The original fix in svn r15793 read argument 6 separately by using PRA6
unconditionally. This is wrong. We need to first check whether a
track_pre_reg_read callback is registered (only memcheck does).
The PRE_REG_READX macro already had this check. Just add the same
before calling PRA6. Thanks to Tom Hughes for noticing. Without this
helgrind/tests/cond_timedwait_test and drd/tests/pth_inconsistent_cond_wait
regtests would fail.
git-svn-id: svn://svn.valgrind.org/valgrind/trunk@15795
Same kind of problems as explained and fixed in revision 15720:
In some cases, unwinding always retrieves the same pc/sp/bp.
Fix for 64 bits is similar: stop unwinding if the previous sp is >= new sp
git-svn-id: svn://svn.valgrind.org/valgrind/trunk@15794
for auditon(2) subcode of the auditsys() syscall
were removed in Solaris 12.
However they stay for Solaris 11 and illumos.
n-i-bz
git-svn-id: svn://svn.valgrind.org/valgrind/trunk@15791
When the elt to allocate is bigger than the pool size, allocate
a specific pool only for this element.
git-svn-id: svn://svn.valgrind.org/valgrind/trunk@15787
* Complain instead of asserting when negative line nr in inline info
* use a macro to factorise the complain once logic about lineno limits
git-svn-id: svn://svn.valgrind.org/valgrind/trunk@15780
The MIPS64 getdents64() system call is only present in 3.10+ kernels.
If the getdents64() system call is not available fall back to using
getdents() and modify the result to be compatible with getdents64().
This matters only when --track-fds=yes is set.
This change fixes none/tests/fdleak* failures on MIPS64 platforms with
kernel versions older than 3.10.
git-svn-id: svn://svn.valgrind.org/valgrind/trunk@15778
At many places, we have:
VG_(fun(a,b,c))
instead of
VG_(fun)(a,b,c)
So, fix these cases, found using:
grep -n -i -e 'VG_([a-z][a-z0-9_]*[^a-z0-9_)]' *.c */*.c */*/*.c
git-svn-id: svn://svn.valgrind.org/valgrind/trunk@15776
We used to set the process datasize rlimit to zero to prevent
any internal use of brk() from having any effect. But later
linux kernels redefine RLIMIT_DATA as the size of any data
areas, including some dynamic mmap memory allocations.
See bug #357833 for the commit that went into linux 4.5
changing the definition of RLIMIT_DATA. So don't mess with
RLIMIT_DATA anymore. Just remember it for use in the syscall
wrappers.
This also cleans up some hacks around the execv and spawn wrappers.
git-svn-id: svn://svn.valgrind.org/valgrind/trunk@15766
slot to 1. Rather do that in add_segment which is where the segment
refering to that name actually comes into existence.
Properly handle the case in add_segment where the to-be-added segment
and one (or more) of the segments it replaces have the same name
This may occur when doing a mremap.
git-svn-id: svn://svn.valgrind.org/valgrind/trunk@15761
aspace mgr provides VG_(am_mmap_client_heap) that mmaps memory and
marks it as being client heap memory. Marking superblock segments used
for malloc/free as heap is critical for correct leak search: segments
mmap-ed for malloc/free cannot be considered as part of the root set.
On the other hand, other mmap-ed segments cannot be marked as client
heap, otherwise these segments will not be part of the root set, and
will not be scanned.
aspacemgr merges adjacent segments when they have the same characteristics
e.g. kind, RWX and isCH (is client heap) must be the same (see function
maybe_merge_nsegments).
However, VG_(am_mmap_client_heap) has a bug:
* it first mmaps a normal segment (not marked as heap) using
VG_(am_mmap_anon_float_client)
* it then searches the segment that contains the just mmap-ed address and
marks it as heap.
