Menu
▾
▴
valgrind-developers — Discussion list for developers of valgrind
You can subscribe to this list here.
| 2002 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
(1) |
Oct
(122) |
Nov
(152) |
Dec
(69) |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2003 |
Jan
(6) |
Feb
(25) |
Mar
(73) |
Apr
(82) |
May
(24) |
Jun
(25) |
Jul
(10) |
Aug
(11) |
Sep
(10) |
Oct
(54) |
Nov
(203) |
Dec
(182) |
| 2004 |
Jan
(307) |
Feb
(305) |
Mar
(430) |
Apr
(312) |
May
(187) |
Jun
(342) |
Jul
(487) |
Aug
(637) |
Sep
(336) |
Oct
(373) |
Nov
(441) |
Dec
(210) |
| 2005 |
Jan
(385) |
Feb
(480) |
Mar
(636) |
Apr
(544) |
May
(679) |
Jun
(625) |
Jul
(810) |
Aug
(838) |
Sep
(634) |
Oct
(521) |
Nov
(965) |
Dec
(543) |
| 2006 |
Jan
(494) |
Feb
(431) |
Mar
(546) |
Apr
(411) |
May
(406) |
Jun
(322) |
Jul
(256) |
Aug
(401) |
Sep
(345) |
Oct
(542) |
Nov
(308) |
Dec
(481) |
| 2007 |
Jan
(427) |
Feb
(326) |
Mar
(367) |
Apr
(255) |
May
(244) |
Jun
(204) |
Jul
(223) |
Aug
(231) |
Sep
(354) |
Oct
(374) |
Nov
(497) |
Dec
(362) |
| 2008 |
Jan
(322) |
Feb
(482) |
Mar
(658) |
Apr
(422) |
May
(476) |
Jun
(396) |
Jul
(455) |
Aug
(267) |
Sep
(280) |
Oct
(253) |
Nov
(232) |
Dec
(304) |
| 2009 |
Jan
(486) |
Feb
(470) |
Mar
(458) |
Apr
(423) |
May
(696) |
Jun
(461) |
Jul
(551) |
Aug
(575) |
Sep
(134) |
Oct
(110) |
Nov
(157) |
Dec
(102) |
| 2010 |
Jan
(226) |
Feb
(86) |
Mar
(147) |
Apr
(117) |
May
(107) |
Jun
(203) |
Jul
(193) |
Aug
(238) |
Sep
(300) |
Oct
(246) |
Nov
(23) |
Dec
(75) |
| 2011 |
Jan
(133) |
Feb
(195) |
Mar
(315) |
Apr
(200) |
May
(267) |
Jun
(293) |
Jul
(353) |
Aug
(237) |
Sep
(278) |
Oct
(611) |
Nov
(274) |
Dec
(260) |
| 2012 |
Jan
(303) |
Feb
(391) |
Mar
(417) |
Apr
(441) |
May
(488) |
Jun
(655) |
Jul
(590) |
Aug
(610) |
Sep
(526) |
Oct
(478) |
Nov
(359) |
Dec
(372) |
| 2013 |
Jan
(467) |
Feb
(226) |
Mar
(391) |
Apr
(281) |
May
(299) |
Jun
(252) |
Jul
(311) |
Aug
(352) |
Sep
(481) |
Oct
(571) |
Nov
(222) |
Dec
(231) |
| 2014 |
Jan
(185) |
Feb
(329) |
Mar
(245) |
Apr
(238) |
May
(281) |
Jun
(399) |
Jul
(382) |
Aug
(500) |
Sep
(579) |
Oct
(435) |
Nov
(487) |
Dec
(256) |
| 2015 |
Jan
(338) |
Feb
(357) |
Mar
(330) |
Apr
(294) |
May
(191) |
Jun
(108) |
Jul
(142) |
Aug
(261) |
Sep
(190) |
Oct
(54) |
Nov
(83) |
Dec
(22) |
| 2016 |
Jan
(49) |
Feb
(89) |
Mar
(33) |
Apr
(50) |
May
(27) |
Jun
(34) |
Jul
(53) |
Aug
(53) |
Sep
(98) |
Oct
(206) |
Nov
(93) |
Dec
(53) |
| 2017 |
Jan
(65) |
Feb
(82) |
Mar
(102) |
Apr
(86) |
May
(187) |
Jun
(67) |
Jul
(23) |
Aug
(93) |
Sep
(65) |
Oct
(45) |
Nov
(35) |
Dec
(17) |
| 2018 |
Jan
(26) |
Feb
(35) |
Mar
(38) |
Apr
(32) |
May
(8) |
Jun
(43) |
Jul
(27) |
Aug
(30) |
Sep
(43) |
Oct
(42) |
Nov
(38) |
Dec
(67) |
| 2019 |
Jan
(32) |
Feb
(37) |
Mar
(53) |
Apr
(64) |
May
(49) |
Jun
(18) |
Jul
(14) |
Aug
(53) |
Sep
(25) |
Oct
(30) |
Nov
(49) |
Dec
(31) |
| 2020 |
Jan
(87) |
Feb
(45) |
Mar
(37) |
Apr
(51) |
May
(99) |
Jun
(36) |
Jul
(11) |
Aug
(14) |
Sep
(20) |
Oct
(24) |
Nov
(40) |
Dec
(23) |
| 2021 |
Jan
(14) |
Feb
(53) |
Mar
(85) |
Apr
(15) |
May
(19) |
Jun
(3) |
Jul
(14) |
Aug
(1) |
Sep
(57) |
Oct
(73) |
Nov
(56) |
Dec
(22) |
| 2022 |
Jan
(3) |
Feb
(22) |
Mar
(6) |
Apr
(55) |
May
(46) |
Jun
(39) |
Jul
(15) |
Aug
(9) |
Sep
(11) |
Oct
(34) |
Nov
(20) |
Dec
(36) |
| 2023 |
Jan
(79) |
Feb
(41) |
Mar
(99) |
Apr
(169) |
May
(48) |
Jun
(16) |
Jul
(16) |
Aug
(57) |
Sep
(83) |
Oct
(89) |
Nov
(97) |
Dec
(30) |
| 2024 |
Jan
(25) |
Feb
(73) |
Mar
(76) |
Apr
(122) |
May
(46) |
Jun
(44) |
Jul
(27) |
Aug
(30) |
Sep
(33) |
Oct
(67) |
Nov
(91) |
Dec
(70) |
| 2025 |
Jan
(44) |
Feb
(36) |
Mar
(85) |
Apr
(100) |
May
(138) |
Jun
(55) |
Jul
(107) |
Aug
(54) |
Sep
|
Oct
|
Nov
|
Dec
|
|
From: Paul F. <pa...@so...> - 2024-09-06 19:48:28
|
https://sourceware.org/git/gitweb.cgi?p=valgrind.git;h=172650e2e737666a37998c0ad2b96db04dc3b091 commit 172650e2e737666a37998c0ad2b96db04dc3b091 Author: Paul Floyd <pj...@wa...> Date: Fri Sep 6 21:47:38 2024 +0200 Linux regtest: add gdbserver filter for debuginfod messages Diff: --- gdbserver_tests/filter_gdb.in | 2 ++ 1 file changed, 2 insertions(+) diff --git a/gdbserver_tests/filter_gdb.in b/gdbserver_tests/filter_gdb.in index ccf201b2ac..094ea933ec 100755 --- a/gdbserver_tests/filter_gdb.in +++ b/gdbserver_tests/filter_gdb.in @@ -263,6 +263,8 @@ s/^0x........ in \(\w\+ (\)/\1/ # finishes with a new line, sometimes not ???). /^$/d +# delete any missing debuginfo messages +/^Missing debuginfo.*/d EOF |
|
From: Frank C. E. <fc...@so...> - 2024-09-03 17:31:56
|
https://sourceware.org/git/gitweb.cgi?p=valgrind.git;h=d275c45935f7352a944721bc22e671908ca8eae4 commit d275c45935f7352a944721bc22e671908ca8eae4 (HEAD -> master) Author: Frank Ch. Eigler <fc...@re...> Date: Tue Sep 3 13:30:13 2024 -0400 valgrind testing: fix vg_regtest individual-test mode One of the new log files was created in a way that was oblivious to the chdir()'s in effect in the perl script. Signed-off-by: Frank Ch. Eigler <fc...@re...> Diff: --- tests/vg_regtest.in | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/vg_regtest.in b/tests/vg_regtest.in index aeef874f34..3471322b0f 100755 --- a/tests/vg_regtest.in +++ b/tests/vg_regtest.in @@ -830,7 +830,7 @@ while (1) { # we will exit after one loop, unless looptillfail while (<LOGFILE>) { print TSLOG "|\t$_"; } close(LOGFILE); } - open(VGTESTTRS,">","$dir/$file.trs") or die $!; + open(VGTESTTRS,">","$file.trs") or die $!; print VGTESTTRS ":test-result: $result\n"; print VGTESTTRS ":global-test-result: $result\n"; print VGTESTTRS ":recheck: no\n"; # ? |
|
From: Mark W. <ma...@so...> - 2024-09-02 17:17:55
|
https://sourceware.org/git/gitweb.cgi?p=valgrind.git;h=9f9bc85e203e8d0c3161868e6623aa527d5c52dd commit 9f9bc85e203e8d0c3161868e6623aa527d5c52dd Author: Mark Wielaard <ma...@kl...> Date: Mon Sep 2 19:17:05 2024 +0200 NEWS: Add 492214 sys_statx: support for statx(fd, NULL, AT_EMPTY_PATH) This was resolved in commit de408f75bf28d76a0016325b75f14be45631472a Diff: --- NEWS | 2 ++ 1 file changed, 2 insertions(+) diff --git a/NEWS b/NEWS index 6818089fee..0e44e2ce1a 100644 --- a/NEWS +++ b/NEWS @@ -59,6 +59,8 @@ are not entered into bugzilla tend to get forgotten about or ignored. 490651 Stop using -flto-partition=one 491394 (vgModuleLocal_addDiCfSI): Assertion 'di->fsm.have_rx_map && di->fsm.rw_map_count' failed +492214 statx(fd, NULL, AT_EMPTY_PATH) is supported since Linux 6.11 + but not supported in valgrind To see details of a given bug, visit https://bugs.kde.org/show_bug.cgi?id=XXXXXX |
|
From: Paul F. <pa...@so...> - 2024-09-01 19:47:01
|
https://sourceware.org/git/gitweb.cgi?p=valgrind.git;h=2008033e77c970912fe6fd7a665caf38d271b67d commit 2008033e77c970912fe6fd7a665caf38d271b67d Author: Paul Floyd <pj...@wa...> Date: Sun Sep 1 21:45:24 2024 +0200 FreeBSD regtest: add an expected for FreeBSD 14.1 amd64 Some old FreeBSD 7 syscalls have been removed. Diff: --- memcheck/tests/freebsd/Makefile.am | 1 + memcheck/tests/freebsd/scalar.stderr.exp-amd64-141 | 5393 ++++++++++++++++++++ 2 files changed, 5394 insertions(+) diff --git a/memcheck/tests/freebsd/Makefile.am b/memcheck/tests/freebsd/Makefile.am index 3656be0edd..3cf377876f 100644 --- a/memcheck/tests/freebsd/Makefile.am +++ b/memcheck/tests/freebsd/Makefile.am @@ -93,6 +93,7 @@ EXTRA_DIST = \ scalar.stderr.exp-arm64 \ scalar.stderr.exp-arm64_2 \ scalar.stderr.exp-x86 \ + scalar.stderr.exp-amd64-141 \ scalar_abort2.vgtest \ scalar_13_plus.vgtest \ scalar_13_plus.stderr.exp \ diff --git a/memcheck/tests/freebsd/scalar.stderr.exp-amd64-141 b/memcheck/tests/freebsd/scalar.stderr.exp-amd64-141 new file mode 100644 index 0000000000..4d22fdc834 --- /dev/null +++ b/memcheck/tests/freebsd/scalar.stderr.exp-amd64-141 @@ -0,0 +1,5393 @@ +--------------------------------------------------------- + 1: SYS_exit below +--------------------------------------------------------- +--------------------------------------------------------- + 2: SYS_fork other +--------------------------------------------------------- +--------------------------------------------------------- + 3: SYS_read 1+3s 0m +--------------------------------------------------------- +Syscall param (syscallno) contains uninitialised byte(s) + ... + +Syscall param read(buf) contains uninitialised byte(s) + ... + +Syscall param read(count) contains uninitialised byte(s) + ... + +Syscall param read(buf) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +--------------------------------------------------------- + 4: SYS_write 3s 1m +--------------------------------------------------------- +Syscall param write(fd) contains uninitialised byte(s) + ... + +Syscall param write(buf) contains uninitialised byte(s) + ... + +Syscall param write(count) contains uninitialised byte(s) + ... + +Syscall param write(buf) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +--------------------------------------------------------- + 5: SYS_open (2-args) 2s 1m +--------------------------------------------------------- +Syscall param open(filename) contains uninitialised byte(s) + ... + +Syscall param open(flags) contains uninitialised byte(s) + ... + +Syscall param open(filename) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +--------------------------------------------------------- + 5: SYS_open (3-args) 1s 0m +--------------------------------------------------------- +Syscall param open(mode) contains uninitialised byte(s) + ... + +--------------------------------------------------------- + 6: SYS_close 1s 0m +--------------------------------------------------------- +Syscall param close(fd) contains uninitialised byte(s) + ... + +--------------------------------------------------------- + 7: SYS_wait4 4s 2m +--------------------------------------------------------- +Syscall param wait4(pid) contains uninitialised byte(s) + ... + +Syscall param wait4(status) contains uninitialised byte(s) + ... + +Syscall param wait4(options) contains uninitialised byte(s) + ... + +Syscall param wait4(rusage) contains uninitialised byte(s) + ... + +Syscall param wait4(status) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +Syscall param wait4(rusage) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +--------------------------------------------------------- + 9: SYS_link 2s 2m +--------------------------------------------------------- +Syscall param link(oldpath) contains uninitialised byte(s) + ... + +Syscall param link(newpath) contains uninitialised byte(s) + ... + +Syscall param link(oldpath) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +Syscall param link(newpath) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +--------------------------------------------------------- + 10: SYS_unlink 1s 1m +--------------------------------------------------------- +Syscall param unlink(pathname) contains uninitialised byte(s) + ... + +Syscall param unlink(pathname) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +--------------------------------------------------------- + 12: SYS_chdir 1s 1m +--------------------------------------------------------- +Syscall param chdir(path) contains uninitialised byte(s) + ... + +Syscall param chdir(path) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +--------------------------------------------------------- + 13: SYS_fchdir 1s 0m +--------------------------------------------------------- +Syscall param fchdir(fd) contains uninitialised byte(s) + ... + +--------------------------------------------------------- + 14: SYS_freebsd11_mknod 3s 1m +--------------------------------------------------------- +Syscall param mknod(pathname) contains uninitialised byte(s) + ... + +Syscall param mknod(mode) contains uninitialised byte(s) + ... + +Syscall param mknod(dev) contains uninitialised byte(s) + ... + +Syscall param mknod(pathname) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +--------------------------------------------------------- + 15: SYS_chmod 2s 1m +--------------------------------------------------------- +Syscall param chmod(path) contains uninitialised byte(s) + ... + +Syscall param chmod(mode) contains uninitialised byte(s) + ... + +Syscall param chmod(path) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +--------------------------------------------------------- + 16: SYS_chown 3s 1m +--------------------------------------------------------- +Syscall param chown(path) contains uninitialised byte(s) + ... + +Syscall param chown(owner) contains uninitialised byte(s) + ... + +Syscall param chown(group) contains uninitialised byte(s) + ... + +Syscall param chown(path) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +--------------------------------------------------------- + 17: SYS_break 1s 1m +--------------------------------------------------------- +Syscall param brk(end_data_segment) contains uninitialised byte(s) + ... + +--------------------------------------------------------- + 20: SYS_getpid 0s 0m +--------------------------------------------------------- +--------------------------------------------------------- + 21: SYS_mount 4s 2m +--------------------------------------------------------- +Syscall param mount(type) contains uninitialised byte(s) + ... + +Syscall param mount(dir) contains uninitialised byte(s) + ... + +Syscall param mount(flags) contains uninitialised byte(s) + ... + +Syscall param mount(data) contains uninitialised byte(s) + ... + +Syscall param mount(type) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +Syscall param mount(path) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +--------------------------------------------------------- + 22: SYS_unmount 2s 1m +--------------------------------------------------------- +Syscall param unmount(dir) contains uninitialised byte(s) + ... + +Syscall param unmount(flags) contains uninitialised byte(s) + ... + +Syscall param unmount(path) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +--------------------------------------------------------- + 23: SYS_setuid 1s 0m +--------------------------------------------------------- +Syscall param setuid(uid) contains uninitialised byte(s) + ... + +--------------------------------------------------------- + 24: SYS_getuid 0s 0m +--------------------------------------------------------- +--------------------------------------------------------- + 25: SYS_geteuid 0s 0m +--------------------------------------------------------- +--------------------------------------------------------- + 26: SYS_ptrace 4s 0m +--------------------------------------------------------- +Syscall param ptrace(request) contains uninitialised byte(s) + ... + +Syscall param ptrace(pid) contains uninitialised byte(s) + ... + +Syscall param ptrace(addr) contains uninitialised byte(s) + ... + +Syscall param ptrace(data) contains uninitialised byte(s) + ... + +--------------------------------------------------------- + 27: SYS_recvmsg 3s 0m +--------------------------------------------------------- +Syscall param recvmsg(s) contains uninitialised byte(s) + ... + +Syscall param recvmsg(msg) contains uninitialised byte(s) + ... + +Syscall param recvmsg(flags) contains uninitialised byte(s) + ... + +--------------------------------------------------------- + 28: SYS_sendmsg 3s 0m +--------------------------------------------------------- +Syscall param sendmsg(s) contains uninitialised byte(s) + ... + +Syscall param sendmsg(msg) contains uninitialised byte(s) + ... + +Syscall param sendmsg(flags) contains uninitialised byte(s) + ... + +--------------------------------------------------------- + 29: SYS_recvfrom 6+1s 0m +--------------------------------------------------------- +Syscall param recvfrom(s) contains uninitialised byte(s) + ... + +Syscall param recvfrom(buf) contains uninitialised byte(s) + ... + +Syscall param recvfrom(len) contains uninitialised byte(s) + ... + +Syscall param recvfrom(flags) contains uninitialised byte(s) + ... + +Syscall param recvfrom(from) contains uninitialised byte(s) + ... + +Syscall param recvfrom(fromlen) contains uninitialised byte(s) + ... + +Syscall param socketcall.recvfrom(buf) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +Syscall param socketcall.recvfrom(fromlen_in) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +--------------------------------------------------------- + 30: SYS_accept 3+1s 0m +--------------------------------------------------------- +Syscall param accept(s) contains uninitialised byte(s) + ... + +Syscall param accept(addr) contains uninitialised byte(s) + ... + +Syscall param accept(*addrlen) contains uninitialised byte(s) + ... + +Syscall param socketcall.accept(addrlen_in) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +--------------------------------------------------------- + 31: SYS_getpeername 3s 1m +--------------------------------------------------------- +Syscall param getpeername(s) contains uninitialised byte(s) + ... + +Syscall param getpeername(name) contains uninitialised byte(s) + ... + +Syscall param getpeername(namelen) contains uninitialised byte(s) + ... + +Syscall param socketcall.getpeername(namelen_in) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +--------------------------------------------------------- + 32: SYS_getsockname 3s 1m +--------------------------------------------------------- +Syscall param getsockname(s) contains uninitialised byte(s) + ... + +Syscall param getsockname(name) contains uninitialised byte(s) + ... + +Syscall param getsockname(namelen) contains uninitialised byte(s) + ... + +Syscall param socketcall.getsockname(namelen_in) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +--------------------------------------------------------- + 25: SYS_geteuid 0s 0m +--------------------------------------------------------- +--------------------------------------------------------- + 34: SYS_chflags 2s 1m +--------------------------------------------------------- +Syscall param chflags(path) contains uninitialised byte(s) + ... + +Syscall param chflags(flags) contains uninitialised byte(s) + ... + +Syscall param chflags(path) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +--------------------------------------------------------- + 35: SYS_fchflags 2s 0m +--------------------------------------------------------- +Syscall param fchflags(fd) contains uninitialised byte(s) + ... + +Syscall param fchflags(flags) contains uninitialised byte(s) + ... + +--------------------------------------------------------- + 36: SYS_sync 0s 0m +--------------------------------------------------------- +--------------------------------------------------------- + 37: SYS_kill 2s 0m +--------------------------------------------------------- +Syscall param kill(pid) contains uninitialised byte(s) + ... + +Syscall param kill(signal) contains uninitialised byte(s) + ... + +--------------------------------------------------------- + 39: SYS_getppid 0s 0m +--------------------------------------------------------- +--------------------------------------------------------- + 41: SYS_dup 1s 0m +--------------------------------------------------------- +Syscall param dup(oldfd) contains uninitialised byte(s) + ... + +--------------------------------------------------------- + 42: SYS_freebsd10_pipe 0s 0m +--------------------------------------------------------- +--------------------------------------------------------- + 43: SYS_getegid 0s 0m +--------------------------------------------------------- +--------------------------------------------------------- + 44: SYS_profil ni +--------------------------------------------------------- +--------------------------------------------------------- + 45: SYS_ktrace ni +--------------------------------------------------------- +--------------------------------------------------------- + 47: SYS_getgid 0s 0m +--------------------------------------------------------- +--------------------------------------------------------- + 49: SYS_getlogin 2s 1m +--------------------------------------------------------- +Syscall