev/null +++ b/memcheck/tests/amd64-linux/scalar.h @@ -0,0 +1,65 @@ +#include "../../../include/vki/vki-scnums-x86-linux.h" + +#include <assert.h> +#include <errno.h> +#include <fcntl.h> +#include <stdio.h> +#include <stdlib.h> +#include <sys/syscall.h> +#include <sys/stat.h> +#include <sys/ptrace.h> +#include <sys/types.h> +#include <sys/mman.h> + +#ifndef __THROW +#define __THROW +#endif + +// Since we use vki_unistd.h, we can't include <unistd.h>. So we have to +// declare this ourselves. +extern long int syscall (long int __sysno, ...) __THROW; + +// Thorough syscall scalar arg checking. Also serves as thorough checking +// for (very) basic syscall use. Generally not trying to do anything +// meaningful with the syscalls. + +#define GO(__NR_xxx, s) \ + fprintf(stderr, "-----------------------------------------------------\n" \ + "%3d:%20s %s\n" \ + "-----------------------------------------------------\n", \ + __NR_xxx, #__NR_xxx, s); + +#define SY res = syscall + +#define FAIL assert(-1 == res); +#define SUCC assert(-1 != res); +#define SUCC_OR_FAIL /* no test */ + +#define FAILx(E) \ + do { \ + int myerrno = errno; \ + if (-1 == res) { \ + if (E == myerrno) { \ + /* as expected */ \ + } else { \ + fprintf(stderr, "Expected error %s (%d), got %d\n", #E, E, myerrno); \ + exit(1); \ + } \ + } else { \ + fprintf(stderr, "Expected error %s (%d), got success\n", #E, E); \ + exit(1); \ + } \ + } while (0); + +#define SUCC_OR_FAILx(E) \ + do { \ + int myerrno = errno; \ + if (-1 == res) { \ + if (E == myerrno) { \ + /* as expected */ \ + } else { \ + fprintf(stderr, "Expected error %s (%d), got %d\n", #E, E, myerrno); \ + exit(1); \ + } \ + } \ + } while (0); diff --git a/memcheck/tests/amd64-linux/scalar.stderr.exp b/memcheck/tests/amd64-linux/scalar.stderr.exp new file mode 100644 index 0000000000..8f7c3073c1 --- /dev/null +++ b/memcheck/tests/amd64-linux/scalar.stderr.exp @@ -0,0 +1,62 @@ +----------------------------------------------------- + 0: __NR_read 1+3s 1m +----------------------------------------------------- +Syscall param (syscallno) contains uninitialised byte(s) + ... + by 0x........: main (scalar.c) + +Syscall param read(fd) contains uninitialised byte(s) + ... + by 0x........: main (scalar.c) + +Syscall param read(buf) contains uninitialised byte(s) + ... + by 0x........: main (scalar.c) + +Syscall param read(count) contains uninitialised byte(s) + ... + by 0x........: main (scalar.c) + +Syscall param read(buf) points to unaddressable byte(s) + ... + by 0x........: main (scalar.c) + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +----------------------------------------------------- + 1: __NR_write 3s 1m +----------------------------------------------------- +Syscall param write(fd) contains uninitialised byte(s) + ... + by 0x........: main (scalar.c) + +Syscall param write(buf) contains uninitialised byte(s) + ... + by 0x........: main (scalar.c) + +Syscall param write(count) contains uninitialised byte(s) + ... + by 0x........: main (scalar.c) + +Syscall param write(buf) points to unaddressable byte(s) + ... + by 0x........: main (scalar.c) + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +----------------------------------------------------- + 60: __NR_exit below +----------------------------------------------------- +----------------------------------------------------- +9999: 9999 1e +----------------------------------------------------- +WARNING: unhandled amd64-linux syscall: 9999 +You may be able to write your own handler. +Read the file README_MISSING_SYSCALL_OR_IOCTL. +Nevertheless we consider this a bug. Please report +it at http://valgrind.org/support/bug_reports.html. +----------------------------------------------------- + 60: __NR_exit 1s 0m +----------------------------------------------------- +Syscall param exit(status) contains uninitialised byte(s) + ... + by 0x........: main (scalar.c) + diff --git a/memcheck/tests/amd64-linux/scalar.vgtest b/memcheck/tests/amd64-linux/scalar.vgtest new file mode 100644 index 0000000000..81e72b0475 --- /dev/null +++ b/memcheck/tests/amd64-linux/scalar.vgtest @@ -0,0 +1,6 @@ +prog: scalar +# Do not run under root +prereq: [ `id -u` -ne 0 ] +vgopts: -q --error-limit=no +stderr_filter: filter_scalar +args: < scalar.c |
From: Paul F. <pa...@so...> - 2025-08-29 10:43:54
|
https://sourceware.org/cgit/valgrind/commit/?id=3399c455fa5068dbf1d10f150160ea67fff85477 commit 3399c455fa5068dbf1d10f150160ea67fff85477 Author: Matthias Schwarzott <zz...@ge...> Date: Thu Aug 28 22:30:25 2025 +0200 Bug 508869 - x86-linux: simplify scalar test output Diff: --- NEWS | 1 + memcheck/tests/x86-linux/Makefile.am | 1 + memcheck/tests/x86-linux/filter_scalar | 7 + memcheck/tests/x86-linux/scalar.stderr.exp | 1572 ++++++++++++++-------------- memcheck/tests/x86-linux/scalar.vgtest | 1 + 5 files changed, 796 insertions(+), 786 deletions(-) diff --git a/NEWS b/NEWS index 46f466cca8..0d0ed35ba2 100644 --- a/NEWS +++ b/NEWS @@ -87,6 +87,7 @@ are not entered into bugzilla tend to get forgotten about or ignored. 508093 VALGRIND_CLO_CHANGE does not update vex_control 508154 PRE(sys_fchownat) not handling VKI_AT_FDCWD 508638 Self-hosting not working on FreeBSD +508869 x86-linux: simplify scalar test output To see details of a given bug, visit https://bugs.kde.org/show_bug.cgi?id=XXXXXX diff --git a/memcheck/tests/x86-linux/Makefile.am b/memcheck/tests/x86-linux/Makefile.am index e8de590b3e..434b1c085d 100644 --- a/memcheck/tests/x86-linux/Makefile.am +++ b/memcheck/tests/x86-linux/Makefile.am @@ -2,6 +2,7 @@ include $(top_srcdir)/Makefile.tool-tests.am dist_noinst_SCRIPTS = \ + filter_scalar \ filter_scalar_exit_group \ filter_stderr diff --git a/memcheck/tests/x86-linux/filter_scalar b/memcheck/tests/x86-linux/filter_scalar new file mode 100755 index 0000000000..5f0d3da056 --- /dev/null +++ b/memcheck/tests/x86-linux/filter_scalar @@ -0,0 +1,7 @@ +#! /bin/sh + +# remove line numbers as they just cause larger patches +sed "s/\(scalar.c\):[0-9]*)/\1)/" | + +../filter_stderr "$@" + diff --git a/memcheck/tests/x86-linux/scalar.stderr.exp b/memcheck/tests/x86-linux/scalar.stderr.exp index a2255991ed..c878e4465c 100644 --- a/memcheck/tests/x86-linux/scalar.stderr.exp +++ b/memcheck/tests/x86-linux/scalar.stderr.exp @@ -12,23 +12,23 @@ ----------------------------------------------------- Syscall param (syscallno) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:52) + by 0x........: main (scalar.c) Syscall param read(fd) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:52) + by 0x........: main (scalar.c) Syscall param read(buf) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:52) + by 0x........: main (scalar.c) Syscall param read(count) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:52) + by 0x........: main (scalar.c) Syscall param read(buf) points to unaddressable byte(s) ... - by 0x........: main (scalar.c:52) + by 0x........: main (scalar.c) Address 0x........ is not stack'd, malloc'd or (recently) free'd ----------------------------------------------------- @@ -36,19 +36,19 @@ Syscall param read(buf) points to unaddressable byte(s) ----------------------------------------------------- Syscall param write(fd) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:56) + by 0x........: main (scalar.c) Syscall param write(buf) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:56) + by 0x........: main (scalar.c) Syscall param write(count) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:56) + by 0x........: main (scalar.c) Syscall param write(buf) points to unaddressable byte(s) ... - by 0x........: main (scalar.c:56) + by 0x........: main (scalar.c) Address 0x........ is not stack'd, malloc'd or (recently) free'd ----------------------------------------------------- @@ -56,15 +56,15 @@ Syscall param write(buf) points to unaddressable byte(s) ----------------------------------------------------- Syscall param open(filename) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:60) + by 0x........: main (scalar.c) Syscall param open(flags) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:60) + by 0x........: main (scalar.c) Syscall param open(filename) points to unaddressable byte(s) ... - by 0x........: main (scalar.c:60) + by 0x........: main (scalar.c) Address 0x........ is not stack'd, malloc'd or (recently) free'd ----------------------------------------------------- @@ -72,33 +72,33 @@ Syscall param open(filename) points to unaddressable byte(s) ----------------------------------------------------- Syscall param open(mode) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:66) + by 0x........: main (scalar.c) ----------------------------------------------------- 6: __NR_close 1s 0m ----------------------------------------------------- Syscall param close(fd) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:70) + by 0x........: main (scalar.c) ----------------------------------------------------- 7: __NR_waitpid 3s 1m ----------------------------------------------------- Syscall param waitpid(pid) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:74) + by 0x........: main (scalar.c) Syscall param waitpid(status) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:74) + by 0x........: main (scalar.c) Syscall param waitpid(options) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:74) + by 0x........: main (scalar.c) Syscall param waitpid(status) points to unaddressable byte(s) ... - by 0x........: main (scalar.c:74) + by 0x........: main (scalar.c) Address 0x........ is not stack'd, malloc'd or (recently) free'd ----------------------------------------------------- @@ -106,15 +106,15 @@ Syscall param waitpid(status) points to unaddressable byte(s) ----------------------------------------------------- Syscall param creat(pathname) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:78) + by 0x........: main (scalar.c) Syscall param creat(mode) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:78) + by 0x........: main (scalar.c) Syscall param creat(pathname) points to unaddressable byte(s) ... - by 0x........: main (scalar.c:78) + by 0x........: main (scalar.c) Address 0x........ is not stack'd, malloc'd or (recently) free'd ----------------------------------------------------- @@ -122,20 +122,20 @@ Syscall param creat(pathname) points to unaddressable byte(s) ----------------------------------------------------- Syscall param link(oldpath) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:82) + by 0x........: main (scalar.c) Syscall param link(newpath) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:82) + by 0x........: main (scalar.c) Syscall param link(oldpath) points to unaddressable byte(s) ... - by 0x........: main (scalar.c:82) + by 0x........: main (scalar.c) Address 0x........ is not stack'd, malloc'd or (recently) free'd Syscall param link(newpath) points to unaddressable byte(s) ... - by 0x........: main (scalar.c:82) + by 0x........: main (scalar.c) Address 0x........ is not stack'd, malloc'd or (recently) free'd ----------------------------------------------------- @@ -143,11 +143,11 @@ Syscall param link(newpath) points to unaddressable byte(s) ----------------------------------------------------- Syscall param unlink(pathname) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:86) + by 0x........: main (scalar.c) Syscall param unlink(pathname) points to unaddressable byte(s) ... - by 0x........: main (scalar.c:86) + by 0x........: main (scalar.c) Address 0x........ is not stack'd, malloc'd or (recently) free'd ----------------------------------------------------- @@ -155,24 +155,24 @@ Syscall param unlink(pathname) points to unaddressable byte(s) ----------------------------------------------------- Syscall param execve(filename) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:90) + by 0x........: main (scalar.c) Syscall param execve(argv) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:90) + by 0x........: main (scalar.c) Syscall param execve(envp) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:90) + by 0x........: main (scalar.c) Syscall param execve(filename) points to unaddressable byte(s) ... - by 0x........: main (scalar.c:90) + by 0x........: main (scalar.c) Address 0x........ is not stack'd, malloc'd or (recently) free'd Syscall param execve(argv) points to unaddressable byte(s) ... - by 0x........: main (scalar.c:90) + by 0x........: main (scalar.c) Address 0x........ is not stack'd, malloc'd or (recently) free'd ----------------------------------------------------- @@ -180,24 +180,24 @@ Syscall param execve(argv) points to unaddressable byte(s) ----------------------------------------------------- Syscall param execve(filename) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:93) + by 0x........: main (scalar.c) Syscall param execve(argv) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:93) + by 0x........: main (scalar.c) Syscall param execve(envp) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:93) + by 0x........: main (scalar.c) Syscall param execve(filename) points to unaddressable byte(s) ... - by 0x........: main (scalar.c:93) + by 0x........: main (scalar.c) Address 0x........ is not stack'd, malloc'd or (recently) free'd Syscall param execve(argv) points to unaddressable byte(s) ... - by 0x........: main (scalar.c:93) + by 0x........: main (scalar.c) Address 0x........ is not stack'd, malloc'd or (recently) free'd ----------------------------------------------------- @@ -205,30 +205,30 @@ Syscall param execve(argv) points to unaddressable byte(s) ----------------------------------------------------- Syscall param execve(filename) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:97) + by 0x........: main (scalar.c) Syscall param execve(argv) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:97) + by 0x........: main (scalar.c) Syscall param execve(envp) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:97) + by 0x........: main (scalar.c) Syscall param execve(filename) points to unaddressable byte(s) ... - by 0x........: main (scalar.c:97) + by 0x........: main (scalar.c) Address 0x........ is not stack'd, malloc'd or (recently) free'd Syscall param execve(argv) points to uninitialised byte(s) ... - by 0x........: main (scalar.c:97) + by 0x........: main (scalar.c) Address 0x........ is on thread 1's stack - in frame #1, created by main (scalar.c:29) + in frame #1, created by main (scalar.c) Syscall param execve(argv[0]) points to unaddressable byte(s) ... - by 0x........: main (scalar.c:97) + by 0x........: main (scalar.c) Address 0x........ is not stack'd, malloc'd or (recently) free'd ----------------------------------------------------- @@ -236,30 +236,30 @@ Syscall param execve(argv[0]) points to unaddressable byte(s) ----------------------------------------------------- Syscall param execve(filename) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:100) + by 0x........: main (scalar.c) Syscall param execve(argv) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:100) + by 0x........: main (scalar.c) Syscall param execve(envp) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:100) + by 0x........: main (scalar.c) Syscall param execve(filename) points to unaddressable byte(s) ... - by 0x........: main (scalar.c:100) + by 0x........: main (scalar.c) Address 0x........ is not stack'd, malloc'd or (recently) free'd Syscall param execve(envp) points to uninitialised byte(s) ... - by 0x........: main (scalar.c:100) + by 0x........: main (scalar.c) Address 0x........ is on thread 1's stack - in frame #1, created by main (scalar.c:29) + in frame #1, created by main (scalar.c) Syscall param execve(envp[i]) points to unaddressable byte(s) ... - by 0x........: main (scalar.c:100) + by 0x........: main (scalar.c) Address 0x........ is not stack'd, malloc'd or (recently) free'd ----------------------------------------------------- @@ -267,11 +267,11 @@ Syscall param execve(envp[i]) points to unaddressable byte(s) ----------------------------------------------------- Syscall param chdir(path) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:104) + by 0x........: main (scalar.c) Syscall param chdir(path) points to unaddressable byte(s) ... - by 0x........: main (scalar.c:104) + by 0x........: main (scalar.c) Address 0x........ is not stack'd, malloc'd or (recently) free'd ----------------------------------------------------- @@ -279,11 +279,11 @@ Syscall param chdir(path) points to unaddressable byte(s) ----------------------------------------------------- Syscall param time(t) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:108) + by 0x........: main (scalar.c) Syscall param time(t) points to unaddressable byte(s) ... - by 0x........: main (scalar.c:108) + by 0x........: main (scalar.c) Address 0x........ is not stack'd, malloc'd or (recently) free'd ----------------------------------------------------- @@ -291,19 +291,19 @@ Syscall param time(t) points to unaddressable byte(s) ----------------------------------------------------- Syscall param mknod(pathname) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:112) + by 0x........: main (scalar.c) Syscall param mknod(mode) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:112) + by 0x........: main (scalar.c) Syscall param mknod(dev) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:112) + by 0x........: main (scalar.c) Syscall param mknod(pathname) points to unaddressable byte(s) ... - by 0x........: main (scalar.c:112) + by 0x........: main (scalar.c) Address 0x........ is not stack'd, malloc'd or (recently) free'd ----------------------------------------------------- @@ -311,15 +311,15 @@ Syscall param mknod(pathname) points to unaddressable byte(s) ----------------------------------------------------- Syscall param chmod(path) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:116) + by 0x........: main (scalar.c) Syscall param chmod(mode) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:116) + by 0x........: main (scalar.c) Syscall param chmod(path) points to unaddressable byte(s) ... - by 0x........: main (scalar.c:116) + by 0x........: main (scalar.c) Address 0x........ is not stack'd, malloc'd or (recently) free'd ----------------------------------------------------- @@ -336,15 +336,15 @@ Syscall param chmod(path) points to unaddressable byte(s) ----------------------------------------------------- Syscall param lseek(fd) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:132) + by 0x........: main (scalar.c) Syscall param lseek(offset) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:132) + by 0x........: main (scalar.c) Syscall param lseek(whence) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:132) + by 0x........: main (scalar.c) ----------------------------------------------------- 20: __NR_getpid 0s 0m @@ -354,32 +354,32 @@ Syscall param lseek(whence) contains uninitialised byte(s) ----------------------------------------------------- Syscall param mount(source) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:140) + by 0x........: main (scalar.c) Syscall param mount(target) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:140) + by 0x........: main (scalar.c) Syscall param mount(type) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:140) + by 0x........: main (scalar.c) Syscall param mount(flags) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:140) + by 0x........: main (scalar.c) Syscall param mount(data) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:140) + by 0x........: main (scalar.c) Syscall param mount(target) points to unaddressable byte(s) ... - by 0x........: main (scalar.c:140) + by 0x........: main (scalar.c) Address 0x........ is not stack'd, malloc'd or (recently) free'd Syscall param mount(type) points to unaddressable byte(s) ... - by 0x........: main (scalar.c:140) + by 0x........: main (scalar.c) Address 0x........ is not stack'd, malloc'd or (recently) free'd ----------------------------------------------------- @@ -387,11 +387,11 @@ Syscall param mount(type) points to unaddressable byte(s) ----------------------------------------------------- Syscall param umount(path) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:144) + by 0x........: main (scalar.c) Syscall param umount(path) points