From 71c761e09ced64fe0b8d0c423760d6ce471de0ae Mon Sep 17 00:00:00 2001 From: Mark Wielaard Date: Wed, 9 Mar 2016 20:06:32 +0100 Subject: [PATCH] Add valgrind-3.11.0-ppoll-mask.patch --- valgrind-3.11.0-ppoll-mask.patch | 701 +++++++++++++++++++++++++++++++ valgrind.spec | 7 + 2 files changed, 708 insertions(+) create mode 100644 valgrind-3.11.0-ppoll-mask.patch diff --git a/valgrind-3.11.0-ppoll-mask.patch b/valgrind-3.11.0-ppoll-mask.patch new file mode 100644 index 0000000..b6311bd --- /dev/null +++ b/valgrind-3.11.0-ppoll-mask.patch @@ -0,0 +1,701 @@ +commit 515c3b6de3eff6ddf88fd14a0084b8ad0c692553 +Author: iraisr +Date: Tue Mar 8 09:04:48 2016 +0000 + + Sanitize signal mask in ppoll and pselect syscalls + Reported and Linux patch contributed by Steven Smith + Fixes BZ#359871 + + + + git-svn-id: svn://svn.valgrind.org/valgrind/trunk@15823 a5019735-40e9-0310-863c-91ae7b9d1cf9 + +diff --git a/coregrind/m_syswrap/priv_syswrap-main.h b/coregrind/m_syswrap/priv_syswrap-main.h +index cabad7c..3164c81 100644 +--- a/coregrind/m_syswrap/priv_syswrap-main.h ++++ b/coregrind/m_syswrap/priv_syswrap-main.h +@@ -38,6 +38,9 @@ + extern + void ML_(fixup_guest_state_to_restart_syscall) ( ThreadArchState* arch ); + ++extern ++void VG_(sanitize_client_sigmask)(vki_sigset_t *mask); ++ + #if defined(VGO_darwin) + /* Longjmp to scheduler after client calls workq_ops(WQOPS_THREAD_RETURN)*/ + extern +diff --git a/coregrind/m_syswrap/syswrap-amd64-linux.c b/coregrind/m_syswrap/syswrap-amd64-linux.c +index 7c88bc2..4a8344b 100644 +--- a/coregrind/m_syswrap/syswrap-amd64-linux.c ++++ b/coregrind/m_syswrap/syswrap-amd64-linux.c +@@ -1018,7 +1018,7 @@ static SyscallTableEntry syscall_table[] = { + LINX_(__NR_fchmodat, sys_fchmodat), // 268 + LINX_(__NR_faccessat, sys_faccessat), // 269 + +- LINX_(__NR_pselect6, sys_pselect6), // 270 ++ LINXY(__NR_pselect6, sys_pselect6), // 270 + LINXY(__NR_ppoll, sys_ppoll), // 271 + LINX_(__NR_unshare, sys_unshare), // 272 + LINX_(__NR_set_robust_list, sys_set_robust_list), // 273 +diff --git a/coregrind/m_syswrap/syswrap-arm-linux.c b/coregrind/m_syswrap/syswrap-arm-linux.c +index 3ccad12..224070c 100644 +--- a/coregrind/m_syswrap/syswrap-arm-linux.c ++++ b/coregrind/m_syswrap/syswrap-arm-linux.c +@@ -1188,7 +1188,7 @@ static SyscallTableEntry syscall_main_table[] = { + + LINX_(__NR_arm_fadvise64_64, sys_fadvise64_64), // 270 */(Linux?) + +- LINX_(__NR_pselect6, sys_pselect6), // 335 ++ LINXY(__NR_pselect6, sys_pselect6), // 335 + LINXY(__NR_ppoll, sys_ppoll), // 336 + + LINXY(__NR_epoll_pwait, sys_epoll_pwait), // 346 +diff --git a/coregrind/m_syswrap/syswrap-arm64-linux.c b/coregrind/m_syswrap/syswrap-arm64-linux.c +index 8d3027d..abddff1 100644 +--- a/coregrind/m_syswrap/syswrap-arm64-linux.c ++++ b/coregrind/m_syswrap/syswrap-arm64-linux.c +@@ -924,7 +924,7 @@ static SyscallTableEntry syscall_main_table[] = { + GENX_(__NR_writev, sys_writev), // 66 + GENXY(__NR_pread64, sys_pread64), // 67 + GENX_(__NR_pwrite64, sys_pwrite64), // 68 +- LINX_(__NR_pselect6, sys_pselect6), // 72 ++ LINXY(__NR_pselect6, sys_pselect6), // 72 + LINXY(__NR_ppoll, sys_ppoll), // 73 + LINXY(__NR_signalfd4, sys_signalfd4), // 74 + LINX_(__NR_readlinkat, sys_readlinkat), // 78 +diff --git a/coregrind/m_syswrap/syswrap-linux.c b/coregrind/m_syswrap/syswrap-linux.c +index f2d1076..6fdacda 100644 +--- a/coregrind/m_syswrap/syswrap-linux.c ++++ b/coregrind/m_syswrap/syswrap-linux.c +@@ -62,6 +62,7 @@ + #include "priv_types_n_macros.h" + #include "priv_syswrap-generic.h" + #include "priv_syswrap-linux.h" ++#include "priv_syswrap-main.h" + #include "priv_syswrap-xen.h" + + // Run a thread from beginning to end and return the thread's +@@ -1272,9 +1273,18 @@ POST(sys_get_robust_list) + POST_MEM_WRITE(ARG3, sizeof(struct vki_size_t *)); + } + ++struct pselect_sized_sigset { ++ const vki_sigset_t *ss; ++ vki_size_t ss_len; ++}; ++struct pselect_adjusted_sigset { ++ struct pselect_sized_sigset ss; /* The actual syscall arg */ ++ vki_sigset_t adjusted_ss; ++}; ++ + PRE(sys_pselect6) + { +- *flags |= SfMayBlock; ++ *flags |= SfMayBlock | SfPostOnFail; + PRINT("sys_pselect6 ( %ld, %#lx, %#lx, %#lx, %#lx, %#lx )", + SARG1, ARG2, ARG3, ARG4, ARG5, ARG6); + PRE_REG_READ6(long, "pselect6", +@@ -1293,15 +1303,41 @@ PRE(sys_pselect6) + ARG4, ARG1/8 /* __FD_SETSIZE/8 */ ); + if (ARG5 != 0) + PRE_MEM_READ( "pselect6(timeout)", ARG5, sizeof(struct vki_timeval) ); +- if (ARG6 != 0) +- PRE_MEM_READ( "pselect6(sig)", ARG6, sizeof(void *)+sizeof(vki_size_t) ); ++ if (ARG6 != 0) { ++ const struct pselect_sized_sigset *pss = ++ (struct pselect_sized_sigset *)ARG6; ++ PRE_MEM_READ( "pselect6(sig)", ARG6, sizeof(*pss) ); ++ if (!ML_(safe_to_deref)(pss, sizeof(*pss))) { ++ ARG6 = 1; /* Something recognisable to POST() hook. */ ++ } else { ++ struct pselect_adjusted_sigset *pas; ++ pas = VG_(malloc)("syswrap.pselect6.1", sizeof(*pas)); ++ ARG6 = (Addr)pas; ++ pas->ss.ss = (void *)1; ++ pas->ss.ss_len = pss->ss_len; ++ if (pss->ss_len == sizeof(*pss->ss)) { ++ PRE_MEM_READ("pselect6(sig->ss)", (Addr)pss->ss, pss->ss_len); ++ if (ML_(safe_to_deref)(pss->ss, sizeof(*pss->ss))) { ++ pas->adjusted_ss = *pss->ss; ++ pas->ss.ss = &pas->adjusted_ss; ++ VG_(sanitize_client_sigmask)(&pas->adjusted_ss); ++ } ++ } ++ } ++ } ++} ++POST(sys_pselect6) ++{ ++ if (ARG6 != 0 && ARG6 != 1) { ++ VG_(free)((struct pselect_adjusted_sigset *)ARG6); ++ } + } + + PRE(sys_ppoll) + { + UInt i; + struct vki_pollfd* ufds = (struct vki_pollfd *)ARG1; +- *flags |= SfMayBlock; ++ *flags |= SfMayBlock | SfPostOnFail; + PRINT("sys_ppoll ( %#lx, %lu, %#lx, %#lx, %lu )\n", ARG1,ARG2,ARG3,ARG4,ARG5); + PRE_REG_READ5(long, "ppoll", + struct vki_pollfd *, ufds, unsigned int, nfds, +@@ -1319,18 +1355,33 @@ PRE(sys_ppoll) + + if (ARG3) + PRE_MEM_READ( "ppoll(tsp)", ARG3, sizeof(struct vki_timespec) ); +- if (ARG4) +- PRE_MEM_READ( "ppoll(sigmask)", ARG4, sizeof(vki_sigset_t) ); ++ if (ARG4 != 0 && sizeof(vki_sigset_t) == ARG5) { ++ const vki_sigset_t *guest_sigmask = (vki_sigset_t *)ARG4; ++ PRE_MEM_READ( "ppoll(sigmask)", ARG4, ARG5); ++ if (!ML_(safe_to_deref)(guest_sigmask, sizeof(*guest_sigmask))) { ++ ARG4 = 1; /* Something recognisable to POST() hook. */ ++ } else { ++ vki_sigset_t *vg_sigmask = ++ VG_(malloc)("syswrap.ppoll.1", sizeof(*vg_sigmask)); ++ ARG4 = (Addr)vg_sigmask; ++ *vg_sigmask = *guest_sigmask; ++ VG_(sanitize_client_sigmask)(vg_sigmask); ++ } ++ } + } + + POST(sys_ppoll) + { +- if (RES > 0) { ++ vg_assert(SUCCESS || FAILURE); ++ if (SUCCESS && (RES >= 0)) { + UInt i; + struct vki_pollfd* ufds = (struct vki_pollfd *)ARG1; + for (i = 0; i < ARG2; i++) + POST_MEM_WRITE( (Addr)(&ufds[i].revents), sizeof(ufds[i].revents) ); + } ++ if (ARG4 != 0 && ARG5 == sizeof(vki_sigset_t) && ARG4 != 1) { ++ VG_(free)((vki_sigset_t *) ARG4); ++ } + } + + +diff --git a/coregrind/m_syswrap/syswrap-main.c b/coregrind/m_syswrap/syswrap-main.c +index 054891f..d854194 100644 +--- a/coregrind/m_syswrap/syswrap-main.c ++++ b/coregrind/m_syswrap/syswrap-main.c +@@ -1657,7 +1657,7 @@ static const SyscallTableEntry* get_syscall_entry ( Int syscallno ) + /* Add and remove signals from mask so that we end up telling the + kernel the state we