/memcheck/tests/bug287260
/memcheck/tests/bug340392
/memcheck/tests/bug464969_d_demangle
+/memcheck/tests/bug472219
/memcheck/tests/calloc-overflow
/memcheck/tests/cdebug_zlib
/memcheck/tests/cdebug_zlib_gnu
Assertion 'resolved' failed
470830 Don't print actions vgdb me ... continue for vgdb --multi mode
470978 s390x: Valgrind cannot start qemu-kvm when "sysctl vm.allocate_pgste=0"
+472219 Syscall param ppoll(ufds.events) points to uninitialised byte(s)
To see details of a given bug, visit
https://bugs.kde.org/show_bug.cgi?id=XXXXXX
struct vki_pollfd *, fds, unsigned int, nfds,
struct vki_timespec *, timeout, vki_sigset_t *, newsigmask);
- if (ML_(safe_to_deref)(fds, ARG2*sizeof(struct vki_pollfd))) {
- for (i = 0; i < ARG2; i++) {
- PRE_MEM_READ( "ppoll(fds.fd)",
- (Addr)(&fds[i].fd), sizeof(fds[i].fd) );
+ for (i = 0; i < ARG2; i++) {
+ PRE_MEM_READ( "ppoll(fds.fd)",
+ (Addr)(&fds[i].fd), sizeof(fds[i].fd) );
+ if (ML_(safe_to_deref)(&fds[i].fd, sizeof(fds[i].fd)) && fds[i].fd >= 0) {
PRE_MEM_READ( "ppoll(fds.events)",
(Addr)(&fds[i].events), sizeof(fds[i].events) );
- PRE_MEM_WRITE( "ppoll(fds.revents)",
- (Addr)(&fds[i].revents), sizeof(fds[i].revents) );
}
+ PRE_MEM_WRITE( "ppoll(fds.revents)",
+ (Addr)(&fds[i].revents), sizeof(fds[i].revents) );
}
if (ARG3) {
for (i = 0; i < ARG2; i++) {
PRE_MEM_READ( "poll(ufds.fd)",
(Addr)(&ufds[i].fd), sizeof(ufds[i].fd) );
- PRE_MEM_READ( "poll(ufds.events)",
- (Addr)(&ufds[i].events), sizeof(ufds[i].events) );
+ if (ML_(safe_to_deref)(&ufds[i].fd, sizeof(ufds[i].fd)) && ufds[i].fd >= 0) {
+ PRE_MEM_READ( "poll(ufds.events)",
+ (Addr)(&ufds[i].events), sizeof(ufds[i].events) );
+ }
PRE_MEM_WRITE( "poll(ufds.revents)",
(Addr)(&ufds[i].revents), sizeof(ufds[i].revents) );
}
for (i = 0; i < ARG2; i++) {
PRE_MEM_READ( "ppoll(ufds.fd)",
(Addr)(&ufds[i].fd), sizeof(ufds[i].fd) );
- PRE_MEM_READ( "ppoll(ufds.events)",
- (Addr)(&ufds[i].events), sizeof(ufds[i].events) );
+ if (ufds[i].fd >= 0) {
+ PRE_MEM_READ( "ppoll(ufds.events)",
+ (Addr)(&ufds[i].events), sizeof(ufds[i].events) );
+ }
PRE_MEM_WRITE( "ppoll(ufds.revents)",
(Addr)(&ufds[i].revents), sizeof(ufds[i].revents) );
}
for (i = 0; i < ARG2; i++) {
vki_pollfd_t *u = &ufds[i];
PRE_FIELD_READ("poll(ufds.fd)", u->fd);
- /* XXX Check if it's valid? */
- PRE_FIELD_READ("poll(ufds.events)", u->events);
+ if (ML_(safe_to_deref)(&ufds[i].fd, sizeof(ufds[i].fd)) && ufds[i].fd >= 0) {
+ PRE_FIELD_READ("poll(ufds.events)", u->events);