to unaddressable byte(s) ... - by 0x........: main (scalar.c:144) + by 0x........: main (scalar.c) Address 0x........ is not stack'd, malloc'd or (recently) free'd ----------------------------------------------------- @@ -399,7 +399,7 @@ Syscall param umount(path) points to unaddressable byte(s) ----------------------------------------------------- Syscall param setuid16(uid) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:148) + by 0x........: main (scalar.c) ----------------------------------------------------- 24: __NR_getuid 0s 0m @@ -412,23 +412,23 @@ Syscall param setuid16(uid) contains uninitialised byte(s) ----------------------------------------------------- Syscall param ptrace(request) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:161) + by 0x........: main (scalar.c) Syscall param ptrace(pid) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:161) + by 0x........: main (scalar.c) Syscall param ptrace(addr) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:161) + by 0x........: main (scalar.c) Syscall param ptrace(data) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:161) + by 0x........: main (scalar.c) Syscall param ptrace(getregs) points to unaddressable byte(s) ... - by 0x........: main (scalar.c:161) + by 0x........: main (scalar.c) Address 0x........ is not stack'd, malloc'd or (recently) free'd ----------------------------------------------------- @@ -436,7 +436,7 @@ Syscall param ptrace(getregs) points to unaddressable byte(s) ----------------------------------------------------- Syscall param alarm(seconds) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:165) + by 0x........: main (scalar.c) ----------------------------------------------------- 28: __NR_oldfstat n/a @@ -449,20 +449,20 @@ Syscall param alarm(seconds) contains uninitialised byte(s) ----------------------------------------------------- Syscall param utime(filename) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:177) + by 0x........: main (scalar.c) Syscall param utime(buf) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:177) + by 0x........: main (scalar.c) Syscall param utime(filename) points to unaddressable byte(s) ... - by 0x........: main (scalar.c:177) + by 0x........: main (scalar.c) Address 0x........ is not stack'd, malloc'd or (recently) free'd Syscall param utime(buf) points to unaddressable byte(s) ... - by 0x........: main (scalar.c:177) + by 0x........: main (scalar.c) Address 0x........ is not stack'd, malloc'd or (recently) free'd ----------------------------------------------------- @@ -476,15 +476,15 @@ Syscall param utime(buf) points to unaddressable byte(s) ----------------------------------------------------- Syscall param access(pathname) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:189) + by 0x........: main (scalar.c) Syscall param access(mode) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:189) + by 0x........: main (scalar.c) Syscall param access(pathname) points to unaddressable byte(s) ... - by 0x........: main (scalar.c:189) + by 0x........: main (scalar.c) Address 0x........ is not stack'd, malloc'd or (recently) free'd ----------------------------------------------------- @@ -492,7 +492,7 @@ Syscall param access(pathname) points to unaddressable byte(s) ----------------------------------------------------- Syscall param nice(inc) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:193) + by 0x........: main (scalar.c) ----------------------------------------------------- 35: __NR_ftime ni @@ -505,31 +505,31 @@ Syscall param nice(inc) contains uninitialised byte(s) ----------------------------------------------------- Syscall param kill(pid) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:205) + by 0x........: main (scalar.c) Syscall param kill(signal) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:205) + by 0x........: main (scalar.c) ----------------------------------------------------- 38: __NR_rename 2s 2m ----------------------------------------------------- Syscall param rename(oldpath) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:209) + by 0x........: main (scalar.c) Syscall param rename(newpath) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:209) + by 0x........: main (scalar.c) Syscall param rename(oldpath) points to unaddressable byte(s) ... - by 0x........: main (scalar.c:209) + by 0x........: main (scalar.c) Address 0x........ is not stack'd, malloc'd or (recently) free'd Syscall param rename(newpath) points to unaddressable byte(s) ... - by 0x........: main (scalar.c:209) + by 0x........: main (scalar.c) Address 0x........ is not stack'd, malloc'd or (recently) free'd ----------------------------------------------------- @@ -537,15 +537,15 @@ Syscall param rename(newpath) points to unaddressable byte(s) ----------------------------------------------------- Syscall param mkdir(pathname) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:213) + by 0x........: main (scalar.c) Syscall param mkdir(mode) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:213) + by 0x........: main (scalar.c) Syscall param mkdir(pathname) points to unaddressable byte(s) ... - by 0x........: main (scalar.c:213) + by 0x........: main (scalar.c) Address 0x........ is not stack'd, malloc'd or (recently) free'd ----------------------------------------------------- @@ -553,11 +553,11 @@ Syscall param mkdir(pathname) points to unaddressable byte(s) ----------------------------------------------------- Syscall param rmdir(pathname) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:217) + by 0x........: main (scalar.c) Syscall param rmdir(pathname) points to unaddressable byte(s) ... - by 0x........: main (scalar.c:217) + by 0x........: main (scalar.c) Address 0x........ is not stack'd, malloc'd or (recently) free'd ----------------------------------------------------- @@ -565,21 +565,21 @@ Syscall param rmdir(pathname) points to unaddressable byte(s) ----------------------------------------------------- Syscall param dup(oldfd) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:221) + by 0x........: main (scalar.c) ----------------------------------------------------- 42: __NR_pipe 1s 1m ----------------------------------------------------- Syscall param pipe(filedes) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:225) + by 0x........: main (scalar.c) More than 100 errors detected. Subsequent errors will still be recorded, but in less detail than before. Syscall param pipe(filedes) points to unaddressable byte(s) ... - by 0x........: main (scalar.c:225) + by 0x........: main (scalar.c) Address 0x........ is not stack'd, malloc'd or (recently) free'd ----------------------------------------------------- @@ -587,11 +587,11 @@ Syscall param pipe(filedes) points to unaddressable byte(s) ----------------------------------------------------- Syscall param times(buf) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:229) + by 0x........: main (scalar.c) Syscall param times(buf) points to unaddressable byte(s) ... - by 0x........: main (scalar.c:229) + by 0x........: main (scalar.c) Address 0x........ is not stack'd, malloc'd or (recently) free'd ----------------------------------------------------- @@ -602,14 +602,14 @@ Syscall param times(buf) points to unaddressable byte(s) ----------------------------------------------------- Syscall param brk(end_data_segment) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:237) + by 0x........: main (scalar.c) ----------------------------------------------------- 46: __NR_setgid 1s 0m ----------------------------------------------------- Syscall param setgid16(gid) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:241) + by 0x........: main (scalar.c) ----------------------------------------------------- 47: __NR_getgid 0s 0m @@ -628,11 +628,11 @@ Syscall param setgid16(gid) contains uninitialised byte(s) ----------------------------------------------------- Syscall param acct(filename) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:261) + by 0x........: main (scalar.c) Syscall param acct(filename) points to unaddressable byte(s) ... - by 0x........: main (scalar.c:261) + by 0x........: main (scalar.c) Address 0x........ is not stack'd, malloc'd or (recently) free'd ----------------------------------------------------- @@ -640,15 +640,15 @@ Syscall param acct(filename) points to unaddressable byte(s) ----------------------------------------------------- Syscall param umount2(path) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:265) + by 0x........: main (scalar.c) Syscall param umount2(flags) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:265) + by 0x........: main (scalar.c) Syscall param umount2(path) points to unaddressable byte(s) ... - by 0x........: main (scalar.c:265) + by 0x........: main (scalar.c) Address 0x........ is not stack'd, malloc'd or (recently) free'd ----------------------------------------------------- @@ -659,19 +659,19 @@ Syscall param umount2(path) points to unaddressable byte(s) ----------------------------------------------------- Syscall param ioctl(fd) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:274) + by 0x........: main (scalar.c) Syscall param ioctl(request) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:274) + by 0x........: main (scalar.c) Syscall param ioctl(arg) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:274) + by 0x........: main (scalar.c) Syscall param ioctl(TCSET{S,SW,SF}) points to unaddressable byte(s) ... - by 0x........: main (scalar.c:274) + by 0x........: main (scalar.c) Address 0x........ is not stack'd, malloc'd or (recently) free'd ----------------------------------------------------- @@ -679,49 +679,49 @@ Syscall param ioctl(TCSET{S,SW,SF}) points to unaddressable byte(s) ----------------------------------------------------- Syscall param fcntl(fd) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:280) + by 0x........: main (scalar.c) Syscall param fcntl(cmd) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:280) + by 0x........: main (scalar.c) ----------------------------------------------------- 55: __NR_fcntl (DUPFD) 1s 0m ----------------------------------------------------- Syscall param fcntl(arg) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:286) + by 0x........: main (scalar.c) ----------------------------------------------------- 55: __NR_fcntl (GETLK) 1s 5m ----------------------------------------------------- Syscall param fcntl(lock) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:292) + by 0x........: main (scalar.c) Syscall param fcntl(lock->l_type) points to unaddressable byte(s) ... - by 0x........: main (scalar.c:292) + by 0x........: main (scalar.c) Address 0x........ is not stack'd, malloc'd or (recently) free'd Syscall param fcntl(lock->l_whence) points to unaddressable byte(s) ... - by 0x........: main (scalar.c:292) + by 0x........: main (scalar.c) Address 0x........ is not stack'd, malloc'd or (recently) free'd Syscall param fcntl(lock->l_start) points to unaddressable byte(s) ... - by 0x........: main (scalar.c:292) + by 0x........: main (scalar.c) Address 0x........ is not stack'd, malloc'd or (recently) free'd Syscall param fcntl(lock->l_len) points to unaddressable byte(s) ... - by 0x........: main (scalar.c:292) + by 0x........: main (scalar.c) Address 0x........ is not stack'd, malloc'd or (recently) free'd Syscall param fcntl(lock->l_pid) points to unaddressable byte(s) ... - by 0x........: main (scalar.c:292) + by 0x........: main (scalar.c) Address 0x........ is not stack'd, malloc'd or (recently) free'd ----------------------------------------------------- @@ -732,11 +732,11 @@ Syscall param fcntl(lock->l_pid) points to unaddressable byte(s) ----------------------------------------------------- Syscall param setpgid(pid) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:300) + by 0x........: main (scalar.c) Syscall param setpgid(pgid) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:300) + by 0x........: main (scalar.c) ----------------------------------------------------- 58: __NR_ulimit ni @@ -749,18 +749,18 @@ Syscall param setpgid(pgid) contains uninitialised byte(s) ----------------------------------------------------- Syscall param umask(mask) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:312) + by 0x........: main (scalar.c) ----------------------------------------------------- 61: __NR_chroot 1s 1m ----------------------------------------------------- Syscall param chroot(path) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:316) + by 0x........: main (scalar.c) Syscall param chroot(path) points to unaddressable byte(s) ... - by 0x........: main (scalar.c:316) + by 0x........: main (scalar.c) Address 0x........ is not stack'd, malloc'd or (recently) free'd ----------------------------------------------------- @@ -771,11 +771,11 @@ Syscall param chroot(path) points to unaddressable byte(s) ----------------------------------------------------- Syscall param dup2(oldfd) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:324) + by 0x........: main (scalar.c) Syscall param dup2(newfd) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:324) + by 0x........: main (scalar.c) ----------------------------------------------------- 64: __NR_getppid 0s 0m @@ -791,43 +791,43 @@ Syscall param dup2(newfd) contains uninitialised byte(s) ----------------------------------------------------- Syscall param sigaction(signum) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:340) + by 0x........: main (scalar.c) Syscall param sigaction(act) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:340) + by 0x........: main (scalar.c) Syscall param sigaction(oldact) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:340) + by 0x........: main (scalar.c) Syscall param sigaction(act->sa_handler) points to unaddressable byte(s) ... - by 0x........: main (scalar.c:340) + by 0x........: main (scalar.c) Address 0x........ is 0 bytes after a block of size 4 alloc'd at 0x........: malloc (vg_replace_malloc.c:...) - by 0x........: main (scalar.c:31) + by 0x........: main (scalar.c) Syscall param sigaction(act->sa_mask) points to unaddressable byte(s) ... - by 0x........: main (scalar.c:340) + by 0x........: main (scalar.c) Address 0x........ is 4 bytes after a block of size 4 alloc'd at 0x........: malloc (vg_replace_malloc.c:...) - by 0x........: main (scalar.c:31) + by 0x........: main (scalar.c) Syscall param sigaction(act->sa_flags) points to unaddressable byte(s) ... - by 0x........: main (scalar.c:340) + by 0x........: main (scalar.c) Address 0x........ is 8 bytes after a block of size 4 alloc'd at 0x........: malloc (vg_replace_malloc.c:...) - by 0x........: main (scalar.c:31) + by 0x........: main (scalar.c) Syscall param sigaction(oldact) points to unaddressable byte(s) ... - by 0x........: main (scalar.c:340) + by 0x........: main (scalar.c) Address 0x........ is 0 bytes after a block of size 4 alloc'd at 0x........: malloc (vg_replace_malloc.c:...) - by 0x........: main (scalar.c:31) + by 0x........: main (scalar.c) ----------------------------------------------------- 68: __NR_sgetmask n/a @@ -840,22 +840,22 @@ Syscall param sigaction(oldact) points to unaddressable byte(s) ----------------------------------------------------- Syscall param setreuid16(ruid) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:352) + by 0x........: main (scalar.c) Syscall param setreuid16(euid) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:352) + by 0x........: main (scalar.c) ----------------------------------------------------- 71: __NR_setregid 2s 0m ----------------------------------------------------- Syscall param setregid16(rgid) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:356) + by 0x........: main (scalar.c) Syscall param setregid16(egid) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:356) + by 0x........: main (scalar.c) ----------------------------------------------------- 72: __NR_sigsuspend ignore @@ -865,11 +865,11 @@ Syscall param setregid16(egid) contains uninitialised byte(s) ----------------------------------------------------- Syscall param sigpending(set) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:365) + by 0x........: main (scalar.c) Syscall param sigpending(set) points to unaddressable byte(s) ... - by 0x........: main (scalar.c:365) + by 0x........: main (scalar.c) Address 0x........ is not stack'd, malloc'd or (recently) free'd ----------------------------------------------------- @@ -880,15 +880,15 @@ Syscall param sigpending(set) points to unaddressable byte(s) ----------------------------------------------------- Syscall param setrlimit(resource) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:373) + by 0x........: main (scalar.c) Syscall param setrlimit(rlim) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:373) + by 0x........: main (scalar.c) Syscall param setrlimit(rlim) points to unaddressable byte(s) ... - by 0x........: main (scalar.c:373) + by 0x........: main (scalar.c) Address 0x........ is not stack'd, malloc'd or (recently) free'd ----------------------------------------------------- @@ -896,15 +896,15 @@ Syscall param setrlimit(rlim) points to unaddressable byte(s) ----------------------------------------------------- Syscall param old_getrlimit(resource) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:377) + by 0x........: main (scalar.c) Syscall param old_getrlimit(rlim) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:377) + by 0x........: main (scalar.c) Syscall param old_getrlimit(rlim) points to unaddressable byte(s) ... - by 0x........: main (scalar.c:377) + by 0x........: main (scalar.c) Address 0x........ is not stack'd, malloc'd or (recently) free'd ----------------------------------------------------- @@ -912,15 +912,15 @@ Syscall param old_getrlimit(rlim) points to unaddressable byte(s) ----------------------------------------------------- Syscall param getrusage(who) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:381) + by 0x........: main (scalar.c) Syscall param getrusage(usage) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:381) + by 0x........: main (scalar.c) Syscall param getrusage(usage) points to unaddressable byte(s) ... - by 0x........: main (scalar.c:381) + by 0x........: main (scalar.c) Address 0x........ is not stack'd, malloc'd or (recently) free'd ----------------------------------------------------- @@ -928,20 +928,20 @@ Syscall param getrusage(usage) points to unaddressable byte(s) ----------------------------------------------------- Syscall param gettimeofday(tv) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:385) + by 0x........: main (scalar.c) Syscall param gettimeofday(tz) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:385) + by 0x........: main (scalar.c) Syscall param gettimeofday(tv) points to unaddressable byte(s) ... - by 0x........: main (scalar.c:385) + by 0x........: main (scalar.c) Address 0x........ is not stack'd, malloc'd or (recently) free'd Syscall param gettimeofday(tz) points to unaddressable byte(s) ... - by 0x........: main (scalar.c:385) + by 0x........: main (scalar.c) Address 0x........ is not stack'd, malloc'd or (recently) free'd ----------------------------------------------------- @@ -949,20 +949,20 @@ Syscall param gettimeofday(tz) points to unaddressable byte(s) ----------------------------------------------------- Syscall param settimeofday(tv) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:389) + by 0x........: main (scalar.c) Syscall param settimeofday(tz) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:389) + by 0x........: main (scalar.c) Syscall param settimeofday(tv) points to unaddressable byte(s) ... - by 0x........: main (scalar.c:389) + by 0x........: main (scalar.c) Address 0x........ is not stack'd, malloc'd or (recently) free'd Syscall param settimeofday(tz) points to unaddressable byte(s) ... - by 0x........: main (scalar.c:389) + by 0x........: main (scalar.c) Address 0x........ is not stack'd, malloc'd or (recently) free'd ----------------------------------------------------- @@ -970,15 +970,15 @@ Syscall param settimeofday(tz) points to unaddressable byte(s) ----------------------------------------------------- Syscall param