actually want rather than what the client + wants. */ +-static void sanitize_client_sigmask(vki_sigset_t *mask) ++void VG_(sanitize_client_sigmask)(vki_sigset_t *mask) + { + VG_(sigdelset)(mask, VKI_SIGKILL); + VG_(sigdelset)(mask, VKI_SIGSTOP); +@@ -1979,7 +1979,7 @@ void VG_(client_syscall) ( ThreadId tid, UInt trc ) + PRINT(" --> [async] ... \n"); + + mask = tst->sig_mask; +- sanitize_client_sigmask(&mask); ++ VG_(sanitize_client_sigmask)(&mask); + + /* Gack. More impedance matching. Copy the possibly + modified syscall args back into the guest state. */ +diff --git a/coregrind/m_syswrap/syswrap-mips64-linux.c b/coregrind/m_syswrap/syswrap-mips64-linux.c +index 12d147d..7c5fbdb 100644 +--- a/coregrind/m_syswrap/syswrap-mips64-linux.c ++++ b/coregrind/m_syswrap/syswrap-mips64-linux.c +@@ -889,7 +889,7 @@ static SyscallTableEntry syscall_main_table[] = { + LINX_ (__NR_readlinkat, sys_readlinkat), + LINX_ (__NR_fchmodat, sys_fchmodat), + LINX_ (__NR_faccessat, sys_faccessat), +- LINX_ (__NR_pselect6, sys_pselect6), ++ LINXY (__NR_pselect6, sys_pselect6), + LINXY (__NR_ppoll, sys_ppoll), + PLAX_ (__NR_unshare, sys_unshare), + PLAX_ (__NR_splice, sys_splice), +diff --git a/coregrind/m_syswrap/syswrap-ppc32-linux.c b/coregrind/m_syswrap/syswrap-ppc32-linux.c +index 9ceaa15..379fcb3 100644 +--- a/coregrind/m_syswrap/syswrap-ppc32-linux.c ++++ b/coregrind/m_syswrap/syswrap-ppc32-linux.c +@@ -1194,7 +1194,7 @@ static SyscallTableEntry syscall_table[] = { + PLAXY(__NR_spu_run, sys_spu_run), // 278 + PLAX_(__NR_spu_create, sys_spu_create), // 279 + +- LINX_(__NR_pselect6, sys_pselect6), // 280 ++ LINXY(__NR_pselect6, sys_pselect6), // 280 + LINXY(__NR_ppoll, sys_ppoll), // 281 + + LINXY(__NR_openat, sys_openat), // 286 +diff --git a/coregrind/m_syswrap/syswrap-ppc64-linux.c b/coregrind/m_syswrap/syswrap-ppc64-linux.c +index 15b8979..77668c7 100644 +--- a/coregrind/m_syswrap/syswrap-ppc64-linux.c ++++ b/coregrind/m_syswrap/syswrap-ppc64-linux.c +@@ -1110,7 +1110,7 @@ static SyscallTableEntry syscall_table[] = { + LINX_(__NR_inotify_add_watch, sys_inotify_add_watch), // 276 + LINX_(__NR_inotify_rm_watch, sys_inotify_rm_watch), // 277 + +- LINX_(__NR_pselect6, sys_pselect6), // 280 ++ LINXY(__NR_pselect6, sys_pselect6), // 280 + LINXY(__NR_ppoll, sys_ppoll), // 281 + + LINXY(__NR_openat, sys_openat), // 286 +diff --git a/coregrind/m_syswrap/syswrap-s390x-linux.c b/coregrind/m_syswrap/syswrap-s390x-linux.c +index 0513789..107a569 100644 +--- a/coregrind/m_syswrap/syswrap-s390x-linux.c ++++ b/coregrind/m_syswrap/syswrap-s390x-linux.c +@@ -992,7 +992,7 @@ static SyscallTableEntry syscall_table[] = { + LINX_(__NR_fchmodat, sys_fchmodat), // 299 + + LINX_(__NR_faccessat, sys_faccessat), // 300 +- LINX_(__NR_pselect6, sys_pselect6), // 301 ++ LINXY(__NR_pselect6, sys_pselect6), // 301 + LINXY(__NR_ppoll, sys_ppoll), // 302 + LINX_(__NR_unshare, sys_unshare), // 303 + LINX_(__NR_set_robust_list, sys_set_robust_list), // 304 +diff --git a/coregrind/m_syswrap/syswrap-solaris.c b/coregrind/m_syswrap/syswrap-solaris.c +index 7ac876f..a307f6c 100644 +--- a/coregrind/m_syswrap/syswrap-solaris.c ++++ b/coregrind/m_syswrap/syswrap-solaris.c +@@ -71,6 +71,7 @@ + + #include "priv_types_n_macros.h" + #include "priv_syswrap-generic.h" ++#include "priv_syswrap-main.h" + #include "priv_syswrap-solaris.h" + + /* Return the number of non-dead and daemon threads. +@@ -7327,7 +7328,7 @@ PRE(sys_pollsys) + UWord i; + struct vki_pollfd *ufds = (struct vki_pollfd *)ARG1; + +- *flags |= SfMayBlock; ++ *flags |= SfMayBlock | SfPostOnFail; + + PRINT("sys_pollsys ( %#lx, %lu, %#lx, %#lx )", ARG1, ARG2, ARG3, ARG4); + PRE_REG_READ4(long, "poll", pollfd_t *, fds, vki_nfds_t, nfds, +@@ -7343,18 +7344,37 @@ PRE(sys_pollsys) + + if (ARG3) + PRE_MEM_READ("poll(timeout)", ARG3, sizeof(vki_timespec_t)); +- if (ARG4) ++ ++ if (ARG4) { + PRE_MEM_READ("poll(set)", ARG4, sizeof(vki_sigset_t)); ++ ++ const vki_sigset_t *guest_sigmask = (vki_sigset_t *) ARG4; ++ if (!ML_(safe_to_deref)(guest_sigmask, sizeof(vki_sigset_t))) { ++ ARG4 = 1; /* Something recognisable to POST() hook. */ ++ } else { ++ vki_sigset_t *vg_sigmask = ++ VG_(malloc)("syswrap.pollsys.1", sizeof(vki_sigset_t)); ++ ARG4 = (Addr) vg_sigmask; ++ *vg_sigmask = *guest_sigmask; ++ VG_(sanitize_client_sigmask)(vg_sigmask); ++ } ++ } + } + + POST(sys_pollsys) + { +- if (RES >= 0) { ++ vg_assert(SUCCESS || FAILURE); ++ ++ if (SUCCESS && (RES >= 0)) { + UWord i; + vki_pollfd_t *ufds = (vki_pollfd_t*)ARG1; + for (i = 0; i < ARG2; i++) + POST_FIELD_WRITE(ufds[i].revents); + } ++ ++ if ((ARG4 != 0) && (ARG4 != 1)) { ++ VG_(free)((vki_sigset_t *) ARG4); ++ } + } + + PRE(sys_labelsys) +diff --git a/coregrind/m_syswrap/syswrap-tilegx-linux.c b/coregrind/m_syswrap/syswrap-tilegx-linux.c +index aceceb4..4845f79 100644 +--- a/coregrind/m_syswrap/syswrap-tilegx-linux.c ++++ b/coregrind/m_syswrap/syswrap-tilegx-linux.c +@@ -1202,7 +1202,7 @@ static SyscallTableEntry syscall_table[] = { + LINXY(__NR_preadv, sys_preadv), // 69 + LINX_(__NR_pwritev, sys_pwritev), // 70 + LINXY(__NR_sendfile, sys_sendfile), // 71 +- LINX_(__NR_pselect6, sys_pselect6), // 72 ++ LINXY(__NR_pselect6, sys_pselect6), // 72 + LINXY(__NR_ppoll, sys_ppoll), // 73 + LINXY(__NR_signalfd4, sys_signalfd4), // 74 + LINX_(__NR_splice, sys_splice), // 75 +diff --git a/coregrind/m_syswrap/syswrap-x86-linux.c b/coregrind/m_syswrap/syswrap-x86-linux.c +index 3c80e6a..f1f97d7 100644 +--- a/coregrind/m_syswrap/syswrap-x86-linux.c ++++ b/coregrind/m_syswrap/syswrap-x86-linux.c +@@ -1766,7 +1766,7 @@ static SyscallTableEntry syscall_table[] = { + LINX_(__NR_readlinkat, sys_readlinkat), // 305 + LINX_(__NR_fchmodat, sys_fchmodat), // 306 + LINX_(__NR_faccessat, sys_faccessat), // 307 +- LINX_(__NR_pselect6, sys_pselect6), // 308 ++ LINXY(__NR_pselect6, sys_pselect6), // 308 + LINXY(__NR_ppoll, sys_ppoll), // 309 + + LINX_(__NR_unshare, sys_unshare), // 310 +diff --git a/none/tests/Makefile.am b/none/tests/Makefile.am +index 7eb2bf8..5d8e942 100644 +--- a/none/tests/Makefile.am ++++ b/none/tests/Makefile.am +@@ -142,12 +142,14 @@ EXTRA_DIST = \ + nestedfns.stderr.exp nestedfns.stdout.exp nestedfns.vgtest \ + nodir.stderr.exp nodir.vgtest \ + pending.stdout.exp pending.stderr.exp pending.vgtest \ ++ ppoll_alarm.stdout.exp ppoll_alarm.stderr.exp ppoll_alarm.vgtest \ + procfs-linux.stderr.exp-with-readlinkat \ + procfs-linux.stderr.exp-without-readlinkat \ + procfs-linux.vgtest \ + procfs-non-linux.vgtest \ + procfs-non-linux.stderr.exp-with-readlinkat \ + procfs-non-linux.stderr.exp-without-readlinkat \ ++ pselect_alarm.stdout.exp pselect_alarm.stderr.exp pselect_alarm.vgtest \ + pth_atfork1.stderr.exp pth_atfork1.stdout.exp pth_atfork1.vgtest \ + pth_blockedsig.stderr.exp \ + pth_blockedsig.stdout.exp pth_blockedsig.vgtest \ +@@ -215,7 +217,9 @@ check_PROGRAMS = \ + mmap_fcntl_bug \ + munmap_exe map_unaligned map_unmap mq \ + pending \ ++ ppoll_alarm \ + procfs-cmdline-exe \ ++ pselect_alarm \ + pth_atfork1 pth_blockedsig pth_cancel1 pth_cancel2 pth_cvsimple \ + pth_empty pth_exit pth_exit2 pth_mutexspeed pth_once pth_rwlock \ + pth_stackalign \ +@@ -289,6 +293,8 @@ libvexmultiarch_test_LDADD = \ + ../../VEX/libvexmultiarch-@VGCONF_ARCH_PRI@-@VGCONF_OS@.a \ + ../../VEX/libvex-@VGCONF_ARCH_PRI@-@VGCONF_OS@.a @LIB_UBSAN@ + libvexmultiarch_test_SOURCES = libvex_test.c ++ppoll_alarm_LDADD = -lpthread ++pselect_alarm_LDADD = -lpthread + pth_atfork1_LDADD = -lpthread + pth_blockedsig_LDADD = -lpthread + pth_cancel1_CFLAGS = $(AM_CFLAGS) -Wno-shadow +diff --git a/none/tests/ppoll_alarm.c b/none/tests/ppoll_alarm.c +new file mode 100644 +index 0000000..1b1794b +--- /dev/null ++++ b/none/tests/ppoll_alarm.c +@@ -0,0 +1,55 @@ ++/* Tries to exploit bug in ppoll mask handling: ++ https://bugs.kde.org/show_bug.cgi?id=359871 ++ where client program was able to successfully block VG_SIGVGKILL. */ ++ ++#define _GNU_SOURCE /* for ppoll */ ++#include ++#include ++#include ++#include ++#include ++ ++static int ready = 0; ++static pthread_mutex_t mutex = PTHREAD_MUTEX_INITIALIZER; ++static pthread_cond_t cond = PTHREAD_COND_INITIALIZER; ++ ++static void * ++mythr(void *ignore) ++{ ++ pthread_mutex_lock(&mutex); ++ ready = 1; ++ pthread_cond_signal(&cond); ++ pthread_mutex_unlock(&mutex); ++ ++ sigset_t ss; ++ sigfillset(&ss); ++ while (1) { ++ struct timespec ts = {10000, 0}; ++ ppoll(NULL, 0, &ts, &ss); ++ } ++ ++ return NULL; ++} ++ ++int ++main() ++{ ++ pthread_t thr; ++ int ret = pthread_create(&thr, NULL, mythr, NULL); ++ if (ret != 0) { ++ fprintf(stderr, "pthread_create failed\n"); ++ return 1; ++ } ++ ++ pthread_mutex_lock(&mutex); ++ while (ready == 0) { ++ pthread_cond_wait(&cond, &mutex); ++ } ++ pthread_mutex_unlock(&mutex); ++ ++ alarm(1); /* Unhandled SIGALRM should cause exit. */ ++ while (1) ++ sleep(1); ++ ++ return 0; ++} +diff --git a/none/tests/ppoll_alarm.stderr.exp b/none/tests/ppoll_alarm.stderr.exp +new file mode 100644 +index 0000000..e69de29 +diff --git a/none/tests/ppoll_alarm.stdout.exp b/none/tests/ppoll_alarm.stdout.exp +new file mode 100644 +index 0000000..e69de29 +diff --git a/none/tests/ppoll_alarm.vgtest b/none/tests/ppoll_alarm.vgtest +new file mode 100644 +index 0000000..b1309d3 +--- /dev/null ++++ b/none/tests/ppoll_alarm.vgtest +@@ -0,0 +1,3 @@ ++prog: ppoll_alarm ++vgopts: -q ++stderr_filter: filter_stderr +diff --git a/none/tests/pselect_alarm.c b/none/tests/pselect_alarm.c +new file mode 100644 +index 0000000..7a68ec0 +--- /dev/null ++++ b/none/tests/pselect_alarm.c +@@ -0,0 +1,61 @@ ++/* Tries to exploit bug in pselect mask handling: ++ https://bugs.kde.org/show_bug.cgi?id=359871 ++ where client program was able to successfully block VG_SIGVGKILL. */ ++ ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++ ++static int ready = 0; ++static pthread_mutex_t mutex = PTHREAD_MUTEX_INITIALIZER; ++static pthread_cond_t cond = PTHREAD_COND_INITIALIZER; ++ ++static void * ++mythr(void *ignore) ++{ ++ pthread_mutex_lock(&mutex); ++ ready = 1; ++ pthread_cond_signal(&cond); ++ pthread_mutex_unlock(&mutex); ++ ++ sigset_t ss; ++ sigfillset(&ss); ++ while (1) { ++ struct timespec ts = {10000, 0}; ++ pselect(0, NULL, NULL, NULL, &ts, &ss); ++ } ++ ++ return NULL; ++} ++ ++int ++main() ++{ ++ pthread_t thr; ++ int ret = pthread_create(&thr, NULL, mythr, NULL); ++ if (ret != 0) { ++ fprintf(stderr, "pthread_create failed\n"); ++ return 1; ++ } ++ ++ pthread_mutex_lock(&mutex); ++ while (ready == 0) { ++ pthread_cond_wait(&cond, &mutex); ++ } ++ pthread_mutex_unlock(&mutex); ++ ++#if defined(VGO_linux) ++ assert(pselect(0, NULL, NULL, NULL, NULL, (sigset_t *)12) == -1); ++ assert(errno == EFAULT); ++#endif ++ ++ alarm(1); /* Unhandled SIGALRM should cause exit. */ ++ while (1) ++ sleep(1); ++ ++ return 0; ++} +diff --git