Make sure ptr is safe_to_deref if not NULL.
Also fixup some corner case error return codes.
We have to do that ourselves since we never actually call into the kernel.
Found by LTP testcases/kernel/syscalls/modify_ldt/modify_ldt01.
git-svn-id: svn://svn.valgrind.org/valgrind/trunk@15995
Since we try to modify the old/new sigaction handler before passing it
to the kernel we must make sure that (if they aren't NULL) it is safe
to use. If not we should bail out early with EFAULT.
Bug #369362
Found by LTP testcases/kernel/syscalls/rt_sigaction/rt_sigaction02.
git-svn-id: svn://svn.valgrind.org/valgrind/trunk@15994
Since we want to use the set and oldset for bookkeeping we also want
to make sure they are addressable otherwise, like the kernel, we EFAULT.
Also use EINVAL instead of EMFILE as failure when sigset size is wrong.
Found by LTP testcases/kernel/syscalls/rt_sigprocmask/rt_sigprocmask02.
git-svn-id: svn://svn.valgrind.org/valgrind/trunk@15992
Also stop checking when max length of bytes have been reached.
Bug #369359
Found by LTP testcases/kernel/syscalls/recvmsg/recvmsg01.
git-svn-id: svn://svn.valgrind.org/valgrind/trunk@15991
Don't do any more checks if it isn't safe to inspect the address family.
Likewise, don't check sun_path if the string address isn't safe.
Found by LTP testcases/kernel/syscalls/bind/bind01.
git-svn-id: svn://svn.valgrind.org/valgrind/trunk@15990
At startup valgrind fetches the current working directory and stashes
it away to be used later (in debug messages, read config files or create
log files). But if the current working directory didn't exist (or there
was some other error getting its path) then valgrind would go in an
endless loop. This was caused by assuming that any error meant a larger
buffer needed to be created to store the cwd path (ERANGE). However
there could be other reasons calling getcwd failed.
Fix this by only looping and resizing the buffer when the error is
ERANGE. Any other error just means we cannot fetch and store the current
working directory. Fix all callers to check get_startup_wd() returns
NULL. Only abort startup if a relative path needs to be used for
user supplied relative log files. Debug messages will just show
"<NO CWD>". And skip reading any config files from the startup_wd
if it doesn't exist.
Also add a new testcase that tests executing valgrind in a deep,
inaccessible and/or non-existing directory (none/tests/nocwd.vgtest).
git-svn-id: svn://svn.valgrind.org/valgrind/trunk@15989
Update the libiberty demangler using the auxprogs/update-demangler
script. There were various extensions and bug fixes since our last
import. Add new D language demangler file d-demangle.c and update
the vg_libciface.h header with some new constructs used (strtol,
xmalloc_failed, xmemdup, XDELETEVEC, XDUPVEC).
Resolves bug #359181 - Buffer Overflow during Demangling.
git-svn-id: svn://svn.valgrind.org/valgrind/trunk@15951
Nr of callers in a suppression entry had a smaller limit than the max
for --num-callers.
This means it was not possible to precisely suppress an error with a big
stack trace.
Also, --gen-suppressions was not providing the full stack trace of
the error in the generated suppressions.
Now, a suppression entry can have the same nr of callers as a backtrace.
Generated suppressions are generated with up to --num-callers callers.
This change has neglectible impact :
* memory: stack array of 500*2 words is declared, instead of 24*2 words
This array is declared on the interim stack (startup stack), which is
largely big enough.
* cpu : neglectible more cpu needed to read suppression entries
(to initialise the bigger stack array when reading a supp entry),
Apart of the above, no impact on performance (unless of course bigger
supp entries are really used).
Note that this does not impact the behaviour for existing suppression files.
git-svn-id: svn://svn.valgrind.org/valgrind/trunk@15945
Kernel allocates another page after fork and we have to
keep aspacemgr's point of view consistent.
n-i-bz
git-svn-id: svn://svn.valgrind.org/valgrind/trunk@15937
SUNWDTRACE program header. Newer Solaris no longer utilizes
this program header as a scratchspace for DTrace fasttrap
provider, before libc is loaded.