getgroups16(size) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:393) + by 0x........: main (scalar.c) Syscall param getgroups16(list) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:393) + by 0x........: main (scalar.c) Syscall param getgroups16(list) points to unaddressable byte(s) ... - by 0x........: main (scalar.c:393) + by 0x........: main (scalar.c) Address 0x........ is not stack'd, malloc'd or (recently) free'd ----------------------------------------------------- @@ -986,15 +986,15 @@ Syscall param getgroups16(list) points to unaddressable byte(s) ----------------------------------------------------- Syscall param setgroups16(size) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:397) + by 0x........: main (scalar.c) Syscall param setgroups16(list) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:397) + by 0x........: main (scalar.c) Syscall param setgroups16(list) points to unaddressable byte(s) ... - by 0x........: main (scalar.c:397) + by 0x........: main (scalar.c) Address 0x........ is not stack'd, malloc'd or (recently) free'd ----------------------------------------------------- @@ -1002,32 +1002,32 @@ Syscall param setgroups16(list) points to unaddressable byte(s) ----------------------------------------------------- Syscall param old_select(args) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:403) + by 0x........: main (scalar.c) Syscall param old_select(args) points to uninitialised byte(s) ... - by 0x........: main (scalar.c:403) + by 0x........: main (scalar.c) Address 0x........ is on thread 1's stack - in frame #1, created by main (scalar.c:29) + in frame #1, created by main (scalar.c) Syscall param old_select(readfds) points to unaddressable byte(s) ... - by 0x........: main (scalar.c:403) + by 0x........: main (scalar.c) Address 0x........ is not stack'd, malloc'd or (recently) free'd Syscall param old_select(writefds) points to unaddressable byte(s) ... - by 0x........: main (scalar.c:403) + by 0x........: main (scalar.c) Address 0x........ is not stack'd, malloc'd or (recently) free'd Syscall param old_select(exceptfds) points to unaddressable byte(s) ... - by 0x........: main (scalar.c:403) + by 0x........: main (scalar.c) Address 0x........ is not stack'd, malloc'd or (recently) free'd Syscall param old_select(timeout) points to unaddressable byte(s) ... - by 0x........: main (scalar.c:403) + by 0x........: main (scalar.c) Address 0x........ is not stack'd, malloc'd or (recently) free'd ----------------------------------------------------- @@ -1035,20 +1035,20 @@ Syscall param old_select(timeout) points to unaddressable byte(s) ----------------------------------------------------- Syscall param symlink(oldpath) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:408) + by 0x........: main (scalar.c) Syscall param symlink(newpath) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:408) + by 0x........: main (scalar.c) Syscall param symlink(oldpath) points to unaddressable byte(s) ... - by 0x........: main (scalar.c:408) + by 0x........: main (scalar.c) Address 0x........ is not stack'd, malloc'd or (recently) free'd Syscall param symlink(newpath) points to unaddressable byte(s) ... - by 0x........: main (scalar.c:408) + by 0x........: main (scalar.c) Address 0x........ is not stack'd, malloc'd or (recently) free'd ----------------------------------------------------- @@ -1059,24 +1059,24 @@ Syscall param symlink(newpath) points to unaddressable byte(s) ----------------------------------------------------- Syscall param readlink(path) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:416) + by 0x........: main (scalar.c) Syscall param readlink(buf) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:416) + by 0x........: main (scalar.c) Syscall param readlink(bufsiz) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:416) + by 0x........: main (scalar.c) Syscall param readlink(path) points to unaddressable byte(s) ... - by 0x........: main (scalar.c:416) + by 0x........: main (scalar.c) Address 0x........ is not stack'd, malloc'd or (recently) free'd Syscall param readlink(buf) points to unaddressable byte(s) ... - by 0x........: main (scalar.c:416) + by 0x........: main (scalar.c) Address 0x........ is not stack'd, malloc'd or (recently) free'd ----------------------------------------------------- @@ -1096,39 +1096,39 @@ Syscall param readlink(buf) points to unaddressable byte(s) ----------------------------------------------------- Syscall param old_mmap(args) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:438) + by 0x........: main (scalar.c) Syscall param old_mmap(args) points to uninitialised byte(s) ... - by 0x........: main (scalar.c:438) + by 0x........: main (scalar.c) Address 0x........ is on thread 1's stack - in frame #1, created by main (scalar.c:29) + in frame #1, created by main (scalar.c) ----------------------------------------------------- 91: __NR_munmap 2s 0m ----------------------------------------------------- Syscall param munmap(start) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:443) + by 0x........: main (scalar.c) Syscall param munmap(length) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:443) + by 0x........: main (scalar.c) ----------------------------------------------------- 92: __NR_truncate 2s 1m ----------------------------------------------------- Syscall param truncate(path) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:447) + by 0x........: main (scalar.c) Syscall param truncate(length) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:447) + by 0x........: main (scalar.c) Syscall param truncate(path) points to unaddressable byte(s) ... - by 0x........: main (scalar.c:447) + by 0x........: main (scalar.c) Address 0x........ is not stack'd, malloc'd or (recently) free'd ----------------------------------------------------- @@ -1136,63 +1136,63 @@ Syscall param truncate(path) points to unaddressable byte(s) ----------------------------------------------------- Syscall param ftruncate(fd) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:451) + by 0x........: main (scalar.c) Syscall param ftruncate(length) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:451) + by 0x........: main (scalar.c) ----------------------------------------------------- 94: __NR_fchmod 2s 0m ----------------------------------------------------- Syscall param fchmod(fildes) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:455) + by 0x........: main (scalar.c) Syscall param fchmod(mode) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:455) + by 0x........: main (scalar.c) ----------------------------------------------------- 95: __NR_fchown 3s 0m ----------------------------------------------------- Syscall param fchown16(fd) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:459) + by 0x........: main (scalar.c) Syscall param fchown16(owner) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:459) + by 0x........: main (scalar.c) Syscall param fchown16(group) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:459) + by 0x........: main (scalar.c) ----------------------------------------------------- 96: __NR_getpriority 2s 0m ----------------------------------------------------- Syscall param getpriority(which) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:463) + by 0x........: main (scalar.c) Syscall param getpriority(who) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:463) + by 0x........: main (scalar.c) ----------------------------------------------------- 97: __NR_setpriority 3s 0m ----------------------------------------------------- Syscall param setpriority(which) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:467) + by 0x........: main (scalar.c) Syscall param setpriority(who) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:467) + by 0x........: main (scalar.c) Syscall param setpriority(prio) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:467) + by 0x........: main (scalar.c) ----------------------------------------------------- 98: __NR_profil ni @@ -1202,20 +1202,20 @@ Syscall param setpriority(prio) contains uninitialised byte(s) ----------------------------------------------------- Syscall param statfs(path) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:475) + by 0x........: main (scalar.c) Syscall param statfs(buf) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:475) + by 0x........: main (scalar.c) Syscall param statfs(path) points to unaddressable byte(s) ... - by 0x........: main (scalar.c:475) + by 0x........: main (scalar.c) Address 0x........ is not stack'd, malloc'd or (recently) free'd Syscall param statfs(buf) points to unaddressable byte(s) ... - by 0x........: main (scalar.c:475) + by 0x........: main (scalar.c) Address 0x........ is not stack'd, malloc'd or (recently) free'd ----------------------------------------------------- @@ -1223,15 +1223,15 @@ Syscall param statfs(buf) points to unaddressable byte(s) ----------------------------------------------------- Syscall param fstatfs(fd) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:479) + by 0x........: main (scalar.c) Syscall param fstatfs(buf) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:479) + by 0x........: main (scalar.c) Syscall param fstatfs(buf) points to unaddressable byte(s) ... - by 0x........: main (scalar.c:479) + by 0x........: main (scalar.c) Address 0x........ is not stack'd, malloc'd or (recently) free'd ----------------------------------------------------- @@ -1239,15 +1239,15 @@ Syscall param fstatfs(buf) points to unaddressable byte(s) ----------------------------------------------------- Syscall param ioperm(from) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:483) + by 0x........: main (scalar.c) Syscall param ioperm(num) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:483) + by 0x........: main (scalar.c) Syscall param ioperm(turn_on) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:483) + by 0x........: main (scalar.c) ----------------------------------------------------- 102: __NR_socketcall XXX @@ -1257,19 +1257,19 @@ Syscall param ioperm(turn_on) contains uninitialised byte(s) ----------------------------------------------------- Syscall param syslog(type) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:491) + by 0x........: main (scalar.c) Syscall param syslog(bufp) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:491) + by 0x........: main (scalar.c) Syscall param syslog(len) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:491) + by 0x........: main (scalar.c) Syscall param syslog(bufp) points to unaddressable byte(s) ... - by 0x........: main (scalar.c:491) + by 0x........: main (scalar.c) Address 0x........ is not stack'd, malloc'd or (recently) free'd ----------------------------------------------------- @@ -1277,34 +1277,34 @@ Syscall param syslog(bufp) points to unaddressable byte(s) ----------------------------------------------------- Syscall param setitimer(which) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:495) + by 0x........: main (scalar.c) Syscall param setitimer(value) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:495) + by 0x........: main (scalar.c) Syscall param setitimer(ovalue) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:495) + by 0x........: main (scalar.c) Syscall param setitimer(&value->it_interval) points to unaddressable byte(s) ... - by 0x........: main (scalar.c:495) + by 0x........: main (scalar.c) Address 0x........ is not stack'd, malloc'd or (recently) free'd Syscall param setitimer(&value->it_value) points to unaddressable byte(s) ... - by 0x........: main (scalar.c:495) + by 0x........: main (scalar.c) Address 0x........ is not stack'd, malloc'd or (recently) free'd Syscall param setitimer(&ovalue->it_interval) points to unaddressable byte(s) ... - by 0x........: main (scalar.c:495) + by 0x........: main (scalar.c) Address 0x........ is not stack'd, malloc'd or (recently) free'd Syscall param setitimer(&ovalue->it_value) points to unaddressable byte(s) ... - by 0x........: main (scalar.c:495) + by 0x........: main (scalar.c) Address 0x........ is not stack'd, malloc'd or (recently) free'd ----------------------------------------------------- @@ -1312,20 +1312,20 @@ Syscall param setitimer(&ovalue->it_value) points to unaddressable byte(s) ----------------------------------------------------- Syscall param getitimer(which) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:499) + by 0x........: main (scalar.c) Syscall param getitimer(value) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:499) + by 0x........: main (scalar.c) Syscall param getitimer(&value->it_interval) points to unaddressable byte(s) ... - by 0x........: main (scalar.c:499) + by 0x........: main (scalar.c) Address 0x........ is not stack'd, malloc'd or (recently) free'd Syscall param getitimer(&value->it_value) points to unaddressable byte(s) ... - by 0x........: main (scalar.c:499) + by 0x........: main (scalar.c) Address 0x........ is not stack'd, malloc'd or (recently) free'd ----------------------------------------------------- @@ -1333,20 +1333,20 @@ Syscall param getitimer(&value->it_value) points to unaddressable byte(s) ----------------------------------------------------- Syscall param stat(file_name) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:503) + by 0x........: main (scalar.c) Syscall param stat(buf) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:503) + by 0x........: main (scalar.c) Syscall param stat(file_name) points to unaddressable byte(s) ... - by 0x........: main (scalar.c:503) + by 0x........: main (scalar.c) Address 0x........ is not stack'd, malloc'd or (recently) free'd Syscall param stat(buf) points to unaddressable byte(s) ... - by 0x........: main (scalar.c:503) + by 0x........: main (scalar.c) Address 0x........ is not stack'd, malloc'd or (recently) free'd ----------------------------------------------------- @@ -1354,20 +1354,20 @@ Syscall param stat(buf) points to unaddressable byte(s) ----------------------------------------------------- Syscall param lstat(file_name) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:507) + by 0x........: main (scalar.c) Syscall param lstat(buf) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:507) + by 0x........: main (scalar.c) Syscall param lstat(file_name) points to unaddressable byte(s) ... - by 0x........: main (scalar.c:507) + by 0x........: main (scalar.c) Address 0x........ is not stack'd, malloc'd or (recently) free'd Syscall param lstat(buf) points to unaddressable byte(s) ... - by 0x........: main (scalar.c:507) + by 0x........: main (scalar.c) Address 0x........ is not stack'd, malloc'd or (recently) free'd ----------------------------------------------------- @@ -1375,15 +1375,15 @@ Syscall param lstat(buf) points to unaddressable byte(s) ----------------------------------------------------- Syscall param fstat(fd) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:511) + by 0x........: main (scalar.c) Syscall param fstat(buf) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:511) + by 0x........: main (scalar.c) Syscall param fstat(buf) points to unaddressable byte(s) ... - by 0x........: main (scalar.c:511) + by 0x........: main (scalar.c) Address 0x........ is not stack'd, malloc'd or (recently) free'd ----------------------------------------------------- @@ -1394,7 +1394,7 @@ Syscall param fstat(buf) points to unaddressable byte(s) ----------------------------------------------------- Syscall param iopl(level) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:519) + by 0x........: main (scalar.c) ----------------------------------------------------- 111: __NR_vhangup 0s 0m @@ -1410,28 +1410,28 @@ Syscall param iopl(level) contains uninitialised byte(s) ----------------------------------------------------- Syscall param wait4(pid) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:535) + by 0x........: main (scalar.c) Syscall param wait4(status) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:535) + by 0x........: main (scalar.c) Syscall param wait4(options) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:535) + by 0x........: main (scalar.c) Syscall param wait4(rusage) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:535) + by 0x........: main (scalar.c) Syscall param wait4(status) points to unaddressable byte(s) ... - by 0x........: main (scalar.c:535) + by 0x........: main (scalar.c) Address 0x........ is not stack'd, malloc'd or (recently) free'd Syscall param wait4(rusage) points to unaddressable byte(s) ... - by 0x........: main (scalar.c:535) + by 0x........: main (scalar.c) Address 0x........ is not stack'd, malloc'd or (recently) free'd ----------------------------------------------------- @@ -1442,11 +1442,11 @@ Syscall param wait4(rusage) points to unaddressable byte(s) ----------------------------------------------------- Syscall param sysinfo(info) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:543) + by 0x........: main (scalar.c) Syscall param sysinfo(info) points to unaddressable byte(s) ... - by 0x........: main (scalar.c:543) + by 0x........: main (scalar.c) Address 0x........ is not stack'd, malloc'd or (recently) free'd ----------------------------------------------------- @@ -1454,34 +1454,34 @@ Syscall param sysinfo(info) points to unaddressable byte(s) ----------------------------------------------------- Syscall param ipc(call) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:550) + by 0x........: main (scalar.c) Syscall param ipc(first) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:550) + by 0x........: main (scalar.c) Syscall param ipc(second) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:550) + by 0x........: main (scalar.c) Syscall param ipc(third) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:550) + by 0x........: main (scalar.c) Syscall param ipc(ptr) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:550) + by 0x........: main (scalar.c) Syscall param ipc(fifth) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:550) + by 0x........: main (scalar.c) ----------------------------------------------------- 118: __NR_fsync 1s 0m ----------------------------------------------------- Syscall param fsync(fd) contains uninitialised byte(s) ... - by 0x........: main (scalar.c:554) + by 0x........: main (scalar.c) ----------------------------------------------------- 119: __NR_sigreturn n/a @@ -1491,37 +1491,37 @@ Syscall param fsync(fd) contains uninitialised byte(s) ----------------------------------------------------- Syscall param clone(flags) contains uninitialised byte(s) .... [truncated message content] |
From: Paul F. <pa...@so...> - 2025-08-29 10:33:52
|