a/none/tests/pselect_alarm.stderr.exp b/none/tests/pselect_alarm.stderr.exp +new file mode 100644 +index 0000000..e69de29 +diff --git a/none/tests/pselect_alarm.stdout.exp b/none/tests/pselect_alarm.stdout.exp +new file mode 100644 +index 0000000..e69de29 +diff --git a/none/tests/pselect_alarm.vgtest b/none/tests/pselect_alarm.vgtest +new file mode 100644 +index 0000000..84cc674 +--- /dev/null ++++ b/none/tests/pselect_alarm.vgtest +@@ -0,0 +1,3 @@ ++prog: pselect_alarm ++vgopts: -q ++stderr_filter: filter_stderr +diff --git a/tests/filter_stderr_basic b/tests/filter_stderr_basic +index 472cd8f..4b6e480 100755 +--- a/tests/filter_stderr_basic ++++ b/tests/filter_stderr_basic +@@ -46,7 +46,7 @@ sed "/warning: line info addresses out of order/d" | + # of the bash process. Newer bash versions redirect such messages properly. + # Suppress any redirected abnormal termination messages. You can find the + # complete list of messages in the bash source file siglist.c. +-perl -n -e 'print if !/^(Segmentation fault|Alarm clock|Aborted|Bus error)( \(core dumped\))?$/' | ++perl -n -e 'print if !/^(Segmentation fault|Alarm clock|Aborted|Bus error|Killed)( \(core dumped\))?$/' | + + # Similar as above, but for ksh on Solaris/illumos. + perl -n -e 'print if !/^(Memory fault|Killed) $/' | +Only in valgrind-3.11.0: autom4te.cache +diff -ru valgrind-3.11.0.orig/none/tests/Makefile.in valgrind-3.11.0/none/tests/Makefile.in +--- valgrind-3.11.0.orig/none/tests/Makefile.in 2016-03-09 20:07:53.451112914 +0100 ++++ valgrind-3.11.0/none/tests/Makefile.in 2016-03-09 20:09:44.281584703 +0100 +@@ -151,7 +151,8 @@ + libvexmultiarch_test$(EXEEXT) manythreads$(EXEEXT) \ + mmap_fcntl_bug$(EXEEXT) munmap_exe$(EXEEXT) \ + map_unaligned$(EXEEXT) map_unmap$(EXEEXT) mq$(EXEEXT) \ +- pending$(EXEEXT) procfs-cmdline-exe$(EXEEXT) \ ++ pending$(EXEEXT) ppoll_alarm$(EXEEXT) \ ++ procfs-cmdline-exe$(EXEEXT) pselect_alarm$(EXEEXT) \ + pth_atfork1$(EXEEXT) pth_blockedsig$(EXEEXT) \ + pth_cancel1$(EXEEXT) pth_cancel2$(EXEEXT) \ + pth_cvsimple$(EXEEXT) pth_empty$(EXEEXT) pth_exit$(EXEEXT) \ +@@ -329,12 +330,18 @@ + pending_SOURCES = pending.c + pending_OBJECTS = pending.$(OBJEXT) + pending_LDADD = $(LDADD) ++ppoll_alarm_SOURCES = ppoll_alarm.c ++ppoll_alarm_OBJECTS = ppoll_alarm.$(OBJEXT) ++ppoll_alarm_DEPENDENCIES = + process_vm_readv_writev_SOURCES = process_vm_readv_writev.c + process_vm_readv_writev_OBJECTS = process_vm_readv_writev.$(OBJEXT) + process_vm_readv_writev_LDADD = $(LDADD) + procfs_cmdline_exe_SOURCES = procfs-cmdline-exe.c + procfs_cmdline_exe_OBJECTS = procfs-cmdline-exe.$(OBJEXT) + procfs_cmdline_exe_LDADD = $(LDADD) ++pselect_alarm_SOURCES = pselect_alarm.c ++pselect_alarm_OBJECTS = pselect_alarm.$(OBJEXT) ++pselect_alarm_DEPENDENCIES = + pth_atfork1_SOURCES = pth_atfork1.c + pth_atfork1_OBJECTS = pth_atfork1.$(OBJEXT) + pth_atfork1_DEPENDENCIES = +@@ -527,18 +534,18 @@ + $(gxx304_SOURCES) ifunc.c ioctl_moans.c libvex_test.c \ + $(libvexmultiarch_test_SOURCES) manythreads.c map_unaligned.c \ + map_unmap.c mmap_fcntl_bug.c mq.c munmap_exe.c nestedfns.c \ +- pending.c process_vm_readv_writev.c procfs-cmdline-exe.c \ +- pth_atfork1.c pth_blockedsig.c pth_cancel1.c pth_cancel2.c \ +- pth_cvsimple.c pth_empty.c pth_exit.c pth_exit2.c \ +- pth_mutexspeed.c pth_once.c pth_rwlock.c pth_stackalign.c \ +- rcrl.c readline1.c require-text-symbol.c res_search.c resolv.c \ +- rlimit64_nofile.c rlimit_nofile.c selfrun.c sem.c semlimit.c \ +- sha1_test.c shortpush.c shorts.c sigstackgrowth.c \ +- stackgrowth.c syscall-restart1.c syscall-restart2.c syslog.c \ +- system.c