https://bugs.kde.org/show_bug.cgi?id=483786
Bug ID: 483786 Summary: Incorrect parameter indexing in FreeBSD clock_nanosleep syscall wrapper Classification: Developer tools Product: valgrind Version: 3.22.0 Platform: Other OS: FreeBSD Status: REPORTED Severity: normal Priority: NOR Component: memcheck Assignee: jsew...@acm.org Reporter: kel...@ieee.org Target Milestone: --- Created attachment 167335 --> https://bugs.kde.org/attachment.cgi?id=167335&action=edit Patch In coregrind/m_syswrap/syswrap-freebsd.c, PRE(sys_clock_nanosleep) and POST(sys_clock_nanosleep) each refer to the struct timespec arguments of the syscall by the wrong indexes (using ARG1 and ARG2 instead of ARG3 and ARG4, respectively). The result is that errors in the third and fourth arguments to clock_nanosleep() are always missed, and spurious errors concerning those arguments are generated based on the values supplied to the first two arguments. The attached patch resolves the issue, as verified with the attached test program. The same bug does not appear in the Linux variant of this syscall wrapper. The attached test program was built using: cc -Wall -o valgrind-test valgrind-test.c The output of an unpatched 3.22.0 valgrind run of the test program is: $valgrind ./valgrind-test ==95892== Memcheck, a memory error detector ==95892== Copyright (C) 2002-2022, and GNU GPL'd, by Julian Seward et al. ==95892== Using Valgrind-3.22.0 and LibVEX; rerun with -h for copyright info ==95892== Command: ./valgrind-test ==95892== ==95892== Syscall param clock_nanosleep(rqtp) points to unaddressable byte(s) ==95892== at 0x4994F2A: __sys_clock_nanosleep (in /lib/libc.so.7) ==95892== by 0x20197A: valgrind_should_complain (in /usr/home/pkelsey/valgrind-test/valgrind-test) ==95892== by 0x201A2A: main (in /usr/home/pkelsey/valgrind-test/valgrind-test) ==95892== Address 0x4 is not stack'd, malloc'd or (recently) free'd ==95892== ==95892== Syscall param clock_nanosleep(rqtp) points to unaddressable byte(s) ==95892== at 0x4994F2A: __sys_clock_nanosleep (in /lib/libc.so.7) ==95892== by 0x2019BA: valgrind_should_not_complain (in /usr/home/pkelsey/valgrind-test/valgrind-test) ==95892== by 0x201A2F: main (in /usr/home/pkelsey/valgrind-test/valgrind-test) ==95892== Address 0x4 is not stack'd, malloc'd or (recently) free'd ==95892== ==95892== Syscall param clock_nanosleep(rqtp) points to unaddressable byte(s) ==95892== at 0x4994F2A: __sys_clock_nanosleep (in /lib/libc.so.7) ==95892== by 0x2019FD: valgrind_should_not_complain2 (in /usr/home/pkelsey/valgrind-test/valgrind-test) ==95892== by 0x201A34: main (in /usr/home/pkelsey/valgrind-test/valgrind-test) ==95892== Address 0x4 is not stack'd, malloc'd or (recently) free'd ==95892== ==95892== Syscall param clock_nanosleep(rmtp) points to unaddressable byte(s) ==95892== at 0x4994F2A: __sys_clock_nanosleep (in /lib/libc.so.7) ==95892== by 0x2019FD: valgrind_should_not_complain2 (in /usr/home/pkelsey/valgrind-test/valgrind-test) ==95892== by 0x201A34: main (in /usr/home/pkelsey/valgrind-test/valgrind-test) ==95892== Address 0x1 is not stack'd, malloc'd or (recently) free'd ==95892== ==95892== ==95892== HEAP SUMMARY: ==95892== in use at exit: 0 bytes in 0 blocks ==95892== total heap usage: 0 allocs, 0 frees, 0 bytes allocated ==95892== ==95892== All heap blocks were freed -- no leaks are possible ==95892== ==95892== For lists of detected and suppressed errors, rerun with: -s ==95892== ERROR SUMMARY: 4 errors from 4 contexts (suppressed: 0 from 0) The output of the patched 3.22.0 valgrind run of the test program is (with path differences to the patched binary elided): $valgrind ./valgrind-test ==95928== Memcheck, a memory error detector ==95928== Copyright (C) 2002-2022, and GNU GPL'd, by Julian Seward et al. ==95928== Using Valgrind-3.22.0 and LibVEX; rerun with -h for copyright info ==95928== Command: ./valgrind-test ==95928== ==95928== Syscall param clock_nanosleep(rqtp) points to uninitialised byte(s) ==95928== at 0x498CF2A: __sys_clock_nanosleep (in /lib/libc.so.7) ==95928== by 0x20197A: valgrind_should_complain (in /usr/home/pkelsey/valgrind-test/valgrind-test) ==95928== by 0x201A2A: main (in /usr/home/pkelsey/valgrind-test/valgrind-test) ==95928== Address 0x1ffc000990 is on thread 1's stack ==95928== in frame #1, created by valgrind_should_complain (???:) ==95928== ==95928== ==95928== HEAP SUMMARY: ==95928== in use at exit: 0 bytes in 0 blocks ==95928== total heap usage: 0 allocs, 0 frees, 0 bytes allocated ==95928== ==95928== All heap blocks were freed -- no leaks are possible ==95928== ==95928== Use --track-origins=yes to see where uninitialised values come from ==95928== For lists of detected and suppressed errors, rerun with: -s ==95928== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 0 from 0) -- You are receiving this mail because: You are watching all bug changes.