https://sourceware.org/cgit/valgrind/commit/?id=dce474600fc193325fe889b0a6975012fd356dfe commit dce474600fc193325fe889b0a6975012fd356dfe Author: Paul Floyd <pj...@wa...> Date: Fri Aug 29 08:22:17 2025 +0200 regtest: add vgtest and expected for memcheck duplicate_align_size_errors The cpp file and .gitignore change were done at the same time as the aligned size checks, but I missed out the expected vgtest and Makefile.am changes. There were also a couple of unused variables in the cpp file. Diff: --- memcheck/tests/Makefile.am | 5 ++++ memcheck/tests/duplicate_align_size_errors.cpp | 2 -- .../tests/duplicate_align_size_errors.stderr.exp | 30 ++++++++++++++++++++++ memcheck/tests/duplicate_align_size_errors.vgtest | 5 ++++ 4 files changed, 40 insertions(+), 2 deletions(-) diff --git a/memcheck/tests/Makefile.am b/memcheck/tests/Makefile.am index 349cdaf15d..fb3f9ddae0 100644 --- a/memcheck/tests/Makefile.am +++ b/memcheck/tests/Makefile.am @@ -162,6 +162,8 @@ EXTRA_DIST = \ cxx17_aligned_new.stderr.exp cxx17_aligned_new.vgtest \ cxx17_aligned_new.stderr.exp_32 \ cxx17_aligned_new.stdout.exp \ + duplicate_align_size_errors.stderr.exp \ + duplicate_align_size_errors.vgtest \ sized_aligned_new_delete_args.stderr.exp \ sized_aligned_new_delete_args.vgtest \ sized_aligned_new_delete_misaligned1.stderr.exp \ @@ -613,6 +615,7 @@ endif if HAVE_ALIGNED_CXX_ALLOC check_PROGRAMS += cxx17_aligned_new sized_aligned_new_delete_args \ + duplicate_align_size_errors \ new_aligned_delete_default \ sized_aligned_new_delete_misaligned1 \ sized_aligned_new_delete_misaligned2 \ @@ -704,6 +707,8 @@ bug340392_CFLAGS = $(AM_CFLAGS) -O3 @FLAG_W_NO_MAYBE_UNINITIALIZED@ if HAVE_ALIGNED_CXX_ALLOC cxx17_aligned_new_SOURCES = cxx17_aligned_new.cpp cxx17_aligned_new_CXXFLAGS = ${AM_CXXFLAGS} -std=c++17 @FLAG_W_NO_MISMATCHED_NEW_DELETE@ +duplicate_align_size_errors_SOURCES = duplicate_align_size_errors.cpp +duplicate_align_size_errors_CXXFLAFGS = ${AM_CXXFLAGS} -std=c++17 new_aligned_delete_default_SOURCES = new_aligned_delete_default.cpp new_aligned_delete_default_CXXFLAGS = ${AM_CXXFLAGS} -std=c++17 sized_aligned_new_delete_args_SOURCES = sized_aligned_new_delete_args.cpp diff --git a/memcheck/tests/duplicate_align_size_errors.cpp b/memcheck/tests/duplicate_align_size_errors.cpp index 3e0af0d160..58f64a7cde 100644 --- a/memcheck/tests/duplicate_align_size_errors.cpp +++ b/memcheck/tests/duplicate_align_size_errors.cpp @@ -6,9 +6,7 @@ int main() { - std::align_val_t misalign(static_cast<std::align_val_t>(63U)); std::align_val_t zeroalign(static_cast<std::align_val_t>(0U)); - std::align_val_t onealign(static_cast<std::align_val_t>(1U)); std::align_val_t align(static_cast<std::align_val_t>(64U)); std::align_val_t alignx2(static_cast<std::align_val_t>(128U)); std::size_t size(32); diff --git a/memcheck/tests/duplicate_align_size_errors.stderr.exp b/memcheck/tests/duplicate_align_size_errors.stderr.exp new file mode 100644 index 0000000000..4eb84f4339 --- /dev/null +++ b/memcheck/tests/duplicate_align_size_errors.stderr.exp @@ -0,0 +1,30 @@ +Invalid alignment value: 0 (should be non-zero and a power of 2) + at 0x........: operator new(unsigned long, std::align_val_t, std::nothrow_t const&) (vg_replace_malloc.c:...) + by 0x........: main (duplicate_align_size_errors.cpp:19) + +Invalid alignment value: 0 (should be non-zero and a power of 2) + at 0x........: operator delete(void*, std::align_val_t, std::nothrow_t const&) (vg_replace_malloc.c:...) + by 0x........: main (duplicate_align_size_errors.cpp:20) + +Invalid size value: 100 alignment value: 64 (size should be a multiple of alignment) + at 0x........: aligned_alloc (vg_replace_malloc.c:...) + by 0x........: main (duplicate_align_size_errors.cpp:25) + +aligned_alloc() invalid size value: 0 + at 0x........: aligned_alloc (vg_replace_malloc.c:...) + by 0x........: main (duplicate_align_size_errors.cpp:33) + +Mismatched new/delete size value: 33 + at 0x........: operator delete(void*, unsigned long, std::align_val_t) (vg_replace_malloc.c:...) + by 0x........: main (duplicate_align_size_errors.cpp:43) + Address 0x........ is 0 bytes inside a block of size 32 alloc'd + at 0x........: operator new(unsigned long, std::align_val_t) (vg_replace_malloc.c:...) + by 0x........: main (duplicate_align_size_errors.cpp:42) + +Mismatched new[]/delete[] alignment alloc value: 64 dealloc value: 128 + at 0x........: operator delete[](void*, unsigned long, std::align_val_t) (vg_replace_malloc.c:...) + by 0x........: main (duplicate_align_size_errors.cpp:48) + Address 0x........ is 0 bytes inside a block of size 32 alloc'd + at 0x........: operator new[](unsigned long, std::align_val_t) (vg_replace_malloc.c:...) + by 0x........: main (duplicate_align_size_errors.cpp:47) + diff --git a/memcheck/tests/duplicate_align_size_errors.vgtest b/memcheck/tests/duplicate_align_size_errors.vgtest new file mode 100644 index 0000000000..44362003de --- /dev/null +++ b/memcheck/tests/duplicate_align_size_errors.vgtest @@ -0,0 +1,5 @@ +prog: duplicate_align_size_errors +prereq: test -e ./duplicate_align_size_errors +vgopts: --show-mismatched-frees=yes -q +#stderr_filter: filter_size_t + |
From: Paul F. <pa...@so...> - 2025-08-29 06:23:21
|
https://sourceware.org/cgit/valgrind/commit/?id=b35918dd1eed60066d097c62a1f5fec6cb51e354 commit b35918dd1eed60066d097c62a1f5fec6cb51e354 Author: Paul Floyd <pj...@wa...> Date: Fri Aug 29 08:22:17 2025 +0200 FreeBSD: fix build error Deleteted wrong variable when doing *at() syscall refactoring. Diff: --- coregrind/m_syswrap/syswrap-freebsd.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/coregrind/m_syswrap/syswrap-freebsd.c b/coregrind/m_syswrap/syswrap-freebsd.c index 8934b76ad2..1a3bbe2143 100644 --- a/coregrind/m_syswrap/syswrap-freebsd.c +++ b/coregrind/m_syswrap/syswrap-freebsd.c @@ -5453,7 +5453,7 @@ POST(sys_openat) // size_t bufsize); PRE(sys_readlinkat) { - const HChar *path = (const HChar*)ARG2; + Bool curproc_file = False; PRINT("sys_readlinkat ( %" FMT_REGWORD "u, %#" FMT_REGWORD "x(%s), %#" FMT_REGWORD "x, %llu )", ARG1,ARG2,(char*)ARG2,ARG3,(ULong)ARG4); PRE_REG_READ4(ssize_t, "readlinkat", |
From: Paul F. <pa...@so...> - 2025-08-29 06:03:05
|
https://sourceware.org/cgit/valgrind/commit/?id=9f5d3d32b5bd5bc546eea74a8f75e53d4a228519 commit 9f5d3d32b5bd5bc546eea74a8f75e53d4a228519 Author: Paul Floyd <pj...@wa...> Date: Fri Aug 29 07:59:28 2025 +0200 Linux FreeBSD and Darwin: refactor *at syscall dirfd checks I haven't done Solaris. The code there is less messy because Solaris doesn't use a negative value for AT_FDCWD, meaning no explicit or implicit cast from unsigned word to signed int is needed before comparing to the int dirfd parameter. Diff: --- coregrind/m_syswrap/priv_syswrap-generic.h | 11 ++ coregrind/m_syswrap/syswrap-amd64-freebsd.c | 6 +- coregrind/m_syswrap/syswrap-arm-linux.c | 5 +- coregrind/m_syswrap/syswrap-arm64-freebsd.c | 6 +- coregrind/m_syswrap/syswrap-darwin.c | 36 ++----- coregrind/m_syswrap/syswrap-freebsd.c | 149 +++++----------------------- coregrind/m_syswrap/syswrap-generic.c | 6 ++ coregrind/m_syswrap/syswrap-linux.c | 114 +++++---------------- coregrind/m_syswrap/syswrap-mips32-linux.c | 6 +- coregrind/m_syswrap/syswrap-ppc32-linux.c | 6 +- coregrind/m_syswrap/syswrap-x86-freebsd.c | 6 +- coregrind/m_syswrap/syswrap-x86-linux.c | 6 +- 12 files changed, 81 insertions(+), 276 deletions(-) diff --git a/coregrind/m_syswrap/priv_syswrap-generic.h b/coregrind/m_syswrap/priv_syswrap-generic.h index eb815840d9..9dbc1e6f2b 100644 --- a/coregrind/m_syswrap/priv_syswrap-generic.h +++ b/coregrind/m_syswrap/priv_syswrap-generic.h @@ -59,6 +59,17 @@ extern Bool ML_(fd_allowed)(Int fd, const HChar *syscallname, ThreadId tid, Bool isNewFD); +// used bye "*at" syscalls that take a directory fd for use +// with relative paths. Need to check that +// 1. the path is relative +// 2. the directory is not the specail value VKI_AT_FDCWD +// 3. the directory fd is allowd (as above) +extern +void ML_(fd_at_check_allowed)(Int fd, const HChar* path, + const HChar* function_name, ThreadId tid, + SyscallStatus* status); + + extern void ML_(record_fd_close) (ThreadId tid, Int fd); extern Int ML_(get_fd_count) (void); extern void ML_(record_fd_close_range) (ThreadId tid, Int fd); diff --git a/coregrind/m_syswrap/syswrap-amd64-freebsd.c b/coregrind/m_syswrap/syswrap-amd64-freebsd.c index 4d3c178481..b2fc6114f9 100644 --- a/coregrind/m_syswrap/syswrap-amd64-freebsd.c +++ b/coregrind/m_syswrap/syswrap-amd64-freebsd.c @@ -983,15 +983,11 @@ POST(sys_procctl) // int mknodat(int fd, const char *path, mode_t mode, dev_t dev); PRE(sys_mknodat) { - Int arg_1 = (Int)ARG1; - const HChar *path = (const HChar*)ARG2; PRINT("sys_mknodat ( %" FMT_REGWORD "u, %#" FMT_REGWORD "x(%s), 0x%" FMT_REGWORD "x, 0x%" FMT_REGWORD "x )", ARG1,ARG2,(char*)ARG2,ARG3,ARG4 ); PRE_REG_READ4(long, "mknodat", int, fd, const char *, path, vki_mode_t, mode, vki_dev_t, dev); PRE_MEM_RASCIIZ( "mknodat(pathname)", ARG2 ); - if ((ML_(safe_to_deref) (path, 1)) && (path[0] != '/')) - if ((arg_1 != VKI_AT_FDCWD) && !ML_(fd_allowed)(arg_1, "mknodat", tid, False) ) - SET_STATUS_Failure(VKI_EBADF); + ML_(fd_at_check_allowed)(SARG1, (const HChar*)ARG2, "mknodat", tid, status); } // SYS_cpuset_getdomain 561 diff --git a/coregrind/m_syswrap/syswrap-arm-linux.c b/coregrind/m_syswrap/syswrap-arm-linux.c index 1fca10183d..1aae03c02d 100644 --- a/coregrind/m_syswrap/syswrap-arm-linux.c +++ b/coregrind/m_syswrap/syswrap-arm-linux.c @@ -284,10 +284,7 @@ PRE(sys_fstatat64) SARG1, ARG2, (HChar*)ARG2, ARG3); PRE_REG_READ3(long, "fstatat64", int, dfd, char *, file_name, struct stat64 *, buf); - if (ML_(safe_to_deref)( (void*)(Addr)ARG2, 1 ) - && *(Char *)(Addr)ARG2 != '/' - && ((Int)ARG1) != ((Int)VKI_AT_FDCWD) - && !ML_(fd_allowed)(ARG1, "fstatat64", tid, False)) + ML_(fd_at_check_allowed)(SARG1, (const HChar*)ARG2, "fstatat64", tid, status); SET_STATUS_Failure( VKI_EBADF ); PRE_MEM_RASCIIZ( "fstatat64(file_name)", ARG2 ); PRE_MEM_WRITE( "fstatat64(buf)", ARG3, sizeof(struct vki_stat64) ); diff --git a/coregrind/m_syswrap/syswrap-arm64-freebsd.c b/coregrind/m_syswrap/syswrap-arm64-freebsd.c index 6054c641e2..fe2d161940 100644 --- a/coregrind/m_syswrap/syswrap-arm64-freebsd.c +++ b/coregrind/m_syswrap/syswrap-arm64-freebsd.c @@ -949,17 +949,13 @@ POST(sys_procctl) // int mknodat(int fd, const char *path, mode_t mode, dev_t dev); PRE(sys_mknodat) { - Int arg_1 = (Int)ARG1; - const HChar *path = (const HChar*)ARG2; PRINT("sys_mknodat ( %" FMT_REGWORD "u, %#" FMT_REGWORD "x(%s), 0x%" FMT_REGWORD "x, 0x%" FMT_REGWORD "x )", ARG1, ARG2, (char*)ARG2, ARG3, ARG4); PRE_REG_READ4(long, "mknodat", int, fd, const char*, path, vki_mode_t, mode, vki_dev_t, dev); PRE_MEM_RASCIIZ("mknodat(pathname)", ARG2); - if ((ML_(safe_to_deref)(path, 1)) && (path[0] != '/')) - if (arg_1 != VKI_AT_FDCWD && !ML_(fd_allowed)(arg_1, "mknodat", tid, False)) - SET_STATUS_Failure(VKI_EBADF); + ML_(fd_at_check_allowed)(SARG1, (const HChar*)ARG2, "mknodat", tid, status); } // SYS_cpuset_getdomain 561 diff --git a/coregrind/m_syswrap/syswrap-darwin.c b/coregrind/m_syswrap/syswrap-darwin.c index ba90495bbe..761965d610 100644 --- a/coregrind/m_syswrap/syswrap-darwin.c +++ b/coregrind/m_syswrap/syswrap-darwin.c @@ -9858,29 +9858,21 @@ POST(getattrlistbulk) PRE(faccessat) { - Int fd = ARG1; PRINT("faccessat(fd:%d, path:%#lx(%s), amode:%#lx, flag:%#lx)", fd, ARG2, ARG2 ? (HChar*)ARG2 : "null", ARG3, ARG4); PRE_REG_READ4(int, "faccessat", int, fd, user_addr_t, path, int, amode, int, flag); - - if (fd != VKI_AT_FDCWD && !ML_(fd_allowed)(fd, "faccessat", tid, False)) { - SET_STATUS_Failure( VKI_EBADF ); - } + ML_(fd_at_check_allowed)(SARG1, (const HChar*)ARG2, "faccessat", tid, status); PRE_MEM_RASCIIZ( "faccessat(path)", ARG2 ); } PRE(fstatat64) { - Int fd = ARG1; PRINT("fstatat64(fd:%d, path:%#lx(%s), ub:%#lx, flag:%#lx)", fd, ARG2, ARG2 ? (HChar*)ARG2 : "null", ARG3, ARG4); PRE_REG_READ4(int, "fstatat64", int, fd, user_addr_t, path, user_addr_t, ub, int, flag); - - if (fd != VKI_AT_FDCWD && !ML_(fd_allowed)(fd, "fstatat64", tid, False)) { - SET_STATUS_Failure( VKI_EBADF ); - } + ML_(fd_at_check_allowed)(SARG1, (const HChar*)ARG2, "fstatat64", tid, status); PRE_MEM_RASCIIZ( "fstatat64(path)", ARG2 ); PRE_MEM_WRITE( "fstatat64(ub)", ARG3, sizeof(struct vki_stat64) ); } @@ -9891,15 +9883,11 @@ POST(fstatat64) PRE(readlinkat) { - Int arg_1 = (Int)ARG1; - const HChar *path = (const HChar*)ARG2; PRINT("readlinkat ( %ld, %#lx(%s), %#lx, %ld )", SARG1, ARG2, (HChar*)ARG2, ARG3, SARG4); PRE_REG_READ4(long, "readlinkat", int, dfd, const char *, path, char *, buf, int, bufsiz); - if ((ML_(safe_to_deref)(path, 1)) && (path[0] != '/')) - if (arg_1 != VKI_AT_FDCWD && !ML_(fd_allowed)(arg_1, "readlinkat", tid, False)) - SET_STATUS_Failure(VKI_EBADF); + ML_(fd_at_check_allowed)(SARG1, (const HChar*)ARG2, "readlinkat", tid, status); PRE_MEM_RASCIIZ( "readlinkat(path)", ARG2 ); PRE_MEM_WRITE( "readlinkat(buf)", ARG3,ARG4 ); @@ -10010,11 +9998,7 @@ PRE(openat) /* For absolute filenames, dfd is ignored. If dfd is AT_FDCWD, filename is relative to cwd. When comparing dfd against AT_FDCWD, be sure only to compare the bottom 32 bits. */ - if (ML_(safe_to_deref)( (void*)(Addr)ARG2, 1 ) - && *(Char *)(Addr)ARG2 != '/' - && ((Int)ARG1) != ((Int)VKI_AT_FDCWD) - && !ML_(fd_allowed)(ARG1, "openat", tid, False)) - SET_STATUS_Failure( VKI_EBADF ); + ML_(fd_at_check_allowed)(SARG1, (const HChar*)ARG2, "openat", tid, status); /* Otherwise handle normally */ *flags |= SfMayBlock; @@ -10035,14 +10019,10 @@ POST(openat) PRE(mkdirat) { - Int arg_1 = (Int)ARG1; - const HChar *path = (const HChar*)ARG2; PRINT("mkdirat ( %" FMT_REGWORD "u, %#" FMT_REGWORD "x(%s), %" FMT_REGWORD "u )", ARG1,ARG2,(char*)ARG2,ARG3); PRE_REG_READ3(int, "mkdirat", int, fd, const char *, path, unsigned int, mode); - if ((ML_(safe_to_deref)(path, 1)) && (path[0] != '/')) - if (arg_1 != VKI_AT_FDCWD && !ML_(fd_allowed)(arg_1, "symlinkat", tid, False)) - SET_STATUS_Failure(VKI_EBADF); + ML_(fd_at_check_allowed)(SARG1, (const HChar*)ARG2, "mkdirat", tid, status); PRE_MEM_RASCIIZ( "mkdirat(path)", ARG2 ); *flags |= SfMayBlock; } @@ -10500,11 +10480,7 @@ PRE(openat_nocancel) /* For absolute filenames, dfd is ignored. If dfd is AT_FDCWD, filename is relative to cwd. When comparing dfd against AT_FDCWD, be sure only to compare the bottom 32 bits. */ - if (ML_(safe_to_deref)( (void*)(Addr)ARG2, 1 ) - && *(Char *)(Addr)ARG2 != '/' - && ((Int)ARG1) != ((Int)VKI_AT_FDCWD) - && !ML_(fd_allowed)(ARG1, "openat_nocancel", tid, False)) - SET_STATUS_Failure( VKI_EBADF ); + ML_(fd_at_check_allowed)(SARG1, (const HChar*)ARG2, "openat_nocancel", tid, status); /* Otherwise handle normally */ *flags |= SfMayBlock; diff --git a/coregrind/m_syswrap/syswrap-freebsd.c b/coregrind/m_syswrap/syswrap-freebsd.c index 7fc96c7c59..8934b76ad2 100644 --- a/coregrind/m_syswrap/syswrap-freebsd.c +++ b/coregrind/m_syswrap/syswrap-freebsd.c @@ -5186,14 +5186,10 @@ POST(sys_cpuset) // int faccessat(int fd, const char *path, int mode, int flag); PRE(sys_faccessat) { - Int arg_1 = (Int)ARG1; - const HChar *path = (const HChar*)ARG2; PRINT("sys_faccessat ( %" FMT_REGWORD "u, %#" FMT_REGWORD "x(%s), %" FMT_REGWORD "u )", ARG1,ARG2,(char*)ARG2,ARG3); PRE_REG_READ3(int, "faccessat", int, fd, const char *, path, int, flag); - if ((ML_(safe_to_deref)(path, 1)) && (path[0] != '/')) - if (arg_1 != VKI_AT_FDCWD && !ML_(fd_allowed)(arg_1, "faccessat", tid, False)) - SET_STATUS_Failure(VKI_EBADF); + ML_(fd_at_check_allowed)(SARG1, (const HChar*)ARG2, "faccessat", tid, status); PRE_MEM_RASCIIZ( "faccessat(path)", ARG2 ); } @@ -5201,14 +5197,10 @@ PRE(sys_faccessat) // int fchmodat(int fd, const char *path, mode_t mode, int flag); PRE(sys_fchmodat) { - Int arg_1 = (Int)ARG1; - const HChar *path = (const HChar*)ARG2; PRINT("sys_fchmodat ( %" FMT_REGWORD "u, %#" FMT_REGWORD "x(%s), %" FMT_REGWORD "u )", ARG1,ARG2,(char*)ARG2,ARG3); PRE_REG_READ4(int, "fchmodat", int, fd, const char *, path, vki_mode_t, mode, int, flag); - if ((ML_(safe_to_deref)(path, 1)) && (path[0] != '/')) - if (arg_1 != VKI_AT_FDCWD && !ML_(fd_allowed)(arg_1, "fchmodat", tid, False)) - SET_STATUS_Failure(VKI_EBADF); + ML_(fd_at_check_allowed)(SARG1, (const HChar*)ARG2, "fchmodat", tid, status); PRE_MEM_RASCIIZ( "fchmodat(path)", ARG2 ); } @@ -5216,13 +5208,9 @@ PRE(sys_fchmodat) // int fchownat(int fd, const char *path, uid_t owner, gid_t group, int flag); PRE(sys_fchownat) { - Int arg_1 = (Int)ARG1; - const HChar *path = (const HChar*)ARG2; PRINT("sys_fchownat ( %" FMT_REGWORD "u, %#" FMT_REGWORD "x(%s), 0x%" FMT_REGWORD "x, 0x%" FMT_REGWORD "x, %" FMT_REGWORD "d )", ARG1,ARG2,(char*)ARG2,ARG3,ARG4, SARG5); - if ((ML_(safe_to_deref)(path, 1)) && (path[0] != '/')) - if (arg_1 != VKI_AT_FDCWD && !ML_(fd_allowed)(arg_1, "fchownat", tid, False)) - SET_STATUS_Failure(VKI_EBADF); + ML_(fd_at_check_allowed)(SARG1, (const HChar*)ARG2, "fchownat", tid, status); PRE_REG_READ5(int, "fchownat", int, fd, const char *, path, vki_uid_t, owner, vki_gid_t, group, int, flag); @@ -5311,14 +5299,10 @@ PRE(sys_fexecve) // int fstatat(int fd, const char *path, struct stat *sb, int flag); PRE(sys_freebsd11_fstatat) { - Int arg_1 = (Int)ARG1; - const HChar *path = (const HChar*)ARG2; PRINT("sys_freebsd11_fstatat ( %" FMT_REGWORD "u, %#" FMT_REGWORD "x(%s), %#" FMT_REGWORD "x )", ARG1,ARG2,(char*)ARG2,ARG3); PRE_REG_READ4(int, "fstatat", int, fd, const char *, path, struct freebsd11_stat *, buf, int, flag); - if ((ML_(safe_to_deref)(path, 1)) && (path[0] != '/')) - if (arg_1 != VKI_AT_FDCWD && !ML_(fd_allowed)(arg_1, "freebsd11_fstatat", tid, False)) - SET_STATUS_Failure(VKI_EBADF); + ML_(fd_at_check_allowed)(SARG1, (const HChar*)ARG2, "freebsd11_fstatat", tid, status); PRE_MEM_RASCIIZ( "freebsd11_fstatat(path)", ARG2 ); PRE_MEM_WRITE( "freebsd11_fstatat(sb)", ARG3, sizeof(struct vki_freebsd11_stat) ); } @@ -5332,14 +5316,10 @@ POST(sys_freebsd11_fstatat) // int futimesat(int fd, const char *path, const struct timeval times[2]); PRE(sys_futimesat) { - Int arg_1 = (Int)ARG1; - const HChar *path = (const HChar*)ARG2; PRINT("sys_futimesat ( %" FMT_REGWORD "u, %#" FMT_REGWORD "x(%s), %#" FMT_REGWORD "x )", ARG1,ARG2,(char*)ARG2,ARG3); PRE_REG_READ3(int, "futimesat", int, fd, const char *, path, struct timeval *, times); - if ((ML_(safe_to_deref) (path, 1)) && (path[0] != '/')) - if ((arg_1 != VKI_AT_FDCWD) && !ML_(fd_allowed)(arg_1, "futimesat", tid, False) ) - SET_STATUS_Failure(VKI_EBADF); + ML_(fd_at_check_allowed)(SARG1, (const HChar*)ARG2, "futimesat", tid, status); if (ARG2 != 0) { PRE_MEM_RASCIIZ( "futimesat(path)", ARG2 ); } @@ -5352,17 +5332,13 @@ PRE(sys_futimesat) // int linkat(int fd1, const char *name1, int fd2, const char *name2, int flag); PRE(sys_linkat) { - Int arg_1 = (Int)ARG1; - const HChar *path = (const HChar*)ARG2; *flags |= SfMayBlock; PRINT("sys_linkat ( %" FMT_REGWORD "u, %#" FMT_REGWORD "x(%s), %" FMT_REGWORD "u, %#" FMT_REGWORD "x(%s), %" FMT_REGWORD "u )",ARG1,ARG2,(char*)ARG2,ARG3,ARG4,(char*)ARG4,ARG5); PRE_REG_READ5(int, "linkat", int, fd1, const char *, name1, int, fd2, const char *, name2, int, flag); - if ((ML_(safe_to_deref)(path, 1)) && (path[0] != '/')) - if (arg_1 != VKI_AT_FDCWD && !ML_(fd_allowed)(arg_1, "linkat", tid, False)) - SET_STATUS_Failure(VKI_EBADF); + ML_(fd_at_check_allowed)(SARG1, (const HChar*)ARG2, "linkat", tid, status); PRE_MEM_RASCIIZ( "linkat(name1)", ARG2); PRE_MEM_RASCIIZ( "linkat(name2)", ARG4); } @@ -5371,15 +5347,11 @@ PRE(sys_linkat) // int mkdirat(int fd, const char *path, mode_t mode); PRE(sys_mkdirat) { - Int arg_1 = (Int)ARG1; - const HChar *path = (const HChar*)ARG2; *flags |= SfMayBlock; PRINT("sys_mkdirat ( %" FMT_REGWORD "u, %#" FMT_REGWORD "x(%s), %" FMT_REGWORD "u )", ARG1,ARG2,(char*)ARG2,ARG3); PRE_REG_READ3(int, "mkdirat", int, fd, const char *, path, unsigned int, mode); - if ((ML_(safe_to_deref)(path, 1)) && (path[0] != '/')) - if (arg_1 != VKI_AT_FDCWD && !ML_(fd_allowed)(arg_1, "mkdirat", tid, False)) - SET_STATUS_Failure(VKI_EBADF);; + ML_(fd_at_check_allowed)(SARG1, (const HChar*)ARG2, "mkdirat", tid, status); PRE_MEM_RASCIIZ( "mkdirat(path)", ARG2 ); } @@ -5387,13 +5359,9 @@ PRE(sys_mkdirat) // int mkfifoat(int fd, const char *path, mode_t mode); PRE(sys_mkfifoat) { - Int arg_1 = (Int)ARG1; - const HChar *path = (const HChar*)ARG2; PRINT("sys_mkfifoat ( %" FMT_REGWORD "d, %#" FMT_REGWORD "x(%s), 0x%" FMT_REGWORD "x )", SARG1,ARG2,(HChar*)ARG2,ARG3 ); - if ((ML_(safe_to_deref)(path, 1)) && (path[0] != '/')) - if (arg_1 != VKI_AT_FDCWD && !ML_(fd_allowed)(arg_1, "mkfifoat", tid, False)) - SET_STATUS_Failure(VKI_EBADF); + ML_(fd_at_check_allowed)(SARG1, (const HChar*)ARG2, "mkfifoat", tid, status); PRE_REG_READ3(int, "mkfifoat", int, fd, const char *, path, vki_mode_t, mode); PRE_MEM_RASCIIZ( "mkfifoat(path)", ARG2 ); @@ -5403,14 +5371,10 @@ PRE(sys_mkfifoat) // int mknodat(int fd, const char *path, mode_t mode, dev_t dev); PRE(sys_freebsd11_mknodat) { - Int arg_1 = (Int)ARG1; - const HChar *path = (const HChar*)ARG2; PRINT("sys_freebsd11_mknodat ( %" FMT_REGWORD "u, %#" FMT_REGWORD "x(%s), 0x%" FMT_REGWORD "x, 0x%" FMT_REGWORD "x )", ARG1,ARG2,(char*)ARG2,ARG3,ARG4 ); PRE_REG_READ4(long, "freebsd11_mknodat", int, dfd, const char *, pathname, int, mode, unsigned, dev); - if ((ML_(safe_to_deref)(path, 1)) && (path[0] != '/')) - if (arg_1 != VKI_AT_FDCWD && !ML_(fd_allowed)(arg_1, "freebsd11_mknodat", tid, False)) - SET_STATUS_Failure(VKI_EBADF); + ML_(fd_at_check_allowed)(SARG1, (const HChar*)ARG2, "freebsd11_mknodat", tid, status); PRE_MEM_RASCIIZ( "freebsd11_mknodat(pathname)", ARG2 ); } @@ -5462,20 +5426,7 @@ no_client_write: PRE_REG_READ3(int, "openat", int, fd, const char *, path, int, flags); } - Int arg_1 = (Int) ARG1; - const HChar *path = (const HChar*)ARG2; - if ((ML_(safe_to_deref)(path, 