+ }
PRE_FIELD_WRITE("poll(ufds.revents)", u->revents);
}
bug340392.stderr.exp bug340392.vgtest \
bug464969_d_demangle.stderr.exp bug464969_d_demangle.vgtest \
bug464969_d_demangle.stdout.exp \
+ bug472219.stderr.exp bug472219.vgtest \
calloc-overflow.stderr.exp calloc-overflow.vgtest\
cdebug_zlib.stderr.exp cdebug_zlib.vgtest \
cdebug_zlib_gnu.stderr.exp cdebug_zlib_gnu.vgtest \
bug287260 \
bug340392 \
bug464969_d_demangle \
+ bug472219 \
calloc-overflow \
client-msg \
clientperm \
accounting_CFLAGS = $(AM_CFLAGS) @FLAG_W_NO_ALLOC_SIZE_LARGER_THAN@
badfree_CFLAGS = $(AM_CFLAGS) @FLAG_W_NO_FREE_NONHEAP_OBJECT@
bug155125_CFLAGS = $(AM_CFLAGS) -Wno-unused-result @FLAG_W_NO_ALLOC_SIZE_LARGER_THAN@
+bug472219_CFLAGS = $(AM_CFLAGS) @FLAG_W_NO_UNINITIALIZED@
mallinfo_CFLAGS = $(AM_CFLAGS) -Wno-deprecated-declarations
malloc3_CFLAGS = $(AM_CFLAGS) @FLAG_W_NO_ALLOC_SIZE_LARGER_THAN@
sbfragment_CFLAGS = $(AM_CFLAGS) -Wno-deprecated-declarations
realloc_size_zero_CFLAGS = $(AM_CFLAGS) @FLAG_W_NO_INCOMPATIBLE_POINTER_TYPES_DISCARDS_QUALIFIERS@
realloc_size_zero_mismatch_SOURCES = realloc_size_zero_mismatch.cpp
+realloc_size_zero_mismatch_CXXFLAGS = $(AM_CXXFLAGS) @FLAG_W_NO_MISMATCHED_NEW_DELETE@
resvn_stack_CFLAGS = $(AM_CFLAGS) @FLAG_W_NO_UNINITIALIZED@
--- /dev/null
+#include <poll.h>
+#include <stdlib.h>
+#include "../../config.h"
+
+int main()
+{
+ int uninit;
+ struct pollfd fds[] = {{-1, uninit, 0}, {2, POLLIN, 0}};
+
+ poll(fds, 2, 100);
+
+#if defined(HAVE_PPOLL)
+ struct timespec timeout = {0, 1e8};
+ ppoll(fds, 2, &timeout, NULL);
+#endif
+}
--- /dev/null
+prog: bug472219
+vgopts: -q
/* netbsd newreboot 208 */
/* SYS_poll 209 */
- GO(SYS_poll, "3s 3m");
+ GO(SYS_poll, "2s 2m");
SY(SYS_poll, x0, x0+1, x0); FAIL;
+ {
+ struct pollfd fds = { x0, x0, x0 };
+ GO(SYS_poll, "0s 2m");
+ SY(SYS_poll, &fds, 1, 1); SUCC;
+ }
+
/* SYS_freebsd7___semctl 220 */
GO(SYS_freebsd7___semctl, "(IPC_INFO) 4s 1m");
SY(SYS_freebsd7___semctl, x0, x0, x0+IPC_INFO, x0+1); FAIL;
{
struct pollfd arg1;
arg1.fd = arg1.events = arg1.revents = x0;
- GO(SYS_ppoll, "2s 2+2m");
- SY(SYS_ppoll, &arg1, 1, x0+1, x0+1); FAIL;
+ GO(SYS_ppoll, "2s 2+2m");
+ SY(SYS_ppoll, &arg1, 1, x0+1, x0+1); FAIL;
}
/* SYS_futimens 546 */
...
---------------------------------------------------------
-209: SYS_poll 3s 3m
+209: SYS_poll 2s 2m
---------------------------------------------------------
Syscall param poll(ufds) contains uninitialised byte(s)
...
...