For the time being, it serves as a space for initial thread
pointer.
n-i-bz
git-svn-id: svn://svn.valgrind.org/valgrind/trunk@15936
With this patch, MIPS32 Valgrind compiled with -mfpxx can handle all types
(regarding FP_ABI flag) of MIPS32 ELFs.
- Functions arch_elf_pt_proc() and arch_check_elf() are added to elf reader
according to linux/fs/binfmt_elf.c from Linux 4.1;
- Processing .MIPS.abiflags section and initializing appropriate FPU mode
for MIPS32 are added;
- Emulation of prctl(GET/SET_FP_MODE) sys-calls are implemented for MIPS32.
Patch by Aleksandar Rikalo <Aleksandar.Rikalo@imgtec.com>
Related VEX change: r3243.
This implements BZ#366079.
git-svn-id: svn://svn.valgrind.org/valgrind/trunk@15934
Unlikely as it seems, this saves a considerable number of instructions (2% of total)
on very heap-intensive code (perf/heap.c).
git-svn-id: svn://svn.valgrind.org/valgrind/trunk@15926
See below discussion for more details.
On Sat, 2016-07-02 at 14:20 +0200, Philippe Waroquiers wrote:
> I am testing a patch (provided by Julian) that solves a false positive
> memcheck found at my work.
>
> Testing this, I decided to run valgrind under valgrind (not done since
> a long time).
>
> This shows a leak in many tests, the stack trace being such as:
> ==26246== 336 bytes in 21 blocks are definitely lost in loss record 72 of 141
> ==26246== at 0x2801C01D: vgPlain_arena_malloc (m_mallocfree.c:1855)
> ==26246== by 0x2801D616: vgPlain_arena_strdup (m_mallocfree.c:2528)
> ==26246== by 0x2801D616: vgPlain_strdup (m_mallocfree.c:2600)
> ==26246== by 0x2801F5AD: vgPlain_redir_notify_new_DebugInfo (m_redir.c:619)
> ==26246== by 0x2803B650: di_notify_ACHIEVE_ACCEPT_STATE (debuginfo.c:771)
> ==26246== by 0x2803B650: vgPlain_di_notify_mmap (debuginfo.c:1067)
> ==26246== by 0x2806589C: vgModuleLocal_generic_PRE_sys_mmap (syswrap-generic.c:2368)
> ==26246== by 0x2809932A: vgSysWrap_amd64_linux_sys_mmap_before (syswrap-amd64-linux.c:637)
> ==26246== by 0x28061E11: vgPlain_client_syscall (syswrap-main.c:1906)
> ==26246== by 0x2805E9D2: handle_syscall (scheduler.c:1118)
> ==26246== by 0x280604A6: vgPlain_scheduler (scheduler.c:1435)
> ==26246== by 0x2806FF87: thread_wrapper (syswrap-linux.c:103)
> ==26246== by 0x2806FF87: run_a_thread_NORETURN (syswrap-linux.c:156)
>
>
> The strdup call in m_redir.c:619 was introduced by r15726.
>
> However, I am not sure this is a bug that is introduced by this change,
> or if it just reveals a leak that was already there.
> The "very original" replacement logic did not do memory allocation for
> the replacement: see m_redir.c in valgrind 3.10.1 : it was just copying
> some chars from VG_(clo_soname_synonyms) to demangled_sopatt
Yes, it should do exactly the same as the other code paths. If
replaced_sopatt != NULL then it is an allocated string that has been
assigned to demangled_sopatt. I had assumed that would take care of the
life-time issues of the allocated string. But now that I read the code
it is indeed not so clear.
> Then in 3.11, the fixed size demangled_sopatt was changed to be
> a dynamically allocated buffer.
> The revision log 14664 that introduced this explains that the ownership of
> returned buffer is not easy. It tells at the end:
> "So the rule of thunb here is: if in doubt strdup the string."
>
> but now we have to see when to free what, it seems ???
>
> Any thoughts ?
So if replaced_sopatt != NULL, then demangled_sopatt contains the
allocated string, and it is then immediately copied and assigned to
spec->from_sopatt. After that it is used under check_ppcTOCs. But there
it will first be reassigned a new value through maybe_Z_demangle
(overwriting any existing string being pointed to). So for this
particular leak it seem fine to free it right after the spec[List] has
been initialized (line 642).
