Bug 369360

Summary: Bad sigprocmask old or new sets can crash valgrind
Product: [Developer tools] valgrind Reporter: Mark Wielaard <mark>
Component: generalAssignee: Julian Seward <jseward>
Status: RESOLVED FIXED    
Severity: normal    
Priority: NOR    
Version First Reported In: unspecified   
Target Milestone: ---   
Platform: Other   
OS: Linux   
Latest Commit: Version Fixed/Implemented In:
Sentry Crash Report:
Attachments: Fix crash when old/new sigprocmask isn't safe to dereference

Description Mark Wielaard 2016-09-25 22:17:46 UTC 
LTP testcases/kernel/syscalls/rt_sigprocmask/rt_sigprocmask02 crashes valgrind:

==29826== Syscall param rt_sigprocmask(oldset) points to unaddressable byte(s)
==29826==    at 0x4F25BF9: syscall (syscall.S:38)
==29826==    by 0x402712: main (rt_sigprocmask02.c:107)
==29826==  Address 0xffffffffffffffff is not stack'd, malloc'd or (recently) free'd
==29826== 
--29826-- VALGRIND INTERNAL ERROR: Valgrind received a signal 11 (SIGSEGV) - exiting
--29826-- si_code=1;  Faulting address: 0xFFFFFFFFFFFFFFFF;  sp: 0x80327ad40

valgrind: the 'impossible' happened:
   Killed by fatal signal

host stacktrace:
==29826==    at 0x380534BD: do_setmask (m_signals.c:1352)
==29826==    by 0x380534BD: vgPlain_do_sys_sigprocmask (m_signals.c:1375)
==29826==    by 0x380AF5F1: vgSysWrap_linux_sys_rt_sigprocmask_before (syswrap-linux.c:3414)
==29826==    by 0x38092CDF: vgPlain_client_syscall (syswrap-main.c:1906)
==29826==    by 0x3808F8B2: handle_syscall (scheduler.c:1118)
==29826==    by 0x38090E76: vgPlain_scheduler (scheduler.c:1435)
==29826==    by 0x380A027A: thread_wrapper (syswrap-linux.c:103)
==29826==    by 0x380A027A: run_a_thread_NORETURN (syswrap-linux.c:156)


Reproducible: Always
Comment 1 Mark Wielaard 2016-09-25 22:19:23 UTC 
Created attachment 101288 [details]
Fix crash when old/new sigprocmask isn't safe to dereference

Since we want to use the set and oldset for bookkeeping we also want
to make sure they are addressable otherwise, like the kernel, we EFAULT.
Also use EINVAL instead of EMFILE as failure when sigset size is wrong.
Comment 2 Mark Wielaard 2016-10-01 11:59:37 UTC 
valgrind svn r15992