Normally a newly recreated file descriptor gets the lowest number
available. This might cause old file descriptor numbers to be reused
and hides bad file descriptor accesses (because the old number is
new again).
When enabled, when the program opens a new file descriptor,
the highest available file descriptor is returned instead of the
lowest one.
Add the none/tests/track_new.stderr.exp test to test this new option.
Adjust none/tests/filter_fdleak to filter the track_new.vgtest,
removing some internal glibc functions from the backtraces and remove
symbol versioning. The output of the use_after_close test also had to
be adjusted. Also adjust the none/tests/cmdline1 and
none/tests/cmdline2 output as the new --modify-fds=no|high is
displayed.
Paul Floyd [Tue, 15 Apr 2025 18:39:22 +0000 (20:39 +0200)]
nightly: fix check for Illumos libc
On Illumos `uname -o` outputs "illumos". We weren't testing for
that so it fell through to the Linux block which runs libc.so to
get the version string. On Illumos that outputs
s390x: Regtest integration of none/tests/s390x/disasm-test
The checker requires objdump --version >= 2.44
Add command line flag --check-prereq to disasm-test and use it in
disasm-test.vgtest.
New file none/tests/s390x/disasm-test/disasm-test.post.exp as the
checker is run in the "post" hook.
This patch makes VEX disassembly match objdump disassembly for
objdump versions >= 2.44. Prior objdump versions did not handle the
nuances of the "rotate and ..." set of opcodes and there was also a
bug disassembling BC insns.
Paul Floyd [Sat, 12 Apr 2025 21:57:58 +0000 (23:57 +0200)]
Illumos regtest: use LC_ALL=C for execx test
There's an uninitialized read in /usr/bin/printf when using the
default en_US.UTF-8 locale. This isn't a printf test, and using
the C locale makes the error go away.
4095 is not a valid bfp rounding mode and the old implementation of
s390_irgen_SRNMB let it slide by with a warning. However, POP calls for a
specification exception in this case. This is what this patch changes.i
It also eliminates the s390_irgen_srnmb_wrapper function along the way.
While adjusting none/tests/s390x/srnmb.* I noticed that the line
number shown in the specification exception is incorrect. This
is not a regression. It has been incorrect before as well.
I have opened https://bugs.kde.org/show_bug.cgi?id=502729 fro the line
number issue.
Paul Floyd [Sat, 12 Apr 2025 16:27:06 +0000 (18:27 +0200)]
Illumos regtest: add 'illumos' to os_test and turn off a few tests
The threadname tests fail on Illumos. Solaris has a syscall,
sys_lwp_name, which we intercept and record. Illumos doesn't
have that, with the pthread name functions looking ofr the name in /proc
That's not implemented in Valgrind so I'm turning those 2 tests off.
The other 3 are all based on none faultstatus. This test checks 4 things,
one of which is reading from a 32k mmap that is PRIVATE and READ but is
only backed by a 16k file. All other OSes generate a SIGBUS. Illumos
just reads 0 from the address.
Paul Floyd [Wed, 9 Apr 2025 06:49:52 +0000 (08:49 +0200)]
Helgrind: Fixes for ETIMEDOUT
pthread_rwlock_timedrdlock and pthread_rwlock_clockrdlock were
generating API errors if they timed out. This fixes that and
only generates API errors for non-zero and non-ETIMEDOUT
return codes.
Paul Floyd [Thu, 3 Apr 2025 17:56:51 +0000 (19:56 +0200)]
Illumos helgrind: fix for pthread_rwlock_timedrdlock and pthread_rwlock_timedrwlock
On Illumos these two functions are implemented by calling
pthread_rwlock_clockrdlock and pthread_rwlock_clockwrlock respectively.
Since we intercept both it was appearing as though the lock was being
taken recursively when it wasn't. Fixed it by using a static flag for each
and not callinng the client requests if already in a call to the timed
functions.
I think that musl also does this but, ho-hum, Helgrind has never worked on musl.
Andreas Arnez [Thu, 3 Apr 2025 15:40:03 +0000 (17:40 +0200)]
s390x: Support the PPA instruction
The perform processor assist (PPA) instruction provides the CPU with
special execution hints. It belongs to the processor-assist facility,
which shares facility bit 49 with the execution-hint and load-and-trap
facilities and with the miscellaneous-instruction-extensions facility 1.
Implementing PPA enables setting facility bit 49 to one. Similar to other
execution hint instructions, implement PPA as a no-op for now.
