You can subscribe to this list here.
| 2002 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
(1) |
Oct
(122) |
Nov
(152) |
Dec
(69) |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2003 |
Jan
(6) |
Feb
(25) |
Mar
(73) |
Apr
(82) |
May
(24) |
Jun
(25) |
Jul
(10) |
Aug
(11) |
Sep
(10) |
Oct
(54) |
Nov
(203) |
Dec
(182) |
| 2004 |
Jan
(307) |
Feb
(305) |
Mar
(430) |
Apr
(312) |
May
(187) |
Jun
(342) |
Jul
(487) |
Aug
(637) |
Sep
(336) |
Oct
(373) |
Nov
(441) |
Dec
(210) |
| 2005 |
Jan
(385) |
Feb
(480) |
Mar
(636) |
Apr
(544) |
May
(679) |
Jun
(625) |
Jul
(810) |
Aug
(838) |
Sep
(634) |
Oct
(521) |
Nov
(965) |
Dec
(543) |
| 2006 |
Jan
(494) |
Feb
(431) |
Mar
(546) |
Apr
(411) |
May
(406) |
Jun
(322) |
Jul
(256) |
Aug
(401) |
Sep
(345) |
Oct
(542) |
Nov
(308) |
Dec
(481) |
| 2007 |
Jan
(427) |
Feb
(326) |
Mar
(367) |
Apr
(255) |
May
(244) |
Jun
(204) |
Jul
(223) |
Aug
(231) |
Sep
(354) |
Oct
(374) |
Nov
(497) |
Dec
(362) |
| 2008 |
Jan
(322) |
Feb
(482) |
Mar
(658) |
Apr
(422) |
May
(476) |
Jun
(396) |
Jul
(455) |
Aug
(267) |
Sep
(280) |
Oct
(253) |
Nov
(232) |
Dec
(304) |
| 2009 |
Jan
(486) |
Feb
(470) |
Mar
(458) |
Apr
(423) |
May
(696) |
Jun
(461) |
Jul
(551) |
Aug
(575) |
Sep
(134) |
Oct
(110) |
Nov
(157) |
Dec
(102) |
| 2010 |
Jan
(226) |
Feb
(86) |
Mar
(147) |
Apr
(117) |
May
(107) |
Jun
(203) |
Jul
(193) |
Aug
(238) |
Sep
(300) |
Oct
(246) |
Nov
(23) |
Dec
(75) |
| 2011 |
Jan
(133) |
Feb
(195) |
Mar
(315) |
Apr
(200) |
May
(267) |
Jun
(293) |
Jul
(353) |
Aug
(237) |
Sep
(278) |
Oct
(611) |
Nov
(274) |
Dec
(260) |
| 2012 |
Jan
(303) |
Feb
(391) |
Mar
(417) |
Apr
(441) |
May
(488) |
Jun
(655) |
Jul
(590) |
Aug
(610) |
Sep
(526) |
Oct
(478) |
Nov
(359) |
Dec
(372) |
| 2013 |
Jan
(467) |
Feb
(226) |
Mar
(391) |
Apr
(281) |
May
(299) |
Jun
(252) |
Jul
(311) |
Aug
(352) |
Sep
(481) |
Oct
(571) |
Nov
(222) |
Dec
(231) |
| 2014 |
Jan
(185) |
Feb
(329) |
Mar
(245) |
Apr
(238) |
May
(281) |
Jun
(399) |
Jul
(382) |
Aug
(500) |
Sep
(579) |
Oct
(435) |
Nov
(487) |
Dec
(256) |
| 2015 |
Jan
(338) |
Feb
(357) |
Mar
(330) |
Apr
(294) |
May
(191) |
Jun
(108) |
Jul
(142) |
Aug
(261) |
Sep
(190) |
Oct
(54) |
Nov
(83) |
Dec
(22) |
| 2016 |
Jan
(49) |
Feb
(89) |
Mar
(33) |
Apr
(50) |
May
(27) |
Jun
(34) |
Jul
(53) |
Aug
(53) |
Sep
(98) |
Oct
(206) |
Nov
(93) |
Dec
(53) |
| 2017 |
Jan
(65) |
Feb
(82) |
Mar
(102) |
Apr
(86) |
May
(187) |
Jun
(67) |
Jul
(23) |
Aug
(93) |
Sep
(65) |
Oct
(45) |
Nov
(35) |
Dec
(17) |
| 2018 |
Jan
(26) |
Feb
(35) |
Mar
(38) |
Apr
(32) |
May
(8) |
Jun
(43) |
Jul
(27) |
Aug
(30) |
Sep
(43) |
Oct
(42) |
Nov
(38) |
Dec
(67) |
| 2019 |
Jan
(32) |
Feb
(37) |
Mar
(53) |
Apr
(64) |
May
(49) |
Jun
(18) |
Jul
(14) |
Aug
(53) |
Sep
(25) |
Oct
(30) |
Nov
(49) |
Dec
(31) |
| 2020 |
Jan
(87) |
Feb
(45) |
Mar
(37) |
Apr
(51) |
May
(99) |
Jun
(36) |
Jul
(11) |
Aug
(14) |
Sep
(20) |
Oct
(24) |
Nov
(40) |
Dec
(23) |
| 2021 |
Jan
(14) |
Feb
(53) |
Mar
(85) |
Apr
(15) |
May
(19) |
Jun
(3) |
Jul
(14) |
Aug
(1) |
Sep
(57) |
Oct
(73) |
Nov
(56) |
Dec
(22) |
| 2022 |
Jan
(3) |
Feb
(22) |
Mar
(6) |
Apr
(55) |
May
(46) |
Jun
(39) |
Jul
(15) |
Aug
(9) |
Sep
(11) |
Oct
(34) |
Nov
(20) |
Dec
(36) |
| 2023 |
Jan
(79) |
Feb
