[valgrind] [Bug 506970] mmap needs an EBADF fd_allowed check

2025-07-17 Thread Mark Wielaard 
https://bugs.kde.org/show_bug.cgi?id=506970

Mark Wielaard  changed:

   What|Removed |Added

 Resolution|--- |FIXED
 Status|CONFIRMED   |RESOLVED

--- Comment #2 from Mark Wielaard  ---
commit bd1e857cd493f4d1e64c3f5ae1061650644c666b
Author: Mark Wielaard 
Date:   Wed Jul 16 02:45:39 2025 +0200

Check mmap fd is valid, if used, and fail early with EBADF if not

mmap should fail with EBADF if the given fd is bad (or used by valgrind
itself) when used (flags does not contain MAP_ANONYMOUS).

Check both with ML_(fd_allowed) (which might only warn) and fcntl
(VKI_F_GETFD) to see if the file descriptor is valid. Fail early so
the address space manager and the actual mmap call don't do
unnecessary work (and might fail with a different error code).

This fixes the LTP mmap08 testcase.

https://bugs.kde.org/show_bug.cgi?id=506970

-- 
You are receiving this mail because:
You are watching all bug changes.

[valgrind] [Bug 506970] mmap needs an EBADF fd_allowed check

2025-07-16 Thread Mark Wielaard 
https://bugs.kde.org/show_bug.cgi?id=506970

Mark Wielaard  changed:

   What|Removed |Added

 Status|REPORTED|CONFIRMED
 Ever confirmed|0   |1

--- Comment #1 from Mark Wielaard  ---
Proposed patch
https://code.wildebeest.org/git/user/mjw/valgrind/commit/?h=mmap-fd-check

diff --git a/coregrind/m_syswrap/syswrap-generic.c
b/coregrind/m_syswrap/syswrap-generic.c
index 50415a2fa..2ba3ca9df 100644
--- a/coregrind/m_syswrap/syswrap-generic.c
+++ b/coregrind/m_syswrap/syswrap-generic.c
@@ -2653,6 +2653,12 @@ ML_(generic_PRE_sys_mmap) ( ThreadId tid,
VG_(core_panic)("can't use ML_(generic_PRE_sys_mmap) on Darwin");
 #  endif

+   if (!(arg4 & VKI_MAP_ANONYMOUS)
+   && (!ML_(fd_allowed)(arg5, "mmap", tid, False)
+   || VG_(fcntl) (arg5, VKI_F_GETFD, 0) < 0)) {
+  return VG_(mk_SysRes_Error)( VKI_EBADF );
+   }
+
if (arg2 == 0) {
   /* SuSV3 says: If len is zero, mmap() shall fail and no mapping
  shall be established. */

Seems to do as expected, if you know that arg4 is flags, arg5 is fd, that if
flags contains MAP_ANONYMOUS fd is ignored and that ML_(fd_allowed) might just
warn (with --track-fds), so checking with fcntl (F_GETFD) is needed to know if
it really is a bad fd.

Will add a comment with the above.

-- 
You are receiving this mail because:
You are watching all bug changes.

[valgrind] [Bug 506970] mmap needs an EBADF fd_allowed check

2025-07-12 Thread Mark Wielaard 
https://bugs.kde.org/show_bug.cgi?id=506970

Mark Wielaard  changed:

   What|Removed |Added

 Blocks||506971


Referenced Bugs:

https://bugs.kde.org/show_bug.cgi?id=506971
[Bug 506971] LTP 20250530 amd64 meta bug
-- 
You are receiving this mail because:
You are watching all bug changes.