Andreas Arnez [Thu, 3 Apr 2025 17:07:32 +0000 (19:07 +0200)]
s390x: Reflect renaming of DFP insns in opcode checker
After renaming various DFP instructions to their new name, reflect this in
s390-check-opcodes.pl by ignoring their old names, so the checker doesn't
complain about mismatches.
Also, add the missing documentation in s390-opcodes.csv about the fact
that the "with rounding mode" instruction versions cgdtra, cgxtra, and
cxgtra are implemented.
s390x: Add missing s390_insn_assert for non-vector opcodes
Based on the specification in disasm-test/opcode.c
With a few corrections:
- kma: tighten up the assert
- cdftr, cxftr: no emulation failure when floating-point-extension
facility is not installed
- cgdtra, cgxtra: check for floating-point-extension facility
- ltdtr, ltxtr, lxdtr: check for DFP facility
Andreas Arnez [Wed, 2 Apr 2025 17:52:26 +0000 (19:52 +0200)]
Bug 502324 - Add test case for TMx memcheck false positives
Add a regression test for Bug 502324. Before the bug was fixed, this test
failed with various "conditional jump or move depends on uninitialised
value(s)" messages.
Andreas Arnez [Wed, 2 Apr 2025 17:52:26 +0000 (19:52 +0200)]
Bug 502324 - s390x: Fix memcheck false positives with TM/TMY
If the condition code of TM/TMY is generated in a different block than it
is used, memcheck can yield false positives for a partially initialized
value even if the checked bits are all defined.
Fix this by storing the operand ANDed with the mask in the flags thunk,
instead of the unmodified operand. This enables memcheck to track the
defined bits correctly.
Andreas Arnez [Wed, 2 Apr 2025 17:52:26 +0000 (19:52 +0200)]
Bug 502324 - s390x: Fix memcheck false positives with TMxx
The 16-bit "test under mask" instructions TMLL, TMLH, TMHL, and TMHH can
yield memcheck false positives when:
* some of the operand bits in the tested 16-bit chunk (but outside the
mask) are undefined
* the resulting condition code is used in a different block
In this case the condition code is computed by the helper
s390_call_calculate_cond, with the full 16-bit chunk and the given mask as
arguments. Since the 16-bit chunk is not fully defined, memcheck
complains.
To fix this, AND the operand with the given mask before storing it for use
as a helper argument. Also, optimize the frequent case of testing a
single bit. For this purpose, add S390_CC_OP_BITWISE2 as a new way of
computing the condition code.
Andreas Arnez [Tue, 1 Apr 2025 15:21:16 +0000 (17:21 +0200)]
Bug 502288 - s390x: Fix false positive with NNPA pad elements
The size of the non-pad elements in the last dimension of NNPA tensors is
computed incorrectly. This can lead to memcheck false positives that look
like this:
==3180208== Syscall param NNPA(in_tensor_1) points to uninitialised byte(s)
Andreas Arnez [Tue, 1 Apr 2025 14:25:05 +0000 (16:25 +0200)]
s390x: Reflect ppno -> prno renaming in opcode checker
After consequently renaming ppno to prno, the tool s390-check-opcodes.pl
complains:
*** opcode prno is implemented but CSV file does not say so
*** opcode ppno is not implemented but CSV file says so
*** opcode ppno is not handled by the decoder
Fix this by renaming to "prno" in s390-opcodes.csv as well and declaring
"ppno" instead of "prno" as an alias in s390-check-opcodes.pl.
Andreas Arnez [Tue, 1 Apr 2025 14:25:05 +0000 (16:25 +0200)]
Bug 498421 - s390x: Add BPP, BPRP, and NIAI insns
Add support for the branch prediction preload (BPP), branch prediction
relative preload (BPRP), and next instruction access intent (NIAI)
instructions. These instructions just provide performance hints to the
CPU and have no other effect on program execution. Thus implement them as
no-ops.
Florian Krohm [Sun, 30 Mar 2025 21:20:01 +0000 (21:20 +0000)]
s390x disasm-text: Update to support all implemented opcodes
A few opcodes are commented out in opcode.c because test generation
cannot handle the constraint.
For some opcodes (e.g. fixbra) VEX runs out of memory. Work around
that by calling vex_reset. Also add a tweak so we won't segfault
when generating tests for EXRL.