1)) && (path[0] != '/')) - if (arg_1 != VKI_AT_FDCWD && !ML_(fd_allowed)(arg_1, "openat", tid, False)) - SET_STATUS_Failure(VKI_EBADF); - - /* For absolute filenames, dirfd is ignored. If dirfd is AT_FDCWD, - filename is relative to cwd. When comparing dirfd against AT_FDCWD, - be sure only to compare the bottom 32 bits. */ - if (ML_(safe_to_deref)((void*)(Addr)ARG2, 1) - && *(Char *)(Addr)ARG2 != '/' - && ((Int)ARG1) != ((Int)VKI_AT_FDCWD) - && !ML_(fd_allowed)(ARG1, "openat", tid, False)) - SET_STATUS_Failure(VKI_EBADF); + ML_(fd_at_check_allowed)(SARG1, (const HChar*)ARG2, "openat", tid, status); PRE_MEM_RASCIIZ("openat(path)", ARG2); /* Otherwise handle normally */ @@ -5502,16 +5453,12 @@ POST(sys_openat) // size_t bufsize); PRE(sys_readlinkat) { - Bool curproc_file = False; - Int arg_1 = (Int)ARG1; const HChar *path = (const HChar*)ARG2; PRINT("sys_readlinkat ( %" FMT_REGWORD "u, %#" FMT_REGWORD "x(%s), %#" FMT_REGWORD "x, %llu )", ARG1,ARG2,(char*)ARG2,ARG3,(ULong)ARG4); PRE_REG_READ4(ssize_t, "readlinkat", int, fd, const char *, path, char *, buf, int, bufsize); - if ((ML_(safe_to_deref)(path, 1)) && (path[0] != '/')) - if (arg_1 != VKI_AT_FDCWD && !ML_(fd_allowed)(arg_1, "readlinkat", tid, False)) - SET_STATUS_Failure(VKI_EBADF); + ML_(fd_at_check_allowed)(SARG1, (const HChar*)ARG2, "readlinkat", tid, status); PRE_MEM_RASCIIZ( "readlinkat(path)", ARG2 ); PRE_MEM_WRITE("readlinkat(buf)", ARG3, ARG4); @@ -5535,15 +5482,12 @@ POST(sys_readlinkat) // int renameat(int fromfd, const char *from, int tofd, const char *to); PRE(sys_renameat) { - Int arg_1 = (Int)ARG1; - const HChar *path = (const HChar*)ARG2; PRINT("sys_renameat ( %" FMT_REGWORD "u, %#" FMT_REGWORD "x(%s), %" FMT_REGWORD "u, %#" FMT_REGWORD "x(%s) )", ARG1,ARG2,(char*)ARG2,ARG3,ARG4,(char*)ARG4); PRE_REG_READ4(int, "renameat", int, fromfd, const char *, from, int, tofd, const char *, to); - if ((ML_(safe_to_deref)(path, 1)) && (path[0] != '/')) - if (arg_1 != VKI_AT_FDCWD && !ML_(fd_allowed)(arg_1, "renameat", tid, False)) - SET_STATUS_Failure(VKI_EBADF); + ML_(fd_at_check_allowed)(SARG1, (const HChar*)ARG2, "renameat(fromfd)", tid, status); + ML_(fd_at_check_allowed)(SARG3, (const HChar*)ARG4, "renameat(tofd)", tid, status); PRE_MEM_RASCIIZ( "renameat(oldpath)", ARG2 ); PRE_MEM_RASCIIZ( "renameat(newpath)", ARG4 ); } @@ -5552,15 +5496,11 @@ PRE(sys_renameat) // int symlinkat(const char *name1, int fd, const char *name2); PRE(sys_symlinkat) { - Int arg_1 = (Int)ARG1; - const HChar *path = (const HChar*)ARG2; *flags |= SfMayBlock; PRINT("sys_symlinkat ( %#" FMT_REGWORD "x(%s), %" FMT_REGWORD "u, %#" FMT_REGWORD "x(%s) )",ARG1,(char*)ARG1,ARG2,ARG3,(char*)ARG3); PRE_REG_READ3(int, "symlinkat", const char *, name1, int, fd, const char *, name2); - if ((ML_(safe_to_deref)(path, 1)) && (path[0] != '/')) - if (arg_1 != VKI_AT_FDCWD && !ML_(fd_allowed)(arg_1, "symlinkat", tid, False)) - SET_STATUS_Failure(VKI_EBADF); + ML_(fd_at_check_allowed)(SARG1, (const HChar*)ARG2, "symlinkat", tid, status); PRE_MEM_RASCIIZ( "symlinkat(name1)", ARG1 ); PRE_MEM_RASCIIZ( "symlinkat(name2)", ARG3 ); } @@ -5569,12 +5509,9 @@ PRE(sys_symlinkat) // int unlinkat(int fd, const char *path, int flag); PRE(sys_unlinkat) { - *flags |= SfMayBlock; - Int arg_1 = (Int)ARG1; PRINT("sys_unlinkat ( %" FMT_REGWORD "u, %#" FMT_REGWORD "x(%s), %" FMT_REGWORD "u ", ARG1, ARG2, (char*)ARG2, ARG3); - if (arg_1 != VKI_AT_FDCWD && !ML_(fd_allowed)(arg_1, "unlinkat", tid, False)) - SET_STATUS_Failure(VKI_EBADF); + ML_(fd_at_check_allowed)(SARG1, (const HChar*)ARG2, "unlinkat", tid, status); PRE_REG_READ3(int, "unlinkat", int, fd, const char *, path, int, flag); PRE_MEM_RASCIIZ( "unlinkat(path)", ARG2 ); } @@ -6192,15 +6129,10 @@ POST(sys_cap_fcntls_get) // int bindat(int fd, int s, const struct sockaddr *addr, socklen_t addrlen); PRE(sys_bindat) { - Int arg_1 = (Int)ARG1; - const HChar *path = (const HChar*)ARG2; PRINT("sys_bindat ( %" FMT_REGWORD "d, %" FMT_REGWORD "dx, %#" FMT_REGWORD "x, %" FMT_REGWORD "u )", SARG1, SARG2, ARG3, ARG4); PRE_REG_READ4(int, "bindat", int, fd, int, s, const struct vki_sockaddr *, name, vki_socklen_t, namelen); - if ((ML_(safe_to_deref) (path, 1)) && (path[0] != '/')) - if ((arg_1 != VKI_AT_FDCWD) && !ML_(fd_allowed)(arg_1, "bindat", tid, False) ) - SET_STATUS_Failure(VKI_EBADF); - + ML_(fd_at_check_allowed)(SARG1, (const HChar*)ARG2, "bindat", tid, status); PRE_MEM_READ("bindat(name)", ARG3, ARG4); } @@ -6208,14 +6140,10 @@ PRE(sys_bindat) // int connectat(int fd, int s, const struct sockaddr *name, socklen_t namelen); PRE(sys_connectat) { - Int arg_1 = (Int)ARG1; - const HChar *path = (const HChar*)ARG2; PRINT("sys_connectat ( %" FMT_REGWORD "d, %" FMT_REGWORD "dx, %#" FMT_REGWORD "x, %" FMT_REGWORD "u )", SARG1, SARG2, ARG3, ARG4); PRE_REG_READ4(int, "connectat", int, fd, int, s, const struct vki_sockaddr *, name, vki_socklen_t, namelen); - if ((ML_(safe_to_deref) (path, 1)) && (path[0] != '/')) - if ((arg_1 != VKI_AT_FDCWD) && !ML_(fd_allowed)(arg_1, "connectat", tid, False) ) - SET_STATUS_Failure(VKI_EBADF); + ML_(fd_at_check_allowed)(SARG1, (const HChar*)ARG2, "connectat", tid, status); PRE_MEM_READ("connectat(name)", ARG3, ARG4); } @@ -6223,15 +6151,10 @@ PRE(sys_connectat) // int chflagsat(int fd, const char *path, unsigned long flags, int atflag); PRE(sys_chflagsat) { - Int arg_1 = (Int)ARG1; - const HChar *path = (const HChar*)ARG2; PRINT("sys_chglagsat ( %" FMT_REGWORD "d, %#" FMT_REGWORD "x, %" FMT_REGWORD "u, %" FMT_REGWORD "d )", SARG1, ARG2, ARG3, SARG4); PRE_REG_READ4(int, "chflagsat", int, fd, const char *, path, unsigned long, flags, int, atflag); - if ((ML_(safe_to_deref) (path, 1)) && (path[0] != '/')) - if ((arg_1 != VKI_AT_FDCWD) && !ML_(fd_allowed)(arg_1, "chflagsat", tid, False) ) - SET_STATUS_Failure(VKI_EBADF); - + ML_(fd_at_check_allowed)(SARG1, (const HChar*)ARG2, "chflagsat", tid, status); PRE_MEM_RASCIIZ("chflagsat(path)", ARG2); } @@ -6372,8 +6295,7 @@ PRE(sys_utimensat) SARG1, ARG2, ARG3, SARG4); PRE_REG_READ4(int, "utimensat", int, fd, const char *,path, const struct timespec *, times, int, flag); - if (!ML_(fd_allowed)(ARG1, "utimensat", tid, False)) - SET_STATUS_Failure(VKI_EBADF); + ML_(fd_at_check_allowed)(SARG1, (const HChar*)ARG2, "utimensat", tid, status); PRE_MEM_RASCIIZ("utimensat(path)", ARG2); PRE_MEM_READ("utimensat(times)", ARG3, 2*sizeof(struct vki_timespec)); } @@ -6406,14 +6328,10 @@ POST(sys_fstat) // int fstatat(int fd, const char *path, struct stat *sb, int flag); PRE(sys_fstatat) { - Int arg_1 = (Int)ARG1; - const HChar *path = (const HChar*)ARG2; PRINT("sys_fstatat ( %" FMT_REGWORD "d, %#" FMT_REGWORD "x(%s), %#" FMT_REGWORD "x, %" FMT_REGWORD "d )", SARG1,ARG2,(char*)ARG2,ARG3,SARG4); PRE_REG_READ4(int, "fstatat", int, fd, const char *, path, struct stat *, sb, int, flag); - if ((ML_(safe_to_deref)(path, 1)) && (path[0] != '/')) - if (arg_1 != VKI_AT_FDCWD && !ML_(fd_allowed)(arg_1, "fstatat", tid, False)) - SET_STATUS_Failure(VKI_EBADF); + ML_(fd_at_check_allowed)(SARG1, (const HChar*)ARG2, "fstatat", tid, status); PRE_MEM_RASCIIZ( "fstatat(path)", ARG2 ); PRE_MEM_WRITE( "fstatat(sb)", ARG3, sizeof(struct vki_stat) ); } @@ -6598,13 +6516,9 @@ POST(sys_getrandom) // int getfhat(int fd, const char *path, fhandle_t *fhp, int flag); PRE(sys_getfhat) { - Int arg_1 = (Int)ARG1; - const HChar *path = (const HChar*)ARG2; PRINT("sys_getfhat ( %" FMT_REGWORD "d, %#" FMT_REGWORD "x, %" FMT_REGWORD "x, %" FMT_REGWORD "d ", SARG1, ARG2, ARG3, SARG4); PRE_REG_READ4(int, "getfhat", int, fd, const char*, path, vki_fhandle_t*, fhp, int, flag); - if ((ML_(safe_to_deref)(path, 1)) && (path[0] != '/')) - if (arg_1 != VKI_AT_FDCWD && !ML_(fd_allowed)(arg_1, "getfhat", tid, False)) - SET_STATUS_Failure(VKI_EBADF);; + ML_(fd_at_check_allowed)(SARG1, (const HChar*)ARG2, "getfhat", tid, status); PRE_MEM_RASCIIZ( "getfhat(path)", ARG2 ); PRE_MEM_WRITE("getfhat(fhp)", ARG3, sizeof(vki_fhandle_t)); } @@ -6653,15 +6567,11 @@ POST(sys_fhreadlink) // int funlinkat(int dfd, const char *path, int fd, int flag); PRE(sys_funlinkat) { - Int arg_1 = (Int)ARG1; - const HChar *path = (const HChar*)ARG2; *flags |= SfMayBlock; PRINT("sys_funlinkat ( %" FMT_REGWORD "d, %#" FMT_REGWORD "x(%s), %" FMT_REGWORD "u, %" FMT_REGWORD"u )", SARG1, ARG2, (char*)ARG2, ARG4, ARG5); PRE_REG_READ4(int, "funlinkat", int, dfd, const char *, path, int, fd, int, flag); - if ((ML_(safe_to_deref)(path, 1)) && (path[0] != '/')) - if (arg_1 != VKI_AT_FDCWD && !ML_(fd_allowed)(arg_1, "funlinkat", tid, False)) - SET_STATUS_Failure(VKI_EBADF); + ML_(fd_at_check_allowed)(SARG1, (const HChar*)ARG2, "funlinkat", tid, status); PRE_MEM_RASCIIZ( "funlinkat(path)", ARG2 ); } @@ -6838,15 +6748,11 @@ PRE(sys_sigfastblock) // int flags) PRE(sys___realpathat) { - Int arg_1 = (Int)ARG1; - const HChar *path = (const HChar*)ARG2; PRINT("sys___realpathat ( %" FMT_REGWORD "d, %#" FMT_REGWORD "x(%s), %#" FMT_REGWORD "x, %" FMT_REGWORD "u %" FMT_REGWORD "d )", SARG1,ARG2,(const char*)ARG2,ARG3,ARG4,SARG5 ); PRE_REG_READ5(int, "__realpathat", int, fd, const char *, path, char *, buf, vki_size_t, size, int, flags); - if ((ML_(safe_to_deref)(path, 1)) && (path[0] != '/')) - if (arg_1 != VKI_AT_FDCWD && !ML_(fd_allowed)(arg_1, "__realpathat", tid, False)) - SET_STATUS_Failure(VKI_EBADF); + ML_(fd_at_check_allowed)(SARG1, (const HChar*)ARG2, "__realpathat", tid, status); PRE_MEM_RASCIIZ("__realpathat(path)", (Addr)ARG2); PRE_MEM_WRITE("__realpathat(buf)", (Addr)ARG3, ARG4); } @@ -7282,17 +7188,10 @@ PRE(sys_exterrctl) // int inotify_add_watch_at(int fd, int dfd, _In_z_ const char *path, uint32_t mask); PRE(sys_inotify_add_watch_at) { - Int arg_2 = (Int)ARG2; - const HChar *path = (const HChar*)ARG3; PRINT("sys_inotify_add_watch_at(%" FMT_REGWORD "d, %" FMT_REGWORD "d, %" FMT_REGWORD "x(%s), %#" FMT_REGWORD "x)", SARG1, SARG2, ARG3, (HChar*)ARG3, ARG4); PRE_REG_READ4(int, "inotify_add_watch_at", int, fd, int, dfd, const char*, path, uint32_t, mask); PRE_MEM_RASCIIZ("inotify_add_watch_at(path)", ARG3); - if (!ML_(fd_allowed)(ARG1, "inotify_add_watch_at", tid, False)) { - SET_STATUS_Failure( VKI_EBADF ); - } - if ((ML_(safe_to_deref)(path, 1)) && (path[0] != '/')) - if (arg_2 != VKI_AT_FDCWD && !ML_(fd_allowed)(arg_2, "inotify_add_watch_at", tid, False)) - SET_STATUS_Failure(VKI_EBADF); + ML_(fd_at_check_allowed)(SARG1, (const HChar*)ARG2, "inotify_add_watch_at", tid, status); } // SYS_inotify_rm_watch diff --git a/coregrind/m_syswrap/syswrap-generic.c b/coregrind/m_syswrap/syswrap-generic.c index c7d58bc106..c8c421c95f 100644 --- a/coregrind/m_syswrap/syswrap-generic.c +++ b/coregrind/m_syswrap/syswrap-generic.c @@ -1794,6 +1794,12 @@ Bool ML_(fd_allowed)(Int fd, const HChar *syscallname, ThreadId tid, return allowed; } +void ML_(fd_at_check_allowed)(Int fd, const HChar* path, const HChar* function_name, ThreadId tid, SyscallStatus* status) +{ + if ((ML_(safe_to_deref) (path, 1)) && (path[0] != '/')) + if ((fd != VKI_AT_FDCWD) && !ML_(fd_allowed)(fd, function_name, tid, False)) + SET_STATUS_Failure(VKI_EBADF); +} /* --------------------------------------------------------------------- Deal with a bunch of socket-related syscalls diff --git a/coregrind/m_syswrap/syswrap-linux.c b/coregrind/m_syswrap/syswrap-linux.c index f876f839bd..f5723f8cda 100644 --- a/coregrind/m_syswrap/syswrap-linux.c +++ b/coregrind/m_syswrap/syswrap-linux.c @@ -114,19 +114,6 @@ static VgSchedReturnCode thread_wrapper(Word /*ThreadId*/ tidW) return ret; } -/* - * Used by *at() functions that take a directory fd as a root for relative paths - * I did want to put this in pub_core_syswrap.h but that's difficult as - * it pulls in several dependent headers resulting in one that can't - * be accessed every place that uses this pub_core_syswrap.h - */ -static inline void fd_at_check_allowed(Int fd, const HChar* path, const HChar* function_name, ThreadId tid, SyscallStatus* status) -{ - if ((ML_(safe_to_deref) (path, 1)) && (path[0] != '/')) - if ((fd != VKI_AT_FDCWD) && !ML_(fd_allowed)(fd, function_name, tid, False) ) - SET_STATUS_Failure( VKI_EBADF ); -} - /* --------------------------------------------------------------------- clone-related stuff ------------------------------------------------------------------ */ @@ -6125,11 +6112,7 @@ no_client_write: /* For absolute filenames, dirfd is ignored. If dirfd is AT_FDCWD, filename is relative to cwd. When comparing dirfd against AT_FDCWD, be sure only to compare the bottom 32 bits. */ - if (ML_(safe_to_deref)( (void*)(Addr)ARG2, 1 ) - && *(Char *)(Addr)ARG2 != '/' - && ((Int)ARG1) != ((Int)VKI_AT_FDCWD) - && !ML_(fd_allowed)(ARG1, "openat", tid, False)) - SET_STATUS_Failure( VKI_EBADF ); + ML_(fd_at_check_allowed)(SARG1, (const HChar*)ARG2, "openat", tid, status); /* Handle the case where the open is of /proc/self/cmdline or /proc/<pid>/cmdline, and just give it a copy of the fd for the @@ -6194,7 +6177,7 @@ PRE(sys_mkdirat) *flags |= SfMayBlock; PRINT("sys_mkdirat ( %ld, %#" FMT_REGWORD "x(%s), %ld )", SARG1, ARG2, (HChar*)(Addr)ARG2, SARG3); - fd_at_check_allowed(SARG1, (const HChar*)ARG2, "mkdirat", tid, status); + ML_(fd_at_check_allowed)(SARG1, (const HChar*)ARG2, "mkdirat", tid, status); PRE_REG_READ3(long, "mkdirat", int, dfd, const char *, pathname, int, mode); PRE_MEM_RASCIIZ( "mkdirat(pathname)", ARG2 ); @@ -6205,7 +6188,7 @@ PRE(sys_mknodat) FUSE_COMPATIBLE_MAY_BLOCK(); PRINT("sys_mknodat ( %ld, %#" FMT_REGWORD "x(%s), 0x%" FMT_REGWORD "x, 0x%" FMT_REGWORD "x )", SARG1, ARG2, (HChar*)(Addr)ARG2, ARG3, ARG4 ); - fd_at_check_allowed(SARG1, (const HChar*)ARG2, "mknodat", tid, status); + ML_(fd_at_check_allowed)(SARG1, (const HChar*)ARG2, "mknodat", tid, status); PRE_REG_READ4(long, "mknodat", int, dfd, const char *, pathname, int, mode, unsigned, dev); PRE_MEM_RASCIIZ( "mknodat(pathname)", ARG2 ); @@ -6213,41 +6196,28 @@ PRE(sys_mknodat) PRE(sys_fchownat) { - Int arg_1 = (Int)ARG1; - const HChar *path = (const HChar*) ARG2; FUSE_COMPATIBLE_MAY_BLOCK(); - PRINT("sys_fchownat ( %d, %#" FMT_REGWORD "x(%s), 0x%" FMT_REGWORD "x, 0x%" - FMT_REGWORD "x )", arg_1, ARG2, path, ARG3, ARG4); + PRINT("sys_fchownat ( %" FMT_REGWORD "d, %#" FMT_REGWORD "x(%s), 0x%" FMT_REGWORD "x, 0x%" + FMT_REGWORD "x )", SARG1, ARG2, (HChar*)ARG2, ARG3, ARG4); PRE_REG_READ4(long, "fchownat", int, dfd, const char *, path, vki_uid_t, owner, vki_gid_t, group); PRE_MEM_RASCIIZ( "fchownat(path)", ARG2 ); - if ((ML_(safe_to_deref) (path, 1)) && (path[0] != '/')) - if ( (arg_1 != VKI_AT_FDCWD) && !ML_(fd_allowed)(arg_1, "fchownat", tid, False) ) - SET_STATUS_Failure( VKI_EBADF ); + ML_(fd_at_check_allowed)(SARG1, (const HChar*)ARG2, "fchownat", tid, status); } PRE(sys_futimesat) { FUSE_COMPATIBLE_MAY_BLOCK(); - Int arg_1 = (Int)ARG1; - const HChar *path = (const HChar*) ARG2; - PRINT("sys_futimesat ( %d, %#" FMT_REGWORD "x(%s), %#" FMT_REGWORD "x )", - arg_1, ARG2, path, ARG3); + PRINT("sys_futimesat ( %" FMT_REGWORD "d, %#" FMT_REGWORD "x(%s), %#" FMT_REGWORD "x )", + SARG1, ARG2, (HChar*)ARG2, ARG3); PRE_REG_READ3(long, "futimesat", int, dfd, char *, filename, struct timeval *, tvp); if (ARG2 != 0) PRE_MEM_RASCIIZ( "futimesat(filename)", ARG2 ); if (ARG3 != 0) PRE_MEM_READ( "futimesat(tvp)", ARG3, 2 * sizeof(struct vki_timeval) ); - if (ML_(safe_to_deref) (path, 1)) { - /* If pathname is relative and dirfd is the special value AT_FDCWD, then pathname is interpreted ... */ - if (path[0] != '/') - if ( arg_1 != VKI_AT_FDCWD && !ML_(fd_allowed)(arg_1, "futimesat", tid, False) ) - SET_STATUS_Failure( VKI_EBADF ); - /* If pathname is absolute, then dirfd is ignored. */ - } - + ML_(fd_at_check_allowed)(SARG1, (const HChar*)ARG2, "futimesat", tid, status); } PRE(sys_utimensat) @@ -6257,7 +6227,7 @@ PRE(sys_utimensat) FMT_REGWORD "x )", SARG1, ARG2, (HChar*)(Addr)ARG2, ARG3, ARG4); PRE_REG_READ4(long, "utimensat", int, dfd, char *, filename, struct timespec *, utimes, int, flags); - fd_at_check_allowed(SARG1, (const HChar*)ARG2, "utimensat", tid, status); + ML_(fd_at_check_allowed)(SARG1, (const HChar*)ARG2, "utimensat", tid, status); if (ARG2 != 0) PRE_MEM_RASCIIZ( "utimensat(filename)", ARG2 ); if (ARG3 != 0) { @@ -6289,7 +6259,7 @@ PRE(sys_utimensat_time64) SARG1, ARG2, (HChar*)(Addr)ARG2, ARG3, ARG4); PRE_REG_READ4(long, "utimensat_time64", int, dfd, char *, filename, struct timespec *, utimes, int, flags); - fd_at_check_allowed(SARG1, (const HChar*)ARG2, "utimensat_time64", tid, status); + ML_(fd_at_check_allowed)(SARG1, (const HChar*)ARG2, "utimensat_time64", tid, status); if (ARG2 != 0) PRE_MEM_RASCIIZ( "utimensat_time64(filename)", ARG2 ); if (ARG3 != 0) { @@ -6321,7 +6291,7 @@ PRE(sys_newfstatat) SARG1, ARG2, (HChar*)(Addr)ARG2, ARG3); PRE_REG_READ3(long, "fstatat", int, dfd, char *, file_name, struct stat *, buf); - fd_at_check_allowed(SARG1, (const HChar*)ARG2, "newfstatat", tid, status); + ML_(fd_at_check_allowed)(SARG1, (const HChar*)ARG2, "newfstatat", tid, status); // See the comment about Rust in PRE(sys_statx). When glibc does support // statx rust uses that instead of the system call, but glibc's statx is // implemented in terms of fstatat, so the filename being NULL is @@ -6344,7 +6314,7 @@ PRE(sys_unlinkat) PRINT("sys_unlinkat ( %ld, %#" FMT_REGWORD "x(%s) )", SARG1, ARG2, (HChar*)(Addr)ARG2); PRE_REG_READ2(long, "unlinkat", int, dfd, const char *, pathname); - fd_at_check_allowed(SARG1, (const HChar*)ARG2, "unlinkat", tid, status); + ML_(fd_at_check_allowed)(SARG1, (const HChar*)ARG2, "unlinkat", tid, status); PRE_MEM_RASCIIZ( "unlinkat(pathname)", ARG2 ); } @@ -6357,7 +6327,7 @@ PRE(sys_renameat) PRE_REG_READ4(long, "renameat", int, olddfd, const char *, oldpath, int, newdfd, const char *, newpath); - fd_at_check_allowed(SARG1, (const HChar*)ARG2, "renameat", tid, status); + ML_(fd_at_check_allowed)(SARG1, (const HChar*)ARG2, "renameat", tid, status); PRE_MEM_RASCIIZ( "renameat(oldpath)", ARG2 ); PRE_MEM_RASCIIZ( "renameat(newpath)", ARG4 ); } @@ -6372,17 +6342,8 @@ PRE(sys_renameat2) int, olddfd, const char *, oldpath, int, newdfd, const char *, newpath, unsigned int, flags); - if (ML_(safe_to_deref)( (void*)(Addr)ARG2, 1 ) - && *(Char *)(Addr)ARG2 != '/' - && ((Int)ARG1) != ((Int)VKI_AT_FDCWD) - && !ML_(fd_allowed)(ARG1, "renameat2(olddfd)", tid, False)) - SET_STATUS_Failure( VKI_EBADF ); - if (ML_(safe_to_deref)( (void*)(Addr)ARG4, 1 ) - && *(Char *)(Addr)ARG4 != '/' - && ((Int)ARG3) != ((Int)VKI_AT_FDCWD) - && !ML_(fd_allowed)(ARG3, "renameat2(newsfd)", tid, False)) - SET_STATUS_Failure( VKI_EBADF ); - + ML_(fd_at_check_allowed)(SARG1, (const HChar*)ARG2, "renameat2(olddirfd)", tid, status); + ML_(fd_at_check_allowed)(SARG3, (const HChar*)ARG4, "renameat2(newdirfd)", tid, status); PRE_MEM_RASCIIZ( "renameat2(oldpath)", ARG2 ); PRE_MEM_RASCIIZ( "renameat2(newpath)", ARG4 ); } @@ -6397,7 +6358,7 @@ PRE(sys_linkat) int, olddfd, const char *, oldpath, int, newdfd, const char *, newpath, int, flags); - fd_at_check_allowed(SARG1, (const HChar*)ARG2, "linkat", tid, status); + ML_(fd_at_check_allowed)(SARG1, (const HChar*)ARG2, "linkat", tid, status); PRE_MEM_RASCIIZ( "linkat(oldpath)", ARG2); PRE_MEM_RASCIIZ( "linkat(newpath)", ARG4); } @@ -6409,7 +6370,7 @@ PRE(sys_symlinkat) "x(%s) )", ARG1, (HChar*)(Addr)ARG1, SARG2, ARG3, (HChar*)(Addr)ARG3); PRE_REG_READ3(long, "symlinkat", const char *, oldpath, int, newdfd, const char *, newpath); - fd_at_check_allowed(SARG1, (const HChar*)ARG2, "symlinkat", tid, status); + ML_(fd_at_check_allowed)(SARG1, (const HChar*)ARG2, "symlinkat", tid, status); PRE_MEM_RASCIIZ( "symlinkat(oldpath)", ARG1 ); PRE_MEM_RASCIIZ( "symlinkat(newpath)", ARG3 ); } @@ -6421,7 +6382,7 @@ PRE(sys_readlinkat) FMT_REGWORD "u )", SARG1, ARG2, (HChar*)(Addr)ARG2, ARG3, ARG4); PRE_REG_READ4(long, "readlinkat", int, dfd, const char *, path, char *, buf, vki_size_t, bufsiz); - fd_at_check_allowed(SARG1, (const HChar*)ARG2, "readlinkat", tid, status); + ML_(fd_at_check_allowed)(SARG1, (const HChar*)ARG2, "readlinkat", tid, status); PRE_MEM_RASCIIZ( "readlinkat(path)", ARG2 ); PRE_MEM_WRITE( "readlinkat(buf)", ARG3,ARG4 ); } @@ -6459,13 +6420,7 @@ PRE(sys_fchmodat) PRE_REG_READ3(long, "fchmodat", int, dfd, const char *, path, vki_mode_t, mode); PRE_MEM_RASCIIZ( "fchmodat(path)", ARG2 ); - if (ML_(safe_to_deref) (path, 1)) { - // If pathname is relative and dirfd