[DTrace-devel] [PATCH v4 06/10] alloca: bcopy
Kris Van Hees
kris.van.hees at oracle.com
Wed Apr 13 19:42:58 UTC 2022
Reviewed-by: Kris Van Hees <kris.van.hees at oracle.com
On Tue, Apr 12, 2022 at 11:59:05AM +0100, Nick Alcock wrote:
> This is fairly simple given the machinery already present: we just need
> to make sure the arguments are suitably alloca-tainted or non-tainted,
> then call dt_cg_alloca_access_check on the alloca pointer to bounds
> check it, and dt_cg_alloca_ptr to turn it into a real map_value pointer.
>
> Since we validate the destination address completely ourselves, if the
> underlying probe_read call fails we can even tell that it's a problem
> with the source pointer, and report the failing address appropriately.
>
> Signed-off-by: Nick Alcock <nick.alcock at oracle.com>
> Signed-off-by: Kris Van Hees <kris.van.hees at oracle.com>
> ---
> libdtrace/dt_cg.c | 68 ++++++++++++++++++-
> .../alloca/err.alloca-bcopy-before-beyond.d | 27 ++++++++
> .../alloca/err.alloca-bcopy-before-beyond.r | 3 +
> .../alloca/err.alloca-bcopy-before-bottom.d | 27 ++++++++
> .../alloca/err.alloca-bcopy-before-bottom.r | 3 +
> .../alloca/err.alloca-bcopy-beyond-top.d | 27 ++++++++
> .../alloca/err.alloca-bcopy-beyond-top.r | 3 +
> .../alloca/err.alloca-bcopy-crossing-bottom.d | 27 ++++++++
> .../alloca/err.alloca-bcopy-crossing-bottom.r | 3 +
> .../alloca/err.alloca-bcopy-crossing-top.d | 27 ++++++++
> .../alloca/err.alloca-bcopy-crossing-top.r | 3 +
> .../err.alloca-scratch-exceeding-bcopy.d | 36 ++++++++++
> .../err.alloca-scratch-exceeding-bcopy.r | 3 +
> .../funcs/alloca/tst.alloca-bcopy-top.d | 28 ++++++++
> .../funcs/alloca/tst.alloca-bcopy-top.r | 2 +
> .../alloca/tst.alloca-scratch-filling-bcopy.d | 31 +++++++++
> test/unittest/funcs/err.badbcopy.r | 4 ++
> test/unittest/funcs/err.badbcopy1.r | 3 +
> test/unittest/funcs/err.badbcopy2.r | 4 ++
> test/unittest/funcs/err.badbcopy3.r | 4 ++
> test/unittest/funcs/err.badbcopy4.d | 1 -
> test/unittest/funcs/err.badbcopy4.r | 2 +-
> test/unittest/funcs/err.badbcopy5.d | 1 -
> test/unittest/funcs/err.badbcopy5.r | 2 +-
> test/unittest/funcs/err.badbcopy6.d | 1 -
> test/unittest/funcs/err.badbcopy6.r | 2 +-
> .../funcs/{tst.bcopy.d => err.badbcopy7.d} | 17 ++---
> test/unittest/funcs/err.badbcopy7.r | 4 ++
> .../{err.badbcopy5.d => err.badbcopy8.d} | 13 ++--
> test/unittest/funcs/err.badbcopy8.r | 3 +
> test/unittest/funcs/tst.bcopy.d | 12 ++--
> 31 files changed, 361 insertions(+), 30 deletions(-)
> create mode 100644 test/unittest/funcs/alloca/err.alloca-bcopy-before-beyond.d
> create mode 100644 test/unittest/funcs/alloca/err.alloca-bcopy-before-beyond.r
> create mode 100644 test/unittest/funcs/alloca/err.alloca-bcopy-before-bottom.d
> create mode 100644 test/unittest/funcs/alloca/err.alloca-bcopy-before-bottom.r
> create mode 100644 test/unittest/funcs/alloca/err.alloca-bcopy-beyond-top.d
> create mode 100644 test/unittest/funcs/alloca/err.alloca-bcopy-beyond-top.r
> create mode 100644 test/unittest/funcs/alloca/err.alloca-bcopy-crossing-bottom.d
> create mode 100644 test/unittest/funcs/alloca/err.alloca-bcopy-crossing-bottom.r