param getlogin(buf) contains uninitialised byte(s) + ... + +Syscall param getlogin(len) contains uninitialised byte(s) + ... + +Syscall param getlogin(name) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +--------------------------------------------------------- + 50: SYS_setlogin 1s 1m +--------------------------------------------------------- +Syscall param setlogin(buf) contains uninitialised byte(s) + ... + +Syscall param setlogin(buf) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +--------------------------------------------------------- + 51: SYS_acct 1s 1m +--------------------------------------------------------- +Syscall param acct(filename) contains uninitialised byte(s) + ... + +Syscall param acct(filename) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +--------------------------------------------------------- + 53: SYS_sigaltstack 2s 2m +--------------------------------------------------------- +Syscall param sigaltstack(ss) contains uninitialised byte(s) + ... + +Syscall param sigaltstack(oss) contains uninitialised byte(s) + ... + +Syscall param sigaltstack(ss) points to unaddressable byte(s) + ... + Address 0x........ is on thread 1's stack + +Syscall param sigaltstack(oss) points to unaddressable byte(s) + ... + Address 0x........ is on thread 1's stack + +Conditional jump or move depends on uninitialised value(s) + ... + +--------------------------------------------------------- + 54: SYS_ioctl 3s 1m +--------------------------------------------------------- + +More than 100 errors detected. Subsequent errors +will still be recorded, but in less detail than before. +Syscall param ioctl(fd) contains uninitialised byte(s) + ... + +Syscall param ioctl(request) contains uninitialised byte(s) + ... + +Syscall param ioctl(arg) contains uninitialised byte(s) + ... + +Syscall param ioctl(generic) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +--------------------------------------------------------- + 56: SYS_revoke 1s 1m +--------------------------------------------------------- +Syscall param revoke(path) contains uninitialised byte(s) + ... + +Syscall param revoke(path) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +--------------------------------------------------------- + 57: SYS_symlink 2s 2m +--------------------------------------------------------- +Syscall param symlink(oldpath) contains uninitialised byte(s) + ... + +Syscall param symlink(newpath) contains uninitialised byte(s) + ... + +Syscall param symlink(oldpath) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +Syscall param symlink(newpath) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +--------------------------------------------------------- + 58: SYS_readlink 3s 2m +--------------------------------------------------------- +Syscall param readlink(path) contains uninitialised byte(s) + ... + +Syscall param readlink(buf) contains uninitialised byte(s) + ... + +Syscall param readlink(bufsiz) contains uninitialised byte(s) + ... + +Syscall param readlink(path) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +Syscall param readlink(buf) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +--------------------------------------------------------- + 59: SYS_execve 3s 1m +--------------------------------------------------------- +Syscall param execve(filename) contains uninitialised byte(s) + ... + +Syscall param execve(argv) contains uninitialised byte(s) + ... + +Syscall param execve(envp) contains uninitialised byte(s) + ... + +Syscall param execve(filename) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +Syscall param execve(argv) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +--------------------------------------------------------- + 60: SYS_umask 1s 0m +--------------------------------------------------------- +Syscall param umask(mask) contains uninitialised byte(s) + ... + +--------------------------------------------------------- + 61: SYS_chroot 1s 1m +--------------------------------------------------------- +Syscall param chroot(path) contains uninitialised byte(s) + ... + +Syscall param chroot(path) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +--------------------------------------------------------- + 65: SYS_msync 3s 1m +--------------------------------------------------------- +Syscall param msync(start) contains uninitialised byte(s) + ... + +Syscall param msync(length) contains uninitialised byte(s) + ... + +Syscall param msync(flags) contains uninitialised byte(s) + ... + +Syscall param msync(start) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +--------------------------------------------------------- + 66: SYS_vfork other +--------------------------------------------------------- +--------------------------------------------------------- + 69: SYS_sbrk 1s 1m +--------------------------------------------------------- +Syscall param sbrk(incr) contains uninitialised byte(s) + ... + +--------------------------------------------------------- + 73: SYS_munmap 2s 0m +--------------------------------------------------------- +Syscall param munmap(start) contains uninitialised byte(s) + ... + +Syscall param munmap(length) contains uninitialised byte(s) + ... + +--------------------------------------------------------- + 74: SYS_mprotect 3s 0m +--------------------------------------------------------- +Syscall param mprotect(addr) contains uninitialised byte(s) + ... + +Syscall param mprotect(len) contains uninitialised byte(s) + ... + +Syscall param mprotect(prot) contains uninitialised byte(s) + ... + +--------------------------------------------------------- + 75: SYS_madvise 3s 0m +--------------------------------------------------------- +Syscall param madvise(start) contains uninitialised byte(s) + ... + +Syscall param madvise(length) contains uninitialised byte(s) + ... + +Syscall param madvise(advice) contains uninitialised byte(s) + ... + +--------------------------------------------------------- + 78: SYS_mincore 3s 1m +--------------------------------------------------------- +Syscall param mincore(start) contains uninitialised byte(s) + ... + +Syscall param mincore(length) contains uninitialised byte(s) + ... + +Syscall param mincore(vec) contains uninitialised byte(s) + ... + +Syscall param mincore(vec) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +--------------------------------------------------------- + 79: SYS_getgroups 2s 1m +--------------------------------------------------------- +Syscall param getgroups(size) contains uninitialised byte(s) + ... + +Syscall param getgroups(list) contains uninitialised byte(s) + ... + +Syscall param getgroups(list) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +--------------------------------------------------------- + 80: SYS_setgroups 2s 1m +--------------------------------------------------------- +Syscall param setgroups(size) contains uninitialised byte(s) + ... + +Syscall param setgroups(list) contains uninitialised byte(s) + ... + +Syscall param setgroups(list) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +--------------------------------------------------------- + 81: SYS_getpgrp 0s 0m +--------------------------------------------------------- +--------------------------------------------------------- + 82: SYS_setpgid 2s 0m +--------------------------------------------------------- +Syscall param setpgid(pid) contains uninitialised byte(s) + ... + +Syscall param setpgid(pgid) contains uninitialised byte(s) + ... + +--------------------------------------------------------- + 83: SYS_setitimer 3s 2m +--------------------------------------------------------- +Syscall param setitimer(which) contains uninitialised byte(s) + ... + +Syscall param setitimer(value) contains uninitialised byte(s) + ... + +Syscall param setitimer(ovalue) contains uninitialised byte(s) + ... + +Syscall param setitimer(&value->it_interval) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +Syscall param setitimer(&value->it_value) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +Syscall param setitimer(&ovalue->it_interval) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +Syscall param setitimer(&ovalue->it_value) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +--------------------------------------------------------- + 85: SYS_swapon 1s 1m +--------------------------------------------------------- +Syscall param swapon(special) contains uninitialised byte(s) + ... + +Syscall param swapon(special) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +--------------------------------------------------------- + 86: SYS_getitimer 2s 1m +--------------------------------------------------------- +Syscall param getitimer(which) contains uninitialised byte(s) + ... + +Syscall param getitimer(value) contains uninitialised byte(s) + ... + +Syscall param getitimer(&value->it_interval) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +Syscall param getitimer(&value->it_value) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +--------------------------------------------------------- + 89: SYS_getdtablesize 0s 0m +--------------------------------------------------------- +--------------------------------------------------------- + 90: SYS_dup2 2s 0m +--------------------------------------------------------- +Syscall param dup2(oldfd) contains uninitialised byte(s) + ... + +Syscall param dup2(newfd) contains uninitialised byte(s) + ... + +--------------------------------------------------------- + 92: SYS_fcntl (GETFD) 2s 0m +--------------------------------------------------------- +Syscall param fcntl(fd) contains uninitialised byte(s) + ... + +Syscall param fcntl(cmd) contains uninitialised byte(s) + ... + +--------------------------------------------------------- + 92: SYS_fcntl (DUPFD) 1s 0m +--------------------------------------------------------- +Syscall param fcntl(arg) contains uninitialised byte(s) + ... + +--------------------------------------------------------- + 93: SYS_select 5s 4m +--------------------------------------------------------- +Syscall param select(n) contains uninitialised byte(s) + ... + +Syscall param select(readfds) contains uninitialised byte(s) + ... + +Syscall param select(writefds) contains uninitialised byte(s) + ... + +Syscall param select(exceptfds) contains uninitialised byte(s) + ... + +Syscall param select(timeout) contains uninitialised byte(s) + ... + +Syscall param select(readfds) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +Syscall param select(writefds) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +Syscall param select(exceptfds) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +Syscall param select(timeout) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +--------------------------------------------------------- + 95: SYS_fsync 1s 0m +--------------------------------------------------------- +Syscall param fsync(fd) contains uninitialised byte(s) + ... + +--------------------------------------------------------- + 96: SYS_setpriority 3s 0m +--------------------------------------------------------- +Syscall param setpriority(which) contains uninitialised byte(s) + ... + +Syscall param setpriority(who) contains uninitialised byte(s) + ... + +Syscall param setpriority(prio) contains uninitialised byte(s) + ... + +--------------------------------------------------------- + 97: SYS_socket 3s 0m +--------------------------------------------------------- +Syscall param socket(domain) contains uninitialised byte(s) + ... + +Syscall param socket(type) contains uninitialised byte(s) + ... + +Syscall param socket(protocol) contains uninitialised byte(s) + ... + +--------------------------------------------------------- + 98: SYS_connect 3s 0m +--------------------------------------------------------- +Syscall param connect(s) contains uninitialised byte(s) + ... + +Syscall param connect(name) contains uninitialised byte(s) + ... + +Syscall param connect(namelen) contains uninitialised byte(s) + ... + +--------------------------------------------------------- +100: SYS_getpriority 2s 0m +--------------------------------------------------------- +Syscall param getpriority(which) contains uninitialised byte(s) + ... + +Syscall param getpriority(who) contains uninitialised byte(s) + ... + +--------------------------------------------------------- +104: SYS_bind 3s 0m +--------------------------------------------------------- +Syscall param bind(s) contains uninitialised byte(s) + ... + +Syscall param bind(addr) contains uninitialised byte(s) + ... + +Syscall param bind(addrlen) contains uninitialised byte(s) + ... + +--------------------------------------------------------- +105: SYS_setsockopt 5s 0m +--------------------------------------------------------- +Syscall param setsockopt(s) contains uninitialised byte(s) + ... + +Syscall param setsockopt(level) contains uninitialised byte(s) + ... + +Syscall param setsockopt(optname) contains uninitialised byte(s) + ... + +Syscall param setsockopt(optval) contains uninitialised byte(s) + ... + +Syscall param setsockopt(optlen) contains uninitialised byte(s) + ... + +--------------------------------------------------------- +106: SYS_listen 2s 0m +--------------------------------------------------------- +Syscall param listen(s) contains uninitialised byte(s) + ... + +Syscall param listen(backlog) contains uninitialised byte(s) + ... + +--------------------------------------------------------- +116: SYS_gettimeofday 2s 2m +--------------------------------------------------------- +Syscall param gettimeofday(tv) contains uninitialised byte(s) + ... + +Syscall param gettimeofday(tz) contains uninitialised byte(s) + ... + +Syscall param gettimeofday(tv) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +Syscall param gettimeofday(tz) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +--------------------------------------------------------- +117: SYS_getrusage 2s 1m +--------------------------------------------------------- +Syscall param getrusage(who) contains uninitialised byte(s) + ... + +Syscall param getrusage(usage) contains uninitialised byte(s) + ... + +Syscall param getrusage(usage) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +--------------------------------------------------------- +105: SYS_setsockopt 5s 1m +--------------------------------------------------------- +Syscall param setsockopt(s) contains uninitialised byte(s) + ... + +Syscall param setsockopt(level) contains uninitialised byte(s) + ... + +Syscall param setsockopt(optname) contains uninitialised byte(s) + ... + +Syscall param setsockopt(optval) contains uninitialised byte(s) + ... + +Syscall param setsockopt(optlen) contains uninitialised byte(s) + ... + +--------------------------------------------------------- +120: SYS_readv 3s 1m +--------------------------------------------------------- +Syscall param readv(fd) contains uninitialised byte(s) + ... + +Syscall param readv(vector) contains uninitialised byte(s) + ... + +Syscall param readv(count) contains uninitialised byte(s) + ... + +Syscall param readv(vector) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +--------------------------------------------------------- +121: SYS_writev 3s 1m +--------------------------------------------------------- +Syscall param writev(fd) contains uninitialised byte(s) + ... + +Syscall param writev(vector) contains uninitialised byte(s) + ... + +Syscall param writev(count) contains uninitialised byte(s) + ... + +Syscall param writev(vector) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +--------------------------------------------------------- +122: SYS_settimeofday 2s 2m +--------------------------------------------------------- +Syscall param settimeofday(tv) contains uninitialised byte(s) + ... + +Syscall param settimeofday(tz) contains uninitialised byte(s) + ... + +Syscall param settimeofday(tv) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +Syscall param settimeofday(tz) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +--------------------------------------------------------- +123: SYS_fchown 3s 0m +--------------------------------------------------------- +Syscall param fchown(fd) contains uninitialised byte(s) + ... + +Syscall param fchown(owner) contains uninitialised byte(s) + ... + +Syscall param fchown(group) contains uninitialised byte(s) + ... + +--------------------------------------------------------- +124: SYS_fchmod 2s 0m +--------------------------------------------------------- +Syscall param fchmod(fildes) contains uninitialised byte(s) + ... + +Syscall param fchmod(mode) contains uninitialised byte(s) + ... + +--------------------------------------------------------- +126: SYS_setreuid 2s 0m +--------------------------------------------------------- +Syscall param setreuid(ruid) contains uninitialised byte(s) + ... + +Syscall param setreuid(euid) contains uninitialised byte(s) + ... + +--------------------------------------------------------- +127: SYS_setregid 2s 0m +--------------------------------------------------------- +Syscall param setregid(rgid) contains uninitialised byte(s) + ... + +Syscall param setregid(egid) contains uninitialised byte(s) + ... + +--------------------------------------------------------- +128: SYS_rename 2s 2m +--------------------------------------------------------- +Syscall param rename(oldpath) contains uninitialised byte(s) + ... + +Syscall param rename(newpath) contains uninitialised byte(s) + ... + +Syscall param rename(oldpath) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +Syscall param rename(newpath) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +--------------------------------------------------------- +131: SYS_flock 2s 0m +--------------------------------------------------------- +Syscall param flock(fd) contains uninitialised byte(s) + ... + +Syscall param flock(operation) contains uninitialised byte(s) + ... + +--------------------------------------------------------- +132: SYS_mkfifo 2s 1m +--------------------------------------------------------- +Syscall param mkfifo(path) contains uninitialised byte(s) + ... + +Syscall param mkfifo(mode) contains uninitialised byte(s) + ... + +Syscall param mkfifo(path) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +--------------------------------------------------------- +133: SYS_sendto 6s 0m +--------------------------------------------------------- +Syscall param sendto(s) contains uninitialised byte(s) + ... + +Syscall param sendto(msg) contains uninitialised byte(s) + ... + +Syscall param sendto(len) contains uninitialised byte(s) + ... + +Syscall param sendto(flags) contains uninitialised byte(s) + ... + +Syscall param sendto(to) contains uninitialised byte(s) + ... + +Syscall param sendto(tolen) contains uninitialised byte(s) + ... + +--------------------------------------------------------- +135: SYS_socketpair 4s 1m +--------------------------------------------------------- +Syscall param socketpair(domain) contains uninitialised byte(s) + ... + +Syscall param socketpair(type) contains uninitialised byte(s) + ... + +Syscall param socketpair(protocol) contains uninitialised byte(s) + ... + +Syscall param socketpair(sv) contains uninitialised byte(s) + ... + +Syscall param socketcall.socketpair(sv) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +--------------------------------------------------------- +136: SYS_mkdir 2s 1m +--------------------------------------------------------- +Syscall param mkdir(pathname) contains uninitialised byte(s) + ... + +Syscall param mkdir(mode) contains uninitialised byte(s) + ... + +Syscall param mkdir(pathname) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +--------------------------------------------------------- +137: SYS_rmdir 1s 1m +--------------------------------------------------------- +Syscall