thread-exits.c threaded-fork.c threadederrno.c \ +- timestamp.c $(tls_SOURCES) $(tls_so_SOURCES) \ +- $(tls2_so_SOURCES) unit_debuglog.c \ +- $(valgrind_cpp_test_SOURCES) vgprintf.c ++ pending.c ppoll_alarm.c process_vm_readv_writev.c \ ++ procfs-cmdline-exe.c pselect_alarm.c pth_atfork1.c \ ++ pth_blockedsig.c pth_cancel1.c pth_cancel2.c pth_cvsimple.c \ ++ pth_empty.c pth_exit.c pth_exit2.c pth_mutexspeed.c pth_once.c \ ++ pth_rwlock.c pth_stackalign.c rcrl.c readline1.c \ ++ require-text-symbol.c res_search.c resolv.c rlimit64_nofile.c \ ++ rlimit_nofile.c selfrun.c sem.c semlimit.c sha1_test.c \ ++ shortpush.c shorts.c sigstackgrowth.c stackgrowth.c \ ++ syscall-restart1.c syscall-restart2.c syslog.c system.c \ ++ thread-exits.c threaded-fork.c threadederrno.c timestamp.c \ ++ $(tls_SOURCES) $(tls_so_SOURCES) $(tls2_so_SOURCES) \ ++ unit_debuglog.c $(valgrind_cpp_test_SOURCES) vgprintf.c + DIST_SOURCES = ansi.c args.c async-sigs.c bitfield1.c bug129866.c \ + bug234814.c closeall.c $(coolo_sigaction_SOURCES) \ + coolo_strlen.c discard.c exec-sigmask.c execve.c faultstatus.c \ +@@ -548,18 +555,18 @@ + $(gxx304_SOURCES) ifunc.c ioctl_moans.c libvex_test.c \ + $(libvexmultiarch_test_SOURCES) manythreads.c map_unaligned.c \ + map_unmap.c mmap_fcntl_bug.c mq.c munmap_exe.c nestedfns.c \ +- pending.c process_vm_readv_writev.c procfs-cmdline-exe.c \ +- pth_atfork1.c pth_blockedsig.c pth_cancel1.c pth_cancel2.c \ +- pth_cvsimple.c pth_empty.c pth_exit.c pth_exit2.c \ +- pth_mutexspeed.c pth_once.c pth_rwlock.c pth_stackalign.c \ +- rcrl.c readline1.c require-text-symbol.c res_search.c resolv.c \ +- rlimit64_nofile.c rlimit_nofile.c selfrun.c sem.c semlimit.c \ +- sha1_test.c shortpush.c shorts.c sigstackgrowth.c \ +- stackgrowth.c syscall-restart1.c syscall-restart2.c syslog.c \ +- system.c thread-exits.c threaded-fork.c threadederrno.c \ +- timestamp.c $(tls_SOURCES) $(tls_so_SOURCES) \ +- $(tls2_so_SOURCES) unit_debuglog.c \ +- $(valgrind_cpp_test_SOURCES) vgprintf.c ++ pending.c ppoll_alarm.c process_vm_readv_writev.c \ ++ procfs-cmdline-exe.c pselect_alarm.c pth_atfork1.c \ ++ pth_blockedsig.c pth_cancel1.c pth_cancel2.c pth_cvsimple.c \ ++ pth_empty.c pth_exit.c pth_exit2.c pth_mutexspeed.c pth_once.c \ ++ pth_rwlock.c pth_stackalign.c rcrl.c readline1.c \ ++ require-text-symbol.c res_search.c resolv.c rlimit64_nofile.c \ ++ rlimit_nofile.c selfrun.c sem.c semlimit.c sha1_test.c \ ++ shortpush.c shorts.c sigstackgrowth.c stackgrowth.c \ ++ syscall-restart1.c syscall-restart2.c syslog.c system.c \ ++ thread-exits.c threaded-fork.c threadederrno.c timestamp.c \ ++ $(tls_SOURCES) $(tls_so_SOURCES) $(tls2_so_SOURCES) \ ++ unit_debuglog.c $(valgrind_cpp_test_SOURCES) vgprintf.c + RECURSIVE_TARGETS = all-recursive check-recursive cscopelist-recursive \ + ctags-recursive dvi-recursive html-recursive info-recursive \ + install-data-recursive install-dvi-recursive \ +@@ -1072,12 +1079,14 @@ + nestedfns.stderr.exp nestedfns.stdout.exp nestedfns.vgtest \ + nodir.stderr.exp nodir.vgtest \ + pending.stdout.exp pending.stderr.exp pending.vgtest \ ++ ppoll_alarm.stdout.exp ppoll_alarm.stderr.exp ppoll_alarm.vgtest \ + procfs-linux.stderr.exp-with-readlinkat \ + procfs-linux.stderr.exp-without-readlinkat \ + procfs-linux.vgtest \ + procfs-non-linux.vgtest \ + procfs-non-linux.stderr.exp-with-readlinkat \ + procfs-non-linux.stderr.exp-without-readlinkat \ ++ pselect_alarm.stdout.exp pselect_alarm.stderr.exp pselect_alarm.vgtest \ + pth_atfork1.stderr.exp pth_atfork1.stdout.exp pth_atfork1.vgtest \ + pth_blockedsig.stderr.exp \ + pth_blockedsig.stdout.exp