> create mode 100644 test/unittest/funcs/alloca/err.alloca-bcopy-crossing-top.d
> create mode 100644 test/unittest/funcs/alloca/err.alloca-bcopy-crossing-top.r
> create mode 100644 test/unittest/funcs/alloca/err.alloca-scratch-exceeding-bcopy.d
> create mode 100644 test/unittest/funcs/alloca/err.alloca-scratch-exceeding-bcopy.r
> create mode 100644 test/unittest/funcs/alloca/tst.alloca-bcopy-top.d
> create mode 100644 test/unittest/funcs/alloca/tst.alloca-bcopy-top.r
> create mode 100644 test/unittest/funcs/alloca/tst.alloca-scratch-filling-bcopy.d
> create mode 100644 test/unittest/funcs/err.badbcopy.r
> create mode 100644 test/unittest/funcs/err.badbcopy1.r
> create mode 100644 test/unittest/funcs/err.badbcopy2.r
> create mode 100644 test/unittest/funcs/err.badbcopy3.r
> copy test/unittest/funcs/{tst.bcopy.d => err.badbcopy7.d} (64%)
> create mode 100644 test/unittest/funcs/err.badbcopy7.r
> copy test/unittest/funcs/{err.badbcopy5.d => err.badbcopy8.d} (63%)
> create mode 100644 test/unittest/funcs/err.badbcopy8.r
>
> diff --git a/libdtrace/dt_cg.c b/libdtrace/dt_cg.c
> index b1b498b30085..900b3381d02c 100644
> --- a/libdtrace/dt_cg.c
> +++ b/libdtrace/dt_cg.c
> @@ -4028,6 +4028,72 @@ dt_cg_subr_alloca(dt_node_t *dnp, dt_irlist_t *dlp, dt_regset_t *drp)
> TRACE_REGSET(" subr-alloca:End ");
> }
>
> +static void
> +dt_cg_subr_bcopy(dt_node_t *dnp, dt_irlist_t *dlp, dt_regset_t *drp)
> +{
> + dt_node_t *src = dnp->dn_args;
> + dt_node_t *dst = src->dn_list;
> + dt_node_t *size = dst->dn_list;
> + int maxsize = yypcb->pcb_hdl->dt_options[DTRACEOPT_SCRATCHSIZE];
> + uint_t lbl_badsize = dt_irlist_label(dlp);
> + uint_t lbl_ok = dt_irlist_label(dlp);
> +
> + TRACE_REGSET(" subr-bcopy:Begin");
> +
> + dt_cg_node(src, dlp, drp);
> + if (src->dn_flags & DT_NF_ALLOCA)
> + dnerror(src, D_PROTO_ARG,
> + "bcopy( ) argument #1 is incompatible with prototype:\n"
> + "\tprototype: non-alloca pointer\n"
> + "\t argument: alloca pointer\n");
> + dt_cg_check_notnull(dlp, drp, src->dn_reg);
> +
> + dt_cg_node(dst, dlp, drp);
> + if (!(dst->dn_flags & DT_NF_ALLOCA))
> + dnerror(dst, D_PROTO_ARG,
> + "bcopy( ) argument #2 is incompatible with prototype:\n"
> + "\tprototype: alloca pointer\n"
> + "\t argument: non-alloca pointer\n");
> + /* The dst will be NULL-checked in the alloca access check below. */
> +
> + dt_cg_node(size, dlp, drp);
> + emit(dlp, BPF_BRANCH_IMM(BPF_JSLT, size->dn_reg, 0, lbl_badsize));
> + emit(dlp, BPF_BRANCH_IMM(BPF_JGT, size->dn_reg, maxsize, lbl_badsize));
> +
> + dt_cg_alloca_access_check(dlp, drp, dst->dn_reg,
> + DT_ISREG, size->dn_reg);
> + dt_cg_alloca_ptr(dlp, drp, dst->dn_reg, dst->dn_reg);
> +
> + if (dt_regset_xalloc_args(drp) == -1)
> + longjmp(yypcb->pcb_jmpbuf, EDT_NOREG);
> +
> + emit(dlp, BPF_MOV_REG(BPF_REG_1, dst->dn_reg));
> + emit(dlp, BPF_MOV_REG(BPF_REG_2, size->dn_reg));
> + emit(dlp, BPF_MOV_REG(BPF_REG_3, src->dn_reg));
> + dt_regset_xalloc(drp, BPF_REG_0);
> + emit(dlp, BPF_CALL_HELPER(BPF_FUNC_probe_read));
> +
> + /*
> + * At this point the dst is validated, so any problem must be with
> + * the src address.