The problem is that VG_(am_mmap_anon_float_client) has already
possibly merged the new segment with a neighbour segment, without
taking the to be marked isCH into account, as the newly allocated memory
has not yet been marked as Client Heap. So, this results in some memory being
marked as client heap, while it in fact is not client heap. This
memory will then not be scanned by the leak search.
The fix consists in having VG_(am_mmap_anon_float_client) and
VG_(am_mmap_client_heap) calling a new function
am_mmap_anon_float_client, which will mark (or not) the new segment as
client heap *before* trying to merge it with neighbouring segments.
Then the new (heap) segment will only be merged with neighbours that are also
client heap segments.
git-svn-id: svn://svn.valgrind.org/valgrind/trunk@15759
Current toolchains on MIPS targets that we care about are reasonably
modern and we do not need this link script exception for MIPS anymore.
This should fix issues with newer toolchain versions and .MIPS.abiflags
section.
git-svn-id: svn://svn.valgrind.org/valgrind/trunk@15754
Changed a few %s or %pS into %ps in m_addrinfo.c
(based on code reading matching the pattern given in the bug report,
as there was no reproducer).
git-svn-id: svn://svn.valgrind.org/valgrind/trunk@15753
Line numbers should correctly reflect all instructions belonging to a source line,
regardless of is_stmt value. Previously only instructions covered by
'is_stmt = 1' were attributed to a source line.
Fixes BZ#356044
git-svn-id: svn://svn.valgrind.org/valgrind/trunk@15741
Rewrite parts of VG_(parse_cpuinfo) (previously VG_(get_machine_model))
function to extract information on supported ISAs. These values are then
packed in hwcaps. This will help Valgrind better distinguish different MIPS
CPUs and raise illegal instructions when required.
git-svn-id: svn://svn.valgrind.org/valgrind/trunk@15739
Recognize correctly MIPS processors. Previously, for some of the cpu models,
Valgrind would incorrectly assume it is a regular MIPS model, as it would
find word MIPS in /proc/cpuinfo that came from "BogoMIPS" label.
git-svn-id: svn://svn.valgrind.org/valgrind/trunk@15736
The default implementation provided by __builtin functions
does very weird things.
Uncovered by Philippe's commit r15716.
git-svn-id: svn://svn.valgrind.org/valgrind/trunk@15734
On RHEL7 x86 32 bits, Valgrind unwinder cannot properly unwind
the stack just after a thread creation : the unwinder always retrieves
the same pc/sp/bp.
See below for an example.
This has as consequences that some stack traces are bigger than
needed (i.e. they always fill up the ips array). If
--merge-recursive-frames is given, then the unwinder enters in an
infinite loop (as identical frames will be merged, and the ips array
will never be filled in).
Thi patch adds an additional exit condition : after unwinding
a frame, if the previous sp is >= new sp, then unwinding stops.
Patch has been tested on debian 8/x86, RHEL7/x86.
0x0417db67 <+55>: mov 0x18(%esp),%ebx
0x0417db6b <+59>: mov 0x28(%esp),%edi
0x0417db6f <+63>: mov $0x78,%eax
0x0417db74 <+68>: mov %ebx,(%ecx)
0x0417db76 <+70>: int $0x80
=> 0x0417db78 <+72>: pop %edi
0x0417db79 <+73>: pop %esi
0x0417db7a <+74>: pop %ebx
0x0417db7b <+75>: test %eax,%eax
Valgrind stacktrace gives:
==21261== at 0x417DB78: clone (clone.S:110)
==21261== by 0x424702F: ???
==21261== by 0x424702F: ???
==21261== by 0x424702F: ???
==21261== by 0x424702F: ???
==21261== by 0x424702F: ???
==21261== by 0x424702F: ???
==21261== by 0x424702F: ???
...