(41) |
Mar
(99) |
Apr
(169) |
May
(48) |
Jun
(16) |
Jul
(16) |
Aug
(57) |
Sep
(19) |
Oct
|
Nov
|
Dec
|
| S | M | T | W | T | F | S |
|---|---|---|---|---|---|---|
|
|
|
|
|
|
1
(1) |
2
(3) |
|
3
(6) |
4
(2) |
5
(2) |
6
(5) |
7
(4) |
8
(3) |
9
(3) |
|
10
(4) |
11
(7) |
12
(3) |
13
(4) |
14
|
15
|
16
|
|
17
|
18
|
19
(6) |
20
|
21
|
22
|
23
|
|
24
|
25
|
26
|
27
(2) |
28
|
29
|
30
|
|
From: Mark W. <ma...@so...> - 2022-04-06 22:49:55
|
https://sourceware.org/git/gitweb.cgi?p=valgrind.git;h=6a35b364c5db0f0c3edb7936de8b75c3995b0882 commit 6a35b364c5db0f0c3edb7936de8b75c3995b0882 Author: Di Chen <di...@re...> Date: Wed Mar 30 07:59:25 2022 +0800 memfd test should be memfd_create test Currently, syscall memfd_create was tested by this: $ perl tests/vg_regtest memcheck/tests/linux/memfd.vgtest Since memfd_secret introduced in kernel 5.14, valgrind should rename the "memfd" test to "memfd_create" test to avoid the ambiguity, so that user will not get confused with the "memfd_secret" test. After this change, syscall memfd_create will be tested by: $ perl tests/vg_regtest memcheck/tests/linux/memfd_create.vgtest Diff: --- .gitignore | 2 +- memcheck/tests/linux/Makefile.am | 4 ++-- memcheck/tests/linux/memfd.vgtest | 3 --- memcheck/tests/linux/{memfd.c => memfd_create.c} | 0 memcheck/tests/linux/{memfd.stderr.exp => memfd_create.stderr.exp} | 4 ++-- memcheck/tests/linux/memfd_create.vgtest | 3 +++ 6 files changed, 8 insertions(+), 8 deletions(-) diff --git a/.gitignore b/.gitignore index 86416f576c..5026fcbc78 100644 --- a/.gitignore +++ b/.gitignore @@ -1100,7 +1100,7 @@ /memcheck/tests/linux/lsframe2 /memcheck/tests/linux/Makefile /memcheck/tests/linux/Makefile.in -/memcheck/tests/linux/memfd +/memcheck/tests/linux/memfd_create /memcheck/tests/linux/rfcomm /memcheck/tests/linux/sigqueue /memcheck/tests/linux/stack_changes diff --git a/memcheck/tests/linux/Makefile.am b/memcheck/tests/linux/Makefile.am index 4f0d838434..d5991dc5e5 100644 --- a/memcheck/tests/linux/Makefile.am +++ b/memcheck/tests/linux/Makefile.am @@ -15,7 +15,7 @@ EXTRA_DIST = \ ioctl-tiocsig.vgtest ioctl-tiocsig.stderr.exp \ lsframe1.vgtest lsframe1.stdout.exp lsframe1.stderr.exp \ lsframe2.vgtest lsframe2.stdout.exp lsframe2.stderr.exp \ - memfd.vgtest memfd.stderr.exp \ + memfd_create.vgtest memfd_create.stderr.exp \ rfcomm.vgtest rfcomm.stderr.exp \ sigqueue.vgtest sigqueue.stderr.exp \ stack_changes.stderr.exp stack_changes.stdout.exp \ @@ -62,7 +62,7 @@ check_PROGRAMS += sys-openat endif if HAVE_MEMFD_CREATE -check_PROGRAMS += memfd +check_PROGRAMS += memfd_create endif if HAVE_COPY_FILE_RANGE diff --git a/memcheck/tests/linux/memfd.vgtest b/memcheck/tests/linux/memfd.vgtest deleted file mode 100644 index 4096401f73..0000000000 --- a/memcheck/tests/linux/memfd.vgtest +++ /dev/null @@ -1,3 +0,0 @@ -prereq: test -e memfd -vgopts: -q --track-origins=yes -prog: memfd diff --git a/memcheck/tests/linux/memfd.c b/memcheck/tests/linux/memfd_create.c similarity index 100% rename from memcheck/tests/linux/memfd.c rename to memcheck/tests/linux/memfd_create.c diff --git a/memcheck/tests/linux/memfd.stderr.exp b/memcheck/tests/linux/memfd_create.stderr.exp