> + */
> + emit(dlp, BPF_BRANCH_IMM(BPF_JEQ, BPF_REG_0, 0, lbl_ok));
> + dt_regset_free(drp, BPF_REG_0);
> + dt_regset_free_args(drp);
> + dt_cg_probe_error(yypcb, DTRACEFLT_BADADDR, DT_ISREG, src->dn_reg);
> + emitl(dlp, lbl_badsize,
> + BPF_NOP());
> + dt_cg_probe_error(yypcb, DTRACEFLT_BADSIZE, DT_ISREG, size->dn_reg);
> + emitl(dlp, lbl_ok,
> + BPF_NOP());
> +
> + dt_regset_free(drp, src->dn_reg);
> + dt_regset_free(drp, dst->dn_reg);
> + dt_regset_free(drp, size->dn_reg);
> +
> + TRACE_REGSET(" subr-bcopy:End ");
> +}
> +
> static void
> dt_cg_subr_strchr(dt_node_t *dnp, dt_irlist_t *dlp, dt_regset_t *drp)
> {
> @@ -4502,7 +4568,7 @@ static dt_cg_subr_f *_dt_cg_subr[DIF_SUBR_MAX + 1] = {
> [DIF_SUBR_COPYOUT] = NULL,
> [DIF_SUBR_COPYOUTSTR] = NULL,
> [DIF_SUBR_ALLOCA] = &dt_cg_subr_alloca,
> - [DIF_SUBR_BCOPY] = NULL,
> + [DIF_SUBR_BCOPY] = &dt_cg_subr_bcopy,
> [DIF_SUBR_COPYINTO] = NULL,
> [DIF_SUBR_MSGDSIZE] = NULL,
> [DIF_SUBR_MSGSIZE] = NULL,
> diff --git a/test/unittest/funcs/alloca/err.alloca-bcopy-before-beyond.d b/test/unittest/funcs/alloca/err.alloca-bcopy-before-beyond.d
> new file mode 100644
> index 000000000000..332b265da83b
> --- /dev/null
> +++ b/test/unittest/funcs/alloca/err.alloca-bcopy-before-beyond.d
> @@ -0,0 +1,27 @@
> +/*
> + * Oracle Linux DTrace.
> + * Copyright (c) 2022, Oracle and/or its affiliates. All rights reserved.
> + * Licensed under the Universal Permissive License v 1.0 as shown at
> + * http://oss.oracle.com/licenses/upl.
> + */
> +
> +/*
> + * ASSERTION: bcopies overlapping the whole of alloca()ed memory fail.
> + *
> + * SECTION: Actions and Subroutines/alloca()
> + */
> +
> +#pragma D option quiet
> +
> +BEGIN
> +{
> + a = "0";
> + s = (char *)alloca(15);
> + bcopy(a, s-1, 17);
> + exit(0);
> +}
> +
> +ERROR
> +{
> + exit(1);
> +}
> diff --git a/test/unittest/funcs/alloca/err.alloca-bcopy-before-beyond.r b/test/unittest/funcs/alloca/err.alloca-bcopy-before-beyond.r
> new file mode 100644
> index 000000000000..187543b63023
> --- /dev/null
> +++ b/test/unittest/funcs/alloca/err.alloca-bcopy-before-beyond.r
> @@ -0,0 +1,3 @@
> +
> +-- @@stderr --
> +dtrace: error on enabled probe ID 3 (ID 1: dtrace:::BEGIN): invalid address ({ptr}) in action #1 at BPF pc NNN
> diff --git a/test/unittest/funcs/alloca/err.alloca-bcopy-before-bottom.d b/test/unittest/funcs/alloca/err.alloca-bcopy-before-bottom.d
> new file mode 100644
> index 000000000000..add768246489
> --- /dev/null
> +++ b/test/unittest/funcs/alloca/err.alloca-bcopy-before-bottom.d
> @@ -0,0 +1,27 @@
> +/*
> + * Oracle Linux DTrace.
