Ivo Raisr [Thu, 23 Mar 2017 23:22:21 +0000 (23:22 +0000)]
Fix for 377698 - Missing memory check for futex() uaddr arg for FUTEX_WAKE,
and FUTEX_WAKE_BITSET, check only 4 args for FUTEX_WAKE_BITSET,
and 2 args for FUTEX_TRYLOCK_PI.
Fixes BZ#377698.
Patch by: diane.meirowitz@oracle.com
Julian Seward [Mon, 20 Mar 2017 21:34:02 +0000 (21:34 +0000)]
Bug 377717 - Fix massive space leak when reading compressed debuginfo sections.
This makes reading of compressed debuginfo usable for very large object files.
It also adds a bunch extra documentation about a tricky invariant in the
compressed debuginfo handling (a recursive cache refill path!) and adds a
whole bunch of assertions.
Follow up to fix 376956 syswrap of SNDDRV and DRM_IOCTL_VERSION causing some
addresses to be wrongly marked as addressable
As noted by Ivo, if the syscall fails, then we have a leak.
So, enable the flag SfPostOnFail if we allocate memory.
In the POST ioctl, check that FAILURE only happens for this drm ioctl,
and free the memory for both SUCCESS and FAILURE.
Do the POST_MEM_WRITE only if SUCCESS
Add missing break for the DRM ioctl operations that do not have any args
Due to this missing break, the code was falling through to
the case VKI_SNDRV_CTL_IOCTL_PVERSION:
and was then setting some bytes as defined at (whatever address is in) ARG3.
The lfdpx, stdpx, lfdp and stfdp instructions work on a register pair. The
register pair test must only be applied to these instructions in the
dis_fp_pair() function.
Updating NEWS file for the commit
VEX commit 3308 makes the fix in VEX/priv/guest_ppc_toIR.c
Mark Wielaard [Thu, 2 Mar 2017 11:14:36 +0000 (11:14 +0000)]
Fix two safe_to_deref/sizeof mismatches in sys_sigaction/sys_rt_sigaction.
Before dereferencing the sigaction pointer and reading the fields we
need to make sure the whole struct is safe_to_deref. We were using the
size of the pointer, but needed the size of the struct.
Ivo Raisr [Sun, 26 Feb 2017 21:37:04 +0000 (21:37 +0000)]
Introduce macro ASSUME_ALIGNED and use it in vki-linux.h.
Reduces the number of compiler warnings on MIPS platforms.
Partial fix for BZ#370028.
Patch by: Aleksandar Rikalo <aleksandar.rikalo@imgtec.com>
Carl Love [Mon, 20 Feb 2017 19:04:13 +0000 (19:04 +0000)]
Patch submitted by Will Schmidt for PPC64.
On ppc64*, the TOC ptr should not be considered a scratch
register, and should not be in the clobber list.
This is called out in newer GCC (i.e. gcc7) and triggers an error.
Thusly, remove R2 from the clobber list.
Signed-Off-By: Will Schmidt <will_schmidt@vnet.ibm.com>
Tested and committed by: Carl Love <cel@us.ibm.com>
modifty sleepers to have easier evaluation of interaction between cpu freq scaling
and scheduler lock (pipe based or futex based)
See http://www.valgrind.org/docs/manual/manual-core.html#manual-core.pthreads_perf_sched
for background info about cpu freq scaling and valgrind thread scheduler.
To reproduce the interaction, do:
for sched in --fair-sched=yes --fair-sched=no
do
for affinity in 0 1
do
echo $sched $affinity
time ./vg-in-place $sched -q ./gdbserver_tests/sleepers 1000000 0 1000 B-B-B-B- $affinity
done
done
which gives the below output (intel core i5-6402P, debian 8, kernel 3.16.0).
In summary: the fair scheduler is fair, the pipe based scheduler
can be really unfair (e.g. with --fair-sched=no and no affinity,
2 threads are finishing their work, while the 2 other threads are
starting their work only after the first 2 have fully finished).
The difference in timing is significant : 1m14s versus around 47 seconds.
Note: If the governor is set to performance, strangely, the time needed for
--fair-sched=no increases slighltly (to around 48 seconds).
The time for --fair-sched=yes with or without affinity is then also
to around 48 seconds.
