You can subscribe to this list here.
| 2002 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
(1) |
Oct
(122) |
Nov
(152) |
Dec
(69) |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2003 |
Jan
(6) |
Feb
(25) |
Mar
(73) |
Apr
(82) |
May
(24) |
Jun
(25) |
Jul
(10) |
Aug
(11) |
Sep
(10) |
Oct
(54) |
Nov
(203) |
Dec
(182) |
| 2004 |
Jan
(307) |
Feb
(305) |
Mar
(430) |
Apr
(312) |
May
(187) |
Jun
(342) |
Jul
(487) |
Aug
(637) |
Sep
(336) |
Oct
(373) |
Nov
(441) |
Dec
(210) |
| 2005 |
Jan
(385) |
Feb
(480) |
Mar
(636) |
Apr
(544) |
May
(679) |
Jun
(625) |
Jul
(810) |
Aug
(838) |
Sep
(634) |
Oct
(521) |
Nov
(965) |
Dec
(543) |
| 2006 |
Jan
(494) |
Feb
(431) |
Mar
(546) |
Apr
(411) |
May
(406) |
Jun
(322) |
Jul
(256) |
Aug
(401) |
Sep
(345) |
Oct
(542) |
Nov
(308) |
Dec
(481) |
| 2007 |
Jan
(427) |
Feb
(326) |
Mar
(367) |
Apr
(255) |
May
(244) |
Jun
(204) |
Jul
(223) |
Aug
(231) |
Sep
(354) |
Oct
(374) |
Nov
(497) |
Dec
(362) |
| 2008 |
Jan
(322) |
Feb
(482) |
Mar
(658) |
Apr
(422) |
May
(476) |
Jun
(396) |
Jul
(455) |
Aug
(267) |
Sep
(280) |
Oct
(253) |
Nov
(232) |
Dec
(304) |
| 2009 |
Jan
(486) |
Feb
(470) |
Mar
(458) |
Apr
(423) |
May
(696) |
Jun
(461) |
Jul
(551) |
Aug
(575) |
Sep
(134) |
Oct
(110) |
Nov
(157) |
Dec
(102) |
| 2010 |
Jan
(226) |
Feb
(86) |
Mar
(147) |
Apr
(117) |
May
(107) |
Jun
(203) |
Jul
(193) |
Aug
(238) |
Sep
(300) |
Oct
(246) |
Nov
(23) |
Dec
(75) |
| 2011 |
Jan
(133) |
Feb
(195) |
Mar
(315) |
Apr
(200) |
May
(267) |
Jun
(293) |
Jul
(353) |
Aug
(237) |
Sep
(278) |
Oct
(611) |
Nov
(274) |
Dec
(260) |
| 2012 |
Jan
(303) |
Feb
(391) |
Mar
(417) |
Apr
(441) |
May
(488) |
Jun
(655) |
Jul
(590) |
Aug
(610) |
Sep
(526) |
Oct
(478) |
Nov
(359) |
Dec
(372) |
| 2013 |
Jan
(467) |
Feb
(226) |
Mar
(391) |
Apr
(281) |
May
(299) |
Jun
(252) |
Jul
(311) |
Aug
(352) |
Sep
(481) |
Oct
(571) |
Nov
(222) |
Dec
(231) |
| 2014 |
Jan
(185) |
Feb
(329) |
Mar
(245) |
Apr
(238) |
May
(281) |
Jun
(399) |
Jul
(382) |
Aug
(500) |
Sep
(579) |
Oct
(435) |
Nov
(487) |
Dec
(256) |
| 2015 |
Jan
(338) |
Feb
(357) |
Mar
(330) |
Apr
(294) |
May
(191) |
Jun
(108) |
Jul
(142) |
Aug
(261) |
Sep
(190) |
Oct
(54) |
Nov
(83) |
Dec
(22) |
| 2016 |
Jan
(49) |
Feb
(89) |
Mar
(33) |
Apr
(50) |
May
(27) |
Jun
(34) |
Jul
(53) |
Aug
(53) |
Sep
(98) |
Oct
(206) |
Nov
(93) |
Dec
(53) |
| 2017 |
Jan
(65) |
Feb
(82) |
Mar
(102) |
Apr
(86) |
May
(187) |
Jun
(67) |
Jul
(23) |
Aug
(93) |
Sep
(65) |
Oct
(45) |
Nov
(35) |
Dec
(17) |
| 2018 |
Jan
(26) |
Feb
(35) |
Mar
(38) |
Apr
(32) |
May
(8) |
Jun
(43) |
Jul
(27) |
Aug
(30) |
Sep
(43) |
Oct
(42) |
Nov
(38) |
Dec
(67) |
| 2019 |
Jan
(32) |
Feb
(37) |
Mar
(53) |
Apr
(64) |
May
(49) |
Jun
(18) |
Jul
(14) |
Aug
(53) |
Sep
(25) |
Oct
(30) |
Nov
(49) |
Dec
(31) |
| 2020 |
Jan
(87) |
Feb
(45) |
Mar
(37) |
Apr
(51) |
May
(99) |
Jun
(36) |
Jul
(11) |
Aug
(14) |
Sep
(20) |
Oct
(24) |
Nov
(40) |
Dec
(23) |
| 2021 |
Jan
(14) |
Feb
(53) |
Mar
(85) |
Apr
(15) |
May
(19) |
Jun
(3) |
Jul
(14) |
Aug
(1) |
Sep
(57) |
Oct
(73) |
Nov
(56) |
Dec
(22) |
| 2022 |
Jan
(3) |
Feb
(22) |
Mar
(6) |
Apr
(55) |
May
(46) |
Jun
(39) |
Jul
(15) |
Aug
(9) |
Sep
(11) |
Oct
(34) |
Nov
(20) |
Dec
(36) |
| 2023 |
Jan
(79) |
Feb
(41) |
Mar
(99) |
Apr
(169) |
May
(48) |
Jun
(16) |
Jul
(16) |
Aug
(57) |
Sep
(19) |
Oct
|
Nov
|
Dec
|
| S | M | T | W | T | F | S |
|---|---|---|---|---|---|---|
|
|
|
|
|
|
1
(1) |
2
(3) |
|
3
(6) |
4
(2) |
5
(2) |
6
(5) |
7
(4) |
8
(3) |
9
(3) |
|
10
(4) |
11
(7) |
12
(3) |
13
(4) |
14
|
15
|
16
|
|
17
|
18
|
19
(6) |
20
|
21
|
22
|
23
|
|
24
|
25
|
26
|
27
(2) |
28
|
29
|
30
|
|
From: Paul F. <pa...@so...> - 2022-04-10 21:06:48
|
https://sourceware.org/git/gitweb.cgi?p=valgrind.git;h=2b33a318d8d0844337bb0350008002c73e976203 commit 2b33a318d8d0844337bb0350008002c73e976203 Author: Paul Floyd <pj...@wa...> Date: Sun Apr 10 23:02:13 2022 +0200 Update Solaris execve with checks for NULL argv Also requires 2 expected to be updated Diff: --- coregrind/m_syswrap/syswrap-solaris.c | 40 +++++++++++++++++++++++++++----- memcheck/tests/solaris/execx.stderr.exp | 4 ++++ memcheck/tests/solaris/scalar.stderr.exp | 4 ++++ 3 files changed, 42 insertions(+), 6 deletions(-) diff --git a/coregrind/m_syswrap/syswrap-solaris.c b/coregrind/m_syswrap/syswrap-solaris.c index ea46073427..992fbeb9c4 100644 --- a/coregrind/m_syswrap/syswrap-solaris.c +++ b/coregrind/m_syswrap/syswrap-solaris.c @@ -3618,6 +3618,10 @@ PRE(sys_fdsync) PRE(sys_execve) { Int i, j; + Addr arg_2_check; + const char* str2 = "execve(argv)"; + const char* str3 = "execve(argv[0])"; + const char* str4 = "execve(argv[i])"; /* This is a Solaris specific version of the generic pre-execve wrapper. */ #if defined(SOLARIS_EXECVE_SYSCALL_TAKES_FLAGS) @@ -3645,12 +3649,8 @@ PRE(sys_execve) if (ARG1_is_fd == False) PRE_MEM_RASCIIZ("execve(filename)", ARG1); - if (ARG2) - ML_(pre_argv_envp)(ARG2, tid, "execve(argv)", "execve(argv[i])"); - if (ARG3) - ML_(pre_argv_envp)(ARG3, tid, "execve(envp)", "execve(envp[i])"); - - /* Erk. If the exec fails, then the following will have made a mess of + + /* Erk. If the exec fails, then the following will have made a mess of things which makes it hard for us to continue. The right thing to do is piece everything together again in POST(execve), but that's close to impossible. Instead, we make an effort to check that the execve will @@ -3678,6 +3678,34 @@ PRE(sys_execve) VG_(unimplemented)("Syswrap of execve where fd points to a hardlink."); } + arg_2_check = (Addr)ARG2; + + /* argv[] should not be NULL and valid. */ + PRE_MEM_READ(str2, arg_2_check, sizeof(Addr)); + + /* argv[0] should not be NULL and valid. */ + if (ML_(safe_to_deref)((HChar **) (Addr)arg_2_check, sizeof(HChar *))) { + Addr argv0 = *(Addr*)arg_2_check; + PRE_MEM_RASCIIZ( str3, argv0 ); + /* The rest of argv can be NULL or a valid string pointer. */ + if (VG_(am_is_valid_for_client)(arg_2_check, sizeof(HChar), VKI_PROT_READ)) { + arg_2_check += sizeof(HChar*); + ML_(pre_argv_envp)( arg_2_check, tid, str2, str4 ); + } + } else { + SET_STATUS_Failure(VKI_EFAULT); + return; + } + + if (ARG3 != 0) { + /* At least the terminating NULL must be addressable. */ + if (!ML_(safe_to_deref)((HChar **) (Addr)ARG3, sizeof(HChar *))) { + SET_STATUS_Failure(VKI_EFAULT); + return; + } + ML_(pre_argv_envp)( ARG3, tid, "execve(envp)", "execve(envp[i])" ); + } + /* Check that the name at least begins in client-accessible storage. */ if (ARG1_is_fd == False) { if ((fname == NULL) || !ML_(safe_to_deref)(fname, 1)) { diff --git a/memcheck/tests/solaris/execx.stderr.exp b/memcheck/tests/solaris/execx.stderr.exp index 9e86cbdf84..30c885b72c 100644 --- a/memcheck/tests/solaris/execx.stderr.exp +++ b/memcheck/tests/solaris/execx.stderr.exp @@ -2,3 +2,7 @@ Syscall param execve(filename) points to unaddressable byte(s) ... Address 0x........ is not stack'd, malloc'd or (recently) free'd +Syscall param execve(argv) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + diff --git a/memcheck/tests/solaris/scalar.stderr.exp b/memcheck/tests/solaris/scalar.stderr.exp index df1f974758..1a04979d19 100644 --- a/memcheck/tests/solaris/scalar.stderr.exp +++ b/memcheck/tests/solaris/scalar.stderr.exp @@ -1011,6 +1011,10 @@ Syscall param execve(filename) points to unaddressable byte(s) ... Address 0x........ is not stack'd, malloc'd or (recently) free'd +Syscall param execve(argv) points to unaddressable byte(s) + ... + Address 0x........ is not stack'd, malloc'd or (recently) free'd + --------------------------------------------------------- 60: SYS_umask 1s 0m --------------------------------------------------------- |
|
From: Paul F. <pj...@wa...> - 2022-04-10 19:43:13
|
On 4/9/22 00:56, Mark Wielaard wrote: > Hi valgrind hackers, > > An RC2 tarball for 3.19.0 is now available at > ftp://sourceware.org/pub/valgrind/valgrind-3.19.0.RC2.tar.bz2 > https://sourceware.org/pub/valgrind/valgrind-3.19.0.RC2.tar.bz2 > (md5sum = 002f3b97f93f16c8afa957bee90b2198) > > Please give it a try in configurations that are important for you and > report any problems you have, either on this mailing list, or > (preferably) via our bug tracker at > https://bugs.kde.org/enter_bug.cgi?product=valgrind > > I believe this is in pretty good shape. So unless someone reports a > showstopper this weekend I like to do a 3.19.0 final release on > Monday (April 11). > OK on FreeBSD. Haven't had time to test macOS, still working on fixing execve on Solaris. A+ Paul |
|
From: Paul F. <pa...@so...> - 2022-04-10 19:02:54
|
https://sourceware.org/git/gitweb.cgi?p=valgrind.git;h=5f83395616befb96af66ec2cc7f4330605271faf commit 5f83395616befb96af66ec2cc7f4330605271faf Author: Paul Floyd <pj...@wa...> Date: Sun Apr 10 20:55:28 2022 +0200 Fix a crash handling fexecve. Found this by testing the Solaris execx (the bits that are Linux-cmpatible) test. That was giving --28286-- VALGRIND INTERNAL ERROR: Valgrind received a signal 11 (SIGSEGV) - exiting --28286-- si_code=2; Faulting address: 0x4A0095A; sp: 0x1002ca9c88 valgrind: the 'impossible' happened: Killed by fatal signal host stacktrace: ==28286== at 0x5803DE54: vgPlain_strcpy (m_libcbase.c:309) ==28286== by 0x5810A9B3: vgSysWrap_linux_sys_execveat_before (syswrap-linux.c:13310) ==28286== by 0x580953C9: vgPlain_client_syscall (syswrap-main.c:2234) It's a mistake to copy the path obtained with VG_(resolve_filename) to the client ARG2, it's unlikely to have space for the path. Instead just copy the pointer. Diff: --- coregrind/m_syswrap/syswrap-linux.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/coregrind/m_syswrap/syswrap-linux.c b/coregrind/m_syswrap/syswrap-linux.c index 38edccc983..e2fafd4213 100644 --- a/coregrind/m_syswrap/syswrap-linux.c +++ b/coregrind/m_syswrap/syswrap-linux.c @@ -13307,7 +13307,7 @@ PRE(sys_execveat) if (path[0] == '\0') { if (ARG5 & VKI_AT_EMPTY_PATH) { if (VG_(resolve_filename)(ARG1, &buf)) { - VG_(strcpy)(path, buf); + path = buf; check_pathptr = False; } } |
|
From: Paul F. <pj...@wa...> - 2022-04-10 08:42:53
|
On 04/ 9/22 02:56 AM, Mark Wielaard wrote: > Hi valgrind hackers, > > An RC2 tarball for 3.19.0 is now available at > ftp://sourceware.org/pub/valgrind/valgrind-3.19.0.RC2.tar.bz2 > https://sourceware.org/pub/valgrind/valgrind-3.19.0.RC2.tar.bz2 > (md5sum = 002f3b97f93f16c8afa957bee90b2198) > > Please give it a try in configurations that are important for you and > report any problems you have, either on this mailing list, or > (preferably) via our bug tracker at > https://bugs.kde.org/enter_bug.cgi?product=valgrind > > I believe this is in pretty good shape. So unless someone reports a > showstopper this weekend I like to do a 3.19.0 final release on > Monday (April 11). > Hi Mark Solaris 11.3 amd64 5 new stderr failures memcheck/tests/execve1 (stderr) memcheck/tests/execve2 (stderr) helgrind/tests/pth_mempcpy_false_races (stderr) drd/tests/pth_cond_destroy_busy (stderr) none/tests/execve (stderr) I'm not going to try to analyze the drd/hg diffs. memcheck/tests/execve[12] is a difference in the error message, not sure why execve two message diffs and a VG crash the problem is that Solaris doesn't use the generic execve wrapper and it doesn't check for null argv[] I'll see if I can fix that today. 1 new stderr pass drd/tests/swapcontext (stderr) 4 new stdtout failures cachegrind/tests/ann1 (post) cachegrind/tests/ann2 (post) callgrind/tests/ann1 (post) callgrind/tests/ann2 (post) these look fairly harmless, not sure why they are not on other platforms +@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ +@@ WARNING @@ WARNING @@ WARNING @@ WARNING @@ WARNING @@ WARNING @@ WARNING @@ +@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ +@ Source file 'a.c' is more recent than input file 'cgout-test'. +@ Annotations may not be correct. +@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ + A+ Paul |