similarity index 57% rename from memcheck/tests/linux/memfd.stderr.exp rename to memcheck/tests/linux/memfd_create.stderr.exp index 13009d8ae4..27ccbfe494 100644 --- a/memcheck/tests/linux/memfd.stderr.exp +++ b/memcheck/tests/linux/memfd_create.stderr.exp @@ -1,6 +1,6 @@ Syscall param fcntl(arg) contains uninitialised byte(s) ... - by 0x........: main (memfd.c:72) + by 0x........: main (memfd_create.c:72) Uninitialised value was created by a client request - at 0x........: main (memfd.c:71) + at 0x........: main (memfd_create.c:71) diff --git a/memcheck/tests/linux/memfd_create.vgtest b/memcheck/tests/linux/memfd_create.vgtest new file mode 100644 index 0000000000..13b956333e --- /dev/null +++ b/memcheck/tests/linux/memfd_create.vgtest @@ -0,0 +1,3 @@ +prereq: test -e memfd_create +vgopts: -q --track-origins=yes +prog: memfd_create |
|
From: Mark W. <ma...@kl...> - 2022-04-06 22:36:08
|
Hi, On Wed, Mar 30, 2022 at 10:00:20AM +0000, Chen Di wrote: > Sorry for the confusing post, I think my patch got formatted slightly in an odd way. > > I have also attached the patch to bug: https://bugs.kde.org/show_bug.cgi?id=451878 > Could you please review it when you are avalable? Thanks, that applied fine. And I admit having been confused by memfd_create vs memfd_secret before. I have pushed this. Hope that helps creating a separate memfd_secret. But we are very close to the 3.19.0 release. So that might have to wait till after the release. Cheers, Mark |
|
From: Mark W. <ma...@so...> - 2022-04-06 21:07:26
|
https://sourceware.org/git/gitweb.cgi?p=valgrind.git;h=8eb547054a051a00742b1b9e1b381015fafeacb9 commit 8eb547054a051a00742b1b9e1b381015fafeacb9 Author: Mark Wielaard <ma...@kl...> Date: Wed Feb 16 22:56:31 2022 +0100 Warn for execve syscall with argv or argv[0] being NULL. For execve valgrind would silently fail when argv was NULL or unadressable. Make sure that this produces a warning under memcheck. The linux kernel accepts argv[0] being NULL, but most other kernels don't since posix says it should be non-NULL and it causes argc to be zero which is unexpected and might cause security issues. This adjusts some testcases so they don't rely on execve succeeding when argv is NULL and expect warnings about argv or argv[0] being NULL or unaddressable. https://bugs.kde.org/show_bug.cgi?id=450437 Diff: --- NEWS | 1 + coregrind/m_syswrap/syswrap-generic.c | 28 ++++++++++++++------ memcheck/tests/arm64-linux/scalar.stderr.exp | 11 +++++--- memcheck/tests/execve1.c | 2 +- memcheck/tests/execve1.stderr.exp | 2 +- memcheck/tests/execve2.stderr.exp | 5 ++++ memcheck/tests/linux/sys-execveat.stderr.exp | 12 +++++++++ memcheck/tests/x86-linux/scalar.c | 4 +-- memcheck/tests/x86-linux/scalar.stderr.exp | 18 ++++++++++--- none/tests/execve.c | 38 ++++++++++++++++++++++------ 10 files changed, 94 insertions(+), 27 deletions(-) diff --git a/NEWS b/NEWS index 730f2b5ff8..924032b3c1 100644 --- a/NEWS +++ b/NEWS @@ -93,6 +93,7 @@ are not entered into bugzilla tend to get forgotten about or ignored. 449838 sigsegv liburing the 'impossible' happened for io_uring_setup 450025 Powerc: ACC file not implemented as a logical overlay of the VSR registers. +450437 Warn for execve syscall with argv or argv[0] being NULL 450536 Powerpc: valgrind throws 'facility scv unavailable exception' 451626 Syscall param bpf(attr->raw_tracepoint.name) points to unaddressable byte(s) 451827 [ppc64le] VEX temporary storage exhausted with several vbpermq instructions diff --git a/coregrind/m_syswrap/syswrap-generic.c b/coregrind/m_syswrap/syswrap-generic.c index bc3fa6fe9f..44a60bf128 100644 --- a/coregrind/m_syswrap/syswrap-generic.c +++ b/coregrind/m_syswrap/syswrap-generic.c @@ -2933,6 +2933,7 @@ void handle_pre_sys_execve(ThreadId tid, SyscallStatus *status, Addr pathname, Bool setuid_allowed, trace_this_child; const char *str; char str2[30], str3[30]; + Addr arg_2_check = arg_2; switch (execveType) { case EXECVE: @@ -2951,15 +2952,26 @@ void handle_pre_sys_execve(ThreadId tid, SyscallStatus *status, Addr pathname, VG_(strcpy)(str2, str); VG_(strcpy)(str3, str); - if (arg_2 != 0) { - /* At least the terminating NULL must be addressable. */ - if (!ML_(safe_to_deref)((HChar **) (Addr)arg_2, sizeof(HChar *))) { - SET_STATUS_Failure(VKI_EFAULT); - return; + VG_(strcat)(str2, "(argv)"); + VG_(strcat)(str3, "(argv[0])"); + + /* argv[] should not be NULL and valid. */ + PRE_MEM_READ(str2, arg_2_check, sizeof(Addr)); + + /* argv[0] should not be NULL and valid. */ + if (ML_(safe_to_deref)((HChar **) (Addr)arg_2_check, sizeof(HChar *))) { + Addr argv0 = *(Addr*)arg_2_check; + PRE_MEM_RASCIIZ( str3, argv0 ); + /* The rest of argv can be NULL or a valid string pointer. */ + if (VG_(am_is_valid_for_client)(arg_2_check, sizeof(HChar), VKI_PROT_READ)) { + arg_2_check += sizeof(HChar*); + str3[VG_(strlen)(str)] = '\0'; + VG_(strcat)(str3, "(argv[i])"); + ML_(pre_argv_envp)( arg_2_check, tid, str2, str3 ); } - VG_(strcat)(str2, "(argv)"); - VG_(strcat)(str3, "(argv[i])"); - ML_(pre_argv_envp)( arg_2, tid, str2, str3 ); + } else { + SET_STATUS_Failure(VKI_EFAULT); + return; } // Reset helper strings to syscall name. str2[VG_(strlen)(str)] = '\0'; diff --git a/memcheck/tests/arm64-linux/scalar.stderr.exp b/memcheck/tests/arm64-linux/scalar.stderr.exp index 66975efcb2..4c81819b64 100644 --- a/memcheck/tests/arm64-linux/scalar.stderr.exp +++ b/memcheck/tests/arm64-linux/scalar.stderr.exp @@ -75,6 +75,11 @@ Syscall param execve(filename) points to unaddressable byte(s) by 0x........: main (scalar.c:91) Address 0x........ is not stack'd, malloc'd or (recently) free'd +Syscall param execve(argv) points to unaddressable byte(s) + ... + by 0x........: main (scalar.c:91) + Address 0x........ is not stack'd, malloc'd or (recently) free'd + ----------------------------------------------------- 49: __NR_chdir 1s 1m ----------------------------------------------------- @@ -576,13 +581,13 @@ Syscall param getpriority(who) contains uninitialised byte(s) ----------------------------------------------------- 140: __NR_setpriority 3s 0m ----------------------------------------------------- + +More than 100 errors detected. Subsequent errors +will still be recorded, but in less detail than before. Syscall param setpriority(which) contains uninitialised byte(s) ... by 0x........: main (scalar.c:458) - -More than 100 errors detected. Subsequent errors -will still be recorded, but in less detail than before. Syscall param setpriority(who) contains uninitialised byte(s) ... by 0x........: main (scalar.c:458) diff --git a/memcheck/tests/execve1.c b/memcheck/tests/execve1.c index 83e058a2f3..df36f145e0 100644 --- a/memcheck/tests/execve1.c +++ b/memcheck/tests/execve1.c @@ -4,7 +4,7 @@ int main(void) { char* null_filename = NULL; char* bad[2] = { (char*)1, NULL }; - char* good[1] = { NULL }; + char* good[2] = { "true", NULL }; execve(null_filename, bad, bad); execve("/bin/true", good, good); diff --git a/memcheck/tests/execve1.stderr.exp b/memcheck/tests/execve1.stderr.exp index 37a91b83a3..eebc1e5ebd 100644 --- a/memcheck/tests/execve1.stderr.exp +++ b/memcheck/tests/execve1.stderr.exp @@ -3,7 +3,7 @@ Syscall param execve(filename) points to unaddressable byte(s) by 0x........: main (execve1.c:9) Address 0x........ is not stack'd, malloc'd or (recently) free'd -Syscall param execve(argv[i]) points to unaddressable byte(s) +Syscall param execve(argv[0]) points to unaddressable byte(s) ... by 0x........: main (execve1.c:9) Address 0x........ is not stack'd, malloc'd or (recently) free'd diff --git a/memcheck/tests/execve2.stderr.exp b/memcheck/tests/execve2.stderr.exp index cd98593f7c..f9d7c35926 100644 --- a/memcheck/tests/execve2.stderr.exp +++ b/memcheck/tests/execve2.stderr.exp @@ -3,3 +3,8 @@ Syscall param execve(filename) points to unaddressable byte(s) by 0x........: main (execve2.c:9) Address 0x........ is not stack'd, malloc'd or (recently) free'd +Syscall param execve(argv) points to unaddressable byte(s) + ... + by 0x........: main (execve2.c:9) + Address 0x........ is not stack'd, malloc'd or (recently) free'd + diff --git a/memcheck/tests/linux/sys-execveat.stderr.exp b/memcheck/tests/linux/sys-execveat.stderr.exp index a58b0fb6ae..b49b9be981 100644 --- a/memcheck/tests/linux/sys-execveat.stderr.exp +++ b/memcheck/tests/linux/sys-execveat.stderr.exp @@ -17,3 +17,15 @@ Syscall param execveat(argv) points to uninitialised byte(s) at 0x........: malloc (vg_replace_malloc.c:...) by 0x........: main (sys-execveat.c:41) +Syscall param execveat(argv[0]) points to unaddressable byte(s) + ... + by 0x........: sys_execveat (sys-execveat.c:16) + by 0x........: main (sys-execveat.c:51) + Address 0x........ is not stack'd, malloc'd or (recently) free'd + +Syscall param execveat(argv) points to unaddressable byte(s) + ... + by 0x........: sys_execveat (sys-execveat.c:16) + by 0x........: main (sys-execveat.c:52) + Address 0x........ is not stack'd, malloc'd or (recently) free'd + diff --git a/memcheck/tests/x86-linux/scalar.c b/memcheck/tests/x86-linux/scalar.c index 52f0d4e353..54d0e0443a 100644 --- a/memcheck/tests/x86-linux/scalar.c +++ b/memcheck/tests/x86-linux/scalar.c @@ -95,9 +95,9 @@ int main(void) char *argv_envp[] = {(char *) (x0 + 1), NULL}; GO(__NR_execve, "4s 2m"); SY(__NR_execve, x0 + 1, x0 + argv_envp, x0); FAIL; - + char *argv_ok[] = {"frob", NULL}; GO(__NR_execve, "4s 2m"); - SY(__NR_execve, x0 + 1, x0, x0 + argv_envp); FAIL; + SY(__NR_execve, x0 + 1, x0 + argv_ok, x0 + argv_envp); FAIL; // __NR_chdir 