is the special value AT_FDCWD, then pathname is interpreted ... - if (path[0] != '/') - if ( arg_1 != VKI_AT_FDCWD && !ML_(fd_allowed)(arg_1, "fchmodat", tid, False) ) - SET_STATUS_Failure( VKI_EBADF ); - // If pathname is absolute, then dirfd is ignored - } + ML_(fd_at_check_allowed)(SARG1, (const HChar*)ARG2, "fchmodat", tid, status); } PRE(sys_cachestat) @@ -6490,23 +6445,15 @@ POST(sys_cachestat) PRE(sys_fchmodat2) { - Int arg_1 = (Int) ARG1; - const HChar *path = (const HChar*) ARG2; FUSE_COMPATIBLE_MAY_BLOCK(); - PRINT("sys_fchmodat2 ( %d, %#" FMT_REGWORD "x(%s), %" FMT_REGWORD "u, %" + PRINT("sys_fchmodat2 ( %" FMT_REGWORD "d, %#" FMT_REGWORD "x(%s), %" FMT_REGWORD "u, %" FMT_REGWORD "u )", - arg_1, ARG2, path, ARG3, ARG4); + SARG1, ARG2, (const HChar*)ARG2, ARG3, ARG4); PRE_REG_READ4(long, "fchmodat2", int, dfd, const char *, path, vki_mode_t, mode, unsigned int, flags); PRE_MEM_RASCIIZ( "fchmodat2(pathname)", ARG2 ); - if (ML_(safe_to_deref) (path, 1)) { - // If pathname is relative and dirfd is the special value AT_FDCWD, then pathname is interpreted ... - if (path[0] != '/') - if ( arg_1 != VKI_AT_FDCWD && !ML_(fd_allowed)(arg_1, "fchmodat2", tid, False) ) - SET_STATUS_Failure( VKI_EBADF ); - // If pathname is absolute, then dirfd is ignored - } + ML_(fd_at_check_allowed)(SARG1, (const HChar*)ARG2, "fchmodat2", tid, status); } PRE(sys_faccessat) @@ -6520,9 +6467,7 @@ PRE(sys_faccessat) PRE_REG_READ3(long, "faccessat", int, dfd, const char *, pathname, int, mode); PRE_MEM_RASCIIZ( "faccessat(pathname)", ARG2 ); - if ((ML_(safe_to_deref) (path, 1)) && (path[0] != '/')) - if ( arg_1 != VKI_AT_FDCWD && !ML_(fd_allowed)(arg_1, "faccessat", tid, False) ) - SET_STATUS_Failure( VKI_EBADF ); + ML_(fd_at_check_allowed)(SARG1, (const HChar*)ARG2, "faccessat", tid, status); } PRE(sys_faccessat2) @@ -6537,9 +6482,7 @@ PRE(sys_faccessat2) PRE_REG_READ4(long, "faccessat2", int, dfd, const char *, pathname, int, mode, int, flags); PRE_MEM_RASCIIZ( "faccessat2(pathname)", ARG2 ); - if ((ML_(safe_to_deref) (path, 1)) && (path[0] != '/')) - if ( arg_1 != VKI_AT_FDCWD && !ML_(fd_allowed)(arg_1, "faccessat2", tid, False) ) - SET_STATUS_Failure( VKI_EBADF ); + ML_(fd_at_check_allowed)(SARG1, (const HChar*)ARG2, "faccessat2", tid, status); } PRE(sys_name_to_handle_at) @@ -14205,11 +14148,8 @@ PRE(sys_openat2) /* For absolute filenames, dirfd is ignored. If dirfd is AT_FDCWD, filename is relative to cwd. When comparing dirfd against AT_FDCWD, be sure only to compare the bottom 32 bits. */ - if (ML_(safe_to_deref)( (void*)(Addr)ARG2, 1 ) - && *(Char *)(Addr)ARG2 != '/' - && ((Int)ARG1) != ((Int)VKI_AT_FDCWD) - && !ML_(fd_allowed)(ARG1, "openat2", tid, False)) - SET_STATUS_Failure( VKI_EBADF ); + ML_(fd_at_check_allowed)(SARG1, (const HChar*)ARG2, "openat2", tid, status); + /* Handle the case where the open is of /proc/self/cmdline or /proc/<pid>/cmdline, and just give it a copy of the fd for the fake file we cooked up at startup (in m_main). Also, seek the diff --git a/coregrind/m_syswrap/syswrap-mips32-linux.c b/coregrind/m_syswrap/syswrap-mips32-linux.c index 59c7d4e977..09d292ea88 100644 --- a/coregrind/m_syswrap/syswrap-mips32-linux.c +++ b/coregrind/m_syswrap/syswrap-mips32-linux.c @@ -551,11 +551,7 @@ PRE(sys_fstatat64) SARG1, ARG2, (HChar*)ARG2, ARG3, ARG4); PRE_REG_READ4(long, "fstatat64", int, dfd, char *, file_name, struct stat64 *, buf, int, flags); - if (ML_(safe_to_deref)( (void*)(Addr)ARG2, 1 ) - && *(Char *)(Addr)ARG2 != '/' - && ((Int)ARG1) != ((Int)VKI_AT_FDCWD) - && !ML_(fd_allowed)(ARG1, "fstatat64", tid, False)) - SET_STATUS_Failure( VKI_EBADF ); + ML_(fd_at_check_allowed)(SARG1, (const HChar*)ARG2, "fstatat64", tid, status); PRE_MEM_RASCIIZ ("fstatat64(file_name)", ARG2); PRE_MEM_WRITE ("fstatat64(buf)", ARG3, sizeof (struct vki_stat64)); } diff --git a/coregrind/m_syswrap/syswrap-ppc32-linux.c b/coregrind/m_syswrap/syswrap-ppc32-linux.c index b6c3401b8d..cb44107953 100644 --- a/coregrind/m_syswrap/syswrap-ppc32-linux.c +++ b/coregrind/m_syswrap/syswrap-ppc32-linux.c @@ -315,11 +315,7 @@ PRE(sys_fstatat64) ARG3); PRE_REG_READ3(long, "fstatat64", int, dfd, char *, file_name, struct stat64 *, buf); - if (ML_(safe_to_deref)( (void*)(Addr)ARG2, 1 ) - && *(Char *)(Addr)ARG2 != '/' - && ((Int)ARG1) != ((Int)VKI_AT_FDCWD) - && !ML_(fd_allowed)(ARG1, "fstatat64", tid, False)) - SET_STATUS_Failure( VKI_EBADF ); + ML_(fd_at_check_allowed)(SARG1, (const HChar*)ARG2, "fstatat64", tid, status); PRE_MEM_RASCIIZ( "fstatat64(file_name)", ARG2 ); PRE_MEM_WRITE( "fstatat64(buf)", ARG3, sizeof(struct vki_stat64) ); } diff --git a/coregrind/m_syswrap/syswrap-x86-freebsd.c b/coregrind/m_syswrap/syswrap-x86-freebsd.c index 5ea0524c76..483ca67ece 100644 --- a/coregrind/m_syswrap/syswrap-x86-freebsd.c +++ b/coregrind/m_syswrap/syswrap-x86-freebsd.c @@ -1388,15 +1388,11 @@ POST(sys_procctl) // int mknodat(int fd, const char *path, mode_t mode, dev_t dev); PRE(sys_mknodat) { - Int arg_1 = (Int)ARG1; - const HChar *path = (const HChar*)ARG2; PRINT("sys_mknodat ( %" FMT_REGWORD "u, %#" FMT_REGWORD "x(%s), 0x%" FMT_REGWORD "x, 0x%" FMT_REGWORD "x )", ARG1,ARG2,(char*)ARG2,ARG3,ARG4 ); PRE_REG_READ5(long, "mknodat", int, fd, const char *, path, vki_mode_t, mode, vki_uint32_t, MERGE64_FIRST(dev), vki_uint32_t, MERGE64_SECOND(idev)) PRE_MEM_RASCIIZ( "mknodat(pathname)", ARG2 ); - if ((ML_(safe_to_deref)(path, 1)) && (path[0] != '/')) - if (arg_1 != VKI_AT_FDCWD && !ML_(fd_allowed)(arg_1, "mknodat", tid, False)) - SET_STATUS_Failure(VKI_EBADF); + ML_(fd_at_check_allowed)(SARG1, (const HChar*)ARG2, "mknodat", tid, status); } // SYS_cpuset_getdomain 561 diff --git a/coregrind/m_syswrap/syswrap-x86-linux.c b/coregrind/m_syswrap/syswrap-x86-linux.c index 867c31d06d..45c76a6db5 100644 --- a/coregrind/m_syswrap/syswrap-x86-linux.c +++ b/coregrind/m_syswrap/syswrap-x86-linux.c @@ -1032,11 +1032,7 @@ PRE(sys_fstatat64) SARG1, ARG2, (HChar*)ARG2, ARG3, ARG4); PRE_REG_READ4(long, "fstatat64", int, dfd, char *, file_name, struct stat64 *, buf, int, flags); - if (ML_(safe_to_deref)( (void*)(Addr)ARG2, 1 ) - && *(Char *)(Addr)ARG2 != '/' - && ((Int)ARG1) != ((Int)VKI_AT_FDCWD) - && !ML_(fd_allowed)(ARG1, "fstatat64", tid, False)) - SET_STATUS_Failure( VKI_EBADF ); + ML_(fd_at_check_allowed)(SARG1, (const HChar*)ARG2, "fstatat64", tid, status); PRE_MEM_RASCIIZ( "fstatat64(file_name)", ARG2 ); PRE_MEM_WRITE( "fstatat64(buf)", ARG3, sizeof(struct vki_stat64) ); } |
From: Florian K. <fk...@so...> - 2025-08-28 20:20:27
|
https://sourceware.org/cgit/valgrind/commit/?id=bbf3cf234eacc97a652437c4f5e626c43b1bc76d commit bbf3cf234eacc97a652437c4f5e626c43b1bc76d Author: Florian Krohm <fl...@ei...> Date: Thu Aug 28 20:17:29 2025 +0000 iropt-test: Constant folding for Iop_DivModU64to32 and Iop_DivModS64to32 Function get_selected_values has been tweaked to return more "interesting" values for test generation. Namely those that, when interpreted as a signed integer, are boundary (or near boundary) values. Also a bit of reorg because for the DivMod.. IROps we need to be a bit more careful when generating testcases that do not trap or where the result does not fit in 32 bit. Part of fixing https://bugs.kde.org/show_bug.cgi?id=506211 Diff: --- VEX/priv/ir_opt.c | 33 ++++++++++++++++++++++ none/tests/iropt-test/binary.c | 61 +++++++++++++++++++++++++++++++++-------- none/tests/iropt-test/irops.tab | 4 +-- none/tests/iropt-test/main.c | 2 +- none/tests/iropt-test/util.c | 16 +++++++++-- 5 files changed, 99 insertions(+), 17 deletions(-) diff --git a/VEX/priv/ir_opt.c b/VEX/priv/ir_opt.c index 100f6396f9..5056b677be 100644 --- a/VEX/priv/ir_opt.c +++ b/VEX/priv/ir_opt.c @@ -2161,6 +2161,39 @@ static IRExpr* fold_Expr_WRK ( IRExpr** env, IRExpr* e ) break; } + /* -- DivMod -- */ + case Iop_DivModU64to32: { + ULong u64a = e->Iex.Binop.arg1->Iex.Const.con->Ico.U64; + UInt u32b = e->Iex.Binop.arg2->Iex.Const.con->Ico.U32; + if (u32b != 0) { + ULong q = u64a / u32b; + /* Can q be represented in 32 bit? */ + if (q <= 0xFFFFFFFF) { + UInt r = u64a % u32b; + e2 = IRExpr_Const(IRConst_U64(((ULong)r << 32) | (UInt)q)); + } + } + break; + } + case Iop_DivModS64to32: { + Long s64a = e->Iex.Binop.arg1->Iex.Const.con->Ico.U64; + Int s32b = e->Iex.Binop.arg2->Iex.Const.con->Ico.U32; + if (s32b != 0) { + /* Division may trap when result overflows i.e. when + attempting: INT64_MAX / -1 */ + if (e->Iex.Binop.arg1->Iex.Const.con->Ico.U64 == (1ULL << 63) + && s32b == -1) + break; + Long q = s64a / s32b; + /* Can q be represented in 32 bit? */ + if (q >= (-2147483647-1) && q <= 2147483647) { + Int r = s64a % s32b; + e2 = IRExpr_Const(IRConst_U64(((ULong)r << 32) | (UInt)q)); + } + } + break; + } + /* -- Shl -- */ case Iop_Shl8: vassert(e->Iex.Binop.arg2->Iex.Const.con->tag == Ico_U8); diff --git a/none/tests/iropt-test/binary.c b/none/tests/iropt-test/binary.c index 896d57630e..1fbe1341fc 100644 --- a/none/tests/iropt-test/binary.c +++ b/none/tests/iropt-test/binary.c @@ -30,7 +30,7 @@ static uint64_t get_expected_value(const irop_t *, const test_data_t *); static void run_tests(const irop_t *, test_data_t *); static void run_shift_tests(const irop_t *, test_data_t *); static int is_shift_op(IROp); -static int is_division_op(IROp); +static int ok_to_run(IROp op, uint64_t, uint64_t); void @@ -57,9 +57,8 @@ run_selected_tests(const irop_t *op, test_data_t *data) for (unsigned j = 0; j < num_val_r; ++j) { opnd_r->value = values_r[j]; - if (is_division_op(op->op) && opnd_r->value == 0) continue; - - valgrind_execute_test(op, data, get_expected_value(op, data)); + if (ok_to_run(op->op, opnd_l->value, opnd_r->value)) + valgrind_execute_test(op, data, get_expected_value(op, data)); } } } @@ -75,13 +74,15 @@ run_random_tests(const irop_t *op, test_data_t *data) /* 1-bit wide operands are tested exhaustively. Skip random tests. */ if (opnd_l->type == Ity_I1 && opnd_r->type == Ity_I1) return; - for (unsigned i = 0; i < num_random_tests; ++i) { + unsigned num_tests = 0; + while (num_tests < num_random_tests) { opnd_l->value = get_random_value(opnd_l->type); opnd_r->value = get_random_value(opnd_r->type); - if (is_division_op(op->op) && opnd_r->value == 0) continue; - - valgrind_execute_test(op, data, get_expected_value(op, data)); + if (ok_to_run(op->op, opnd_l->value, opnd_r->value)) { + valgrind_execute_test(op, data, get_expected_value(op, data)); + ++num_tests; + } } } @@ -214,6 +215,20 @@ get_expected_value(const irop_t *op, const test_data_t *data) expected = (int64_t)(opnd_l << 32) / (int32_t)opnd_r; break; + case Iop_DivModU64to32: { + uint64_t q = opnd_l / opnd_r; + uint64_t r = opnd_l % opnd_r; + expected = (r << 32) | q; + break; + } + + case Iop_DivModS64to32: { + int64_t q = (int64_t)opnd_l / (int32_t)opnd_r; + int32_t r = (int64_t)opnd_l % (int32_t)opnd_r; + expected = ((uint64_t)r << 32) | (uint32_t)q; + break; + } + case Iop_Shl8: case Iop_Shl16: case Iop_Shl32: @@ -401,15 +416,39 @@ is_shift_op(IROp op) static int -is_division_op(IROp op) +ok_to_run(IROp op, uint64_t o1, uint64_t o2) { switch (op) { + /* Division by zero -- not good */ case Iop_DivU32: case Iop_DivU64: case Iop_DivS32: case Iop_DivS64: case Iop_DivU32E: case Iop_DivS32E: - return 1; + return o2 != 0; + + /* Check that result can be represented */ + case Iop_DivModU64to32: { + uint64_t dividend = o1; + uint32_t divisor = o2; + + if (divisor == 0) return 0; + uint64_t q = dividend / divisor; // always safe + return q <= UINT32_MAX; + } + + case Iop_DivModS64to32: { + int64_t dividend = o1; + int32_t divisor = o2; + + if (divisor == 0) return 0; + /* Division may trap on overflow */ + if (divisor == -1 && o1 == (0x1ULL << 63)) // INT64_MIN + return 0; + int64_t q = dividend / divisor; + return q <= INT32_MAX && q >= INT32_MIN; + } + default: - return 0; + return 1; } } diff --git a/none/tests/iropt-test/irops.tab b/none/tests/iropt-test/irops.tab index 4163edfcd5..9f833b5cb5 100644 --- a/none/tests/iropt-test/irops.tab +++ b/none/tests/iropt-test/irops.tab @@ -176,12 +176,12 @@ // { OPNAME(DivS128E), Ity_I128, 2, Ity_I128, Ity_I128 }, // 128 bit // { OPNAME(DivModU32to32), Ity_I64, 2, Ity_I32, Ity_I64 }, // no folding yet -// { OPNAME(DivModU64to32), Ity_I64, 2, Ity_I32, Ity_I64 }, // no folding yet + { OPNAME(DivModU64to32), Ity_I64, 2, Ity_I64, Ity_I32, EXCEPT(ppc) }, // { OPNAME(DivModU64to64), Ity_I64, 2, Ity_I64, Ity_I128 }, // 128 bit // { OPNAME(DivModU128to64), Ity_I128, 2, Ity_I64, Ity_I128 }, // 128 bit // { OPNAME(DivModS32to32), Ity_I64, 2, Ity_I32, Ity_I32 }, // no folding yet -// { OPNAME(DivModS32to32), Ity_I64, 2, Ity_I32, Ity_I64 }, // no folding yet + { OPNAME(DivModS64to32), Ity_I64, 2, Ity_I64, Ity_I32, EXCEPT(ppc) }, // { OPNAME(DivModS64to64), Ity_I64, 2, Ity_I64, Ity_I128 }, // 128 bit // { OPNAME(DivModU128to64), Ity_I128, 2, Ity_I64, Ity_I128 }, // 128 bit diff --git a/none/tests/iropt-test/main.c b/none/tests/iropt-test/main.c index d446fd78f6..1ca97e9c03 100644 --- a/none/tests/iropt-test/main.c +++ b/none/tests/iropt-test/main.c @@ -125,7 +125,7 @@ check_irops_table(void) if (op->result_type != t_res || op->opnd1_type != t_opnd1 || (op->num_opnds == 2 && op->opnd2_type != t_opnd2)) - fprintf(stderr, "%s: type mismatch\n", op->name); + panic("%s: type mismatch\n", op->name); } } diff --git a/none/tests/iropt-test/util.c b/none/tests/iropt-test/util.c index 4ce30e2a5f..275c2b4cb8 100644 --- a/none/tests/iropt-test/util.c +++ b/none/tests/iropt-test/util.c @@ -103,18 +103,28 @@ get_selected_values(IRType type, unsigned *num_val) { static const uint64_t values_1bit[] = { 0, 1 }; static const uint64_t values_8bit[] = { 0, 1, 2, - UINT8_MAX - 1, UINT8_MAX }; + INT8_MAX - 1, INT8_MAX, (uint8_t)INT8_MIN, (uint8_t)INT8_MIN + 1, + UINT8_MAX - 1, UINT8_MAX }; static const uint64_t values_16bit[] = { 0, 1, 2, + INT8_MAX - 1, INT8_MAX, (uint8_t)INT8_MIN, (uint8_t)INT8_MIN + 1, UINT8_MAX - 1, UINT8_MAX, UINT8_MAX + 1, + INT16_MAX - 1, INT16_MAX, (uint16_t)INT16_MIN, (uint16_t)INT16_MIN + 1, UINT16_MAX - 1, UINT16_MAX }; static const uint64_t values_32bit[] = { 0, 1, 2, - UINT8_MAX - 1, UINT8_MAX, UINT8_MAX + 1, + INT8_MAX - 1, INT8_MAX, (uint8_t)INT8_MIN, (uint8_t)INT8_MIN + 1, + UINT8_MAX - 1, UINT8_MAX, UINT8_MAX + 1, + INT16_MAX - 1, INT16_MAX, (uint16_t)INT16_MIN, (uint16_t)INT16_MIN + 1, UINT16_MAX - 1, UINT16_MAX, UINT16_MAX + 1, + INT32_MAX - 1, INT32_MAX, (uint32_t)INT32_MIN, (uint32_t)INT32_MIN + 1, UINT32_MAX - 1, UINT32_MAX }; static const uint64_t values_64bit[] = { 0, 1, 2, - UINT8_MAX - 1, UINT8_MAX, UINT8_MAX + 1, + INT8_MAX - 1, INT8_MAX, (uint8_t)INT8_MIN, (uint8_t)INT8_MIN + 1, + UINT8_MAX - 1, UINT8_MAX, UINT8_MAX + 1, + INT16_MAX - 1, INT16_MAX, (uint16_t)INT16_MIN, (uint16_t)INT16_MIN + 1, UINT16_MAX - 1, UINT16_MAX, UINT16_MAX + 1, + INT32_MAX - 1, INT32_MAX, (uint32_t)INT32_MIN, (uint32_t)INT32_MIN + 1, UINT32_MAX - 1, UINT32_MAX, (uint64_t)UINT32_MAX + 1, + INT64_MAX - 1, INT64_MAX, (uint64_t)INT64_MIN, (uint64_t)INT64_MIN + 1, UINT64_MAX - 1, UINT64_MAX }; switch (type) { |
From: Paul F. <pa...@so...> - 2025-08-28 19:34:22
|
https://sourceware.org/cgit/valgrind/commit/?id=2a898f1d601a1fddc5437b3e2adc357eced40497 commit 2a898f1d601a1fddc5437b3e2adc357eced40497 Author: Paul Floyd <pj...@wa...> Date: Thu Aug 28 21:33:43 2025 +0200 Bug 507869 - Various at syscalls don't check dirfd argument Diff: --- NEWS | 1 + coregrind/m_syswrap/syswrap-arm-linux.c | 5 +++++ coregrind/m_syswrap/syswrap-linux.c | 11 +++++++++++ coregrind/m_syswrap/syswrap-mips32-linux.c | 5 +++++ coregrind/m_syswrap/syswrap-ppc32-linux.c | 5 +++++ coregrind/m_syswrap/syswrap-x86-linux.c | 5 +++++ 6 files changed, 32 insertions(+) diff --git a/NEWS b/NEWS index 66912d73b5..46f466cca8 100644 --- a/NEWS +++ b/NEWS @@ -77,6 +77,7 @@ are not entered into bugzilla tend to get forgotten about or ignored. 507721 Wire up illumos and Solaris mallinfo 507853 faccessat and faccessat2 should handle AT_FDCWD and absolute paths 507868 futimesat doesn't handle AT_FDCWD +507869 Various at syscalls don't check dirfd argument 507873 Make fchmodat and fchmodat2 syscall wrappers accept AT_FDCWD 507897 Allow for patching LTP sources 507970 -Wcalloc-transposed-args warnings in valgrind-di-server.c diff --git a/coregrind/m_syswrap/syswrap-arm-linux.c b/coregrind/m_syswrap/syswrap-arm-linux.c index 4ba9801cea..1fca10183d 100644 --- a/coregrind/m_syswrap/syswrap-arm-linux.c +++ b/coregrind/m_syswrap/syswrap-arm-linux.c @@ -284,6 +284,11 @@ PRE(sys_fstatat64) SARG1, ARG2, (HChar*)ARG2, ARG3); PRE_REG_READ3(long, "fstatat64", int, dfd, char *, file_name, struct stat64 *, buf); + if (ML_(safe_to_deref)( (void*)(Addr)ARG2, 1 ) + && *(Char *)(Addr)ARG2 != '/' + && ((Int)ARG1) != ((Int)VKI_AT_FDCWD) + && !ML_(fd_allowed)(ARG1, "fstatat64", tid, False)) + SET_STATUS_Failure( VKI_EBADF ); PRE_MEM_RASCIIZ( "fstatat64(file_name)", ARG2 ); PRE_MEM_WRITE( "fstatat64(buf)", ARG3, sizeof(struct vki_stat64) ); } diff --git a/coregrind/m_syswrap/syswrap-linux.c b/coregrind/m_syswrap/syswrap-linux.c index 48c4048aac..f876f839bd 100644 --- a/coregrind/m_syswrap/syswrap-linux.c +++ b/coregrind/m_syswrap/syswrap-linux.c @@ -6372,6 +6372,17 @@ PRE(sys_renameat2) int, olddfd, const char *, oldpath, int, newdfd, const char *, newpath, unsigned int, flags); + if (ML_(safe_to_deref)( (void*)(Addr)ARG2, 1 ) + && *(Char *)(Addr)ARG2 != '/' + && ((Int)ARG1) != ((Int)VKI_AT_FDCWD) + && !ML_(fd_allowed)(ARG1, "renameat2(olddfd)", tid, False)) + SET_STATUS_Failure( VKI_EBADF ); + if (ML_(safe_to_deref)( (void*)(Addr)ARG4, 1 ) + && *(Char *)(Addr)ARG4 != '/' + && ((Int)ARG3) != ((Int)VKI_AT_FDCWD) + && !ML_(fd_allowed)(ARG3, "renameat2(newsfd)", tid, False)) + SET_STATUS_Failure( VKI_EBADF ); + PRE_MEM_RASCIIZ( "renameat2(oldpath)", ARG2 ); PRE_MEM_RASCIIZ( "renameat2(newpath)", ARG4 ); } diff --git a/coregrind/m_syswrap/syswrap-mips32-linux.c b/coregrind/m_syswrap/syswrap-mips32-linux.c index 13cb5d05bc..59c7d4e977 100644 --- a/coregrind/m_syswrap/syswrap-mips32-linux.c +++ b/coregrind/m_syswrap/syswrap-mips32-linux.c @@ -551,6 +551,11 @@ PRE(sys_fstatat64) SARG1, ARG2, (HChar*)ARG2, ARG3, ARG4); PRE_REG_READ4(long, "fstatat64", int, dfd, char *, file_name, struct stat64 *, buf, int, flags); + if (ML_(safe_to_deref)( (void*)(Addr)ARG2, 1 ) + && *(Char *)(Addr)ARG2 != '/' + && ((Int)ARG1) != ((Int)VKI_AT_FDCWD) + && !ML_(fd_allowed)(ARG1, "fstatat64", tid, False)) + SET_STATUS_Failure( VKI_EBADF ); PRE_MEM_RASCIIZ ("fstatat64(file_name)", ARG2); PRE_MEM_WRITE ("fstatat64(buf)", ARG3, sizeof (struct vki_stat64)); } diff --git a/coregrind/m_syswrap/syswrap-ppc32-linux.c b/coregrind/m_syswrap/syswrap-ppc32-linux.c index 00d0f56d7b..b6c3401b8d 100644 --- a/coregrind/m_syswrap/syswrap-ppc32-linux.c +++ b/coregrind/m_syswrap/syswrap-ppc32-linux.c @@ -315,6 +315,11 @@ PRE(sys_fstatat64) ARG3); PRE_REG_READ3(long, "fstatat64", int, dfd, char *, file_name, struct stat64 *, buf); + if (ML_(safe_to_deref)( (void*)(Addr)ARG2, 1 ) + && *(Char *)(Addr)ARG2 != '/' + && ((Int)ARG1) != ((Int)VKI_AT_FDCWD) + && !ML_(fd_allowed)(ARG1, "fstatat64", tid, False)) + SET_STATUS_Failure( VKI_EBADF ); PRE_MEM_RASCIIZ( "fstatat64(file_name)", ARG2 ); PRE_MEM_WRITE( "fstatat64(buf)", ARG3, sizeof(struct vki_stat64) ); } diff --git a/coregrind/m_syswrap/syswrap-x86-linux.c b/coregrind/m_syswrap/syswrap-x86-linux.c index 9b8c9d861b..867c31d06d 100644 --- a/coregrind/m_syswrap/syswrap-x86-linux.c +++ b/coregrind/m_syswrap/syswrap-x86-linux.c @@ -1032,6 +1032,11 @@ PRE(sys_fstatat64) SARG1, ARG2, (HChar*)ARG2, ARG3, ARG4); PRE_REG_READ4(long, "fstatat64", int, dfd, char *, file_name, struct stat64 *, buf, int, flags); + if (ML_(safe_to_deref)( (void*)(Addr)ARG2, 1 ) + && *(Char *)(Addr)ARG2 != '/' + && ((Int)ARG1) != ((Int)VKI_AT_FDCWD) + && !ML_(fd_allowed)(ARG1, "fstatat64", tid, False)) + SET_STATUS_Failure( VKI_EBADF ); PRE_MEM_RASCIIZ( "fstatat64(file_name)", ARG2 ); PRE_MEM_WRITE( "fstatat64(buf)", ARG3, sizeof(struct vki_stat64) ); } |
From: Florian K. <fk...@so...> - 2025-08-26 21:03:04
|