Change function names from e.g. s390_irgen/emit_LDXBR to
s390_irgen/emit_LDXBRA because LDXBR does not have m3 and m4 operands.
Adjust the returned mnemonic accordingly.
New function s390_format_RRF_UUFF2 for FI[DEX]BRA.
Add adtra_like_disasm to disassemble opcodes for DFP arithmetic.
Part of fixing https://bugs.kde.org/show_bug.cgi?id=495817
Mark Wielaard [Sun, 30 Mar 2025 15:38:21 +0000 (17:38 +0200)]
Handle top __syscall_cancel frames when getting stack traces
Since glibc 2.41 there are extra frames inserted before doing a
syscall to support proper thread cancellation. This breaks various
suppressions and regtests involving checking syscall arguments.
Solve this by removing those extra frames from the top of the call
stack when we are processing a linux system call.
Mark Wielaard [Sun, 30 Mar 2025 11:08:55 +0000 (13:08 +0200)]
filter_gdb.in: filter out __libc_do_syscall
On i386 and armhf __libc_do_syscall might be used to invoke a syscall.
Replace __libc_do_syscall with "in syscall ..." and filter out
possible extra (assembly) source file lines containing
libc-do-syscall.S from the gdb output.
Change function names from e.g. s390_irgen/emit_CEFBR to
s390_irgen/emit_CEFBRA because CFEBR does not have m3 and m4 operands.
Adjust the returned mnemonic accordingly.
New functions fp_convf_disasm and fp_convt_disasm.
Part of fixing https://bugs.kde.org/show_bug.cgi?id=495817
Mark Wielaard [Fri, 28 Mar 2025 12:44:35 +0000 (13:44 +0100)]
filter_gdb.in: __syscall_cancel_arch is just in a syscall
Since glibc 2.41 some extra syscall_cancel frames are inserted before
that actual syscall is made. Just filter out __syscall_cancel_arch
from the gdb output and replace it with "in syscall ..." to make the
regtest .exp match.
Florian Krohm [Thu, 27 Mar 2025 16:30:03 +0000 (16:30 +0000)]
s390x: PRNO tidy
The mnemonics PRNO and PPNO denote the same opcode. Both names were used
in the code. Not anymore. From now on: consistent naming PRNO / prno
While I was at it:
- Remove left-overs from the early days when PRNO was implemented by means
of dirty helpers.
- Fix disassembly to use "prno".
- Fix a bug in s390_irgen_DFLTCC which was using "ppno" as mnemonic.
Florian Krohm [Mon, 24 Mar 2025 21:53:11 +0000 (21:53 +0000)]
s390x: disasm-test: prepare for AR and FPR register support
- New function random_reg to replace random_gpr, random_vr.
- New function unique_reg to replace unique_gpr, unique_vr.
- New function choose_reg_and_iterate to handle register operands whose
values are constrained, e.g. only even registers.
- Do not call unique_reg for a register operand whose values are constrained.
Florian Krohm [Mon, 24 Mar 2025 14:44:07 +0000 (14:44 +0000)]
s390x: disasm-test tweaks
- Give error messages a prefix.
- Do not segfault when the .dump file is empty. This happens when the
generated testcase has compiler errors.
- Avoid a file leak when reading the .dump file causes an I/O error.
Florian Krohm [Fri, 21 Mar 2025 23:08:49 +0000 (23:08 +0000)]
s390x: Fix disassembly for vector insns
This was painful because there is a lot of irregularity in the
extended mnemonics. There is also a double-maintenance issue because
S390_DISASM is used both in guest_s390_to_IR.c and in the 'emit'
functions in host_s390_defs.c. It might be worth exploring whether
the objdump disassembler can be extracted from binutils and re-used
here. That way the disassembly would be correct by construction.
And the double maintenance would go away.
Fix a few things alongside:
- In s390_format_VRI_VIM: is is a signed 16-bit value. So it needs to be
sign-extended. Fixes disassembly for VLEI[BHFG]
- Fix function dvb_operand. v0 is not special.
- In s390_format_VRX_VRRDM pass forgotten m3 to S390_DISASM.
- In s390_irgen_VCNF: remove s390_insn_assert. VCNF does not have
specification exceptions.
- Opcope VFLL has no mask m5. So s390_format_VRRa_VVMMM is the wrong format
function. Change it to s390_format_VRRa_VVMM.
In s390_irgen_VFLL: the value of m5 is not used in s390_vector_fp_convert
because rounding == False. So, essentially, m5 is a don't care.