pth_blockedsig.vgtest \ +@@ -1152,6 +1161,8 @@ + ../../VEX/libvex-@VGCONF_ARCH_PRI@-@VGCONF_OS@.a @LIB_UBSAN@ + + libvexmultiarch_test_SOURCES = libvex_test.c ++ppoll_alarm_LDADD = -lpthread ++pselect_alarm_LDADD = -lpthread + pth_atfork1_LDADD = -lpthread + pth_blockedsig_LDADD = -lpthread + pth_cancel1_CFLAGS = $(AM_CFLAGS) -Wno-shadow +@@ -1390,6 +1401,10 @@ + @rm -f pending$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(pending_OBJECTS) $(pending_LDADD) $(LIBS) + ++ppoll_alarm$(EXEEXT): $(ppoll_alarm_OBJECTS) $(ppoll_alarm_DEPENDENCIES) $(EXTRA_ppoll_alarm_DEPENDENCIES) ++ @rm -f ppoll_alarm$(EXEEXT) ++ $(AM_V_CCLD)$(LINK) $(ppoll_alarm_OBJECTS) $(ppoll_alarm_LDADD) $(LIBS) ++ + process_vm_readv_writev$(EXEEXT): $(process_vm_readv_writev_OBJECTS) $(process_vm_readv_writev_DEPENDENCIES) $(EXTRA_process_vm_readv_writev_DEPENDENCIES) + @rm -f process_vm_readv_writev$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(process_vm_readv_writev_OBJECTS) $(process_vm_readv_writev_LDADD) $(LIBS) +@@ -1398,6 +1413,10 @@ + @rm -f procfs-cmdline-exe$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(procfs_cmdline_exe_OBJECTS) $(procfs_cmdline_exe_LDADD) $(LIBS) + ++pselect_alarm$(EXEEXT): $(pselect_alarm_OBJECTS) $(pselect_alarm_DEPENDENCIES) $(EXTRA_pselect_alarm_DEPENDENCIES) ++ @rm -f pselect_alarm$(EXEEXT) ++ $(AM_V_CCLD)$(LINK) $(pselect_alarm_OBJECTS) $(pselect_alarm_LDADD) $(LIBS) ++ + pth_atfork1$(EXEEXT): $(pth_atfork1_OBJECTS) $(pth_atfork1_DEPENDENCIES) $(EXTRA_pth_atfork1_DEPENDENCIES) + @rm -f pth_atfork1$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(pth_atfork1_OBJECTS) $(pth_atfork1_LDADD) $(LIBS) +@@ -1607,8 +1626,10 @@ + @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/munmap_exe.Po@am__quote@ + @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/nestedfns-nestedfns.Po@am__quote@ + @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pending.Po@am__quote@ ++@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ppoll_alarm.Po@am__quote@ + @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/process_vm_readv_writev.Po@am__quote@ + @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/procfs-cmdline-exe.Po@am__quote@ ++@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pselect_alarm.Po@am__quote@ + @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pth_atfork1.Po@am__quote@ + @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pth_blockedsig.Po@am__quote@ + @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pth_cancel1-pth_cancel1.Po@am__quote@ diff --git a/valgrind.spec b/valgrind.spec index 36425ba..bffc718 100644 --- a/valgrind.spec +++ b/valgrind.spec @@ -114,6 +114,9 @@ Patch21: valgrind-3.11.0-s390-separate-socketcalls.patch # KDE#359733 amd64 implement ld.so strchr/index override like x86 Patch22: valgrind-3.11.0-amd64-ld-index.patch +# KDE#359871 Incorrect mask handling in ppoll +Patch23: valgrind-3.11.0-ppoll-mask.patch + %if %{build_multilib} # Ensure glibc{,-devel} is installed for both multilib arches BuildRequires: /lib/libc.so.6 /usr/lib/libc.so /lib64/libc.so.6 /usr/lib64/libc.so @@ -240,6 +243,7 @@ Valgrind User Manual for details. %patch20 -p1 %patch21 -p1 %patch22 -p1 +%patch23 -p1 %build # We need to use the software collection compiler and binutils if available. @@ -432,6 +436,9 @@ echo ===============END TESTING=============== %endif %changelog +* Wed Mar 09 2016 Mark Wielaard +- Add valgrind-3.11.0-ppoll-mask.patch + * Wed Feb 24 2016 Mark Wielaard - 3.11.0-15 - Add valgrind-3.11.0-s390-separate-socketcalls.patch - Add valgrind-3.11.0-amd64-ld-index.patch