Cheers,
Mark
git-svn-id: svn://svn.valgrind.org/valgrind/trunk@15898
Don't check or try to copy sigmask if it is NULL. The sigmask might be
given in a struct, where the length is non-zero, but the signal set
pointer is NULL.
Testcase provided by Paul Eggert <eggert@cs.ucla.edu>.
git-svn-id: svn://svn.valgrind.org/valgrind/trunk@15893
bz#354883
Whilst I’ve seen different magic_delta values on one of my older development machines (Intel Nehalem-based), enough other users have reported success with this change.
If this causes regressions, please report your hardware details in our Bugzilla.
Regression test output on OS X 10.11
Before:
== 601 tests, 223 stderr failures, 12 stdout failures, 0 stderrB failures, 0 stdoutB failures, 31 post failures ==
After:
== 601 tests, 223 stderr failures, 12 stdout failures, 0 stderrB failures, 0 stdoutB failures, 31 post failures ==
git-svn-id: svn://svn.valgrind.org/valgrind/trunk@15891
The msg telling brk cannot be extended confuses some users
so improve the documentation and have the msg referencing the doc.
git-svn-id: svn://svn.valgrind.org/valgrind/trunk@15880
Raise limit for sizeof(TTEntryC) due to 8-byte alignement requirement for
ULong on mips32 platforms. It is a follow up to the same change on ppc32
(see r15875), and it un-breaks mips32-linux (broken with r15784).
git-svn-id: svn://svn.valgrind.org/valgrind/trunk@15876
layout constraints are different from x86-ELF and so the assertion on
the sizeof(TTEntryC) fails on ppc32-linux.
git-svn-id: svn://svn.valgrind.org/valgrind/trunk@15875
TTEntryH and TTEntryC. TTEntryH is a VexGuestExtents plus one more
field. For scenarios involving a lot of code discarding, when the
fast-path discard mechanism does not apply, this change reduces
significantly the number of LLC misses, because such discarding
involves sequentially searching the arrays of TTEntryH's. For recent
Firefoxes the miss rate in a 6MB L3 cache is reduced by about 1/3, as
measured by /usr/bin/perf.
git-svn-id: svn://svn.valgrind.org/valgrind/trunk@15874
for Elf{32,64}_Chdr. This is fallout from r15868. That commit provided
a configure test, but the resulting config.h was not included here, causing
the test results to be ignored.
git-svn-id: svn://svn.valgrind.org/valgrind/trunk@15869
- zlib ELF gABI format with SHF_COMPRESSED flag (gcc option -gz=zlib)
- zlib GNU format with .zdebug sections (gcc option -gz=zlib-gnu)
Patch by: Aleksandar Rikalo <aleksandar.rikalo@imgtec.com>
Fixes BZ#303877
git-svn-id: svn://svn.valgrind.org/valgrind/trunk@15868
early during main initialization, before the threads are
created and scheduler is initialized.
Fixes BZ#362009
git-svn-id: svn://svn.valgrind.org/valgrind/trunk@15867
correctly
Forgot to add the new files to the previous commit 15864.
coregrind/m_gdbserver/power64-core2-valgrind-s1.xml
coregrind/m_gdbserver/power64-core2-valgrind-s2.xml
coregrind/m_gdbserver/power-vsx-valgrind-s1.xml
coregrind/m_gdbserver/power-vsx-valgrind-s2.xml
coregrind/m_gdbserver/power-vsx.xml
Bugzilla 360008 was opened for this issue.
git-svn-id: svn://svn.valgrind.org/valgrind/trunk@15866
correctly
1) Fix Endianess issue that was missed in the BE to LE port. GDB was
not displaying the contents of the 64-bit and 128-bit registers
correctly due to an Endianess issue.
2) Fix displaying the shadow registers for the 64-bit and 128-bit
registers.
Bugzilla 360008 was opened for this issue.
git-svn-id: svn://svn.valgrind.org/valgrind/trunk@15864
is no longer needed. The situation with multiple ".rodata" sections existed
only between dozens of builds of Solaris 12.
Fixes BZ#360749
git-svn-id: svn://svn.valgrind.org/valgrind/trunk@15853