https://sourceware.org/cgit/valgrind/commit/?id=b933af5d68a622f082dab40ef90499bc38d7a525 commit b933af5d68a622f082dab40ef90499bc38d7a525 Author: Florian Krohm <fl...@ei...> Date: Tue Aug 26 21:02:09 2025 +0000 iropt-test: Enable for x86 and amd64. Diff: --- none/tests/iropt-test/main.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/none/tests/iropt-test/main.c b/none/tests/iropt-test/main.c index 29bc1c71f0..d446fd78f6 100644 --- a/none/tests/iropt-test/main.c +++ b/none/tests/iropt-test/main.c @@ -45,8 +45,8 @@ unsigned num_random_tests; int main(int argc, char *argv[]) { -// FIXME: temporarily until ppc,amd64,x86 have been fixed -#if !defined(__s390x__) +// FIXME: temporarily until ppc has been fixed +#if !defined(__s390x__) && !defined(__i386__) && !defined(__x86_64__) return 0; #endif assert(sizeof(long long) == 8); |
From: Florian K. <fk...@so...> - 2025-08-26 20:52:53
|
https://sourceware.org/cgit/valgrind/commit/?id=7389eabaf3190f6525c890a72aa4fccbc592d25a commit 7389eabaf3190f6525c890a72aa4fccbc592d25a Author: Florian Krohm <fl...@ei...> Date: Tue Aug 26 20:52:26 2025 +0000 Fix Iop_ClzNat32/64 and Iop_CtzNat32/64 on x86 and amd64. Handle the special case of 0 operand. Fixes https://bugs.kde.org/show_bug.cgi?id=507033 Diff: --- VEX/priv/host_amd64_isel.c | 10 ++++++++++ VEX/priv/host_x86_isel.c | 10 ++++++++++ 2 files changed, 20 insertions(+) diff --git a/VEX/priv/host_amd64_isel.c b/VEX/priv/host_amd64_isel.c index f0e21ab983..113dc1bf3c 100644 --- a/VEX/priv/host_amd64_isel.c +++ b/VEX/priv/host_amd64_isel.c @@ -1633,6 +1633,11 @@ static HReg iselIntExpr_R_wrk ( ISelEnv* env, const IRExpr* e ) HReg dst = newVRegI(env); HReg src = iselIntExpr_R(env, e->Iex.Unop.arg); addInstr(env, AMD64Instr_Bsfr64(True,src,dst)); + /* Patch the result in case there was a 0 operand. */ + IRExpr *cond = unop(Iop_CmpNEZ64, e->Iex.Unop.arg); + AMD64CondCode cc = iselCondCode_C(env, cond); + HReg ifz = iselIntExpr_R(env, IRExpr_Const(IRConst_U64(64))); + addInstr(env, AMD64Instr_CMov64(cc ^ 1, ifz, dst)); return dst; } case Iop_ClzNat64: { @@ -1647,6 +1652,11 @@ static HReg iselIntExpr_R_wrk ( ISelEnv* env, const IRExpr* e ) AMD64RMI_Imm(63), dst)); addInstr(env, AMD64Instr_Alu64R(Aalu_SUB, AMD64RMI_Reg(tmp), dst)); + /* Patch the result in case there was a 0 operand. */ + IRExpr *cond = unop(Iop_CmpNEZ64, e->Iex.Unop.arg); + AMD64CondCode cc = iselCondCode_C(env, cond); + HReg ifz = iselIntExpr_R(env, IRExpr_Const(IRConst_U64(64))); + addInstr(env, AMD64Instr_CMov64(cc ^ 1, ifz, dst)); return dst; } diff --git a/VEX/priv/host_x86_isel.c b/VEX/priv/host_x86_isel.c index d35df8fc47..b80d1116af 100644 --- a/VEX/priv/host_x86_isel.c +++ b/VEX/priv/host_x86_isel.c @@ -1311,6 +1311,11 @@ static HReg iselIntExpr_R_wrk ( ISelEnv* env, const IRExpr* e ) HReg dst = newVRegI(env); HReg src = iselIntExpr_R(env, e->Iex.Unop.arg); addInstr(env, X86Instr_Bsfr32(True,src,dst)); + /* Patch the result in case there was a 0 operand. */ + IRExpr *cond = unop(Iop_CmpNEZ32, e->Iex.Unop.arg); + X86CondCode cc = iselCondCode(env, cond); + X86RM *ifz = iselIntExpr_RM(env, IRExpr_Const(IRConst_U32(32))); + addInstr(env, X86Instr_CMov32(cc ^ 1, ifz, dst)); return dst; } case Iop_ClzNat32: { @@ -1325,6 +1330,11 @@ static HReg iselIntExpr_R_wrk ( ISelEnv* env, const IRExpr* e ) X86RMI_Imm(31), dst)); addInstr(env, X86Instr_Alu32R(Xalu_SUB, X86RMI_Reg(tmp), dst)); + /* Patch the result in case there was a 0 operand. */ + IRExpr *cond = unop(Iop_CmpNEZ32, e->Iex.Unop.arg); + X86CondCode cc = iselCondCode(env, cond); + X86RM *ifz = iselIntExpr_RM(env, IRExpr_Const(IRConst_U32(32))); + addInstr(env, X86Instr_CMov32(cc ^ 1, ifz, dst)); return dst; } |
From: Paul F. <pa...@so...> - 2025-08-26 20:12:38
|
https://sourceware.org/cgit/valgrind/commit/?id=eed1c55a03c5fb3e4c48573a51ef040d094cd6ba commit eed1c55a03c5fb3e4c48573a51ef040d094cd6ba Author: Paul Floyd <pj...@wa...> Date: Tue Aug 26 22:11:50 2025 +0200 Typo in comment. I did correct it, but didn't save before pushing. Diff: --- coregrind/m_syswrap/syswrap-linux.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/coregrind/m_syswrap/syswrap-linux.c b/coregrind/m_syswrap/syswrap-linux.c index d1e7c75294..48c4048aac 100644 --- a/coregrind/m_syswrap/syswrap-linux.c +++ b/coregrind/m_syswrap/syswrap-linux.c @@ -115,7 +115,7 @@ static VgSchedReturnCode thread_wrapper(Word /*ThreadId*/ tidW) } /* - * Used by *at() functions that take a firectory fd as a root for relative paths + * Used by *at() functions that take a directory fd as a root for relative paths * I did want to put this in pub_core_syswrap.h but that's difficult as * it pulls in several dependent headers resulting in one that can't * be accessed every place that uses this pub_core_syswrap.h |
From: Paul F. <pa...@so...> - 2025-08-26 19:58:04
|
https://sourceware.org/cgit/valgrind/commit/?id=456b68ece180a49595a238a4f1105105cd7025ca commit 456b68ece180a49595a238a4f1105105cd7025ca Author: Paul Floyd <pj...@wa...> Date: Tue Aug 26 21:56:55 2025 +0200 Linux syscalls: add checks for remaining *at() directory fd args Diff: --- coregrind/m_syswrap/syswrap-linux.c | 24 +++++++++++++++++++++++- 1 file changed, 23 insertions(+), 1 deletion(-) diff --git a/coregrind/m_syswrap/syswrap-linux.c b/coregrind/m_syswrap/syswrap-linux.c index ff87ddf719..d1e7c75294 100644 --- a/coregrind/m_syswrap/syswrap-linux.c +++ b/coregrind/m_syswrap/syswrap-linux.c @@ -114,6 +114,18 @@ static VgSchedReturnCode thread_wrapper(Word /*ThreadId*/ tidW) return ret; } +/* + * Used by *at() functions that take a firectory fd as a root for relative paths + * I did want to put this in pub_core_syswrap.h but that's difficult as + * it pulls in several dependent headers resulting in one that can't + * be accessed every place that uses this pub_core_syswrap.h + */ +static inline void fd_at_check_allowed(Int fd, const HChar* path, const HChar* function_name, ThreadId tid, SyscallStatus* status) +{ + if ((ML_(safe_to_deref) (path, 1)) && (path[0] != '/')) + if ((fd != VKI_AT_FDCWD) && !ML_(fd_allowed)(fd, function_name, tid, False) ) + SET_STATUS_Failure( VKI_EBADF ); +} /* --------------------------------------------------------------------- clone-related stuff @@ -6182,6 +6194,7 @@ PRE(sys_mkdirat) *flags |= SfMayBlock; PRINT("sys_mkdirat ( %ld, %#" FMT_REGWORD "x(%s), %ld )", SARG1, ARG2, (HChar*)(Addr)ARG2, SARG3); + fd_at_check_allowed(SARG1, (const HChar*)ARG2, "mkdirat", tid, status); PRE_REG_READ3(long, "mkdirat", int, dfd, const char *, pathname, int, mode); PRE_MEM_RASCIIZ( "mkdirat(pathname)", ARG2 ); @@ -6192,6 +6205,7 @@ PRE(sys_mknodat) FUSE_COMPATIBLE_MAY_BLOCK(); PRINT("sys_mknodat ( %ld, %#" FMT_REGWORD "x(%s), 0x%" FMT_REGWORD "x, 0x%" FMT_REGWORD "x )", SARG1, ARG2, (HChar*)(Addr)ARG2, ARG3, ARG4 ); + fd_at_check_allowed(SARG1, (const HChar*)ARG2, "mknodat", tid, status); PRE_REG_READ4(long, "mknodat", int, dfd, const char *, pathname, int, mode, unsigned, dev); PRE_MEM_RASCIIZ( "mknodat(pathname)", ARG2 ); @@ -6243,6 +6257,7 @@ PRE(sys_utimensat) FMT_REGWORD "x )", SARG1, ARG2, (HChar*)(Addr)ARG2, ARG3, ARG4); PRE_REG_READ4(long, "utimensat", int, dfd, char *, filename, struct timespec *, utimes, int, flags); + fd_at_check_allowed(SARG1, (const HChar*)ARG2, "utimensat", tid, status); if (ARG2 != 0) PRE_MEM_RASCIIZ( "utimensat(filename)", ARG2 ); if (ARG3 != 0) { @@ -6274,6 +6289,7 @@ PRE(sys_utimensat_time64) SARG1, ARG2, (HChar*)(Addr)ARG2, ARG3, ARG4); PRE_REG_READ4(long, "utimensat_time64", int, dfd, char *, filename, struct timespec *, utimes, int, flags); + fd_at_check_allowed(SARG1, (const HChar*)ARG2, "utimensat_time64", tid, status); if (ARG2 != 0) PRE_MEM_RASCIIZ( "utimensat_time64(filename)", ARG2 ); if (ARG3 != 0) { @@ -6305,6 +6321,7 @@ PRE(sys_newfstatat) SARG1, ARG2, (HChar*)(Addr)ARG2, ARG3); PRE_REG_READ3(long, "fstatat", int, dfd, char *, file_name, struct stat *, buf); + fd_at_check_allowed(SARG1, (const HChar*)ARG2, "newfstatat", tid, status); // See the comment about Rust in PRE(sys_statx). When glibc does support // statx rust uses that instead of the system call, but glibc's statx is // implemented in terms of fstatat, so the filename being NULL is @@ -6327,6 +6344,7 @@ PRE(sys_unlinkat) PRINT("sys_unlinkat ( %ld, %#" FMT_REGWORD "x(%s) )", SARG1, ARG2, (HChar*)(Addr)ARG2); PRE_REG_READ2(long, "unlinkat", int, dfd, const char *, pathname); + fd_at_check_allowed(SARG1, (const HChar*)ARG2, "unlinkat", tid, status); PRE_MEM_RASCIIZ( "unlinkat(pathname)", ARG2 ); } @@ -6339,6 +6357,7 @@ PRE(sys_renameat) PRE_REG_READ4(long, "renameat", int, olddfd, const char *, oldpath, int, newdfd, const char *, newpath); + fd_at_check_allowed(SARG1, (const HChar*)ARG2, "renameat", tid, status); PRE_MEM_RASCIIZ( "renameat(oldpath)", ARG2 ); PRE_MEM_RASCIIZ( "renameat(newpath)", ARG4 ); } @@ -6367,6 +6386,7 @@ PRE(sys_linkat) int, olddfd, const char *, oldpath, int, newdfd, const char *, newpath, int, flags); + fd_at_check_allowed(SARG1, (const HChar*)ARG2, "linkat", tid, status); PRE_MEM_RASCIIZ( "linkat(oldpath)", ARG2); PRE_MEM_RASCIIZ( "linkat(newpath)", ARG4); } @@ -6378,6 +6398,7 @@ PRE(sys_symlinkat) "x(%s) )", ARG1, (HChar*)(Addr)ARG1, SARG2, ARG3, (HChar*)(Addr)ARG3); PRE_REG_READ3(long, "symlinkat", const char *, oldpath, int, newdfd, const char *, newpath); + fd_at_check_allowed(SARG1, (const HChar*)ARG2, "symlinkat", tid, status); PRE_MEM_RASCIIZ( "symlinkat(oldpath)", ARG1 ); PRE_MEM_RASCIIZ( "symlinkat(newpath)", ARG3 ); } @@ -6389,6 +6410,7 @@ PRE(sys_readlinkat) FMT_REGWORD "u )", SARG1, ARG2, (HChar*)(Addr)ARG2, ARG3, ARG4); PRE_REG_READ4(long, "readlinkat", int, dfd, const char *, path, char *, buf, vki_size_t, bufsiz); + fd_at_check_allowed(SARG1, (const HChar*)ARG2, "readlinkat", tid, status); PRE_MEM_RASCIIZ( "readlinkat(path)", ARG2 ); PRE_MEM_WRITE( "readlinkat(buf)", ARG3,ARG4 ); } @@ -13915,7 +13937,7 @@ POST(sys_io_uring_register) PRE(sys_execveat) { - PRINT("sys_execveat ( %lu, %#lx(%s), %#lx, %#lx, %lu", ARG1, ARG2, (char*)ARG2, ARG3, ARG4, ARG5); + PRINT("sys_execveat ( %lu, %#lx(%s), %#lx, %#lx, %lu", ARG1, ARG2, (char*)ARG2, ARG3, ARG4, ARG5); PRE_REG_READ5(vki_off_t, "execveat", int, fd, char *, filename, char **, argv, char **, envp, int, flags); PRE_MEM_RASCIIZ( "execveat(filename)", ARG2); |
From: <zz...@ge...> - 2025-08-26 19:34:26
|
Am 26.08.25 um 08:11 schrieb Paul Floyd via Valgrind-developers: > Hi Matthias > Hi Paul > Please could you create bugzilla items with these patches at https:// > bugs.kde.org? > I reported these issues in bugzilla: https://bugs.kde.org/show_bug.cgi?id=508777 https://bugs.kde.org/show_bug.cgi?id=508778 https://bugs.kde.org/show_bug.cgi?id=508779 > Some comments here first (for all 3 patches) > > On FreeBSD I have just one main scalar for all 3 platforms and 2 > expecteds to handle the split 64bit arguments on x86. Is that at all > feasible on Linux or is there simply too much divergence with the > syscall numbers on different platforms? If a single main scalar is not > feasible then going to amd64 is a good idea as it is now the main platform. > I changed my added filter_scalar to remove the line-numbers for scalar.c. > waitid looks OK, a simple oversight in our checks. > > rlimit64 I agree, we should always be printing errors even if we are > fulfilling the syscall ourselves and it fails. > > A+ > > Paul Thank you for reviewing. Regards Matthias > > > On 2025-08-24 08:18, Matthias Schwarzott wrote: >> --- >> .gitignore | 1 + >> memcheck/tests/amd64-linux/Makefile.am | 7 ++- >> memcheck/tests/amd64-linux/filter_scalar | 4 ++ >> memcheck/tests/amd64-linux/scalar.c | 58 +++++++++++++++++ >> memcheck/tests/amd64-linux/scalar.h | 65 ++++++++++++++++++++ >> memcheck/tests/amd64-linux/scalar.stderr.exp | 62 +++++++++++++++++++ >> memcheck/tests/amd64-linux/scalar.vgtest | 6 ++ >> 7 files changed, 202 insertions(+), 1 deletion(-) >> create mode 100755 memcheck/tests/amd64-linux/filter_scalar >> create mode 100644 memcheck/tests/amd64-linux/scalar.c >> create mode 100644 memcheck/tests/amd64-linux/scalar.h >> create mode 100644 memcheck/tests/amd64-linux/scalar.stderr.exp >> create mode 100644 memcheck/tests/amd64-linux/scalar.vgtest >> >> diff --git a/.gitignore b/.gitignore >> index 569a8fd5c763..80924f997cc1 100644 >> --- a/.gitignore >> +++ b/.gitignore >> @@ -1102,6 +1102,7 @@ >> /memcheck/tests/amd64-linux/defcfaexpr >> /memcheck/tests/amd64-linux/int3-amd64 >> /memcheck/tests/amd64-linux/reallocarray >> +/memcheck/tests/amd64-linux/scalar >> /memcheck/tests/amd64-linux/Makefile >> /memcheck/tests/amd64-linux/Makefile.in >> diff --git a/memcheck/tests/amd64-linux/Makefile.am b/memcheck/tests/ >> amd64-linux/Makefile.am >> index 26e8c8ed549c..3dde97a5af77 100644 >> --- a/memcheck/tests/amd64-linux/Makefile.am >> +++ b/memcheck/tests/amd64-linux/Makefile.am >> @@ -4,6 +4,8 @@ include $(top_srcdir)/Makefile.tool-tests.am >> dist_noinst_SCRIPTS = \ >> filter_stderr filter_defcfaexpr >> +noinst_HEADERS = scalar.h >> + >> EXTRA_DIST = \ >> access_below_sp_1.vgtest \ >> access_below_sp_1.stderr.exp access_below_sp_1.stdout.exp \ >> @@ -11,12 +13,14 @@ EXTRA_DIST = \ >> access_below_sp_2.stderr.exp access_below_sp_2.stdout.exp \ >> defcfaexpr.vgtest defcfaexpr.stderr.exp \ >> int3-amd64.vgtest int3-amd64.stderr.exp int3-amd64.stdout.exp \ >> + scalar.stderr.exp scalar.vgtest \ >> reallocarray.vgtest reallocarray.stderr.exp >> check_PROGRAMS = \ >> access_below_sp \ >> defcfaexpr \ >> - int3-amd64 >> + int3-amd64 \ >> + scalar >> if HAVE_REALLOCARRAY >> check_PROGRAMS += reallocarray >> @@ -29,3 +33,4 @@ AM_CCASFLAGS += @FLAG_M64@ >> defcfaexpr_SOURCES = defcfaexpr.S >> defcfaexpr_CFLAGS = $(AM_CFLAGS) @FLAG_NO_PIE@ >> reallocarray_CFLAGS = $(AM_CFLAGS) >> @FLAG_W_NO_ALLOC_SIZE_LARGER_THAN@ >> +scalar_CFLAGS = $(AM_CFLAGS) @FLAG_W_NO_UNINITIALIZED@ >> diff --git a/memcheck/tests/amd64-linux/filter_scalar b/memcheck/ >> tests/amd64-linux/filter_scalar >> new file mode 100755 >> index 000000000000..d8953ea5740d >> --- /dev/null >> +++ b/memcheck/tests/amd64-linux/filter_scalar >> @@ -0,0 +1,4 @@ >> +#! /bin/sh >> + >> +../filter_stderr "$@" >> + >> diff --git a/memcheck/tests/amd64-linux/scalar.c b/memcheck/tests/ >> amd64-linux/scalar.c >> new file mode 100644 >> index 000000000000..703d46860d9e >> --- /dev/null >> +++ b/memcheck/tests/amd64-linux/scalar.c >> @@ -0,0 +1,58 @@ >> +#define _GNU_SOURCE >> + >> +#include "../../memcheck.h" >> +#include "scalar.h" >> +#include <unistd.h> >> + >> +// Here we are trying to trigger every syscall error (scalar errors and >> +// memory errors) for every syscall. We do this by passing a lot of >> bogus >> +// arguments, mostly 0 and 1 (often it's 1 because NULL ptr args >> often aren't >> +// checked for memory errors, or in order to have a non-zero length used >> +// with some buffer). So most of the syscalls don't actually succeed >> and do >> +// anything. >> +// >> +// Occasionally we have to be careful not to cause Valgrind to seg >> fault in >> +// its pre-syscall wrappers; it does so because it can't know in >> general >> +// when memory is unaddressable, and so tries to dereference it when >> doing >> +// PRE_MEM_READ/PRE_MEM_WRITE calls. (Note that Memcheck will >> +// always issue an error message immediately before these seg faults >> occur). >> +// >> +// The output has numbers like "3s 2m" for each syscall. "s" is >> short for >> +// "scalar", ie. the argument itself is undefined. "m" is short for >> "memory", >> +// ie. the argument points to memory which is unaddressable. >> + >> +int main(void) >> +{ >> + // uninitialised, but we know px[0] is 0x0 >> + long* px = malloc(sizeof(long)); >> + long x0 = px[0]; >> + long res; >> + >> + // All __NR_xxx numbers are taken from amd64 >> + >> + /* Check the syscall number 0 and 1 two trivial generic syscalls. */ >> + >> + /* __NR_read 0 */ >> + /* Nb: here we are also getting an error from the syscall arg >> itself. */ >> + GO(__NR_read, "1+3s 1m"); >> + SY(__NR_read + x0, x0, x0, x0 + 1); FAIL; >> + >> + /* __NR_write 1 */ >> + GO(__NR_write, "3s 1m"); >> + SY(__NR_write, x0, x0, x0 + 1); FAIL; >> + >> + // __NR_exit 60 >> + GO(__NR_exit, "below"); >> + // (see below) >> + >> + // no such syscall... >> + GO(9999, "1e"); >> + SY(9999); FAIL; >> + >> + // __NR_exit 1 >> + GO(__NR_exit, "1s 0m"); >> + SY(__NR_exit, x0); FAIL; >> + >> + assert(0); >> +} >> + >> diff --git a/memcheck/tests/amd64-linux/scalar.h b/memcheck/tests/ >> amd64-linux/scalar.h >> new file mode 100644 >> index 000000000000..52f742e4ac76 >> --- /dev/null >> +++ b/memcheck/tests/amd64-linux/scalar.h >> @@ -0,0 +1,65 @@ >> +#include "../../../include/vki/vki-scnums-x86-linux.h" >> + >> +#include <assert.h> >> +#include <errno.h> >> +#include <fcntl.h> >> +#include <stdio.h> >> +#include <stdlib.h> >> +#include <sys/syscall.h> >> +#include <sys/stat.h> >> +#include <sys/ptrace.h> >> +#include <sys/types.h> >> +#include <sys/mman.h> >> + >> +#ifndef __THROW >> +#define __THROW >> +#endif >> + >> +// Since we use vki_unistd.h, we can't include <unistd.h>. So we >> have to >> +// declare this ourselves. >> +extern long int syscall (long int __sysno, ...) __THROW; >> + >> +// Thorough syscall scalar arg checking. Also serves as thorough >> checking >> +// for (very) basic syscall use. Generally not trying to do anything >> +// meaningful with the syscalls. >> + >> +#define GO(__NR_xxx, s) \ >> + fprintf(stderr, >> "-----------------------------------------------------\n" \ >> + "%3d:%20s >> %s\n" \ >> + >> "-----------------------------------------------------\n", \ >> + __NR_xxx, #__NR_xxx, s); >> + >> +#define SY res = syscall >> + >> +#define FAIL assert(-1 == res); >> +#define SUCC assert(-1 != res); >> +#define SUCC_OR_FAIL /* no test */ >> + >> +#define FAILx(E) \ >> + do { \ >> + int myerrno = errno; \ >> + if (-1 == res) { \ >> + if (E == myerrno) { \ >> + /* as expected */ \ >> + } else { \ >> + fprintf(stderr, "Expected error %s (%d), got %d\n", #E, E, >> myerrno); \ >> + exit(1); \ >> + } \ >> + } else { \ >> + fprintf(stderr, "Expected error %s (%d), got success\n", #E, >> E); \ >> + exit(1); \ >> + } \ >> + } while (0); >> + >> +#define SUCC_OR_FAILx(E) \ >> + do { \ >> + int myerrno = errno; \ >> + if (-1 == res) { \ >> + if (E == myerrno) { \ >> + /* as expected */ \ >> + } else { \ >> + fprintf(stderr, "Expected error %s (%d), got %d\n", #E, E, >> myerrno); \ >> + exit(1); \ >> + } \ >> + } \ >> + } while (0); >> diff --git a/memcheck/tests/amd64-linux/scalar.stderr.exp b/memcheck/ >> tests/amd64-linux/scalar.stderr.exp >> new file mode 100644 >> index 000000000000..2df80068ead8 >> --- /dev/null >> +++ b/memcheck/tests/amd64-linux/scalar.stderr.exp >> @@ -0,0 +1,62 @@ >> +----------------------------------------------------- >> + 0: __NR_read 1+3s 1m >> +----------------------------------------------------- >> +Syscall param (syscallno) contains uninitialised byte(s) >> + ... >> + by 0x........: main (scalar.c:38) >> + >> +Syscall param read(fd) contains uninitialised byte(s) >> + ... >> + by 0x........: main (scalar.c:38) >> + >> +Syscall param read(buf) contains uninitialised byte(s) >> + ... >> + by 0x........: main (scalar.c:38) >> + >> +Syscall param read(count) contains uninitialised byte(s) >> + ... >> + by 0x........: main (scalar.c:38) >> + >> +Syscall param read(buf) points to unaddressable byte(s) >> + ... >> + by 0x........: main (scalar.c:38) >> + Address 0x........ is not stack'd, malloc'd or (recently) free'd >> + >> +----------------------------------------------------- >> + 1: __NR_write 3s 1m >> +----------------------------------------------------- >> +Syscall param write(fd) contains uninitialised byte(s) >> + ... >> + by 0x........: main (scalar.c:42) >> + >> +Syscall param write(buf) contains uninitialised byte(s) >> + ... >> + by 0x........: main (scalar.c:42) >> + >> +Syscall param write(count) contains uninitialised byte(s) >> + ... >> + by 0x........: main (scalar.c:42) >> + >> +Syscall param write(buf) points to unaddressable byte(s) >> + ... >> + by 0x........: main (scalar.c:42) >> + Address 0x........ is not stack'd, malloc'd or (recently) free'd >> + >> +----------------------------------------------------- >> + 60: __NR_exit below >> +----------------------------------------------------- >> +----------------------------------------------------- >> +9999: 9999 1e >> +----------------------------------------------------- >> +WARNING: unhandled amd64-linux syscall: 9999 >> +You may be able to write your own handler. >> +Read the file README_MISSING_SYSCALL_OR_IOCTL. >> +Nevertheless we consider this a bug. Please report >> +it at http://valgrind.org/support/bug_reports.html. >> +----------------------------------------------------- >> + 60: __NR_exit 1s 0m >> +----------------------------------------------------- >> +Syscall param exit(status) contains uninitialised byte(s) >> + ... >> + by 0x........: main (scalar.c:54) >> + >> diff --git a/memcheck/tests/amd64-linux/scalar.vgtest b/memcheck/ >> tests/amd64-linux/scalar.vgtest >> new file mode 100644 >> index 000000000000..81e72b047541 >> --- /dev/null >> +++ b/memcheck/tests/amd64-linux/scalar.vgtest >> @@ -0,0 +1,6 @@ >> +prog: scalar >> +# Do not run under root >> +prereq: [ `id -u` -ne 0 ] >> +vgopts: -q --error-limit=no >> +stderr_filter: filter_scalar >> +args: < scalar.c > > > _______________________________________________ > Valgrind-developers mailing list > Val...@li... > https://lists.sourceforge.net/lists/listinfo/valgrind-developers |