- Add VRR_v3 and use it when a vector register is meant (instead of VRR_r3)
- Add VRR_v4 and use it when a vector register is meant (instead of VRR_m4)
- Add VRS_r3 and use it when a GPR is meant (instead of VRS_v3)
- Add VRR_r2 and use it when a GPR is meant (instead of VRR_v2)
- Add field-access macros for the VRV opcode format. Use them.
- Add field-access macros for the VRIb opcode format. Use them.
- Add field-access macros for the VRIc opcode format. Use them.
- Add field-access macros for the VRSc opcode format. Use them.
Part of fixing https://bugs.kde.org/show_bug.cgi?id=495817
Martin Cermak [Tue, 18 Mar 2025 17:17:30 +0000 (18:17 +0100)]
Wrap linux specific userfaultfd syscall
userfaultfd takes a flags argument and returns a file descriptor.
It shows up in the Linux Test Project syscalls tests as unhandled.
Declare a sys_userfaultfd wrapper in priv_syswrap-linux.h and hook it
for {amd64,arm,arm64,mips64,nanomips,ppc32,ppc64,riscv64,s390x,x86}-linux
using LINXY with PRE/POST handlers in syswrap-linux.c.
Define __NR_userfaultfd in vki-scnums-s390x-linux.h. It was already
defined for all other arches.
Florian Krohm [Sat, 15 Mar 2025 23:18:59 +0000 (23:18 +0000)]
s390x: Rework s390_disasm interface (BZ 498942)
The way extended mnemonics were communicated to s390_disasm was a bit messy
and, more importantly, error prone. The primary reason is that extended
mnemonics were added late in the game (at the time) and sort of force-fitted
on top of the existing scheme. Here are a few examples showing the new
way of doing things:
The arguments to S390_DISASM are essentially constructors for the various
opcode fields. They appear in the same order as written in Principles of Ops.
Florian Krohm [Sat, 15 Mar 2025 22:29:30 +0000 (22:29 +0000)]
s390x: misc. fixes pertaining to vector insns
This patch is fall-out from working on fixing the disassembly for
the vector insns.
Specifically:
1) replace vassert with s390_insn_assert where appropriate
2) add missing s390_insn_asserts (many)
3) remove incorrect s390_insn_asserts (few)
4) check availability of vector opcodes based on hardware capabilities
and issue an emulation failure if opcode is not available
5) fix a typo in a mnemonic: vfspo -> vfpso
6) inline function s390_vr_get_n_elem
Part of fixing https://bugs.kde.org/show_bug.cgi?id=495817
Florian Krohm [Wed, 12 Mar 2025 23:10:06 +0000 (23:10 +0000)]
s390x: Fix BZ 496950
Adding a new hardware capability requires changes in several places.
Generally for a new FOO hardware capability:
- add VEX_HWCAPS_S390X_FOO and update VEX_HWCAPS_S390X_ALL in libvex.h
- test the corresponding facility bit in m_machine.c
- add s390_host_has_foo in host_s390_defs.h
- if an insn requiring FOO cannot be implemented on the host by other means
- add EmFail_S390X_foo in libvex_emnote.h
- handle EmFail_S390X_foo in main_main.c
- update function show_hwcaps_s390x
Occasionally something gets forgotten and this patch adds the forgotten
pieces.
Also add new hardware capabilities vxe2, vxd, msa, msa4, msa8, msa9
Mark Wielaard [Wed, 12 Mar 2025 12:57:19 +0000 (13:57 +0100)]
add_hardwired_spec for ld-linux-x86-64.so.2 memcmp
With RPATH processing ld.so compiled for x86-64-v3 uses an optimized
avx2 memcmp (bcmp) which causes (false postive) memcheck invalid reads
of size 32 warnings.
Fix this my adding a hardwire spec with a simpler memcmp for
ld-linux-x86-64.so.2.
Florian Krohm [Mon, 10 Mar 2025 12:36:21 +0000 (12:36 +0000)]
s390x: disasm-test: Fix thinko
Remove verbiage about limited support for opcodes with optional operands.
Optional operands are of no concern for disassembly. The reason is that
disassembly sees as its input only a sequence of bytes which have no
indication as to whether some of its bits were explicitly specified or not.
We're testing the disassembler here - not the assembler.