(till the array of ips is full)
while gdb stacktrace gives:
(gdb) bt
#0 clone () at ../sysdeps/unix/sysv/linux/i386/clone.S:110
#1 0x00000000 in ?? ()
(gdb) p $pc
$2 = (void (*)()) 0x417db78 <clone+72>
(gdb)
With the fix, valgrind gives:
==21261== at 0x417DB78: clone (clone.S:110)
==21261== by 0x424702F: ???
which looks more reasonable.
git-svn-id: svn://svn.valgrind.org/valgrind/trunk@15729
This implements the interception of all globally public allocation
functions by default. It works by adding a flag to the spec to say the
interception only applies to global functions. Which is set for the
somalloc spec. The librarypath to match is set to "*" unless the user
overrides it. Then each DiSym keeps track of whether the symbol is local
or global. For a spec which has isGlobal set only isGlobal symbols will
match.
Note that because of padding to keep the addresses in DiSym aligned the
addition of the extra bool isGlobal doesn't actually grow the struct.
The comments explain how the struct could be made more compact on 32bit
systems, but this isn't as easy on 64bit systems. So I didn't try to do
that in this patch.
For ELF symbols keeping track of which are global is trivial. For pdb I
had to guess and made only the "Public" symbols global. I don't know
how/if macho keeps track of global symbols or not. For now I just mark
all of them local (which just means things work as previously on platforms
that use machos, no non-system symbols are matches by default for somalloc
unless the user explicitly tells which library name to match).
Included are two testcases for shared libraries (wrapmalloc) and staticly
linked (wrapmallocstatic) malloc/free overrides that depend on the new
default. One existing testcase (new_override) was adjusted to explicitly
not use the new somalloc default because it depends on a user defined
new implementation that has side-effects and should explicitly not be
intercepted.
git-svn-id: svn://svn.valgrind.org/valgrind/trunk@15726
The ELF debug info reader on Solaris now performs a quick pre-scan of section
headers for .rodata sections. If there are multiple .rodata sections
present then symbols from .symtab are scanned which section they point to.
The "true" .rodata section is thus determined.
Fixes BZ#353802.
git-svn-id: svn://svn.valgrind.org/valgrind/trunk@15719
All memory dereferences during leak search are checked either with
aspacemgr or using the VA-bits.
So, in theory, no memory fault should occur.
However, the leak search is done so as to resist to e.g.
- desynchronisation between the real pages mapped and the aspacemgr state.
- client pages mprotected against reading
- any other reason why dereferencing a client address would fail.
So, the function lc_scan_memory installs a fault catcher that
is called if a memory fault signal is raised during memory scan.
However, memory dereference is also done in the function heuristic_reachedness.
So, this function must also resist to memory fault.
This patch also installs a fault catcher for the function heuristic_reachedness.
More in details, the following changes are done:
* pub_tool_signal.h and m_signals.c :
VG_(set_fault_catcher) now returns the previously set fault catcher.
This is needed so that heuristic_reachedness/lc_scan_memory can save
and restore the previous fault catcher.
* mc_leakcheck.c:
Addition of leak_search_fault_catcher that contains the common
code for the (currently 2) fault catchers used during leak search.
* Modification of heuristic_reachedness and lc_scan_memory:
Add 2 (small) specific fault catcher that are calling the common
leak_search_fault_catcher.
* The way sigprocmask is handled has been changed:
Before this patch, lc_scan_memory was saving/restoring the procsigmask
for each scanned block (and was restoring it when the fault catcher
was longjmp-ing back to lc_scan_memory in case of SEGV or BUS.
This was causing 2 system calls for each block scanned.
Now, lc_scan_memory and heuristic_reachedness are not saving/restoring
the procmask: the work to reset the sigprocmask is only done
in leak_search_fault_catcher. This is more efficient as no syscall
anymore is done during leak search, except for (normally) unfrequent
SIGSEGV/BUS. It is also simpler as signal handling is now done at
a single place.
It is ok to reset the procmask (in fact, just remove the caught signal
from the process sigmask) as during leak search, no other activity than
the leak search is on-going, and so no other SEGV/BUS can be received
while the handler runs.