Below is timing with on-demand governor:
--fair-sched=yes 0
loops/sleep_ms/burn/threads_spec/affinity: 1000000 0 1000 B-B-B-B- 0
Brussels ready to sleep and/or burn
London ready to sleep and/or burn
Petaouchnok ready to sleep and/or burn
main ready to sleep and/or burn
Brussels finished to sleep and/or burn
London finished to sleep and/or burn
Petaouchnok finished to sleep and/or burn
main finished to sleep and/or burn
real 1m14.582s
user 1m14.348s
sys 0m0.204s
--fair-sched=yes 1
loops/sleep_ms/burn/threads_spec/affinity: 1000000 0 1000 B-B-B-B- 1
Brussels ready to sleep and/or burn
London ready to sleep and/or burn
Petaouchnok ready to sleep and/or burn
main ready to sleep and/or burn
main finished to sleep and/or burn
Brussels finished to sleep and/or burn
Petaouchnok finished to sleep and/or burn
London finished to sleep and/or burn
real 0m46.785s
user 0m46.756s
sys 0m0.032s
--fair-sched=no 0
loops/sleep_ms/burn/threads_spec/affinity: 1000000 0 1000 B-B-B-B- 0
Brussels ready to sleep and/or burn
Brussels finished to sleep and/or burn
London ready to sleep and/or burn
London finished to sleep and/or burn
Petaouchnok ready to sleep and/or burn
main ready to sleep and/or burn
Petaouchnok finished to sleep and/or burn
main finished to sleep and/or burn
real 0m47.742s
user 0m48.224s
sys 0m0.084s
--fair-sched=no 1
loops/sleep_ms/burn/threads_spec/affinity: 1000000 0 1000 B-B-B-B- 1
Brussels ready to sleep and/or burn
London ready to sleep and/or burn
Petaouchnok ready to sleep and/or burn
main ready to sleep and/or burn
Brussels finished to sleep and/or burn
London finished to sleep and/or burn
main finished to sleep and/or burn
Petaouchnok finished to sleep and/or burn
Mark Wielaard [Sat, 18 Feb 2017 21:16:05 +0000 (21:16 +0000)]
Remove arm64 specific (unused) setup_child () and assign_guest_tls ().
valgrind svn r16186 (which fixed bug #342040 and #373192) introduced a
generic linux way of handling setup_child and assign_guest_tls. So there
is no need anymore for arch specific implementations. And gcc complained
they were unused.
Petar Jovanovic [Fri, 3 Feb 2017 01:19:55 +0000 (01:19 +0000)]
fix leak-segv-jmp test for platforms with 64K pagesize
Increase the size of allocated array, so mprotect call does not end up
protecting non-allocated areas. This enables the test to work on
platforms with pagesize=64K.
Issue discovered on MIPS XLP machine with 64K pagesize.
Petar Jovanovic [Fri, 3 Feb 2017 00:34:52 +0000 (00:34 +0000)]
add suppression for helgrind/tests/tc22_exit_w_lock
Function pthread_create indirectly calls function memcpy. Helgrind
considers that memcpy is not thread safe function. For error reported
from pthread_create there is the suppression helgrind---_dl_allocate_tls
in the file glibc-2.34567-NPTL-helgrind.supp.
Since glibc version 2.23, memcpy is implemented by __mempcpy_inline.
This causes that call to memcpy from pthread_create is no longer
recognized by the suppression.
In test helgrind/tests/tc22_exit_w_lock, pthread_create is called twice,
and second call reports error, which causes failing of the test.
This patch adds suppression for glibc 2.23 and greater.
Petar Jovanovic [Fri, 27 Jan 2017 18:20:50 +0000 (18:20 +0000)]
Adding new filter to memcheck/tests/filter_stderr
This should fix issue with sendmsg test and glibc 2.22.
Glibc 2.22 introduced sysdeps/unix/sysv/linux/sendmsg.c that has
__libc_sendmsg function implementation (in comparison to earlier
implementation in syscall-template.S).
So, test suite needs to filter out this case, otherwise we get test
diffs such as:
Syscall param sendmsg(msg) points to uninitialised byte(s)
- at 0x........: sendmsg (in /...libc...)
+ at 0x........: sendmsg (sendmsg.c:28)
which are false positives.
This fixes memcheck/tests/sendmsg (stderr) on platforms with 2.22+ glibc.
Petar Jovanovic [Fri, 27 Jan 2017 17:55:13 +0000 (17:55 +0000)]
mips: fix target_get_drv() function
Return correct Dtv location. Top of MIPS tcbhead structure is located
0x7000 bytes before the value of ULR. Dtv is the first of two pointers
in the tcbhead structure.
This fixes gdbserver_tests/hgtls on some MIPS platforms.
Allow memcheck to output the leak results as a callgrind xtree file.