Mark Wielaard [Sun, 9 Mar 2025 15:46:50 +0000 (16:46 +0100)]
docs/Makefile.am: Make sure xml catalog file exists for xmllint check
When XML_CATALOG_FILES don't exist on the system xmllint will have to
query those files through various websites. When there is a network
error xmllint will fail. So make sure to only run the validity tests
when both xmllint and XML_CATALOG_FILES exists.
Mark Wielaard [Sun, 9 Mar 2025 14:59:29 +0000 (15:59 +0100)]
coregrind/m_debuginfo: don't try to examine zero sized mmapped files
When run on an nfs filesystem memcheck/tests/pointer-trace fails
because it generates warnings "connection to image failed". This is
caused by trying to mmap a deleted file which the nfs file system
represents as a (hidden) regular file. This is normally not a problem
except when that file is empty.
Fix this by not trying to check whether a file is an ELF or MACHO
against an empty (regular) file in di_notify_mmap. An empty file is
never a valid ELF or MACHO file (and cannot be represented as
DiImage).
Paul Floyd [Fri, 7 Mar 2025 06:00:26 +0000 (07:00 +0100)]
FreeBSD regtest: getrlimitusage on arm64
Resident memory isn't stable even when truncated to a
multiple of ten milllion. I.e., zero digits of useful precision.
So just set this field to zero like the other flaky values.
Florian Krohm [Thu, 6 Mar 2025 17:42:05 +0000 (17:42 +0000)]
s390x: Add disassembly checker (Bug 498037)
Add program disasm-test to check that s390_disasm generates the same
disassembly for a given insn than objdump -d does. The focus is on insns
that have extended mnemonics most of which are vector insns.
The checker resides in none/tests/s390x/disasm-test with comprehensive
documentation in the README file there.
It is integrated into the regression testing framework but currently
disabled, because s390_disasm has not been fixed yet.
Mark Wielaard [Sat, 28 Dec 2024 00:29:58 +0000 (01:29 +0100)]
riscv64: Add hardwire for ld-linux-riscv64-lp64d.so.1 strcmp
When using dlopen ld.so can end up in glibc strcmp_unaligned_loop
which causes undefined reads. Hardwire strcmp for ld.so with a simple
assembly implementation.
Mark Wielaard [Sat, 14 Dec 2024 22:11:57 +0000 (22:11 +0000)]
VEX/priv/guest_riscv64_toIR.c: Recognize both fence and fence.tso
fence.tso is used for __atomic_thread_fence (__ATOMIC_ACQ_REL)
There are 3 fence variants.
fence.tso fm set to 1000 and pred and succ both set to 0011.
fence with fm set to 0000 and pred and succ both set to 1111.
fence with fm set to 0000 and pred and succ with some iorw flags set.
Mark Wielaard [Tue, 24 Dec 2024 23:36:53 +0000 (00:36 +0100)]
none/tests/riscv64/integer.c: replace zero by a1
Using zero will produce an gas Error: illegal operands `la zero,0'
https://sourceware.org/bugzilla/show_bug.cgi?id=32496
Simplest seems to be to replace the usage of "zero" in the branch
instruction tests by "a1". It seems that does test something similar
that isn't tested before.
Petr Pavlu [Tue, 11 Apr 2023 19:30:43 +0000 (19:30 +0000)]
riscv64: Add initial support: test modifications
The following people contributed to the initial RISC-V support:
Petr Pavlu <petr.pavlu@dagobah.cz>
Xeonacid <h.dwwwwww@gmail.com>
laokz <laokz@foxmail.com>
Chelsea E. Manning <me@xychelsea.is>
zhaomingxin <zhaomingxin.zmx@alibaba-inc.com>
Jojo R <rjiejie@linux.alibaba.com>
Some integration fixes were added by Mark Wielaard <mark@klomp.org>
- helgrind/tests/tc11_XCHG.c: Fix XCHG_M_R guard
Petr Pavlu [Tue, 11 Apr 2023 19:30:43 +0000 (19:30 +0000)]
riscv64: Add initial support: VEX modifications
The following people contributed to the initial RISC-V support:
Petr Pavlu <petr.pavlu@dagobah.cz>
Xeonacid <h.dwwwwww@gmail.com>
laokz <laokz@foxmail.com>
Chelsea E. Manning <me@xychelsea.is>
zhaomingxin <zhaomingxin.zmx@alibaba-inc.com>
Jojo R <rjiejie@linux.alibaba.com>
projects / thirdparty / valgrind.git / log