This gives moderate speed improvements for applications allocating a lot of
blocks (about 10% improvement when leak searching in 1 million small blocks).
Test case (slightly modified) by Matthias Schwarzott.
git-svn-id: svn://svn.valgrind.org/valgrind/trunk@15716
m_replacemalloc/vg_replace_malloc.c:1286:1: warning: returning 'const char *' from a function with result type 'char *' discards qualifiers [-Wincompatible-pointer-types-discards-qualifiers]
ZONE_GET_NAME(VG_Z_LIBC_SONAME, malloc_get_zone_name);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
m_replacemalloc/vg_replace_malloc.c:1283:14: note: expanded from macro 'ZONE_GET_NAME'
return vg_default_zone.zone_name; \
^~~~~~~~~~~~~~~~~~~~~~~~~
m_replacemalloc/vg_replace_malloc.c:1287:1: warning: returning 'const char *' from a function with result type 'char *' discards qualifiers [-Wincompatible-pointer-types-discards-qualifiers]
ZONE_GET_NAME(SO_SYN_MALLOC, malloc_get_zone_name);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
m_replacemalloc/vg_replace_malloc.c:1283:14: note: expanded from macro 'ZONE_GET_NAME'
return vg_default_zone.zone_name; \
^~~~~~~~~~~~~~~~~~~~~~~~~
m_replacemalloc/vg_replace_malloc.c:1286:1: warning: returning 'const char *' from a function with result type 'char *' discards qualifiers [-Wincompatible-pointer-types-discards-qualifiers]
ZONE_GET_NAME(VG_Z_LIBC_SONAME, malloc_get_zone_name);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
m_replacemalloc/vg_replace_malloc.c:1283:14: note: expanded from macro 'ZONE_GET_NAME'
return vg_default_zone.zone_name; \
^~~~~~~~~~~~~~~~~~~~~~~~~
m_replacemalloc/vg_replace_malloc.c:1287:1: warning: returning 'const char *' from a function with result type 'char *' discards qualifiers [-Wincompatible-pointer-types-discards-qualifiers]
ZONE_GET_NAME(SO_SYN_MALLOC, malloc_get_zone_name);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
m_replacemalloc/vg_replace_malloc.c:1283:14: note: expanded from macro 'ZONE_GET_NAME'
return vg_default_zone.zone_name; \
^~~~~~~~~~~~~~~~~~~~~~~~~
No regressions on OS X 10.10
Before:
== 596 tests, 219 stderr failures, 10 stdout failures, 0 stderrB failures, 0 stdoutB failures, 30 post failures ==
After:
== 596 tests, 219 stderr failures, 10 stdout failures, 0 stderrB failures, 0 stdoutB failures, 30 post failures ==
git-svn-id: svn://svn.valgrind.org/valgrind/trunk@15712
Also enhance consistency of formatting for x86 OS X section.
No regressions on OS X 10.10
Before:
== 596 tests, 219 stderr failures, 10 stdout failures, 0 stderrB failures, 0 stdoutB failures, 30 post failures ==
After:
== 596 tests, 219 stderr failures, 10 stdout failures, 0 stderrB failures, 0 stdoutB failures, 30 post failures ==
git-svn-id: svn://svn.valgrind.org/valgrind/trunk@15706
that the prerequisites for lock elision are met. Then it may use TBEGIN
and other transactional-execution instructions which are not implemented
by Valgrind. Likewise, the upcoming glibc 2.23 will exploit vector
instructions if they are advertised by HWCAP; and those are currently
not implemented by Valgrind either. In general, the increased use of
ifunc may lead to more such cases in the future.
This patch suppresses the advertising of those hardware features via
HWCAP which are either not known to Valgrind or currently unsupported.
Patch by Andreas Arnez (arnez@linux.vnet.ibm.com).
Fixes BZ #353680.
git-svn-id: svn://svn.valgrind.org/valgrind/trunk@15702