* New command line options --xtree-leak=no|yes and --xtree-leak-file=<file>
to produce the end of execution leak report in a xtree callgrind format
file.
* New option 'xtleak' in the memcheck leak_check monitor command, to
produce the leak report in an xtree file.
* File name template arguments (such as --log-file, --xtree-memory-file, ...)
have a new %n format letter that is replaced by a sequence number.
Petar Jovanovic [Fri, 13 Jan 2017 16:29:15 +0000 (16:29 +0000)]
mips64: update exp file for test_math
Leave the old exp file that covers cases in which __addtf3 and __subtf3
did not take into account rounding modes. New exp file is the same file
that already exists in mips32 folder, so we just create a symbolic link
to it.
Ivo Raisr [Thu, 12 Jan 2017 11:28:20 +0000 (11:28 +0000)]
Fix a bug when --log-file output isn't split when a program forks.
Patch loosely based on idea by Timur Iskhodzhanov <timurrrr@google.com>.
Fixes BZ#162848
KCachegrind currently uses a quick format detection before
actually loading a file, and checks for a line starting with
"events:" in the first 2kB for that. This obviously is fragile,
as shown by an internal bug report by Philippe: before the
"events" line, Callgrind puts a "cmd:" line with the command
line. If this is very long, the detection fails and the file
does not get loaded at all.
While KCachegrind would not need to have this quick format
check at all, it is useful if multiple input format filters
get supported at some point, to automatically select the
correct filter.
Further, for the "file" command, for file managers and
desktop environments, having an unique way to detect a
file format is important.
It is not too late to fix this issue for the callgrind format.
Petar Jovanovic [Wed, 21 Dec 2016 17:45:28 +0000 (17:45 +0000)]
mips: fix "cast-equal" warnings in coredump-elf.c
Remove the following warnings from the build:
m_coredump/coredump-elf.c:521:31: warning: cast discards 'const'
qualifier from pointer target type [-Wcast-qual]
Fix 342040 Valgrind mishandles clone with CLONE_VFORK | CLONE_VM that clones to a different stack
Fix 373192 Calling posix_spawn in glibc 2.24 completely broken
Functionally, this patch just does the following 2 changes to the
fork clone handling:
* It does not mask anymore CLONE_VFORK :
The only effect of this flag is to suspend the parent, waiting for
the child to either exit or execve.
If some applications depends on this synchronisation, better keep it,
as it will not harm to suspend the parent valgrind waiting for the
child valgrind to exit or execve.
* In case the guest calls the clone syscall providing a non zero client stack,
set the child guest SP after the syscall, before executing guest instructions.
Not setting the guest stack ptr was the source of the problem reported
in the bugs.
This also adds a test case none/tests/linux/clonev.
Before this patch, test gives a SEGV, which is fixed by the patch.
The patch is however a lot bigger : this fix was touching some (mostly
identical/duplicated) code in all the linux platforms.
So, the clone/fork code has been factorised as much as possible.
This removes about 1700 lines of code.
This has been tested on:
* amd64
* x86
* ppc64 be and le
* ppc32
* arm64
This has been compiled on but *not really tested* on:
* mips64 (not too clear how to properly build and run valgrind on gcc22)
It has *not* been compiled and *not* tested on:
* arm
* mips32
* tilegx
* darwin (normally, no impact)
* solaris (normally, no impact)
The changes are relatively mechanical, so it is not impossible that
it will compile and work out of the box on these platforms.
Otherwise, questions welcome.
A few points of interest:
* Some platforms did have a typedef void vki_modify_ldt_t,
and some platforms had no definition for this type at all.
To make it easier to factorise, for such platforms, the following has
been used:
typedef char vki_modify_ldt_t;
When the sizeof vki_modify_ldt_t is > 1, then the arg syscall is checked.
This is somewhat a hack, but was simplifying the factorisation.
* for mips32/mips64 and tilegx, there is a strange unconditional assignment
of 0 to a register (guest_r2 on mips, guest_r0 on tilegx).
Unclear what this is, in particular because this is assigned whatever
the result of the syscall (success or not).
Mark Wielaard [Tue, 6 Dec 2016 09:50:47 +0000 (09:50 +0000)]
Adjust line number in mcblocklistsearch.stderrB.exp.
valgrind svn r16173 "Add CLEAR_CALLER_SAVED_REGS in leak-tree test"
added one extra line to memcheck/tests/leak-tree.c which is used in
gdbserver_tests/mcblocklistsearch.vgtest. Adjust the line numbers in
the exp file to match.
projects / thirdparty / valgrind.git / log