> + * Copyright (c) 2022, Oracle and/or its affiliates. All rights reserved.
> + * Licensed under the Universal Permissive License v 1.0 as shown at
> + * http://oss.oracle.com/licenses/upl.
> + */
> +
> +/*
> + * ASSERTION: bcopies to before the bottom of alloca()ed memory fail.
> + *
> + * SECTION: Actions and Subroutines/alloca()
> + */
> +
> +#pragma D option quiet
> +
> +BEGIN
> +{
> + a = "0";
> + s = (char *)alloca(15);
> + bcopy(a, s-1, 1);
> + exit(0);
> +}
> +
> +ERROR
> +{
> + exit(1);
> +}
> diff --git a/test/unittest/funcs/alloca/err.alloca-bcopy-before-bottom.r b/test/unittest/funcs/alloca/err.alloca-bcopy-before-bottom.r
> new file mode 100644
> index 000000000000..187543b63023
> --- /dev/null
> +++ b/test/unittest/funcs/alloca/err.alloca-bcopy-before-bottom.r
> @@ -0,0 +1,3 @@
> +
> +-- @@stderr --
> +dtrace: error on enabled probe ID 3 (ID 1: dtrace:::BEGIN): invalid address ({ptr}) in action #1 at BPF pc NNN
> diff --git a/test/unittest/funcs/alloca/err.alloca-bcopy-beyond-top.d b/test/unittest/funcs/alloca/err.alloca-bcopy-beyond-top.d
> new file mode 100644
> index 000000000000..5ed1eaa50261
> --- /dev/null
> +++ b/test/unittest/funcs/alloca/err.alloca-bcopy-beyond-top.d
> @@ -0,0 +1,27 @@
> +/*
> + * Oracle Linux DTrace.
> + * Copyright (c) 2022, Oracle and/or its affiliates. All rights reserved.
> + * Licensed under the Universal Permissive License v 1.0 as shown at
> + * http://oss.oracle.com/licenses/upl.
> + */
> +
> +/*
> + * ASSERTION: bcopies to past the end of alloca()ed memory fail.
> + *
> + * SECTION: Actions and Subroutines/alloca()
> + */
> +
> +#pragma D option quiet
> +
> +BEGIN
> +{
> + a = "01";
> + s = (char *)alloca(16);
> + bcopy(a, &s[16], 1);
> + exit(0);
> +}
> +
> +ERROR
> +{
> + exit(1);
> +}
> diff --git a/test/unittest/funcs/alloca/err.alloca-bcopy-beyond-top.r b/test/unittest/funcs/alloca/err.alloca-bcopy-beyond-top.r
> new file mode 100644
> index 000000000000..187543b63023
> --- /dev/null
> +++ b/test/unittest/funcs/alloca/err.alloca-bcopy-beyond-top.r
> @@ -0,0 +1,3 @@
> +
> +-- @@stderr --
> +dtrace: error on enabled probe ID 3 (ID 1: dtrace:::BEGIN): invalid address ({ptr}) in action #1 at BPF pc NNN
> diff --git a/test/unittest/funcs/alloca/err.alloca-bcopy-crossing-bottom.d b/test/unittest/funcs/alloca/err.alloca-bcopy-crossing-bottom.d
> new file mode 100644
> index 000000000000..fa3a8d5c320c
> --- /dev/null
> +++ b/test/unittest/funcs/alloca/err.alloca-bcopy-crossing-bottom.d
> @@ -0,0 +1,27 @@
> +/*
> + * Oracle Linux DTrace.
> + * Copyright (c) 2022, