|
From: <sv...@va...> - 2014-02-24 21:01:24
|
Author: cborntra
Date: Mon Feb 24 21:01:14 2014
New Revision: 13838
Log:
This fixes the shadow validity setup of SP,IA and FPC. The current
code misses a char * cast and thus uses a wrong pointer for memset.
This resulted in corruptions of a thread state for multi threaded
programs. After vex: r2818 the memset did overwrite the tid value
of a thread, making this bug visible.
Lets use the c structures instead of pointer arithmetics.
Modified:
trunk/NEWS
trunk/coregrind/m_initimg/initimg-linux.c
Modified: trunk/NEWS
==============================================================================
--- trunk/NEWS (original)
+++ trunk/NEWS Mon Feb 24 21:01:14 2014
@@ -63,6 +63,7 @@
331337 s390x WARNING: unhandled syscall: 326 (dup3)
331380 Syscall param timer_create(evp) points to uninitialised byte(s)
n-i-bz Fix KVM_CREATE_IRQCHIP ioctl handling
+n-i-bz s390x: Fix memory corruption for multithreaded applications
Release 3.9.0 (31 October 2013)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Modified: trunk/coregrind/m_initimg/initimg-linux.c
==============================================================================
--- trunk/coregrind/m_initimg/initimg-linux.c (original)
+++ trunk/coregrind/m_initimg/initimg-linux.c Mon Feb 24 21:01:14 2014
@@ -1078,9 +1078,9 @@
VG_(memset)(&arch->vex_shadow1, 0xFF, sizeof(VexGuestS390XState));
VG_(memset)(&arch->vex_shadow2, 0x00, sizeof(VexGuestS390XState));
/* ... except SP, FPC, and IA */
- VG_(memset)(&arch->vex_shadow1 + VG_O_STACK_PTR, 0x00, 8);
- VG_(memset)(&arch->vex_shadow1 + VG_O_FPC_REG, 0x00, 4);
- VG_(memset)(&arch->vex_shadow1 + VG_O_INSTR_PTR, 0x00, 8);
+ arch->vex_shadow1.guest_SP = 0;
+ arch->vex_shadow1.guest_fpc = 0;
+ arch->vex_shadow1.guest_IA = 0;
/* Put essential stuff into the new state. */
arch->vex.guest_SP = iifii.initial_client_SP;
|