12 GO(__NR_chdir, "1s 1m"); diff --git a/memcheck/tests/x86-linux/scalar.stderr.exp b/memcheck/tests/x86-linux/scalar.stderr.exp index 470023f0e0..b9202a8c2f 100644 --- a/memcheck/tests/x86-linux/scalar.stderr.exp +++ b/memcheck/tests/x86-linux/scalar.stderr.exp @@ -170,6 +170,11 @@ Syscall param execve(filename) points to unaddressable byte(s) by 0x........: main (scalar.c:90) Address 0x........ is not stack'd, malloc'd or (recently) free'd +Syscall param execve(argv) points to unaddressable byte(s) + ... + by 0x........: main (scalar.c:90) + Address 0x........ is not stack'd, malloc'd or (recently) free'd + ----------------------------------------------------- 11: __NR_execve 3s 1m ----------------------------------------------------- @@ -190,6 +195,11 @@ Syscall param execve(filename) points to unaddressable byte(s) by 0x........: main (scalar.c:93) Address 0x........ is not stack'd, malloc'd or (recently) free'd +Syscall param execve(argv) points to unaddressable byte(s) + ... + by 0x........: main (scalar.c:93) + Address 0x........ is not stack'd, malloc'd or (recently) free'd + ----------------------------------------------------- 11: __NR_execve 4s 2m ----------------------------------------------------- @@ -216,7 +226,7 @@ Syscall param execve(argv) points to uninitialised byte(s) Address 0x........ is on thread 1's stack in frame #1, created by main (scalar.c:29) -Syscall param execve(argv[i]) points to unaddressable byte(s) +Syscall param execve(argv[0]) points to unaddressable byte(s) ... by 0x........: main (scalar.c:97) Address 0x........ is not stack'd, malloc'd or (recently) free'd @@ -564,6 +574,9 @@ Syscall param pipe(filedes) contains uninitialised byte(s) ... by 0x........: main (scalar.c:225) + +More than 100 errors detected. Subsequent errors +will still be recorded, but in less detail than before. Syscall param pipe(filedes) points to unaddressable byte(s) ... by 0x........: main (scalar.c:225) @@ -576,9 +589,6 @@ Syscall param times(buf) contains uninitialised byte(s) ... by 0x........: main (scalar.c:229) - -More than 100 errors detected. Subsequent errors -will still be recorded, but in less detail than before. Syscall param times(buf) points to unaddressable byte(s) ... by 0x........: main (scalar.c:229) diff --git a/none/tests/execve.c b/none/tests/execve.c index 950842da29..a1af72fd9e 100644 --- a/none/tests/execve.c +++ b/none/tests/execve.c @@ -7,20 +7,42 @@ int main(int argc, char **argv) if (argc == 1) { // This tests the case where argv and envp are NULL, which is easy to - // get wrong because it's an unusual case. + // get wrong because it's an unusual case. It is also bad and only + // "worked" by accident with the linux kernel. -#if defined(VGO_solaris) - // Solaris requires non-NULL argv parameter char *const argv_exe[] = {"true", NULL}; - if (execve("/bin/true", argv_exe, NULL) < 0) + char *const v_null[] = { NULL }; + char *const v_minus_one[] = { (char *const) -1, NULL }; + +#if defined(VGO_solaris) + const char *exe = "/bin/true"; #elif defined(VGO_darwin) - if (execve("/usr/bin/true", NULL, NULL) < 0) + const char *exe = "/usr/bin/true"; #elif defined(VGO_freebsd) - char *const argv_exe[] = {"true", NULL}; - if (execve("/usr/bin/true", argv_exe, NULL) < 0) + const char *exe = "/usr/bin/true"; #else - if (execve("/bin/true", NULL, NULL) < 0) + const char *exe = "/bin/true"; #endif + + /* Try some bad argv and envp arguments, make sure the executable + doesn't actually exists, so execve doesn't accidentally succeeds. */ + if (execve("/%/", NULL, NULL) >= 0) + printf ("WHAT?"); + if (execve("/%/", (void *)-1, NULL) >= 0) + printf ("WHAT?"); + if (execve("/%/", v_null, NULL) >= 0) + printf ("WHAT?"); + if (execve("/%/", v_null, v_null) >= 0) + printf ("WHAT?"); + if (execve("/%/", v_minus_one, NULL) >= 0) + printf ("WHAT?"); + if (execve("/%/", v_minus_one, v_null) >= 0) + printf ("WHAT?"); + if (execve("/%/", v_minus_one, v_minus_one) >= 0) + printf ("WHAT?"); + + /* Finally a correct execve. */ + if (execve(exe, argv_exe, NULL) < 0) { perror("execve"); exit(1); |
|
From: Paul F. <pa...@so...> - 2022-04-06 18:54:36
|
https://sourceware.org/git/gitweb.cgi?p=valgrind.git;h=f540c79937c6348d3cb5508f83fee0c9def73d11 commit f540c79937c6348d3cb5508f83fee0c9def73d11 Author: Paul Floyd <pj...@wa...> Date: Wed Apr 6 20:51:54 2022 +0200 Missed macro when adding FreeBSD 13.1 Also add the names of some new FreeBSD 14 syscalls (not yet inplemented in Valgrind). Diff: --- coregrind/m_stacktrace.c | 2 +- coregrind/m_syswrap/syswrap-freebsd.c | 9 ++++++++- 2 files changed, 9 insertions(+), 2 deletions(-) diff --git a/coregrind/m_stacktrace.c b/coregrind/m_stacktrace.c index 4c45b97b9f..308bebdd86 100644 --- a/coregrind/m_stacktrace.c +++ b/coregrind/m_stacktrace.c @@ -594,7 +594,7 @@ UInt VG_(get_StackTrace_wrk) ( ThreadId tid_if_known, VG_(printf)(" ipsS[%d]=%#08lx rbp %#08lx rsp %#08lx\n", i-1, ips[i-1], uregs.xbp, uregs.xsp); -# if defined(VGO_darwin) || (defined(VGO_freebsd) && (FREEBSD_VERS < FREEBSD_13)) +# if defined(VGO_darwin) || (defined(VGO_freebsd) && (FREEBSD_VERS < FREEBSD_13_0)) if (VG_(is_valid_tid)(tid_if_known) && VG_(is_in_syscall)(tid_if_known) && i < max_n_ips) { diff --git a/coregrind/m_syswrap/syswrap-freebsd.c b/coregrind/m_syswrap/syswrap-freebsd.c index 6088d89d70..fcbd11fbbb 100644 --- a/coregrind/m_syswrap/syswrap-freebsd.c +++ b/coregrind/m_syswrap/syswrap-freebsd.c @@ -3856,6 +3856,7 @@ POST(sys_swapcontext) POST_MEM_WRITE( ARG1, sizeof(struct vki_ucontext) ); } +// @todo PJF In FreeBSD 14 and onwards this is SYS_freebsd13_swapoff // SYS_swapoff 424 // int swapoff(const char *special); PRE(sys_swapoff) @@ -6245,7 +6246,7 @@ PRE(sys___specialfd) PRE_MEM_READ("__specialfd(req)", (Addr)ARG2, ARG3); } -#endif // (FREEBSD_VERS >= FREEBSD_13) +#endif // (FREEBSD_VERS >= FREEBSD_13_0) #undef PRE #undef POST @@ -6956,6 +6957,12 @@ const SyscallTableEntry ML_(syscall_table)[] = { // unimpl __NR_aio_readv 579 #endif +#if (FREEBSD_VERS >= FREEBSD_14) + // unimpl __NR_fspacectl 580 + // unimpl __NR_sched_getcpu 581 + // unimpl __NR_swapoff 582 +#endif + BSDX_(__NR_fake_sigreturn, sys_fake_sigreturn), // 1000, fake sigreturn }; |
|
From: zgx1119 <zg...@gm...> - 2022-04-06 08:48:50
|
Below is my add code for my platform:
static Bool VG_(parse_cpuinfo)(void) {
..............
const char *search_Taroko_str = "cpu model\t\t: Taroko";
.................
else if (VG_(strstr)(file_buf, search_MIPS_str) != NULL ||
VG_(strstr)(file_buf, search_Taroko_str) != NULL)
vai.hwcaps = VEX_PRID_COMP_MIPS;
.......
}
Then run: [# valgrind --run-libc-freeres=no
--suppressions=/lib/valgrind/default.supp ./a
.out
machine_get_hwcaps============================machine_get_hwcaps============================1
machine_get_hwcaps============================3
==4512== Memcheck, a memory error detector
==4512== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al.
==4512== Using Valgrind-3.15.0 and LibVEX; rerun with -h for copyright info
==4512== Command: ./a.out
==4512==
vex mips->IR: unhandled instruction bytes: 0x0 0x40 0x63 0x40
==4512== valgrind: Unrecognised instruction at address 0x4897284.
==4512== at 0x4897284: ??? (in /usr/lib/libuClibc-1.0.31.so)
==4512== by 0x487C704: ??? (in /usr/lib/libuClibc-1.0.31.so)
==4512== Your program just tried to execute an instruction that Valgrind
==4512== did not recognise. There are two possible reasons for this.
==4512== 1. Your program has a bug and erroneously jumped to a non-code
==4512== location. If you are running Memcheck and you just saw a
==4512== warning about a bad jump, it's probably your program's fault.
==4512== 2. The instruction is legitimate but Valgrind doesn't handle it,
==4512== i.e. it's Valgrind's fault. If you think this is the case or
==4512== you are not sure, please let us know and we'll try to fix it.
==4512== Either way, Valgrind will now raise a SIGILL signal which will
==4512== probably kill your program.
==4512==
==4512== Process terminating with default action of signal 4 (SIGILL)
==4512== Illegal opcode at address 0x4897284
==4512== at 0x4897284: ??? (in /usr/lib/libuClibc-1.0.31.so)
==4512== by 0x487C704: ??? (in /usr/lib/libuClibc-1.0.31.so)
==4512==
==4512== HEAP SUMMARY:
==4512== in use at exit: 0 bytes in 0 blocks
==4512== total heap usage: 0 allocs, 0 frees, 0 bytes allocated
==4512==
==4512== All heap blocks were freed -- no leaks are possible
==4512==
==4512== For lists of detected and suppressed errors, rerun with: -s
==4512== ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 0 from 0)
Illegal instruction
Below is our platform cpu info:
# cat /proc/cpuinfo
system type : Realtek RTS39XX
machine : RTS3916 EVB
processor : 0
cpu model : Taroko V0.2 FPU V0.1
BogoMIPS : 798.72
wait instruction : yes
microsecond timers : yes
tlb_entries : 64
extra interrupt vector : no
hardware watchpoint : no
isa : mips1
ASEs implemented : mips16
shadow register sets : 1
kscratch registers : 0
package : 0
core : 0
VCED exceptions : not available
VCEI exceptions : not available
|