param rmdir(pathname) contains uninitialised byte(s) + ... + +Syscall param rmdir(pathname) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +--------------------------------------------------------- +138: SYS_utimes 2s 2m +--------------------------------------------------------- +Syscall param utimes(filename) contains uninitialised byte(s) + ... + +Syscall param utimes(tvp) contains uninitialised byte(s) + ... + +Syscall param utimes(filename) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +Syscall param utimes(tvp[0]) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +Syscall param utimes(tvp[1]) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +--------------------------------------------------------- +140: SYS_adjtime 2s 1m +--------------------------------------------------------- +Syscall param adjtime(delta) contains uninitialised byte(s) + ... + +Syscall param adjtime(olddelta) contains uninitialised byte(s) + ... + +Syscall param adjtime(delta) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +--------------------------------------------------------- +147: SYS_setsid 0s 0m +--------------------------------------------------------- +--------------------------------------------------------- +148: SYS_quotactl (Q_QUOTAOFF) 2s 0m +--------------------------------------------------------- +Syscall param quotactl(path) contains uninitialised byte(s) + ... + +Syscall param quotactl(cmd) contains uninitialised byte(s) + ... + +--------------------------------------------------------- +148: SYS_quotactl (Q_QUOTAON) 4s 2m +--------------------------------------------------------- +Syscall param quotactl(path) contains uninitialised byte(s) + ... + +Syscall param quotactl(cmd) contains uninitialised byte(s) + ... + +Syscall param quotactl(id) contains uninitialised byte(s) + ... + +Syscall param quotactl(addr) contains uninitialised byte(s) + ... + +Syscall param quotactl(path) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +--------------------------------------------------------- +160: SYS_lgetfh 2s 2m +--------------------------------------------------------- +Syscall param lgetfh(path) contains uninitialised byte(s) + ... + +Syscall param lgetfh(fhp) contains uninitialised byte(s) + ... + +Syscall param lgetfh(path) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +Syscall param lgetfh(fhp) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +--------------------------------------------------------- +161: SYS_getfh 2s 2m +--------------------------------------------------------- +Syscall param getfh(path) contains uninitialised byte(s) + ... + +Syscall param getfh(fhp) contains uninitialised byte(s) + ... + +Syscall param getfh(path) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +Syscall param getfh(fhp) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +--------------------------------------------------------- +165: SYS_sysarch 2s 1m +--------------------------------------------------------- +Syscall param sysarch(number) contains uninitialised byte(s) + ... + +Syscall param sysarch(args) contains uninitialised byte(s) + ... + +Syscall param amd64_get_fsbase(basep) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +--------------------------------------------------------- +165: SYS_sysarch 2s 0m +--------------------------------------------------------- +Syscall param sysarch(number) contains uninitialised byte(s) + ... + +Syscall param sysarch(args) contains uninitialised byte(s) + ... + +--------------------------------------------------------- +166: SYS_rtprio (GET) 3s 1m +--------------------------------------------------------- +Syscall param rtprio(function) contains uninitialised byte(s) + ... + +Syscall param rtprio(pid) contains uninitialised byte(s) + ... + +Syscall param rtprio(rtp) contains uninitialised byte(s) + ... + +Syscall param rtprio(rtp#lookup) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +--------------------------------------------------------- +166: SYS_rtprio (SET) 3s 1m +--------------------------------------------------------- +Syscall param rtprio(function) contains uninitialised byte(s) + ... + +Syscall param rtprio(pid) contains uninitialised byte(s) + ... + +Syscall param rtprio(rtp) contains uninitialised byte(s) + ... + +Syscall param rtprio(rtp#set) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +--------------------------------------------------------- +175: SYS_setfib 1s 0m +--------------------------------------------------------- +Syscall param setfib(fib) contains uninitialised byte(s) + ... + +--------------------------------------------------------- +181: SYS_setgid 1s 0m +--------------------------------------------------------- +Syscall param setgid(gid) contains uninitialised byte(s) + ... + +--------------------------------------------------------- +182: SYS_setegid 1s 0m +--------------------------------------------------------- +Syscall param setegid(gid) contains uninitialised byte(s) + ... + +--------------------------------------------------------- +183: SYS_seteuid 1s 0m +--------------------------------------------------------- +Syscall param seteuid(uid) contains uninitialised byte(s) + ... + +--------------------------------------------------------- +188: SYS_freebsd11_stat 2s 2m +--------------------------------------------------------- +Syscall param stat(path) contains uninitialised byte(s) + ... + +Syscall param stat(sb) contains uninitialised byte(s) + ... + +Syscall param stat(path) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +Syscall param stat(sb) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +--------------------------------------------------------- +189: SYS_freebsd11_fstat 2s 1m +--------------------------------------------------------- +Syscall param fstat(fd) contains uninitialised byte(s) + ... + +Syscall param fstat(sb) contains uninitialised byte(s) + ... + +Syscall param fstat(sb) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +--------------------------------------------------------- +190: SYS_freebsd11_lstat 2s 2m +--------------------------------------------------------- +Syscall param lstat(path) contains uninitialised byte(s) + ... + +Syscall param lstat(sb) contains uninitialised byte(s) + ... + +Syscall param lstat(path) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +Syscall param lstat(sb) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +--------------------------------------------------------- +191: SYS_pathconf 2s 1m +--------------------------------------------------------- +Syscall param pathconf(path) contains uninitialised byte(s) + ... + +Syscall param pathconf(name) contains uninitialised byte(s) + ... + +Syscall param pathconf(path) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +--------------------------------------------------------- +192: SYS_fpathconf 2s 0m +--------------------------------------------------------- +Syscall param fpathconf(fd) contains uninitialised byte(s) + ... + +Syscall param fpathconf(name) contains uninitialised byte(s) + ... + +--------------------------------------------------------- +194: SYS_getrlimit 2s 1m +--------------------------------------------------------- +Syscall param getrlimit(resource) contains uninitialised byte(s) + ... + +Syscall param getrlimit(rlim) contains uninitialised byte(s) + ... + +Syscall param getrlimit(rlim) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +--------------------------------------------------------- +195: SYS_setrlimit 2s 1m +--------------------------------------------------------- +Syscall param setrlimit(resource) contains uninitialised byte(s) + ... + +Syscall param setrlimit(rlim) contains uninitialised byte(s) + ... + +Syscall param setrlimit(rlim) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +--------------------------------------------------------- +196:SYS_freebsd11_getdirentries 4s 2m +--------------------------------------------------------- +Syscall param getdirentries(fd) contains uninitialised byte(s) + ... + +Syscall param getdirentries(buf) contains uninitialised byte(s) + ... + +Syscall param getdirentries(nbytes) contains uninitialised byte(s) + ... + +Syscall param getdirentries(basep) contains uninitialised byte(s) + ... + +Syscall param getdirentries(buf) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +Syscall param getdirentries(basep) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +--------------------------------------------------------- +202: SYS___sysctl (getoldlen) 3s 2m +--------------------------------------------------------- +Syscall param __sysctl(name) contains uninitialised byte(s) + ... + +Syscall param __sysctl(namelen) contains uninitialised byte(s) + ... + +Syscall param __sysctl(oldlenp) contains uninitialised byte(s) + ... + +Syscall param __sysctl(newlen) contains uninitialised byte(s) + ... + +Syscall param sysctl(name) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +Syscall param sysctl(oldlenp) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +--------------------------------------------------------- +202: SYS___sysctl (getold) 4s 2m +--------------------------------------------------------- +Syscall param __sysctl(name) contains uninitialised byte(s) + ... + +Syscall param __sysctl(namelen) contains uninitialised byte(s) + ... + +Syscall param __sysctl(oldp) contains uninitialised byte(s) + ... + +Syscall param __sysctl(oldlenp) contains uninitialised byte(s) + ... + +Syscall param __sysctl(newlen) contains uninitialised byte(s) + ... + +Syscall param sysctl(name) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +Syscall param sysctl(oldlenp) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +Warning: Bad oldlenp address 0x........ in sysctl +--------------------------------------------------------- +202: SYS___sysctl (putnew) 4s 2m +--------------------------------------------------------- +Syscall param __sysctl(name) contains uninitialised byte(s) + ... + +Syscall param __sysctl(namelen) contains uninitialised byte(s) + ... + +Syscall param __sysctl(newp) contains uninitialised byte(s) + ... + +Syscall param __sysctl(newlen) contains uninitialised byte(s) + ... + +Syscall param sysctl(name) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +Syscall param sysctl(newp) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +--------------------------------------------------------- +203: SYS_mlock 2s 0m +--------------------------------------------------------- +Syscall param mlock(addr) contains uninitialised byte(s) + ... + +Syscall param mlock(len) contains uninitialised byte(s) + ... + +--------------------------------------------------------- +204: SYS_munlock 2s 0m +--------------------------------------------------------- +Syscall param munlock(addr) contains uninitialised byte(s) + ... + +Syscall param munlock(len) contains uninitialised byte(s) + ... + +--------------------------------------------------------- +205: SYS_undelete 1s 1m +--------------------------------------------------------- +Syscall param undelete(path) contains uninitialised byte(s) + ... + +Syscall param undelete(path) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +--------------------------------------------------------- +206: SYS_futimes 2s 0m +--------------------------------------------------------- +Syscall param futimes(fd) contains uninitialised byte(s) + ... + +Syscall param futimes(times) contains uninitialised byte(s) + ... + +--------------------------------------------------------- +207: SYS_getpgid 1s 0m +--------------------------------------------------------- +Syscall param getpgid(pid) contains uninitialised byte(s) + ... + +--------------------------------------------------------- +209: SYS_poll 2s 2m +--------------------------------------------------------- +Syscall param poll(ufds) contains uninitialised byte(s) + ... + +Syscall param poll(nfds) contains uninitialised byte(s) + ... + +Syscall param poll(timeout) contains uninitialised byte(s) + ... + +Syscall param poll(ufds.fd) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +Syscall param poll(ufds.revents) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +--------------------------------------------------------- +209: SYS_poll 0s 2m +--------------------------------------------------------- +Syscall param poll(ufds.fd) points to uninitialised byte(s) + ... + Address 0x........ is on thread 1's stack + +Syscall param poll(ufds.events) points to uninitialised byte(s) + ... + Address 0x........ is on thread 1's stack + +--------------------------------------------------------- +221: SYS_semget 3s 0m +--------------------------------------------------------- +Syscall param semget(key) contains uninitialised byte(s) + ... + +Syscall param semget(nsems) contains uninitialised byte(s) + ... + +Syscall param semget(flag) contains uninitialised byte(s) + ... + +--------------------------------------------------------- +222: SYS_semop 3s 0m +--------------------------------------------------------- +Syscall param semop(semid) contains uninitialised byte(s) + ... + +Syscall param semop(array) contains uninitialised byte(s) + ... + +Syscall param semop(nops) contains uninitialised byte(s) + ... + +--------------------------------------------------------- +225: SYS_msgget 2s 0m +--------------------------------------------------------- +Syscall param msgget(key) contains uninitialised byte(s) + ... + +Syscall param msgget(msgflg) contains uninitialised byte(s) + ... + +--------------------------------------------------------- +226: SYS_msgsnd 4s 1m +--------------------------------------------------------- +Syscall param msgsnd(msqid) contains uninitialised byte(s) + ... + +Syscall param msgsnd(msgp) contains uninitialised byte(s) + ... + +Syscall param msgsnd(msgsz) contains uninitialised byte(s) + ... + +Syscall param msgsnd(msgflg) contains uninitialised byte(s) + ... + +Syscall param msgsnd(msgp->mtype) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +--------------------------------------------------------- +227: SYS_msgrcv 4+1s 1m +--------------------------------------------------------- +Syscall param msgrcv(msqid) contains uninitialised byte(s) + ... + +Syscall param msgrcv(msgp) contains uninitialised byte(s) + ... + +Syscall param msgrcv(msgsz) contains uninitialised byte(s) + ... + +Syscall param msgrcv(msgtyp) contains uninitialised byte(s) + ... + +Syscall param msgrcv(msgflg) contains uninitialised byte(s) + ... + +Syscall param msgrcv(msgp->mtype) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +Syscall param msgrcv(msgp->mtext) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +--------------------------------------------------------- +228: SYS_shmat 3s 0m +--------------------------------------------------------- +Syscall param shmat(shmid) contains uninitialised byte(s) + ... + +Syscall param shmat(addr) contains uninitialised byte(s) + ... + +Syscall param shmat(flag) contains uninitialised byte(s) + ... + +--------------------------------------------------------- +230: SYS_shmdt 1s 0m +--------------------------------------------------------- +Syscall param shmdt(addr) contains uninitialised byte(s) + ... + +--------------------------------------------------------- +231: SYS_shmget 3s 0m +--------------------------------------------------------- +Syscall param shmget(key) contains uninitialised byte(s) + ... + +Syscall param shmget(size) contains uninitialised byte(s) + ... + +Syscall param shmget(flag) contains uninitialised byte(s) + ... + +--------------------------------------------------------- +232: SYS_clock_gettime 2s 1m +--------------------------------------------------------- +Syscall param clock_gettime(clk_id) contains uninitialised byte(s) + ... + +Syscall param clock_gettime(tp) contains uninitialised byte(s) + ... + +Syscall param clock_gettime(tp) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +--------------------------------------------------------- +233: SYS_clock_settime 2s 1m +--------------------------------------------------------- +Syscall param clock_settime(clk_id) contains uninitialised byte(s) + ... + +Syscall param clock_settime(tp) contains uninitialised byte(s) + ... + +Syscall param clock_settime(tp) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +--------------------------------------------------------- +234: SYS_clock_getres 2s 1m +--------------------------------------------------------- +Syscall param clock_getres(clock_id) contains uninitialised byte(s) + ... + +Syscall param clock_getres(tp) contains uninitialised byte(s) + ... + +Syscall param clock_getres(tp) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +--------------------------------------------------------- +235: SYS_ktimer_create 3s 2m +--------------------------------------------------------- +Syscall param timer_create(clockid) contains uninitialised byte(s) + ... + +Syscall param timer_create(evp) contains uninitialised byte(s) + ... + +Syscall param timer_create(timerid) contains uninitialised byte(s) + ... + +Syscall param timer_create(evp) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +Syscall param timer_create(timerid) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +--------------------------------------------------------- +236: SYS_ktimer_delete 1s 0m +--------------------------------------------------------- +Syscall param timer_delete(timerid) contains uninitialised byte(s) + ... + +--------------------------------------------------------- +237: SYS_ktimer_settime 4s 2m +--------------------------------------------------------- +Syscall param timer_settime(timerid) contains uninitialised byte(s) + ... + +Syscall param timer_settime(flags) contains uninitialised byte(s) + ... + +Syscall param timer_settime(value) contains uninitialised byte(s) + ... + +Syscall param timer_settime(ovalue) contains uninitialised byte(s) + ... + +Syscall param timer_settime(value) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +Syscall param timer_settime(ovalue) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +--------------------------------------------------------- +238: SYS_ktimer_gettime 2s 1m +--------------------------------------------------------- +Syscall param timer_gettime(timerid) contains uninitialised byte(s) + ... + +Syscall param timer_gettime(value) contains uninitialised byte(s) + ... + +Syscall param timer_gettime(value) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +--------------------------------------------------------- +239: SYS_ktimer_getoverrun 1s 0m +--------------------------------------------------------- +Syscall param timer_getoverrun(timerid) contains uninitialised byte(s) + ... + +--------------------------------------------------------- +240: SYS_nanosleep 2s 2m +--------------------------------------------------------- +Syscall param nanosleep(req) contains uninitialised byte(s) + ... + +Syscall param nanosleep(rem) contains uninitialised byte(s) + ... + +Syscall param nanosleep(req) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +Syscall param nanosleep(rem) points to unad... [truncated message content] |
|
From: Paul F. <pj...@wa...> - 2024-09-01 19:45:02
|
Hi If I run a single regtest I now get a perl error: paulf> perl tests/vg_regtest memcheck/tests/freebsd/scalar scalar: valgrind -q --error-limit=no ./scalar < scalar.c No such file or directory at tests/vg_regtest line 833. Is that related to the new bunsen functionality? A+ Paul |
|
From: Mark W. <ma...@kl...> - 2024-08-30 11:57:50
|
Hi Miao,
On Sat, 2024-08-24 at 03:07 +0800, Miao Wang via B4 Relay via Valgrind-
developers wrote:
> From: Miao Wang <sha...@gm...>
>
> statx(fd, NULL, AT_EMPTY_PATH) is supported since Linux 6.11 and this
> patch addes the support to valgrind, so that it won't complain when
> NULL is used as |filename| and |flags| includes AT_EMPTY_PATH.
>
> Ref: commit 0ef625bba6fb ("vfs: support statx(..., NULL, AT_EMPTY_PATH, ...)")
Thanks for also creating a bug for this:
https://bugs.kde.org/show_bug.cgi?id=433641
I reviewed pushed it (with one small commit message change
addes -> adds.
Cheers,
Mark
> Signed-off-by: Miao Wang <sha...@gm...>
> ---
> coregrind/m_syswrap/syswrap-linux.c | 6 +++++-
> 1 file changed, 5 insertions(+), 1 deletion(-)
>
> diff --git a/coregrind/m_syswrap/syswrap-linux.c b/coregrind/m_syswrap/syswrap-linux.c
> index 9f3c51c17..453385599 100644
> --- a/coregrind/m_syswrap/syswrap-linux.c
> +++ b/coregrind/m_syswrap/syswrap-linux.c
> @@ -4209,8 +4209,12 @@ PRE(sys_statx)
> // in which it passes NULL for both filename and buf, and then looks at the
> // return value, so as to determine whether or not this syscall is supported.
> Bool both_filename_and_buf_are_null = ARG2 == 0 && ARG5 == 0;
> + Bool statx_null_path = (ARG2 == 0) && (ARG3 & VKI_AT_EMPTY_PATH);
> if (!both_filename_and_buf_are_null) {
> - PRE_MEM_RASCIIZ( "statx(filename)", ARG2 );
> + // Since Linux 6.11, the kernel allows passing a NULL filename when
> + // the AT_EMPTY_PATH flag is set.
> + if (!statx_null_path)
> + PRE_MEM_RASCIIZ( "statx(filename)", ARG2 );
> PRE_MEM_WRITE( "statx(buf)", ARG5, sizeof(struct vki_statx) );
> }
> }
>
> ---
> base-commit: 61e44a4aef8775b925a7a91f403ebd7f4f6670a4
> change-id: 20240824-statx-null-path-8eec6e0da3bc
>
> Best regards,
|
|
From: Mark W. <ma...@so...> - 2024-08-30 11:53:27
|
https://sourceware.org/git/gitweb.cgi?p=valgrind.git;h=de408f75bf28d76a0016325b75f14be45631472a commit de408f75bf28d76a0016325b75f14be45631472a Author: Miao Wang <sha...@gm...> Date: Mon Aug 26 22:08:43 2024 +0800 sys_statx: support for statx(fd, NULL, AT_EMPTY_PATH) statx(fd, NULL, AT_EMPTY_PATH) is supported since Linux 6.11 and this patch adds the support to valgrind, so that it won't complain when NULL is used as |filename| and |flags| includes AT_EMPTY_PATH. Ref: commit 0ef625bba6fb ("vfs: support statx(..., NULL, AT_EMPTY_PATH, ...)") Signed-off-by: Miao Wang <sha...@gm...> Diff: --- coregrind/m_syswrap/syswrap-linux.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/coregrind/m_syswrap/syswrap-linux.c b/coregrind/m_syswrap/syswrap-linux.c index 9f3c51c179..4533855998 100644 --- a/coregrind/m_syswrap/syswrap-linux.c +++ b/coregrind/m_syswrap/syswrap-linux.c @@ -4209,8 +4209,12 @@ PRE(sys_statx) // in which it passes NULL for both filename and buf, and then looks at the // return value, so as to determine whether or not this syscall is supported. Bool both_filename_and_buf_are_null = ARG2 == 0 && ARG5 == 0; + Bool statx_null_path = (ARG2 == 0) && (ARG3 & VKI_AT_EMPTY_PATH); if (!both_filename_and_buf_are_null) { - PRE_MEM_RASCIIZ( "statx(filename)", ARG2 ); + // Since Linux 6.11, the kernel allows passing a NULL filename when + // the AT_EMPTY_PATH flag is set. + if (!statx_null_path) + PRE_MEM_RASCIIZ( "statx(filename)", ARG2 ); PRE_MEM_WRITE( "statx(buf)", ARG5, sizeof(struct vki_statx) ); } } |
|
From: Philippe W. <phi...@sk...> - 2024-08-28 21:19:10
|
On Mon, 2024-08-26 at 16:29 +0200, Mark Wielaard wrote: > Hi, > > On Mon, 2024-08-19 at 21:43 +0200, D. J. Bernstein wrote: > > There have been many successful "timing attacks" that break > > cryptographic software by working backwards from timings to secrets. One > > common use of valgrind's memcheck tool in cryptography is to catch data > > flow from secrets (marked with VALGRIND_MAKE_MEM_UNDEFINED) to branch > > instructions and array indices. Some references: > > > > https://neuromancer.sk/article/26 > > https://www.usenix.org/system/files/sec24fall-prepub-760-fourne.pdf > > https://bench.cr.yp.to/tips.html#timecop > > That is a clever trick. Some of the references mention it needs a > patched valgrind to introduce poison/unposion functions. But this looks > like just convenience. As you say, you could just directly introduce > VALGRIND_MAKE_MEM_UNDEFINED markers in the code. Are these patches > still needed/used? > > > However, there are other variable-time instructions. Our new paper > > "KyberSlash: Exploiting secret-dependent division timings in Kyber > > implementations" includes demonstrations of secret-key recovery from the > > reference software for the Kyber cryptosystem in two different > > environments, exploiting the fact that compilers sometimes use > > variable-time division instructions for divisions in that software: > > > > https://kyberslash.cr.yp.to/papers.html > > > > The paper describes a patch to valgrind to optionally catch division > > instructions on undefined data. The point of this message is to propose > > this patch for inclusion in valgrind. The patch is attached. > > > > The patch was written by Tee Kiah Chia. A few API tweaks and tests in > > valgrind's test framework were added by D. J. Bernstein. The patch > > applies cleanly to valgrind's current git repository. As per > > valgrind/README, we have licensed the patch as follows: > > > > SPDX-License-Identifer: GPL-2.0-or-later > > Thanks. The patch is easy to follow. And looks generic enough to > extend. Just have to think about how general usable this is. But your > references show people have been using valgrind memcheck for > timing/conditional jumps detection for a long time (I must admit, I > wasn't aware). > > > The patch is designed to be off by default. The user can start scanning > > for divisions using --variable-latency-errors=yes on the command line, > > VALGRIND_CLO_CHANGE("--variable-latency-errors=yes") from the program > > under test, or, easiest to use, a new environment variable > > VALGRIND_BESTEFFORT_VARIABLE_LATENCY_ERRORS=yes. > > The environment variable trick is nice. I wonder if we can generalize > that. IMO, the above is redundant with (and more specialised than) the existing VALGRIND_OPTS environment variable. In other words, the above can be achieved with: export VALGRIND_OPTS="--variable-latency-errors=yes --bidule=machin --truc=basar" (also remember we can prefix a -- option with the tool. Tools ignore then the non matching options). E.g. --memcheck:leak-check=full will be ignored by callgrind (on the command line and/or in VALGRIND_OPTS). > > > Internally, the patch is designed to allow easy future extensions to > > catch timing variations in instructions other than divisions. The patch > > catches square roots as an example. A natural long-term goal is to > > synchronize the allowed instructions with lists from CPU designers: > > > > https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/resources/data-operand-independent-timing-instructions.html > > https://developer.arm.com/documentation/ddi0595/2021-06/AArch64-Registers/DIT--Data-Independent-Timing > > > > This would also naturally resolve inconsistency #8 (vector shifts) > > documented in memcheck/mc_translate.c. Full synchronization will, > > however, be a large project. Division is an immediate problem for many > > cryptographic implementations (as shown by the scans reported in > > the KyberSlash paper), so there is immediate value in a patch that looks > > for divisions. > > Urgh. Looks like there is a huge list of instructions that might have > timing issues depending on their input. > > One issue I can see is that the current implementation works on the > Valgrind VEX IR, so after translation from the native architecture > instructions. I can imagine that translation from different > architectures into VEX might result in similar Iops, which might have > different timing characteristics. So maybe we need some way to encode > that IR expressions. Although I don't immediately know how to do that > efficiently. I guess that be able to give timing characteristics/cycle estimations per instruction in a generalised way could be useful for callgrind/cachegrind. > > Cheers, > > Mark > > > _______________________________________________ > Valgrind-developers mailing list > Val...@li... > https://lists.sourceforge.net/lists/listinfo/valgrind-developers |
|
From: D. J. B. <dj...@cr...> - 2024-08-27 19:22:38
|
Paul Floyd via Valgrind-developers writes: > Using VALGRIND_OPTS is clunky but I think that we should stick to that. To explain why the new environment variable is easier to use: It's a "best-effort" variable that's simply ignored by older versions of valgrind. The data-collection script that uses the variable doesn't have to worry that it will fail under older versions. Without the variable, I think the easiest path for the script would be to parse the output of valgrind --help-dyn-options to see whether the option is listed, and to then set the option or not accordingly; sure, can be done, but it's more of a hassle. There's already one option-setting mechanism that's best-effort (with a minor difference in verbosity), namely VALGRIND_CLO_CHANGE, but that's called by the binary rather than by the script calling valgrind. John Reiser writes: > How much more effective is the dynamic technique than such a > static analysis? https://www.usenix.org/system/files/usenixsecurity24-fourne.pdf is a usability study of tools to look for timing variations; a valgrind-based tool ranks best---and that's without covering the CI situation, where the differences in tool usability become even more obvious. Of course, valgrind tests only the code paths that it runs, whereas static analysis can give full-program guarantees. For more on the advantages of each approach: https://kyberslash.cr.yp.to/kyberslash-20240628.pdf#section.7 ---D. J. Bernstein (speaking for myself) |
|
From: Paul F. <pa...@so...> - 2024-08-27 05:41:28
|
https://sourceware.org/git/gitweb.cgi?p=valgrind.git;h=3cc6a9c76e3945f6cf3259ec564ec74d3b40dafd commit 3cc6a9c76e3945f6cf3259ec564ec74d3b40dafd Author: Paul Floyd <pj...@wa...> Date: Tue Aug 27 07:39:48 2024 +0200 Linux: updates to stat scructs I added these as part of the work on bug 317127. Diff: --- include/vki/vki-amd64-linux.h | 23 ++++++++++++++++++++++- include/vki/vki-linux.h | 7 ++++++- 2 files changed, 28 insertions(+), 2 deletions(-) diff --git a/include/vki/vki-amd64-linux.h b/include/vki/vki-amd64-linux.h index e5b7ec6cd1..12cd65ac7c 100644 --- a/include/vki/vki-amd64-linux.h +++ b/include/vki/vki-amd64-linux.h @@ -375,7 +375,28 @@ struct vki_statfs { __vki_kernel_fsid_t f_fsid; long f_namelen; long f_frsize; - long f_spare[5]; + long f_flags; + long f_spare[4]; +}; + +//---------------------------------------------------------------------- +// From bits/statfs.h +//---------------------------------------------------------------------- + +struct vki_statfs64 +{ + long f_type; + long f_bsize; + unsigned long f_blocks; + unsigned long f_bfree; + unsigned long f_bavail; + unsigned long f_files; + unsigned long f_ffree; + __vki_kernel_fsid_t f_fsid; + long f_namelen; + long f_frsize; + long f_flags; + long f_spare[4]; }; //---------------------------------------------------------------------- diff --git a/include/vki/vki-linux.h b/include/vki/vki-linux.h index ccdb808af7..708a12b64d 100644 --- a/include/vki/vki-linux.h +++ b/include/vki/vki-linux.h @@ -1472,7 +1472,12 @@ struct vki_statx { __vki_u32 stx_dev_major; /* ID of device containing file [uncond] */ __vki_u32 stx_dev_minor; /* 0x90 */ - __vki_u64 __spare2[14]; /* Spare space for future expansion */ + __vki_u64 stx_mnt_id; + __vki_u32 stx_dio_mem_align; /* Memory buffer alignment for direct I/O */ + __vki_u32 stx_dio_offset_align; /* File offset alignment for direct I/O */ + /* 0xa0 */ + + __vki_u64 __spare2[12]; /* Spare space for future expansion */ /* 0x100 */ }; |
|
From: John R. <jr...@bi...> - 2024-08-27 03:02:19
|
On 8/19/24 12:43, D. J. Bernstein wrote: > There have been many successful "timing attacks" that break > cryptographic software by working backwards from timings to secrets. One > common use of valgrind's memcheck tool in cryptography is to catch data > flow from secrets (marked with VALGRIND_MAKE_MEM_UNDEFINED) to branch > instructions and array indices. This appears to be dynamic tracking (during an actual execution) of dataflow between designated classes of endpoints (some in RAM and some in CPU.) Modern static analyzers that employ theorem-proving techniques have become quite good at identifying bugs that involve dataflow, even simultaneously across all possible dataflows (not just the flows of one actual execution), up to a dozen or more steps. How much more effective is the dynamic technique than such a static analysis? |
|
From: D. J. B. <aut...@bo...> - 2024-08-26 21:01:10
|
Mark Wielaard writes: > That is a clever trick. Some of the references mention it needs a > patched valgrind to introduce poison/unposion functions. But this looks > like just convenience. As you say, you could just directly introduce > VALGRIND_MAKE_MEM_UNDEFINED markers in the code. Are these patches > still needed/used? I presume that https://github.com/agl/ctgrind/blob/master/valgrind.patch was just the result of most people back then (2010) not being aware of VALGRIND_MAKE_MEM_UNDEFINED (2006). Definitely no need for that patch. The division story is different, obviously. > The environment variable trick is nice. I wonder if we can generalize > that. Could sweep through environ and turn each VALGRIND_BESTEFFORT_X_Y=v into mc_process_cmd_line_options("--x-y=v"). A quick CLO skim suggests that False results are generally safe to ignore, but maybe there are (or will be!) exceptions to that; clearly the code was written with the mindset that False will exit (often with an error message). Safer would be to restrict to CLOM, as in VALGRIND_CLO_CHANGE. Not many lines of code in any case. > Urgh. Looks like there is a huge list of instructions that might have > timing issues depending on their input. Yup, handling all that is a big project, but at least there's a clear target in the end. I agree that someone tackling this will probably run into occasions when an Intel instruction and an ARM instruction differ in whether they're guaranteed to be constant-time but still turn into the same Iop, so I'd expect a patch to introduce a new Iop for each such case, which doesn't look too painful as long as it isn't too frequent. Most timing variations are predictable from the basics of how CPUs are built; CPU differences come from, e.g., one CPU manufacturer deciding to invest very little hardware area in a multiplier, at which point there's a noticeable speedup from having the multiplier exit early on small inputs, while another CPU manufacturer builds a faster multiplier that doesn't benefit from timing variations. ---D. J. Bernstein (speaking for myself) |
|
From: Paul F. <pj...@wa...> - 2024-08-26 19:27:43
|
On 26-08-24 14:29, Mark Wielaard wrote:
> Hi,
I also agree that this sounds very interesting. I quickly skimmed over
the paper. I haven't had time to look at the code yet.
Do you have any feeling as to how many people would make use of this?
>> The patch is designed to be off by default. The user can start scanning
>> for divisions using --variable-latency-errors=yes on the command line,
>> VALGRIND_CLO_CHANGE("--variable-latency-errors=yes") from the program
>> under test, or, easiest to use, a new environment variable
>> VALGRIND_BESTEFFORT_VARIABLE_LATENCY_ERRORS=yes.
>
> The environment variable trick is nice. I wonder if we can generalize
> that.
I'm not keen on more environment variables. We already have 3 mechanisms
for passing options (command line, .valgrindrc and VALGRIND_OPTS).
There's plenty to confuse users already (which options are command line
only, what is the precedence between .valgrindrs and VALGRIND_OPTS). It
would just confuse matters to have more environment variables.
Using VALGRIND_OPTS is clunky but I think that we should stick to that.
Looking at the competition, Address Sanitizer just uses ASAN_OPTIONS.
A+
Paul
|
|
From: Mark W. <ma...@kl...> - 2024-08-26 14:29:24
|
Hi, On Mon, 2024-08-19 at 21:43 +0200, D. J. Bernstein wrote: > There have been many successful "timing attacks" that break > cryptographic software by working backwards from timings to secrets. One > common use of valgrind's memcheck tool in cryptography is to catch data > flow from secrets (marked with VALGRIND_MAKE_MEM_UNDEFINED) to branch > instructions and array indices. Some references: > > https://neuromancer.sk/article/26 > https://www.usenix.org/system/files/sec24fall-prepub-760-fourne.pdf > https://bench.cr.yp.to/tips.html#timecop That is a clever trick. Some of the references mention it needs a patched valgrind to introduce poison/unposion functions. But this looks like just convenience. As you say, you could just directly introduce VALGRIND_MAKE_MEM_UNDEFINED markers in the code. Are these patches still needed/used? > However, there are other variable-time instructions. Our new paper > "KyberSlash: Exploiting secret-dependent division timings in Kyber > implementations" includes demonstrations of secret-key recovery from the > reference software for the Kyber cryptosystem in two different > environments, exploiting the fact that compilers sometimes use > variable-time division instructions for divisions in that software: > > https://kyberslash.cr.yp.to/papers.html > > The paper describes a patch to valgrind to optionally catch division > instructions on undefined data. The point of this message is to propose > this patch for inclusion in valgrind. The patch is attached. > > The patch was written by Tee Kiah Chia. A few API tweaks and tests in > valgrind's test framework were added by D. J. Bernstein. The patch > applies cleanly to valgrind's current git repository. As per > valgrind/README, we have licensed the patch as follows: > > SPDX-License-Identifer: GPL-2.0-or-later Thanks. The patch is easy to follow. And looks generic enough to extend. Just have to think about how general usable this is. But your references show people have been using valgrind memcheck for timing/conditional jumps detection for a long time (I must admit, I wasn't aware). > The patch is designed to be off by default. The user can start scanning > for divisions using --variable-latency-errors=yes on the command line, > VALGRIND_CLO_CHANGE("--variable-latency-errors=yes") from the program > under test, or, easiest to use, a new environment variable > VALGRIND_BESTEFFORT_VARIABLE_LATENCY_ERRORS=yes. The environment variable trick is nice. I wonder if we can generalize that. > Internally, the patch is designed to allow easy future extensions to > catch timing variations in instructions other than divisions. The patch > catches square roots as an example. A natural long-term goal is to > synchronize the allowed instructions with lists from CPU designers: > > https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/resources/data-operand-independent-timing-instructions.html > https://developer.arm.com/documentation/ddi0595/2021-06/AArch64-Registers/DIT--Data-Independent-Timing > > This would also naturally resolve inconsistency #8 (vector shifts) > documented in memcheck/mc_translate.c. Full synchronization will, > however, be a large project. Division is an immediate problem for many > cryptographic implementations (as shown by the scans reported in > the KyberSlash paper), so there is immediate value in a patch that looks > for divisions. Urgh. Looks like there is a huge list of instructions that might have timing issues depending on their input. One issue I can see is that the current implementation works on the Valgrind VEX IR, so after translation from the native architecture instructions. I can imagine that translation from different architectures into VEX might result in similar Iops, which might have different timing characteristics. So maybe we need some way to encode that IR expressions. Although I don't immediately know how to do that efficiently. Cheers, Mark |
|
From: Miao W. v. B4 R. <dev...@ke...> - 2024-08-23 19:07:38
|
From: Miao Wang <sha...@gm...>
statx(fd, NULL, AT_EMPTY_PATH) is supported since Linux 6.11 and this
patch addes the support to valgrind, so that it won't complain when
NULL is used as |filename| and |flags| includes AT_EMPTY_PATH.
Ref: commit 0ef625bba6fb ("vfs: support statx(..., NULL, AT_EMPTY_PATH, ...)")
Signed-off-by: Miao Wang <sha...@gm...>
---
coregrind/m_syswrap/syswrap-linux.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/coregrind/m_syswrap/syswrap-linux.c b/coregrind/m_syswrap/syswrap-linux.c
index 9f3c51c17..453385599 100644
--- a/coregrind/m_syswrap/syswrap-linux.c
+++ b/coregrind/m_syswrap/syswrap-linux.c
@@ -4209,8 +4209,12 @@ PRE(sys_statx)
// in which it passes NULL for both filename and buf, and then looks at the
// return value, so as to determine whether or not this syscall is supported.
Bool both_filename_and_buf_are_null = ARG2 == 0 && ARG5 == 0;
+ Bool statx_null_path = (ARG2 == 0) && (ARG3 & VKI_AT_EMPTY_PATH);
if (!both_filename_and_buf_are_null) {
- PRE_MEM_RASCIIZ( "statx(filename)", ARG2 );
+ // Since Linux 6.11, the kernel allows passing a NULL filename when
+ // the AT_EMPTY_PATH flag is set.
+ if (!statx_null_path)
+ PRE_MEM_RASCIIZ( "statx(filename)", ARG2 );
PRE_MEM_WRITE( "statx(buf)", ARG5, sizeof(struct vki_statx) );
}
}
---
base-commit: 61e44a4aef8775b925a7a91f403ebd7f4f6670a4
change-id: 20240824-statx-null-path-8eec6e0da3bc
Best regards,
--
Miao Wang <sha...@gm...>
|
|
From: Frank C. E. <fc...@re...> - 2024-08-22 15:22:00
|
Hi - > Thanks, I think the patch is OK to land now. Thanks a lot! Pushed to master. BTW, I tried to push a gpg-signed git commit, but the githooks erroneously rejected that with. I think there's a git-show option that it should be using to suppress signature messages when checking the commit text. remote: *** Invalid revision history for commit 91115a0195e440d0f4b10c30d223827b05ea99d9: remote: *** The first line should be the subject of the commit, remote: *** followed by an empty line. remote: *** remote: *** Below are the first few lines of the revision history: remote: *** | gpg: Signature made Thu Aug 22 15:19:12 2024 GMT remote: *** | gpg: using RSA key 4DD136490411C0A42B28844F258B6EFA0F209D24 remote: *** | gpg: Good signature from "Frank Ch. Eigler <fc...@el...>" [unknown] remote: *** | gpg: WARNING: This key is not certified with a trusted signature! remote: *** | gpg: There is no indication that the signature belongs to the owner. remote: *** remote: *** Please amend the commit's revision history and try again. remote: error: hook declined to update refs/heads/master To ssh://sourceware.org/git/valgrind.git - FChE |
|
From: Frank C. E. <fc...@so...> - 2024-08-22 15:20:26
|
https://sourceware.org/git/gitweb.cgi?p=valgrind.git;h=61e44a4aef8775b925a7a91f403ebd7f4f6670a4 commit 61e44a4aef8775b925a7a91f403ebd7f4f6670a4 (HEAD -> master) Author: Frank Ch. Eigler <fc...@re...> Date: Fri Jul 19 11:55:03 2024 -0400 valgrind testing: extend vg_regtest to emit automake-style .trs/.log files Extend vg_regtest to produce automake-style log files for each vgtest case, so that developers and testsuite archiving/analysis tools such as bunsen can examine passing as well as non-passing test outputs in detail. The build-tree test-suite-overall.log file holds all the key information about tests, especially failures. Signed-Off-By: Frank Ch. Eigler <fc...@re...> Diff: --- .gitignore | 5 ++ Makefile.am | 4 + README_DEVELOPERS | 6 ++ tests/vg_regtest.in | 221 ++++++++++++++++++++++++++++++++++++++-------------- 4 files changed, 178 insertions(+), 58 deletions(-) diff --git a/.gitignore b/.gitignore index 921d868cfb..32d32212af 100644 --- a/.gitignore +++ b/.gitignore @@ -2446,3 +2446,8 @@ # /VEX/switchback/ /VEX/switchback/switchback + +*.vgtest*.trs +*.vgtest*.log +/test-suite-overall.log +test-suite.log diff --git a/Makefile.am b/Makefile.am index 7749442e9f..b3e5be5f46 100644 --- a/Makefile.am +++ b/Makefile.am @@ -137,6 +137,10 @@ all-local: default.supp include/vgversion.h clean-local: rm -rf $(inplacedir) include/vgversion.h + find . -name '*.vgtest.log' -print0 | xargs -r -0 rm + find . -name '*.vgtest.trs' -print0 | xargs -r -0 rm + find . -name test-suite.log -print0 | xargs -r -0 rm + rm -f test-suite-overall.log # Need config.h in the installed tree, since some files depend on it pkginclude_HEADERS = config.h diff --git a/README_DEVELOPERS b/README_DEVELOPERS index 449ad6581b..37cffa2fb7 100644 --- a/README_DEVELOPERS +++ b/README_DEVELOPERS @@ -63,6 +63,12 @@ file. Eg: perl tests/vg_regtest memcheck/tests/badfree.vgtest perl tests/vg_regtest memcheck/tests/badfree +The details of each vgtest run are logged to individual "vgtest.log" +files. These are listed, and non-passing tests detailed, in the +test-suite-overall.log file. (Token *.trs and test-suite.log files +are also created, for emulating automake-style testsuites, as expected +by tools such as bunsen.) + Running the performance tests ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/tests/vg_regtest.in b/tests/vg_regtest.in index 579e6afcf7..aeef874f34 100755 --- a/tests/vg_regtest.in +++ b/tests/vg_regtest.in @@ -54,7 +54,7 @@ # $PREFIX/bin/vg_regtest --all # # You can specify individual files to test, or whole directories, or both. -# Directories are traversed recursively, except for ones named, for example, +# Directories are traversed recursively, except for ones named, for example, # CVS/ or docs/. # # Each test is defined in a file <test>.vgtest, containing one or more of the @@ -120,9 +120,9 @@ # the expected stdout which is kept in <test>.post.exp*. # # Sometimes it is useful to run all the tests at a high sanity check -# level or with arbitrary other flags. To make this simple, extra +# level or with arbitrary other flags. To make this simple, extra # options, applied to all tests run, are read from $EXTRA_REGTEST_OPTS, -# and handed to valgrind prior to any other flags specified by the +# and handed to valgrind prior to any other flags specified by the # .vgtest file. # # Some more notes on adding regression tests for a new tool are in @@ -132,6 +132,7 @@ use warnings; use strict; + #---------------------------------------------------------------------------- # Global vars #---------------------------------------------------------------------------- @@ -154,9 +155,9 @@ my $stderr_filter; # filter program to run stderr results file through my $stdout_filter_args; # arguments passed to stdout_filter my $stderr_filter_args; # arguments passed to stderr_filter my $progB; # Same but for progB -my $argsB; # -my $stdoutB_filter; # -my $stderrB_filter; # +my $argsB; # +my $stdoutB_filter; # +my $stderrB_filter; # my $stdoutB_filter_args;# arguments passed to stdout_filterB my $stderrB_filter_args;# arguments passed to stderr_filterB my $stdinB; # Input file for progB @@ -169,9 +170,10 @@ my @envB = (); # environment variable to set prior calling $progB my @failures; # List of failed tests my $num_tests_done = 0; -my %num_failures = (stderr => 0, stdout => 0, +my %num_failures = (stderr => 0, stdout => 0, stderrB => 0, stdoutB => 0, post => 0); +my %num_results = (); # Default valgrind to use is this build tree's (uninstalled) one my $valgrind = "./coregrind/valgrind"; @@ -191,6 +193,11 @@ my $looptillfail = 0; # default filter is the one named "filter_stderr" in the test's directory my $default_stderr_filter = "filter_stderr"; +# open overall testsuite log that will contain records of all +# subdirectory tests; it's not in automake format, but then again +# nor are the per-subdirectory ones used as presence-flags for bunseno +open(TSLOG, '>', 'test-suite-overall.log') or die $!; + #---------------------------------------------------------------------------- # Process command line, setup @@ -204,7 +211,7 @@ my $default_stderr_filter = "filter_stderr"; # subsequent trouble when we change directories. # # Also checks the program exists and is executable. -sub validate_program ($$$$) +sub validate_program ($$$$) { my ($dir, $prog, $must_exist, $must_be_executable) = @_; @@ -215,18 +222,18 @@ sub validate_program ($$$$) if ($must_exist) { (-f $prog) or die "vg_regtest: `$prog' not found or not a file ($dir)\n"; } - if ($must_be_executable) { + if ($must_be_executable) { (-x $prog) or die "vg_regtest: `$prog' not executable ($dir)\n"; } return $prog; } -sub process_command_line() +sub process_command_line() { my $alldirs = 0; my @fs; - + for my $arg (@ARGV) { if ($arg =~ /^-/) { if ($arg =~ /^--all$/) { @@ -253,18 +260,18 @@ sub process_command_line() } } $valgrind = validate_program($tests_dir, $valgrind, 1, 0); - + if (defined $outer_valgrind) { $outer_valgrind = validate_program($tests_dir, $outer_valgrind, 1, 1); if ((not defined $outer_args) || ($outer_args =~ /^\+/)) { - $run_outer_args = + $run_outer_args = " --command-line-only=yes" . " --sim-hints=enable-outer" . " --run-libc-freeres=no --run-cxx-freeres=no" . " --smc-check=all-non-file" . " --vgdb=no --trace-children=yes --read-var-info=no" . " --read-inline-info=yes" - . " --suppressions=" + . " --suppressions=" . validate_program($tests_dir,"./tests/outer_inner.supp",1,0) . " --memcheck:leak-check=full --memcheck:show-reachable=no" . " --num-callers=40" @@ -311,7 +318,7 @@ sub read_vgtest_file($) # Every test directory must have a "filter_stderr" $stderr_filter = validate_program(".", $default_stderr_filter, 1, 1); $stderrB_filter = validate_program(".", $default_stderr_filter, 1, 1); - + open(INPUTFILE, "< $f") || die "File $f not openable\n"; @@ -376,19 +383,22 @@ sub read_vgtest_file($) #---------------------------------------------------------------------------- # Since most of the program time is spent in system() calls, need this to # propagate a Ctrl-C enabling us to quit. -sub mysystem($) +sub mysystem($@) { - my $exit_code = system($_[0]); + my $tslog = shift(@_); + print $tslog scalar localtime, " executing @_\n"; + my $exit_code = system(@_); + print $tslog scalar localtime, " rc $exit_code\n"; ($exit_code == 2) and exit 1; # 2 is SIGINT return $exit_code; } # if $keepunfiltered, copies $1 to $1.unfiltered.out # renames $0 tp $1 -sub filtered_rename($$) +sub filtered_rename($$$) { if ($keepunfiltered == 1) { - mysystem("cp $_[1] $_[1].unfiltered.out"); + mysystem($_[2], "cp $_[1] $_[1].unfiltered.out"); } rename ($_[0], $_[1]); } @@ -404,10 +414,11 @@ sub determine_tool() # Compare output against expected output; it should match at least one of # them. -sub do_diffs($$$$) +sub do_diffs($$$$$) { - my ($fullname, $name, $mid, $f_exps) = @_; - + my ($fullname, $name, $mid, $tslog, $f_exps) = @_; + if (! defined $tslog) {$tslog = *TSLOG;} + for my $f_exp (@$f_exps) { (-r $f_exp) or die "Could not read `$f_exp'\n"; @@ -424,7 +435,10 @@ sub do_diffs($$$$) ($f_exp eq "/dev/null") or die "Unexpected .exp file: $f_exp\n"; } - mysystem("@DIFF@ $f_exp $name.$mid.out > $name.$mid.diff$n"); + mysystem($tslog, "@DIFF@ $f_exp $name.$mid.out > $name.$mid.diff$n"); + open (F,"<","$name.$mid.diff$n"); + while (<F>) { print $tslog $_; } + close (F); if (not -s "$name.$mid.diff$n") { # A match; remove .out and any previously created .diff files. @@ -442,14 +456,15 @@ sub do_diffs($$$$) print "Failure encountered, stopping to loop\n"; exit 1 } + return "FAIL"; } -sub do_one_test($$) +sub do_one_test($$) { my ($dir, $vgtest) = @_; $vgtest =~ /^(.*)\.vgtest/; my $name = $1; - my $fullname = "$dir/$name"; + my $fullname = "$dir/$name"; # Pull any extra options (for example, --sanity-level=4) # from $EXTRA_REGTEST_OPTS. @@ -457,16 +472,23 @@ sub do_one_test($$) my $extraopts = $maybe_extraopts ? $maybe_extraopts : ""; read_vgtest_file($vgtest); + print TSLOG scalar localtime, " processing $dir/$vgtest\n"; + + my $rc = "PASS"; + # $vgtest.trs is opened by caller, so as to absorb $rc reliably, even from early returns + open(VGTESTLOG,">","$vgtest.log") or die $!; if (defined $prereq) { - my $prereq_res = system("/bin/sh", "-c", $prereq); + my $prereq_res = mysystem(*VGTESTLOG, "/bin/sh", "-c", $prereq); if (0 == $prereq_res) { # Do nothing (ie. continue with the test) } elsif (256 == $prereq_res) { # Nb: weird Perl-ism -- exit code of '1' is seen by Perl as 256... # Prereq failed, skip. printf("%-16s (skipping, prereq failed: $prereq)\n", "$name:"); - return; + print VGTESTLOG scalar localtime, " skipping, prereq failed\n"; + close(VGTESTLOG); + return "SKIP"; } else { # Bad prereq; abort. $prereq_res /= 256; @@ -488,12 +510,12 @@ sub do_one_test($$) # Note: redirection of stdout and stderr is before $progB to allow argsB # to e.g. redirect stdoutB to stderrB if (defined $stdinB) { - mysystem("(rm -f progB.done;" + mysystem(*VGTESTLOG, "(rm -f progB.done;" . " < $stdinB > $name.stdoutB.out 2> $name.stderrB.out" . " $envBvars $progB $argsB;" . "touch progB.done) &"); } else { - mysystem("(rm -f progB.done;" + mysystem(*VGTESTLOG, "(rm -f progB.done;" . " > $name.stdoutB.out 2> $name.stderrB.out" . "$envBvars $progB $argsB;" . "touch progB.done) &"); @@ -513,7 +535,8 @@ sub do_one_test($$) my $tool=determine_tool(); if (defined $outer_valgrind ) { # in an outer-inner setup, only set VALGRIND_LIB_INNER - mysystem( "$envvars VALGRIND_LIB_INNER=$valgrind_lib " + mysystem(*VGTESTLOG, + "$envvars VALGRIND_LIB_INNER=$valgrind_lib " . "$outer_valgrind " . "--tool=" . $outer_tool . " " . "--log-file=" . "$name.outer.log " @@ -525,31 +548,46 @@ sub do_one_test($$) } else { # Set both VALGRIND_LIB and VALGRIND_LIB_INNER in case this Valgrind # was configured with --enable-inner. - mysystem( "$envvars VALGRIND_LIB=$valgrind_lib VALGRIND_LIB_INNER=$valgrind_lib " + mysystem(*VGTESTLOG, + "$envvars VALGRIND_LIB=$valgrind_lib VALGRIND_LIB_INNER=$valgrind_lib " . "$valgrind --command-line-only=yes --memcheck:leak-check=no " . "--tool=$tool $extraopts $vgopts " . "$prog $args > $name.stdout.out 2> $name.stderr.out"); } + # Transcribe stdout, stderr + print VGTESTLOG scalar localtime, " stdout:\n"; + open (F,"<","$name.stdout.out"); + while (<F>) { print VGTESTLOG $_; } + close (F); + print VGTESTLOG scalar localtime, " stderr:\n"; + open (F,"<","$name.stderr.out"); + while (<F>) { print VGTESTLOG $_; } + close (F); + # Filter stdout if (defined $stdout_filter) { $stdout_filter_args = $name if (! defined $stdout_filter_args); - mysystem("$stdout_filter $stdout_filter_args < $name.stdout.out > $tmp"); - filtered_rename($tmp, "$name.stdout.out"); + mysystem(*VGTESTLOG, + "$stdout_filter $stdout_filter_args < $name.stdout.out > $tmp"); + filtered_rename($tmp, "$name.stdout.out", *VGTESTLOG); } # Find all the .stdout.exp files. If none, use /dev/null. my @stdout_exps = <$name.stdout.exp*>; @stdout_exps = ( "/dev/null" ) if (0 == scalar @stdout_exps); - do_diffs($fullname, $name, "stdout", \@stdout_exps); + my $diffrc = do_diffs($fullname, $name, "stdout", *VGTESTLOG, \@stdout_exps); + if (defined $diffrc) { $rc = $diffrc; } # Filter stderr $stderr_filter_args = $name if (! defined $stderr_filter_args); - mysystem("$stderr_filter $stderr_filter_args < $name.stderr.out > $tmp"); - filtered_rename($tmp, "$name.stderr.out"); + mysystem(*VGTESTLOG, + "$stderr_filter $stderr_filter_args < $name.stderr.out > $tmp"); + filtered_rename($tmp, "$name.stderr.out", *VGTESTLOG); # Find all the .stderr.exp files. At least one must exist. my @stderr_exps = <$name.stderr.exp*>; (0 != scalar @stderr_exps) or die "Could not find `$name.stderr.exp*'\n"; - do_diffs($fullname, $name, "stderr", \@stderr_exps); + $diffrc = do_diffs($fullname, $name, "stderr", *VGTESTLOG, \@stderr_exps); + if (defined $diffrc) { $rc = $diffrc; } if (defined $progB) { # wait for the child to be finished @@ -564,46 +602,70 @@ sub do_one_test($$) for ($count = 1; $count <= 100; $count++) { (-f "progB.done") or select(undef, undef, undef, 0.100); } + + # Transcribe stdout, stderr + print VGTESTLOG scalar localtime, " stdoutB:\n"; + open (F,"<","$name.stdoutB.out"); + while (<F>) { print VGTESTLOG $_; } + close (F); + print VGTESTLOG scalar localtime, " stderrB:\n"; + open (F,"<","$name.stderrB.out"); + while (<F>) { print VGTESTLOG $_; } + close (F); + # Filter stdout if (defined $stdoutB_filter) { $stdoutB_filter_args = $name if (! defined $stdoutB_filter_args); - mysystem("$stdoutB_filter $stdoutB_filter_args < $name.stdoutB.out > $tmp"); - filtered_rename($tmp, "$name.stdoutB.out"); + mysystem(*VGTESTLOG, + "$stdoutB_filter $stdoutB_filter_args < $name.stdoutB.out > $tmp"); + filtered_rename($tmp, "$name.stdoutB.out", *VGTESTLOG); } # Find all the .stdoutB.exp files. If none, use /dev/null. my @stdoutB_exps = <$name.stdoutB.exp*>; @stdoutB_exps = ( "/dev/null" ) if (0 == scalar @stdoutB_exps); - do_diffs($fullname, $name, "stdoutB", \@stdoutB_exps); - + $diffrc = do_diffs($fullname, $name, "stdoutB", *VGTESTLOG, \@stdoutB_exps); + if (defined $diffrc) { $rc = $diffrc; } + # Filter stderr $stderrB_filter_args = $name if (! defined $stderrB_filter_args); - mysystem("$stderrB_filter $stderrB_filter_args < $name.stderrB.out > $tmp"); - filtered_rename($tmp, "$name.stderrB.out"); + mysystem(*VGTESTLOG, + "$stderrB_filter $stderrB_filter_args < $name.stderrB.out > $tmp"); + filtered_rename($tmp, "$name.stderrB.out", *VGTESTLOG); # Find all the .stderrB.exp files. At least one must exist. my @stderrB_exps = <$name.stderrB.exp*>; (0 != scalar @stderrB_exps) or die "Could not find `$name.stderrB.exp*'\n"; - do_diffs($fullname, $name, "stderrB", \@stderrB_exps); + $diffrc = do_diffs($fullname, $name, "stderrB", *VGTESTLOG, \@stderrB_exps); + if (defined $diffrc) { $rc = $diffrc; } } # Maybe do post-test check if (defined $post) { - if (mysystem("$post > $name.post.out") != 0) { + my $postrc = mysystem(*VGTESTLOG, "$post > $name.post.out"); + # Transcribe stdout + print VGTESTLOG scalar localtime, " post:\n"; + open (F,"<","$name.post.out"); + while (<F>) { print VGTESTLOG $_; } + close (F); + if ($postrc != 0) { print("post check failed: $post\n"); + $rc = "FAIL"; $num_failures{"post"}++; } else { # Find all the .post.exp files. If none, use /dev/null. my @post_exps = <$name.post.exp*>; @post_exps = ( "/dev/null" ) if (0 == scalar @post_exps); - do_diffs($fullname, $name, "post", \@post_exps); + do_diffs($fullname, $name, "post", *VGTESTLOG, \@post_exps); } } - + if (defined $cleanup) { - (system("$cleanup") == 0) or + (mysystem(*VGTESTLOG, "$cleanup") == 0) or print("(cleanup operation failed: $cleanup)\n"); } + close(VGTESTLOG); $num_tests_done++; + return $rc; } #---------------------------------------------------------------------------- @@ -611,7 +673,7 @@ sub do_one_test($$) #---------------------------------------------------------------------------- sub test_one_dir($$); # forward declaration -sub test_one_dir($$) +sub test_one_dir($$) { my ($dir, $prev_dirs) = @_; $dir =~ s/\/$//; # trim a trailing '/' @@ -619,9 +681,9 @@ sub test_one_dir($$) # Ignore dirs into which we should not recurse. if ($dir =~ /^(BitKeeper|CVS|SCCS|docs|doc)$/) { return; } - (-x "$tests_dir/tests/arch_test") or die + (-x "$tests_dir/tests/arch_test") or die "vg_regtest: 'arch_test' is missing. Did you forget to 'make check'?\n"; - + # Ignore any dir whose name matches that of an architecture which is not # the architecture we are running on. Eg. when running on x86, ignore # ppc/ directories ('arch_test' returns 1 for this case). Likewise for @@ -632,11 +694,12 @@ sub test_one_dir($$) if ($dir =~ /(\w+)-(\w+)/ && 256 == system("sh $tests_dir/tests/platform_test $1 $2")) { return; } if ($dir =~ "dSYM") { return; } - + chdir($dir) or die "Could not change into $dir\n"; # Nb: Don't prepend a '/' to the base directory my $full_dir = $prev_dirs . ($prev_dirs eq "" ? "" : "/") . $dir; + print TSLOG scalar localtime, " entering $full_dir\n"; my $dashes = "-" x (50 - length $full_dir); my @fs = glob "*"; @@ -650,7 +713,26 @@ sub test_one_dir($$) if (-d $f) { test_one_dir($f, $full_dir); } elsif ($f =~ /\.vgtest$/) { - do_one_test($full_dir, $f); + open(TSDIRLOG,">","test-suite.log") or die $!; # it's enough for the per-directory file to exist for bunsen + print TSDIRLOG "See *.log files for details on each test in this directory.\n"; + print TSDIRLOG "See $tests_dir/test-suite-overall.log\n"; + print TSDIRLOG " for overall results, including all non-PASS .log contents.\n"; + close(TSDIRLOG); + my $result = do_one_test($full_dir, $f); + print TSLOG scalar localtime, " result: $result $full_dir/$f.log\n"; + $num_results{$result} ++; + if ($result ne "PASS") { + # transcribe .log file into the overall log. + open(LOGFILE, "< $f.log") || die "Cannot open $f.log"; + while (<LOGFILE>) { print TSLOG "|\t$_"; } + close(LOGFILE); + } + open(VGTESTTRS,">","$f.trs") or die "$!"; + print VGTESTTRS ":test-result: $result\n"; + print VGTESTTRS ":global-test-result: $result\n"; + print VGTESTTRS ":recheck: no\n"; # ? + print VGTESTTRS ":copy-in-global-log: no\n"; # ? + close(VGTESTTRS); } } if ($found_tests) { @@ -661,6 +743,7 @@ sub test_one_dir($$) print "-- Finished tests in $full_dir $end_time $end_dashes\n"; } + print TSLOG scalar localtime, " leaving $full_dir\n"; chdir(".."); } @@ -672,13 +755,13 @@ sub plural($) return ( $_[0] == 1 ? "" : "s" ); } -sub summarise_results +sub summarise_results { my $x = ( $num_tests_done == 1 ? "test" : "tests" ); - + printf("\n== %d test%s, %d stderr failure%s, %d stdout failure%s, " . "%d stderrB failure%s, %d stdoutB failure%s, " - . "%d post failure%s ==\n", + . "%d post failure%s ==\n", $num_tests_done, plural($num_tests_done), $num_failures{"stderr"}, plural($num_failures{"stderr"}), $num_failures{"stdout"}, plural($num_failures{"stdout"}), @@ -690,6 +773,13 @@ sub summarise_results print "$failure\n"; } print "\n"; + + # automake style summarize in TSLOG also + print TSLOG "\n\nResults\n"; + while (my ($k,$v) = each %num_results) { + printf TSLOG "# %5s: %d\n", $k, $v; + } + printf TSLOG "# %5s: %d\n", "total", $num_tests_done; } #---------------------------------------------------------------------------- @@ -718,7 +808,7 @@ while (1) { # we will exit after one loop, unless looptillfail foreach my $f (@fs) { if (-d $f) { test_one_dir($f, ""); - } else { + } else { # Allow the .vgtest suffix to be given or omitted if ($f =~ /.vgtest$/ && -r $f) { # do nothing @@ -730,7 +820,22 @@ while (1) { # we will exit after one loop, unless looptillfail my $dir = `dirname $f`; chomp $dir; my $file = `basename $f`; chomp $file; chdir($dir) or die "Could not change into $dir\n"; - do_one_test($dir, $file); + + my $result = do_one_test($dir, $file); + print TSLOG scalar localtime, " result: $result $dir/$file.log\n"; + $num_results{$result} ++; + if ($result ne "PASS") { + # transcribe .log file into the overall log. + open(LOGFILE, "< $file.log") || die "Cannot open $file.log"; + while (<LOGFILE>) { print TSLOG "|\t$_"; } + close(LOGFILE); + } + open(VGTESTTRS,">","$dir/$file.trs") or die $!; + print VGTESTTRS ":test-result: $result\n"; + print VGTESTTRS ":global-test-result: $result\n"; + print VGTESTTRS ":recheck: no\n"; # ? + print VGTESTTRS ":copy-in-global-log: no\n"; # ? + close(VGTESTTRS); } chdir($tests_dir); } |
|
From: Mark W. <ma...@kl...> - 2024-08-22 15:05:55
|
Hi Frank, On Wed, 2024-08-21 at 18:43 -0400, Frank Ch. Eigler wrote: > > One last request. Could you add a little paragraph under "Running the > > regression tests" in README_DEVELOPERS about the test-suite*.log and > > *.vgtest.[trs|log] files? > > Done, it says: > > +The details of each vgtest run are logged to individual "vgtest.log" > +files. These are listed, and non-passing tests detailed, in the > +test-suite-overall.log file. (Token *.trs and test-suite.log files > +are also created, for emulating automake-style testsuites, as expected > +by tools such as bunsen.) > > Code in the users/fche/try-vgregtest branch updated. Thanks for the review! Thanks, I think the patch is OK to land now. Cheers, Mark |
|
From: Paul F. <pa...@so...> - 2024-08-22 05:55:13
|
https://sourceware.org/git/gitweb.cgi?p=valgrind.git;h=b87649504136fc3e72684b176651912ba1514c6d commit b87649504136fc3e72684b176651912ba1514c6d Author: Paul Floyd <pj...@wa...> Date: Tue Aug 20 21:44:00 2024 +0200 Bug 491394i - (vgModuleLocal_addDiCfSI): Assertion 'di->fsm.have_rx_map && di->fsm.rw_map_count' failed. Diff: --- .gitignore | 1 + NEWS | 2 ++ configure.ac | 21 +++++++++++++++++++++ coregrind/m_debuginfo/storage.c | 4 ++-- drd/tests/condvar2.cpp | 40 ++++++++++++++++++++++++++++++++++++++++ none/tests/Makefile.am | 15 +++++++++++++++ none/tests/bug491394.c | 6 ++++++ none/tests/bug491394.stderr.exp | 0 none/tests/bug491394.vgtest | 4 ++++ 9 files changed, 91 insertions(+), 2 deletions(-) diff --git a/.gitignore b/.gitignore index 08598edbff..921d868cfb 100644 --- a/.gitignore +++ b/.gitignore @@ -1531,6 +1531,7 @@ /none/tests/blockfault /none/tests/bug129866 /none/tests/bug234814 +/none/tests/bug491394 /none/tests/closeall /none/tests/coolo_sigaction /none/tests/coolo_strlen diff --git a/NEWS b/NEWS index b6bdd1613f..6818089fee 100644 --- a/NEWS +++ b/NEWS @@ -57,6 +57,8 @@ are not entered into bugzilla tend to get forgotten about or ignored. 489338 arm64: Instruction fcvtas should round 322.5 to 323, but result is 322. 489676 vgdb handle EINTR and EAGAIN more consistently 490651 Stop using -flto-partition=one +491394 (vgModuleLocal_addDiCfSI): Assertion 'di->fsm.have_rx_map && + di->fsm.rw_map_count' failed To see details of a given bug, visit https://bugs.kde.org/show_bug.cgi?id=XXXXXX diff --git a/configure.ac b/configure.ac index 911bccaa84..aa24b6382a 100755 --- a/configure.ac +++ b/configure.ac @@ -5205,6 +5205,27 @@ CFLAGS=$saved_CFLAGS LDFLAGS="$saved_LDFLAGS" AM_CONDITIONAL(BUILD_MPIWRAP_SEC, test x$ac_have_mpi2_sec = xyes) +#---------------------------------------------------------------------------- +# static libc check +#---------------------------------------------------------------------------- +AC_MSG_CHECKING([if static libc is available]) + +saved_LDFLAGS="$LDFLAGS" +LDFLAGS="-nostdlib -lc -static" +AC_LINK_IFELSE([AC_LANG_SOURCE([[ +int main(void) +{ +} +]])], [ +ac_have_static_libc=yes +AC_MSG_RESULT([yes]) +], [ +ac_have_static_libc=no +AC_MSG_RESULT([no]) +]) +LDFLAGS="$saved_LDFLAGS" +AM_CONDITIONAL(HAVE_STATIC_LIBC, test x$ac_have_static_libc = xyes) + #---------------------------------------------------------------------------- # Other library checks diff --git a/coregrind/m_debuginfo/storage.c b/coregrind/m_debuginfo/storage.c index 148de6f17e..ef6a400510 100644 --- a/coregrind/m_debuginfo/storage.c +++ b/coregrind/m_debuginfo/storage.c @@ -793,7 +793,7 @@ void ML_(addDiCfSI) ( struct _DebugInfo* di, "warning: DiCfSI %#lx .. %#lx is huge; length = %u (%s)\n", base, base + len - 1, len, di->soname); - vg_assert(di->fsm.have_rx_map && di->fsm.rw_map_count); + vg_assert(di->fsm.have_rx_map); /* Find mapping where at least one end of the CFSI falls into. */ map = ML_(find_rx_mapping)(di, base, base); map2 = ML_(find_rx_mapping)(di, base + len - 1, @@ -1298,7 +1298,7 @@ void ML_(addVar)( struct _DebugInfo* di, seems a reasonable assumption to me. */ /* This is assured us by top level steering logic in debuginfo.c, and it is re-checked at the start of ML_(read_elf_object). */ - vg_assert(di->fsm.have_rx_map && di->fsm.rw_map_count); + vg_assert(di->fsm.have_rx_map); if (level > 0 && ML_(find_rx_mapping)(di, aMin, aMax) == NULL) { if (VG_(clo_verbosity) > 1) { VG_(message)(Vg_DebugMsg, diff --git a/drd/tests/condvar2.cpp b/drd/tests/condvar2.cpp new file mode 100644 index 0000000000..04fd7236cf --- /dev/null +++ b/drd/tests/condvar2.cpp @@ -0,0 +1,40 @@ +#include <iostream> +#include <atomic> +#include <condition_variable> +#include <thread> +#include <chrono> +using namespace std::chrono_literals; + +std::condition_variable cv; +std::mutex cv_m; +std::atomic<int> i{0}; + +void waits(int idx) +{ + std::unique_lock<std::mutex> lk(cv_m); + auto now = std::chrono::system_clock::now(); + if(cv.wait_until(lk, now + idx*100ms, [](){return i == 1;})) + std::cerr << "Thread " << idx << " finished waiting. i == " << i << '\n'; + else + std::cerr << "Thread " << idx << " timed out. i == " << i << '\n'; +} + +void signals() +{ + std::this_thread::sleep_for(120ms); + std::cerr << "Notifying...\n"; + cv.notify_all(); + std::this_thread::sleep_for(100ms); + i = 1; + std::cerr << "Notifying again...\n"; + cv.notify_all(); +} + +int main() +{ + std::thread t1(waits, 1), t2(waits, 2), t3(waits, 3), t4(signals); + t1.join(); + t2.join(); + t3.join(); + t4.join(); +} diff --git a/none/tests/Makefile.am b/none/tests/Makefile.am index 8c1bc014bc..924c409575 100644 --- a/none/tests/Makefile.am +++ b/none/tests/Makefile.am @@ -102,6 +102,7 @@ EXTRA_DIST = \ bitfield1.stderr.exp bitfield1.vgtest \ bug129866.vgtest bug129866.stderr.exp bug129866.stdout.exp \ bug234814.vgtest bug234814.stderr.exp bug234814.stdout.exp \ + bug491394.vgtest bug491394.stderr.exp \ closeall.stderr.exp closeall.vgtest \ cmdline0.stderr.exp cmdline0.stdout.exp cmdline0.vgtest \ cmdline1.stderr.exp cmdline1.stdout.exp cmdline1.vgtest \ @@ -310,6 +311,17 @@ check_PROGRAMS = \ socket_close \ file_dclose +if HAVE_STATIC_LIBC +if ! VGCONF_OS_IS_LINUX + check_PROGRAMS += bug491394 +endif +if VGCONF_OS_IS_LINUX +if VGCONF_ARCHS_INCLUDE_AMD64 + check_PROGRAMS += bug491394 +endif +endif +endif + if HAVE_CLOSE_RANGE check_PROGRAMS += double_close_range endif @@ -341,6 +353,9 @@ AM_CXXFLAGS += $(AM_FLAG_M3264_PRI) # Extra stuff for C tests ansi_CFLAGS = $(AM_CFLAGS) -ansi +bug491394_LDADD = -lc +bug491394_LDFLAGS = -nostdlib -static +bug491394_CFLAGS = ${AM_CFLAGS} -Os execve_CFLAGS = $(AM_CFLAGS) @FLAG_W_NO_NONNULL@ if VGCONF_OS_IS_SOLARIS fcntl_setown_LDADD = -lsocket -lnsl diff --git a/none/tests/bug491394.c b/none/tests/bug491394.c new file mode 100644 index 0000000000..34749ea231 --- /dev/null +++ b/none/tests/bug491394.c @@ -0,0 +1,6 @@ +#include <unistd.h> + +void _start(void) { + _exit(0); +} + diff --git a/none/tests/bug491394.stderr.exp b/none/tests/bug491394.stderr.exp new file mode 100644 index 0000000000..e69de29bb2 diff --git a/none/tests/bug491394.vgtest b/none/tests/bug491394.vgtest new file mode 100644 index 0000000000..213c702c94 --- /dev/null +++ b/none/tests/bug491394.vgtest @@ -0,0 +1,4 @@ +prereq: test -x ./bug491394 +prog: bug491394 +vgopts: -q + |
|
From: Frank C. E. <fc...@re...> - 2024-08-21 22:43:26
|
Hi - > > OK, trimmed off all line-ending whitespace throughout file. > > Thanks. Although I am not a fan of doing it for the whole file at the > same time as the rest of the patch (now it is slightly more difficult > to see what the real change is without using git show -w -b). Yeah, sorry about that, but then again stuff like this rarely gets done otherwise. ;-) > [...] > I haven't looked at the bunsen import, I assume you have and that it > looks fine? Definitely (can see them on sourceware). > One last request. Could you add a little paragraph under "Running the > regression tests" in README_DEVELOPERS about the test-suite*.log and > *.vgtest.[trs|log] files? Done, it says: +The details of each vgtest run are logged to individual "vgtest.log" +files. These are listed, and non-passing tests detailed, in the +test-suite-overall.log file. (Token *.trs and test-suite.log files +are also created, for emulating automake-style testsuites, as expected +by tools such as bunsen.) Code in the users/fche/try-vgregtest branch updated. Thanks for the review! - FChE |
|
From: Mark W. <ma...@kl...> - 2024-08-21 21:02:04
|
Hi Frank,
On Wed, Aug 14, 2024 at 03:28:27PM -0400, Frank Ch. Eigler wrote:
> > You don't have to look at them, but they are there. So I am sure people
> > will look at them and wonder what/why they are empty. I think it would
> > be good if they weren't totally empty but contained at least some hint
> > of where to look for the "real" results. [...]
>
> Good idea, added.
See *.log files for details on each test in this directory.
See /home/mark/src/valgrind/test-suite-overall.log
Nice. Thanks.
> > > Code is in the users/fche/try-vgregtest branch.
> > There are 4 commits on that branch. I assume you want to squash those?
>
> Yes, done now.
>
> > Might be better to be precise and add test-suite.log and /test-suite-
> > overall.log separately?
> >
> > +/test-suite-overall.log
> > +test-suite.log
>
> Sure, done.
Thanks.
> > [...]
> > Kind of same question here. Why search for the test-suite-overall.log?
> > Don't we know exactly where it is? Just remove it directly?
>
> Sure, done.
>
> > > -sub mysystem($)
> > > +sub mysystem($@)
> > ^ extra whitespace.
>
> OK, trimmed off all line-ending whitespace throughout file.
Thanks. Although I am not a fan of doing it for the whole file at the
same time as the rest of the patch (now it is slightly more difficult
to see what the real change is without using git show -w -b).
> > > {
> > > - my $exit_code = system($_[0]);
> > > + my $tslog = shift(@_);
> > > + print $tslog scalar localtime, " executing @_\n";
> > > + my $exit_code = system(@_);
> > > + print $tslog scalar localtime, " rc $exit_code\n";
> > > ($exit_code == 2) and exit 1; # 2 is SIGINT
> > > return $exit_code;
> > > }
> >
> > I don't know precisely of tslog works, it obviously adds a timestamp.
> > But in this case it also indents, but before instead of after the
> > timestamp, which seems odd, it results in the following:
>
> Not quite. What you're seeing is the indented transcription of the
> non-PASSing individual subtest .log in the test-suite-overall.log
> file. New code prefixes all such lines with
>
> | <tab>
>
> so it's a little more clear what's what.
Ah, nice. That makes things much clearer.
> > [...]
> > So all my comments are really whitespace comments :)
>
> OK, final (?) testing underway on the users/fche/try-vgregtest branch.
I looked over the diff -w -b and as far as my perl goes, it looks
good. Also the output files look ok. And the .gitignore and make clean
parts seem to work as expected.
I haven't looked at the bunsen import, I assume you have and that it
looks fine?
One last request. Could you add a little paragraph under "Running the
regression tests" in README_DEVELOPERS about the test-suite*.log and
*.vgtest.[trs|log] files?
Thanks,
Mark
|
|
From: Frank C. E. <fc...@re...> - 2024-08-21 19:54:08
|
Hi, Paul - > Does bunsen run on any non-Linux systems? > If not then as long as it doesn't break anything I don't mind. While bunsen should run fine on python3 platforms generally, it's not really a prerequisite for this work. Here the idea is to make the complete testsuite output be retained in a standardish human- and machine-readable form ... and not be in your way if you don't care. :-) - FChE |
|
From: D. J. B. <aut...@bo...> - 2024-08-19 20:11:29
|
There have been many successful "timing attacks" that break cryptographic software by working backwards from timings to secrets. One common use of valgrind's memcheck tool in cryptography is to catch data flow from secrets (marked with VALGRIND_MAKE_MEM_UNDEFINED) to branch instructions and array indices. Some references: https://neuromancer.sk/article/26 https://www.usenix.org/system/files/sec24fall-prepub-760-fourne.pdf https://bench.cr.yp.to/tips.html#timecop However, there are other variable-time instructions. Our new paper "KyberSlash: Exploiting secret-dependent division timings in Kyber implementations" includes demonstrations of secret-key recovery from the reference software for the Kyber cryptosystem in two different environments, exploiting the fact that compilers sometimes use variable-time division instructions for divisions in that software: https://kyberslash.cr.yp.to/papers.html The paper describes a patch to valgrind to optionally catch division instructions on undefined data. The point of this message is to propose this patch for inclusion in valgrind. The patch is attached. The patch was written by Tee Kiah Chia. A few API tweaks and tests in valgrind's test framework were added by D. J. Bernstein. The patch applies cleanly to valgrind's current git repository. As per valgrind/README, we have licensed the patch as follows: SPDX-License-Identifer: GPL-2.0-or-later The patch is designed to be off by default. The user can start scanning for divisions using --variable-latency-errors=yes on the command line, VALGRIND_CLO_CHANGE("--variable-latency-errors=yes") from the program under test, or, easiest to use, a new environment variable VALGRIND_BESTEFFORT_VARIABLE_LATENCY_ERRORS=yes. Internally, the patch is designed to allow easy future extensions to catch timing variations in instructions other than divisions. The patch catches square roots as an example. A natural long-term goal is to synchronize the allowed instructions with lists from CPU designers: https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/resources/data-operand-independent-timing-instructions.html https://developer.arm.com/documentation/ddi0595/2021-06/AArch64-Registers/DIT--Data-Independent-Timing This would also naturally resolve inconsistency #8 (vector shifts) documented in memcheck/mc_translate.c. Full synchronization will, however, be a large project. Division is an immediate problem for many cryptographic implementations (as shown by the scans reported in the KyberSlash paper), so there is immediate value in a patch that looks for divisions. ---D. J. Bernstein (on behalf of the KyberSlash paper authors) |
|
From: Andreas A. <ar...@so...> - 2024-08-19 13:24:26
|
https://sourceware.org/git/gitweb.cgi?p=valgrind.git;h=1375f1d0b3f1f50feb2315b00517126f27f9776e commit 1375f1d0b3f1f50feb2315b00517126f27f9776e Author: Andreas Arnez <ar...@li...> Date: Mon Aug 19 15:22:40 2024 +0200 s390x: Fix PC calculations with EX/EXRL When executing under EX or EXRL, some instructions yield wrong results under Valgrind. This affects * PC-relative instructions such as LARL or BRC * instructions that set a link register, such as BASR The issue is caused by confusions about the various instruction addresses involved. When executing an instruction under EX or EXRL, the following addresses are relevant: (1) The address of the execute instruction (guest_IA_curr_instr). This is needed when restarting the instruction or iterating over it. (2) The address following the execute instruction (guest_IA_next_instr). This is what a link register needs to be set to. (3) The address of the target instruction. This is the base for relative addressing. The latter isn't handled at all when translating for EX/EXRL. And the instructions that set a link register don't use guest_IA_next_instr, but add their own instruction length to guest_IA_curr_instr. This is wrong whenever the target instruction and the EX/EXRL instruction have different lengths. Fix all this and enhance the test cases accordingly. The updated test cases fail before this patch and succeed afterwards. Diff: --- VEX/priv/guest_s390_defs.h | 5 +++- VEX/priv/guest_s390_helpers.c | 3 ++- VEX/priv/guest_s390_toIR.c | 49 +++++++++++++++++++++++++--------------- none/tests/s390x/ex.c | 26 +++++++++++++++++++++ none/tests/s390x/ex.stdout.exp | 6 +++++ none/tests/s390x/exrl.c | 26 +++++++++++++++++++++ none/tests/s390x/exrl.stdout.exp | 6 +++++ 7 files changed, 101 insertions(+), 20 deletions(-) diff --git a/VEX/priv/guest_s390_defs.h b/VEX/priv/guest_s390_defs.h index 69e804cce2..a64d563ec9 100644 --- a/VEX/priv/guest_s390_defs.h +++ b/VEX/priv/guest_s390_defs.h @@ -69,7 +69,7 @@ extern VexGuestLayout s390xGuest_layout; /*------------------------------------------------------------*/ /*--- Helper functions. ---*/ /*------------------------------------------------------------*/ -void s390x_dirtyhelper_EX(ULong torun); +void s390x_dirtyhelper_EX(ULong torun, Addr64 addr); ULong s390x_dirtyhelper_STCK(ULong *addr); ULong s390x_dirtyhelper_STCKF(ULong *addr); ULong s390x_dirtyhelper_STCKE(ULong *addr); @@ -253,6 +253,9 @@ UInt s390_calculate_cond(ULong mask, ULong op, ULong dep1, ULong dep2, /* Last target instruction for the EX helper */ extern ULong last_execute_target; +/* Base for relative addressing while processing EX */ +extern Addr64 guest_IA_rel_base; + /*------------------------------------------------------------*/ /*--- Vector helpers. ---*/ /*------------------------------------------------------------*/ diff --git a/VEX/priv/guest_s390_helpers.c b/VEX/priv/guest_s390_helpers.c index 69a7c7d061..94d0a242db 100644 --- a/VEX/priv/guest_s390_helpers.c +++ b/VEX/priv/guest_s390_helpers.c @@ -260,9 +260,10 @@ VexGuestLayout s390xGuest_layout = { /*--- Dirty helper for EXecute ---*/ /*------------------------------------------------------------*/ void -s390x_dirtyhelper_EX(ULong torun) +s390x_dirtyhelper_EX(ULong torun, Addr64 addr) { last_execute_target = torun; + guest_IA_rel_base = addr; } diff --git a/VEX/priv/guest_s390_toIR.c b/VEX/priv/guest_s390_toIR.c index c237a96558..1d8fb72cc5 100644 --- a/VEX/priv/guest_s390_toIR.c +++ b/VEX/priv/guest_s390_toIR.c @@ -75,6 +75,9 @@ static Bool sigill_diag; enum { Invalid_execute_target = 1 }; ULong last_execute_target = Invalid_execute_target; +/* The guest address to be used as the base for relative addresses. */ +Addr64 guest_IA_rel_base; + /* The possible outcomes of a decoding operation */ typedef enum { S390_DECODE_OK, @@ -405,7 +408,7 @@ mkF64i(ULong value) static __inline__ Addr64 addr_rel_long(UInt offset) { - return guest_IA_curr_instr + ((Addr64)(Long)(Int)offset << 1); + return guest_IA_rel_base + ((Addr64)(Long)(Int)offset << 1); } /* Return the 64-bit address with the given 16-bit "relative" offset from the @@ -413,7 +416,7 @@ addr_rel_long(UInt offset) static __inline__ Addr64 addr_relative(UShort offset) { - return guest_IA_curr_instr + ((Addr64)(Long)(Short)offset << 1); + return guest_IA_rel_base + ((Addr64)(Long)(Short)offset << 1); } /* Little helper function for my sanity. ITE = if-then-else */ @@ -5375,14 +5378,14 @@ s390_irgen_BASR(UChar r1, UChar r2) IRTemp target = newTemp(Ity_I64); if (r2 == 0) { - put_gpr_dw0(r1, mkU64(guest_IA_curr_instr + 2ULL)); + put_gpr_dw0(r1, mkU64(guest_IA_next_instr)); } else { if (r1 != r2) { - put_gpr_dw0(r1, mkU64(guest_IA_curr_instr + 2ULL)); + put_gpr_dw0(r1, mkU64(guest_IA_next_instr)); call_function(get_gpr_dw0(r2)); } else { assign(target, get_gpr_dw0(r2)); - put_gpr_dw0(r1, mkU64(guest_IA_curr_instr + 2ULL)); + put_gpr_dw0(r1, mkU64(guest_IA_next_instr)); call_function(mkexpr(target)); } } @@ -5395,7 +5398,7 @@ s390_irgen_BAS(UChar r1, IRTemp op2addr) { IRTemp target = newTemp(Ity_I64); - put_gpr_dw0(r1, mkU64(guest_IA_curr_instr + 4ULL)); + put_gpr_dw0(r1, mkU64(guest_IA_next_instr)); assign(target, mkexpr(op2addr)); call_function(mkexpr(target)); @@ -5565,7 +5568,7 @@ s390_irgen_BXLEG(UChar r1, UChar r3, IRTemp op2addr) static const HChar * s390_irgen_BRAS(UChar r1, UShort i2) { - put_gpr_dw0(r1, mkU64(guest_IA_curr_instr + 4ULL)); + put_gpr_dw0(r1, mkU64(guest_IA_next_instr)); call_function_and_chase(addr_relative(i2)); return "bras"; @@ -5574,7 +5577,7 @@ s390_irgen_BRAS(UChar r1, UShort i2) static const HChar * s390_irgen_BRASL(UChar r1, UInt i2) { - put_gpr_dw0(r1, mkU64(guest_IA_curr_instr + 6ULL)); + put_gpr_dw0(r1, mkU64(guest_IA_next_instr)); call_function_and_chase(addr_rel_long(i2)); return "brasl"; @@ -13186,7 +13189,7 @@ s390_irgen_EX_SS(UChar r, IRTemp addr2, IRTemp torun, assign(cond, binop(Iop_CmpNE64, mkexpr(torun), mkU64(last_execute_target))); /* If not, save the new value */ d = unsafeIRDirty_0_N (0, "s390x_dirtyhelper_EX", &s390x_dirtyhelper_EX, - mkIRExprVec_1(mkexpr(torun))); + mkIRExprVec_2(mkexpr(torun), mkexpr(addr2))); d->guard = mkexpr(cond); stmt(IRStmt_Dirty(d)); @@ -13235,7 +13238,7 @@ s390_irgen_EX(UChar r1, IRTemp addr2) /* so safe the code... */ d = unsafeIRDirty_0_N (0, "s390x_dirtyhelper_EX", &s390x_dirtyhelper_EX, - mkIRExprVec_1(mkexpr(unmodified_insn))); + mkIRExprVec_2(mkexpr(unmodified_insn), mkexpr(addr2))); stmt(IRStmt_Dirty(d)); /* and restart */ stmt(IRStmt_Put(S390X_GUEST_OFFSET(guest_CMSTART), @@ -13308,12 +13311,16 @@ s390_irgen_EX(UChar r1, IRTemp addr2) assign(torun, binop(Iop_Or64, mkexpr(unmodified_insn), binop(Iop_Shl64, mkexpr(orperand), mkU8(48)))); - /* Start with a check that saved code is still correct */ - assign(cond, binop(Iop_CmpNE64, mkexpr(torun), - mkU64(last_execute_target))); - /* If not, save the new value */ + /* Start with a check that saved code is still correct. Compare the target + * address as well, since it may be relevant to relative addressing. */ + assign( + cond, + binop(Iop_Or1, + binop(Iop_CmpNE64, mkexpr(torun), mkU64(last_execute_target)), + binop(Iop_CmpNE64, mkexpr(addr2), mkU64(guest_IA_rel_base)))); + /* If not, save the new values */ d = unsafeIRDirty_0_N (0, "s390x_dirtyhelper_EX", &s390x_dirtyhelper_EX, - mkIRExprVec_1(mkexpr(torun))); + mkIRExprVec_2(mkexpr(torun), mkexpr(addr2))); d->guard = mkexpr(cond); stmt(IRStmt_Dirty(d)); @@ -13339,16 +13346,20 @@ static const HChar * s390_irgen_EXRL(UChar r1, UInt offset) { IRTemp addr = newTemp(Ity_I64); - Addr64 bytes_addr = addr_rel_long(offset); - UChar *bytes = (UChar *)(HWord)bytes_addr; + Addr64 bytes_addr; + UChar *bytes; /* we might save one round trip because we know the target */ if (last_execute_target == Invalid_execute_target) { + bytes_addr = addr_rel_long(offset); + bytes = (UChar *)(HWord)bytes_addr; last_execute_target = ((ULong)bytes[0] << 56) | ((ULong)bytes[1] << 48); if (bytes[0] >= 0x40) last_execute_target |= ((ULong)bytes[2] << 40) | ((ULong)bytes[3] << 32); if (bytes[0] >= 0xc0) last_execute_target |= ((ULong)bytes[4] << 24) | ((ULong)bytes[5] << 16); - } + guest_IA_rel_base = bytes_addr; + } else + bytes_addr = guest_IA_rel_base; assign(addr, mkU64(bytes_addr)); s390_irgen_EX(r1, addr); return "exrl"; @@ -22994,6 +23005,8 @@ disInstr_S390(IRSB *irsb_IN, /* Set globals (see top of this file) */ guest_IA_curr_instr = guest_IP; + if (last_execute_target == Invalid_execute_target) + guest_IA_rel_base = guest_IA_curr_instr; irsb = irsb_IN; sigill_diag = sigill_diag_IN; diff --git a/none/tests/s390x/ex.c b/none/tests/s390x/ex.c index 439246eba9..a25087bcb3 100644 --- a/none/tests/s390x/ex.c +++ b/none/tests/s390x/ex.c @@ -5,6 +5,8 @@ char target[] ="XXXXXXXXXXXXXXXX"; int main(void) { + unsigned long offset; + setbuf(stdout, NULL); printf("------- Copy 10+1 bytes from buffer to target\n"); @@ -57,6 +59,30 @@ int main(void) printf("|\n"); printf("\n"); + printf("------- EX targeting a PC-relative instruction\n"); + asm volatile( "1:\n\t" + "larl 1,1b\n\t" + "lgr 2,1\n\t" + "ex 0, 0(2)\n\t" + "sgrk %0,1,2\n\t" + : "=d" (offset) : + : "1", "2"); + printf(" offset = |%016lx|\n", offset); + printf("\n"); + + printf("------- EX targeting a branch-and-link instruction\n"); + asm volatile( "larl 1,1f\n\t" + "ex 0, 0(1)\n\t" + ".insn e,0x0000\n\t" + "1:\n\t" + "brasl 2,2f\n\t" + "2:\n\t" + "sgrk %0,1,2\n\t" + : "=&d" (offset) : + : "1", "2"); + printf(" offset = |%016lx|\n", offset); + printf("\n"); + return 0; } diff --git a/none/tests/s390x/ex.stdout.exp b/none/tests/s390x/ex.stdout.exp index 1271b58253..c898774d34 100644 --- a/none/tests/s390x/ex.stdout.exp +++ b/none/tests/s390x/ex.stdout.exp @@ -11,3 +11,9 @@ after: target = |0123456789aXXXXX| ------- EX to OR in the syscall number (writes out target) target = |0123456789aXXXXX| +------- EX targeting a PC-relative instruction + offset = |0000000000000000| + +------- EX targeting a branch-and-link instruction + offset = |0000000000000002| + diff --git a/none/tests/s390x/exrl.c b/none/tests/s390x/exrl.c index e669e484fe..927476e819 100644 --- a/none/tests/s390x/exrl.c +++ b/none/tests/s390x/exrl.c @@ -5,6 +5,8 @@ char target[] ="XXXXXXXXXXXXXXXX"; int main(void) { + unsigned long offset; + setbuf(stdout, NULL); printf("------- Copy 10+1 bytes from buffer to target\n"); @@ -64,6 +66,30 @@ int main(void) : : "a" (target) : "1", "2", "3", "4"); printf(" target = |%s|\n", target); + printf("\n"); + + printf("------- EXRL targeting a PC-relative instruction\n"); + asm volatile( "basr 1,0\n\t" + "j 2f\n\t" + "1:\n\t" + "larl 2,1b\n\t" + "2:\n\t" + ".insn ril,0xc60000000000,0,1b\n\t" // exrl 0, 1b + "sgrk %0,2,1\n\t" + : "=d" (offset) : + : "1", "2"); + printf(" offset = |%016lx|\n", offset); + printf("\n"); + + printf("------- EXRL targeting a branch-and-link instruction\n"); + asm volatile( "1:\n\t" + "basr 1,0\n\t" + "lgr 2,1\n\t" + ".insn ril,0xc60000000000,0,1b\n\t" // exrl 0, 1b + "sgrk %0,1,2\n\t" + : "=&d" (offset) : + : "1", "2"); + printf(" offset = |%016lx|\n", offset); return 0; } diff --git a/none/tests/s390x/exrl.stdout.exp b/none/tests/s390x/exrl.stdout.exp index 30dcde8295..2d81007ff0 100644 --- a/none/tests/s390x/exrl.stdout.exp +++ b/none/tests/s390x/exrl.stdout.exp @@ -13,3 +13,9 @@ after: target = |0123456789aXXXXX| ------- EXRL with negative offset target = |01010101010XXXXX| + +------- EXRL targeting a PC-relative instruction + offset = |0000000000000004| + +------- EXRL targeting a branch-and-link instruction + offset = |000000000000000a| |
|
From: Paul F. <pj...@wa...> - 2024-08-18 07:21:31
|
On 16-07-24 16:58, Frank Ch. Eigler wrote: > Hi - > > I'd like to help make valgrind test results more archivable and > machine-readable, so that we can automate builds & testing better. We > operate a system called bunsen over on sourceware.org (= valgrind.org) > which supports ingesting result text files after a "make check" (or > whatever). However, valgrind's vg_regtest doesn't leave apprx. any of > that around when it runs. Does bunsen run on any non-Linux systems? If not then as long as it doesn't break anything I don't mind. A+ Paul |
413 messages has been excluded from this view by a project administrator.
