https://bugs.kde.org/show_bug.cgi?id=510200
--- Comment #8 from [email protected] --- mc_is_defined_asciiz() seems to try hard not to examine the actual bytes (which is what my recently proposed patch does). The fact, that I can dereference the characters at positions bigger than VKI_PATH_MAX in my test case with GDB, as shown, but it SEGVS under valgrind probably means that the SEGV is consequence of some valgrind emulation specific check, probably stepping out of some allowed buffer. The string length constraint is specific to given syscall, so I assume it will need to be addressed somewhere in the PRE wrapper, just like PRE(sys_openat) or PRE(sys_open) do that. These wrappers mention // we need something like a "ML_(safe_to_deref_path)" that does a binary search for the addressable length, and maybe nul, which is probably related. This makes me think that my recent patch is probably doing the right thing in right place, but not really sure. Related files seem to be coregrind/m_aspacemgr/aspacemgr-common.c and coregrind/m_aspacemgr/aspacemgr-linux.c but I'm not quite getting what happens there yet. > Could you explain exactly what caused the crash? Honestly, although I think I kind of get some context here, I'm still puzzled. -- You are receiving this mail because: You are watching all bug changes.