From: Paul F. <pa...@so...> - 2025-08-26 11:32:38
|
https://sourceware.org/cgit/valgrind/commit/?id=17978c5520903586aa069bd5e5fde9105658c953 commit 17978c5520903586aa069bd5e5fde9105658c953 Author: Paul Floyd <pj...@wa...> Date: Tue Aug 26 13:32:07 2025 +0200 Bug 508638 - Self-hosting not working on FreeBSD Diff: --- NEWS | 1 + coregrind/m_syswrap/syswrap-amd64-freebsd.c | 7 +++++-- coregrind/m_syswrap/syswrap-freebsd.c | 30 +++++++++++++++++++++-------- 3 files changed, 28 insertions(+), 10 deletions(-) diff --git a/NEWS b/NEWS index 853ba47d2d..66912d73b5 100644 --- a/NEWS +++ b/NEWS @@ -85,6 +85,7 @@ are not entered into bugzilla tend to get forgotten about or ignored. 508030 Add several missing syscall hooks to ppc64-linux 508093 VALGRIND_CLO_CHANGE does not update vex_control 508154 PRE(sys_fchownat) not handling VKI_AT_FDCWD +508638 Self-hosting not working on FreeBSD To see details of a given bug, visit https://bugs.kde.org/show_bug.cgi?id=XXXXXX diff --git a/coregrind/m_syswrap/syswrap-amd64-freebsd.c b/coregrind/m_syswrap/syswrap-amd64-freebsd.c index 71d1bc8b91..4d3c178481 100644 --- a/coregrind/m_syswrap/syswrap-amd64-freebsd.c +++ b/coregrind/m_syswrap/syswrap-amd64-freebsd.c @@ -983,12 +983,15 @@ POST(sys_procctl) // int mknodat(int fd, const char *path, mode_t mode, dev_t dev); PRE(sys_mknodat) { + Int arg_1 = (Int)ARG1; + const HChar *path = (const HChar*)ARG2; PRINT("sys_mknodat ( %" FMT_REGWORD "u, %#" FMT_REGWORD "x(%s), 0x%" FMT_REGWORD "x, 0x%" FMT_REGWORD "x )", ARG1,ARG2,(char*)ARG2,ARG3,ARG4 ); PRE_REG_READ4(long, "mknodat", int, fd, const char *, path, vki_mode_t, mode, vki_dev_t, dev); PRE_MEM_RASCIIZ( "mknodat(pathname)", ARG2 ); - if (!ML_(fd_allowed)(ARG1, "mknodat", tid, False)) - SET_STATUS_Failure(VKI_EBADF); + if ((ML_(safe_to_deref) (path, 1)) && (path[0] != '/')) + if ((arg_1 != VKI_AT_FDCWD) && !ML_(fd_allowed)(arg_1, "mknodat", tid, False) ) + SET_STATUS_Failure(VKI_EBADF); } // SYS_cpuset_getdomain 561 diff --git a/coregrind/m_syswrap/syswrap-freebsd.c b/coregrind/m_syswrap/syswrap-freebsd.c index d92a1a46cd..7fc96c7c59 100644 --- a/coregrind/m_syswrap/syswrap-freebsd.c +++ b/coregrind/m_syswrap/syswrap-freebsd.c @@ -5332,11 +5332,14 @@ POST(sys_freebsd11_fstatat) // int futimesat(int fd, const char *path, const struct timeval times[2]); PRE(sys_futimesat) { + Int arg_1 = (Int)ARG1; + const HChar *path = (const HChar*)ARG2; PRINT("sys_futimesat ( %" FMT_REGWORD "u, %#" FMT_REGWORD "x(%s), %#" FMT_REGWORD "x )", ARG1,ARG2,(char*)ARG2,ARG3); PRE_REG_READ3(int, "futimesat", int, fd, const char *, path, struct timeval *, times); - if (!ML_(fd_allowed)(ARG1, "futimesat", tid, False)) - SET_STATUS_Failure(VKI_EBADF); + if ((ML_(safe_to_deref) (path, 1)) && (path[0] != '/')) + if ((arg_1 != VKI_AT_FDCWD) && !ML_(fd_allowed)(arg_1, "futimesat", tid, False) ) + SET_STATUS_Failure(VKI_EBADF); if (ARG2 != 0) { PRE_MEM_RASCIIZ( "futimesat(path)", ARG2 ); } @@ -6189,11 +6192,15 @@ POST(sys_cap_fcntls_get) // int bindat(int fd, int s, const struct sockaddr *addr, socklen_t addrlen); PRE(sys_bindat) { + Int arg_1 = (Int)ARG1; + const HChar *path = (const HChar*)ARG2; PRINT("sys_bindat ( %" FMT_REGWORD "d, %" FMT_REGWORD "dx, %#" FMT_REGWORD "x, %" FMT_REGWORD "u )", SARG1, SARG2, ARG3, ARG4); PRE_REG_READ4(int, "bindat", int, fd, int, s, const struct vki_sockaddr *, name, vki_socklen_t, namelen); - if (!ML_(fd_allowed)(ARG1, "bindat", tid, False)) - SET_STATUS_Failure(VKI_EBADF); + if ((ML_(safe_to_deref) (path, 1)) && (path[0] != '/')) + if ((arg_1 != VKI_AT_FDCWD) && !ML_(fd_allowed)(arg_1, "bindat", tid, False) ) + SET_STATUS_Failure(VKI_EBADF); + PRE_MEM_READ("bindat(name)", ARG3, ARG4); } @@ -6201,11 +6208,14 @@ PRE(sys_bindat) // int connectat(int fd, int s, const struct sockaddr *name, socklen_t namelen); PRE(sys_connectat) { + Int arg_1 = (Int)ARG1; + const HChar *path = (const HChar*)ARG2; PRINT("sys_connectat ( %" FMT_REGWORD "d, %" FMT_REGWORD "dx, %#" FMT_REGWORD "x, %" FMT_REGWORD "u )", SARG1, SARG2, ARG3, ARG4); PRE_REG_READ4(int, "connectat", int, fd, int, s, const struct vki_sockaddr *, name, vki_socklen_t, namelen); - if (!ML_(fd_allowed)(ARG1, "connectat", tid, False)) - SET_STATUS_Failure(VKI_EBADF); + if ((ML_(safe_to_deref) (path, 1)) && (path[0] != '/')) + if ((arg_1 != VKI_AT_FDCWD) && !ML_(fd_allowed)(arg_1, "connectat", tid, False) ) + SET_STATUS_Failure(VKI_EBADF); PRE_MEM_READ("connectat(name)", ARG3, ARG4); } @@ -6213,11 +6223,15 @@ PRE(sys_connectat) // int chflagsat(int fd, const char *path, unsigned long flags, int atflag); PRE(sys_chflagsat) { + Int arg_1 = (Int)ARG1; + const HChar *path = (const HChar*)ARG2; PRINT("sys_chglagsat ( %" FMT_REGWORD "d, %#" FMT_REGWORD "x, %" FMT_REGWORD "u, %" FMT_REGWORD "d )", SARG1, ARG2, ARG3, SARG4); PRE_REG_READ4(int, "chflagsat", int, fd, const char *, path, unsigned long, flags, int, atflag); - if (!ML_(fd_allowed)(ARG1, "chflagsat", tid, False)) - SET_STATUS_Failure(VKI_EBADF); + if ((ML_(safe_to_deref) (path, 1)) && (path[0] != '/')) + if ((arg_1 != VKI_AT_FDCWD) && !ML_(fd_allowed)(arg_1, "chflagsat", tid, False) ) + SET_STATUS_Failure(VKI_EBADF); + PRE_MEM_RASCIIZ("chflagsat(path)", ARG2); } |
From: Paul F. <pa...@so...> - 2025-08-26 11:14:53
|
https://sourceware.org/cgit/valgrind/commit/?id=7613f71848a903e578c207d2bc84e762f258042f commit 7613f71848a903e578c207d2bc84e762f258042f Author: Paul Floyd <pj...@wa...> Date: Tue Aug 26 13:13:49 2025 +0200 Linux syscall: copy and paste error in openat2 fd_allowed check Diff: --- coregrind/m_syswrap/syswrap-linux.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/coregrind/m_syswrap/syswrap-linux.c b/coregrind/m_syswrap/syswrap-linux.c index 984acaefee..ff87ddf719 100644 --- a/coregrind/m_syswrap/syswrap-linux.c +++ b/coregrind/m_syswrap/syswrap-linux.c @@ -14175,7 +14175,7 @@ PRE(sys_openat2) if (ML_(safe_to_deref)( (void*)(Addr)ARG2, 1 ) && *(Char *)(Addr)ARG2 != '/' && ((Int)ARG1) != ((Int)VKI_AT_FDCWD) - && !ML_(fd_allowed)(ARG1, "openat", tid, False)) + && !ML_(fd_allowed)(ARG1, "openat2", tid, False)) SET_STATUS_Failure( VKI_EBADF ); /* Handle the case where the open is of /proc/self/cmdline or /proc/<pid>/cmdline, and just give it a copy of the fd for the |
From: Paul F. <pa...@so...> - 2025-08-26 06:44:21
|
https://sourceware.org/cgit/valgrind/commit/?id=8afbe743fadde2126848656f48a8236232c93f3b commit 8afbe743fadde2126848656f48a8236232c93f3b Author: Paul Floyd <pj...@wa...> Date: Tue Aug 26 08:42:56 2025 +0200 FreeBSD 64bit: client stack changes Just use system max stack size, but with a lower limit of 64Mb Add some -d -d traces Diff: --- coregrind/m_aspacemgr/aspacemgr-linux.c | 28 ++++++++++++++++++++-------- 1 file changed, 20 insertions(+), 8 deletions(-) diff --git a/coregrind/m_aspacemgr/aspacemgr-linux.c b/coregrind/m_aspacemgr/aspacemgr-linux.c index 4e5efaafe5..785d75c706 100644 --- a/coregrind/m_aspacemgr/aspacemgr-linux.c +++ b/coregrind/m_aspacemgr/aspacemgr-linux.c @@ -1735,17 +1735,29 @@ Addr VG_(am_startup) ( Addr sp_at_startup ) suggested_clstack_end = aspacem_maxAddr - 64*1024*1024UL + VKI_PAGE_SIZE; #else - //suggested_clstack_end = aspacem_maxAddr; - // this block implements what is described above - // note this needs - // #include "pub_core_libcproc.h" + SizeT kern_maxssiz; - SizeT kern_sgrowsiz; + //SizeT kern_sgrowsiz; SizeT sysctl_size = sizeof(SizeT); VG_(sysctlbyname)("kern.maxssiz", &kern_maxssiz, &sysctl_size, NULL, 0); - VG_(sysctlbyname)("kern.sgrowsiz", &kern_sgrowsiz, &sysctl_size, NULL, 0); - //VG_(printf)("maxssiz %lx\n", kern_maxssiz); - suggested_clstack_end = aspacem_maxAddr - (kern_maxssiz - kern_sgrowsiz) + VKI_PAGE_SIZE; + if (kern_maxssiz < 64*1024*1024UL) { + kern_maxssiz = 64*1024*1024UL; + VG_(debugLog)(2, "aspacem", + " max stack size (maxssiz) set to lower limit, 64Mb\n"); + } + //VG_(sysctlbyname)("kern.sgrowsiz", &kern_sgrowsiz, &sysctl_size, NULL, 0); + // initially this was aspacem_maxAddr - (kern_maxssiz - kern_sgrowsiz) + VKI_PAGE_SIZE + // but we're not using / respecting the stack grow size (yet) + suggested_clstack_end = aspacem_maxAddr - (kern_maxssiz) + VKI_PAGE_SIZE; + VG_(debugLog)(2, "aspacem", + " max stack size (maxssiz) = 0x%lx\n", + kern_maxssiz); + //VG_(debugLog)(2, "aspacem", + // " stack grow size (sgrowsiz) = 0x%lx\n", + // kern_sgrowsiz); + VG_(debugLog)(2, "aspacem", + " suggested client stack end (aspacem_maxAddr - (kern_maxssiz) + VKI_PAGE_SIZE) = 0x%lx\n", + suggested_clstack_end); #endif |
From: Paul F. <pj...@wa...> - 2025-08-26 06:24:43
|
Hi Yao Zi Please could you create bugzilla items with these patches at https://bugs.kde.org? Some comments here first (for both of these patches). The PIE changes look OK. I don't know if anyone else on this list uses LLVM on Linux, so this is not the kind of issue that we see. As for musl, I gave up with it due to Rich Felker's atrocious patronising manner on IRC. The last straw was when he tried to explain how Helgrind should handle leaked mutex locks. Helgrind has never been able to run correctly with musl. A+ Paul |
From: Paul F. <pj...@wa...> - 2025-08-26 06:11:45
|
Hi Matthias Please could you create bugzilla items with these patches at https://bugs.kde.org? Some comments here first (for all 3 patches) On FreeBSD I have just one main scalar for all 3 platforms and 2 expecteds to handle the split 64bit arguments on x86. Is that at all feasible on Linux or is there simply too much divergence with the syscall numbers on different platforms? If a single main scalar is not feasible then going to amd64 is a good idea as it is now the main platform. waitid looks OK, a simple oversight in our checks. rlimit64 I agree, we should always be printing errors even if we are fulfilling the syscall ourselves and it fails. A+ Paul On 2025-08-24 08:18, Matthias Schwarzott wrote: > --- > .gitignore | 1 + > memcheck/tests/amd64-linux/Makefile.am | 7 ++- > memcheck/tests/amd64-linux/filter_scalar | 4 ++ > memcheck/tests/amd64-linux/scalar.c | 58 +++++++++++++++++ > memcheck/tests/amd64-linux/scalar.h | 65 ++++++++++++++++++++ > memcheck/tests/amd64-linux/scalar.stderr.exp | 62 +++++++++++++++++++ > memcheck/tests/amd64-linux/scalar.vgtest | 6 ++ > 7 files changed, 202 insertions(+), 1 deletion(-) > create mode 100755 memcheck/tests/amd64-linux/filter_scalar > create mode 100644 memcheck/tests/amd64-linux/scalar.c > create mode 100644 memcheck/tests/amd64-linux/scalar.h > create mode 100644 memcheck/tests/amd64-linux/scalar.stderr.exp > create mode 100644 memcheck/tests/amd64-linux/scalar.vgtest > > diff --git a/.gitignore b/.gitignore > index 569a8fd5c763..80924f997cc1 100644 > --- a/.gitignore > +++ b/.gitignore > @@ -1102,6 +1102,7 @@ > /memcheck/tests/amd64-linux/defcfaexpr > /memcheck/tests/amd64-linux/int3-amd64 > /memcheck/tests/amd64-linux/reallocarray > +/memcheck/tests/amd64-linux/scalar > /memcheck/tests/amd64-linux/Makefile > /memcheck/tests/amd64-linux/Makefile.in > > diff --git a/memcheck/tests/amd64-linux/Makefile.am b/memcheck/tests/amd64-linux/Makefile.am > index 26e8c8ed549c..3dde97a5af77 100644 > --- a/memcheck/tests/amd64-linux/Makefile.am > +++ b/memcheck/tests/amd64-linux/Makefile.am > @@ -4,6 +4,8 @@ include $(top_srcdir)/Makefile.tool-tests.am > dist_noinst_SCRIPTS = \ > filter_stderr filter_defcfaexpr > > +noinst_HEADERS = scalar.h > + > EXTRA_DIST = \ > access_below_sp_1.vgtest \ > access_below_sp_1.stderr.exp access_below_sp_1.stdout.exp \ > @@ -11,12 +13,14 @@ EXTRA_DIST = \ > access_below_sp_2.stderr.exp access_below_sp_2.stdout.exp \ > defcfaexpr.vgtest defcfaexpr.stderr.exp \ > int3-amd64.vgtest int3-amd64.stderr.exp int3-amd64.stdout.exp \ > + scalar.stderr.exp scalar.vgtest \ > reallocarray.vgtest reallocarray.stderr.exp > > check_PROGRAMS = \ > access_below_sp \ > defcfaexpr \ > - int3-amd64 > + int3-amd64 \ > + scalar > > if HAVE_REALLOCARRAY > check_PROGRAMS += reallocarray > @@ -29,3 +33,4 @@ AM_CCASFLAGS += @FLAG_M64@ > defcfaexpr_SOURCES = defcfaexpr.S > defcfaexpr_CFLAGS = $(AM_CFLAGS) @FLAG_NO_PIE@ > reallocarray_CFLAGS = $(AM_CFLAGS) @FLAG_W_NO_ALLOC_SIZE_LARGER_THAN@ > +scalar_CFLAGS = $(AM_CFLAGS) @FLAG_W_NO_UNINITIALIZED@ > diff --git a/memcheck/tests/amd64-linux/filter_scalar b/memcheck/tests/amd64-linux/filter_scalar > new file mode 100755 > index 000000000000..d8953ea5740d > --- /dev/null > +++ b/memcheck/tests/amd64-linux/filter_scalar > @@ -0,0 +1,4 @@ > +#! /bin/sh > + > +../filter_stderr "$@" > + > diff --git a/memcheck/tests/amd64-linux/scalar.c b/memcheck/tests/amd64-linux/scalar.c > new file mode 100644 > index 000000000000..703d46860d9e > --- /dev/null > +++ b/memcheck/tests/amd64-linux/scalar.c > @@ -0,0 +1,58 @@ > +#define _GNU_SOURCE > + > +#include "../../memcheck.h" > +#include "scalar.h" > +#include <unistd.h> > + > +// Here we are trying to trigger every syscall error (scalar errors and > +// memory errors) for every syscall. We do this by passing a lot of bogus > +// arguments, mostly 0 and 1 (often it's 1 because NULL ptr args often aren't > +// checked for memory errors, or in order to have a non-zero length used > +// with some buffer). So most of the syscalls don't actually succeed and do > +// anything. > +// > +// Occasionally we have to be careful not to cause Valgrind to seg fault in > +// its pre-syscall wrappers; it does so because it can't know in general > +// when memory is unaddressable, and so tries to dereference it when doing > +// PRE_MEM_READ/PRE_MEM_WRITE calls. (Note that Memcheck will > +// always issue an error message immediately before these seg faults occur). > +// > +// The output has numbers like "3s 2m" for each syscall. "s" is short for > +// "scalar", ie. the argument itself is undefined. "m" is short for "memory", > +// ie. the argument points to memory which is unaddressable. > + > +int main(void) > +{ > + // uninitialised, but we know px[0] is 0x0 > + long* px = malloc(sizeof(long)); > + long x0 = px[0]; > + long res; > + > + // All __NR_xxx numbers are taken from amd64 > + > + /* Check the syscall number 0 and 1 two trivial generic syscalls. */ > + > + /* __NR_read 0 */ > + /* Nb: here we are also getting an error from the syscall arg itself. */ > + GO(__NR_read, "1+3s 1m"); > + SY(__NR_read + x0, x0, x0, x0 + 1); FAIL; > + > + /* __NR_write 1 */ > + GO(__NR_write, "3s 1m"); > + SY(__NR_write, x0, x0, x0 + 1); FAIL; > + > + // __NR_exit 60 > + GO(__NR_exit, "below"); > + // (see below) > + > + // no such syscall... > + GO(9999, "1e"); > + SY(9999); FAIL; > + > + // __NR_exit 1 > + GO(__NR_exit, "1s 0m"); > + SY(__NR_exit, x0); FAIL; > + > + assert(0); > +} > + > diff --git a/memcheck/tests/amd64-linux/scalar.h b/memcheck/tests/amd64-linux/scalar.h > new file mode 100644 > index 000000000000..52f742e4ac76 > --- /dev/null > +++ b/memcheck/tests/amd64-linux/scalar.h > @@ -0,0 +1,65 @@ > +#include "../../../include/vki/vki-scnums-x86-linux.h" > + > +#include <assert.h> > +#include <errno.h> > +#include <fcntl.h> > +#include <stdio.h> > +#include <stdlib.h> > +#include <sys/syscall.h> > +#include <sys/stat.h> > +#include <sys/ptrace.h> > +#include <sys/types.h> > +#include <sys/mman.h> > + > +#ifndef __THROW > +#define __THROW > +#endif > + > +// Since we use vki_unistd.h, we can't include <unistd.h>. So we have to > +// declare this ourselves. > +extern long int syscall (long int __sysno, ...) __THROW; > + > +// Thorough syscall scalar arg checking. Also serves as thorough checking > +// for (very) basic syscall use. Generally not trying to do anything > +// meaningful with the syscalls. > + > +#define GO(__NR_xxx, s) \ > + fprintf(stderr, "-----------------------------------------------------\n" \ > + "%3d:%20s %s\n" \ > + "-----------------------------------------------------\n", \ > + __NR_xxx, #__NR_xxx, s); > + > +#define SY res = syscall > + > +#define FAIL assert(-1 == res); > +#define SUCC assert(-1 != res); > +#define SUCC_OR_FAIL /* no test */ > + > +#define FAILx(E) \ > + do { \ > + int myerrno = errno; \ > + if (-1 == res) { \ > + if (E == myerrno) { \ > + /* as expected */ \ > + } else { \ > + fprintf(stderr, "Expected error %s (%d), got %d\n", #E, E, myerrno); \ > + exit(1); \ > + } \ > + } else { \ > + fprintf(stderr, "Expected error %s (%d), got success\n", #E, E); \ > + exit(1); \ > + } \ > + } while (0); > + > +#define SUCC_OR_FAILx(E) \ > + do { \ > + int myerrno = errno; \ > + if (-1 == res) { \ > + if (E == myerrno) { \ > + /* as expected */ \ > + } else { \ > + fprintf(stderr, "Expected error %s (%d), got %d\n", #E, E, myerrno); \ > + exit(1); \ > + } \ > + } \ > + } while (0); > diff --git a/memcheck/tests/amd64-linux/scalar.stderr.exp b/memcheck/tests/amd64-linux/scalar.stderr.exp > new file mode 100644 > index 000000000000..2df80068ead8 > --- /dev/null > +++ b/memcheck/tests/amd64-linux/scalar.stderr.exp > @@ -0,0 +1,62 @@ > +----------------------------------------------------- > + 0: __NR_read 1+3s 1m > +----------------------------------------------------- > +Syscall param (syscallno) contains uninitialised byte(s) > + ... > + by 0x........: main (scalar.c:38) > + > +Syscall param read(fd) contains uninitialised byte(s) > + ... > + by 0x........: main (scalar.c:38) > + > +Syscall param read(buf) contains uninitialised byte(s) > + ... > + by 0x........: main (scalar.c:38) > + > +Syscall param read(count) contains uninitialised byte(s) > + ... > + by 0x........: main (scalar.c:38) > + > +Syscall param read(buf) points to unaddressable byte(s) > + ... > + by 0x........: main (scalar.c:38) > + Address 0x........ is not stack'd, malloc'd or (recently) free'd > + > +----------------------------------------------------- > + 1: __NR_write 3s 1m > +----------------------------------------------------- > +Syscall param write(fd) contains uninitialised byte(s) > + ... > + by 0x........: main (scalar.c:42) > + > +Syscall param write(buf) contains uninitialised byte(s) > + ... > + by 0x........: main (scalar.c:42) > + > +Syscall param write(count) contains uninitialised byte(s) > + ... > + by 0x........: main (scalar.c:42) > + > +Syscall param write(buf) points to unaddressable byte(s) > + ... > + by 0x........: main (scalar.c:42) > + Address 0x........ is not stack'd, malloc'd or (recently) free'd > + > +----------------------------------------------------- > + 60: __NR_exit below > +----------------------------------------------------- > +----------------------------------------------------- > +9999: 9999 1e > +----------------------------------------------------- > +WARNING: unhandled amd64-linux syscall: 9999 > +You may be able to write your own handler. > +Read the file README_MISSING_SYSCALL_OR_IOCTL. > +Nevertheless we consider this a bug. Please report > +it at http://valgrind.org/support/bug_reports.html. > +----------------------------------------------------- > + 60: __NR_exit 1s 0m > +----------------------------------------------------- > +Syscall param exit(status) contains uninitialised byte(s) > + ... > + by 0x........: main (scalar.c:54) > + > diff --git a/memcheck/tests/amd64-linux/scalar.vgtest b/memcheck/tests/amd64-linux/scalar.vgtest > new file mode 100644 > index 000000000000..81e72b047541 > --- /dev/null > +++ b/memcheck/tests/amd64-linux/scalar.vgtest > @@ -0,0 +1,6 @@ > +prog: scalar > +# Do not run under root > +prereq: [ `id -u` -ne 0 ] > +vgopts: -q --error-limit=no > +stderr_filter: filter_scalar > +args: < scalar.c |