Address 0x........ is not stack'd, malloc'd or (recently) free'd
-Syscall param poll(ufds.events) points to unaddressable byte(s)
+Syscall param poll(ufds.revents) points to unaddressable byte(s)
...
Address 0x........ is not stack'd, malloc'd or (recently) free'd
-Syscall param poll(ufds.revents) points to unaddressable byte(s)
+---------------------------------------------------------
+209: SYS_poll 0s 2m
+---------------------------------------------------------
+Syscall param poll(ufds.fd) points to uninitialised byte(s)
...
- Address 0x........ is not stack'd, malloc'd or (recently) free'd
+ Address 0x........ is on thread 1's stack
+
+Syscall param poll(ufds.events) points to uninitialised byte(s)
+ ...
+ Address 0x........ is on thread 1's stack
---------------------------------------------------------
220: SYS_freebsd7___semctl (IPC_INFO) 4s 1m
Syscall param ppoll(newsigmask) contains uninitialised byte(s)
...
+Syscall param ppoll(fds.fd) points to unaddressable byte(s)
+ ...
+ Address 0x........ is not stack'd, malloc'd or (recently) free'd
+
+Syscall param ppoll(fds.revents) points to unaddressable byte(s)
+ ...
+ Address 0x........ is not stack'd, malloc'd or (recently) free'd
+
Syscall param ppoll(timeout) points to unaddressable byte(s)
...
Address 0x........ is not stack'd, malloc'd or (recently) free'd
...
---------------------------------------------------------
-209: SYS_poll 3s 3m
+209: SYS_poll 2s 2m
---------------------------------------------------------
Syscall param poll(ufds) contains uninitialised byte(s)
...
...
Address 0x........ is not stack'd, malloc'd or (recently) free'd
-Syscall param poll(ufds.events) points to unaddressable byte(s)
+Syscall param poll(ufds.revents) points to unaddressable byte(s)
...
Address 0x........ is not stack'd, malloc'd or (recently) free'd
-Syscall param poll(ufds.revents) points to unaddressable byte(s)
+---------------------------------------------------------
+209: SYS_poll 0s 2m
+---------------------------------------------------------
+Syscall param poll(ufds.fd) points to uninitialised byte(s)
...
- Address 0x........ is not stack'd, malloc'd or (recently) free'd
+ Address 0x........ is on thread 1's stack
+
+Syscall param poll(ufds.events) points to uninitialised byte(s)
+ ...
+ Address 0x........ is on thread 1's stack
---------------------------------------------------------
220: SYS_freebsd7___semctl (IPC_INFO) 4s 1m
Syscall param ppoll(newsigmask) contains uninitialised byte(s)
...
+Syscall param ppoll(fds.fd) points to unaddressable byte(s)
+ ...
+ Address 0x........ is not stack'd, malloc'd or (recently) free'd
+
+Syscall param ppoll(fds.revents) points to unaddressable byte(s)
+ ...
+ Address 0x........ is not stack'd, malloc'd or (recently) free'd
+
Syscall param ppoll(timeout) points to unaddressable byte(s)
...
Address 0x........ is not stack'd, malloc'd or (recently) free'd
...
Address 0x........ is not stack'd, malloc'd or (recently) free'd
-Syscall param poll(ufds.events) points to unaddressable byte(s)
- ...
- Address 0x........ is not stack'd, malloc'd or (recently) free'd
-
Syscall param poll(ufds.revents) points to unaddressable byte(s)
...
Address 0x........ is not stack'd, malloc'd or (recently) free'd
by 0x........: main (scalar.c:761)
Address 0x........ is not stack'd, malloc'd or (recently) free'd
-Syscall param poll(ufds.events) points to unaddressable byte(s)
- ...
- by 0x........: main (scalar.c:761)
- Address 0x........ is not stack'd, malloc'd or (recently) free'd
-
Syscall param poll(ufds.revents) points to unaddressable byte(s)
...
by 0x........: main (scalar.c:761)
projects / thirdparty / valgrind.git / commitdiff
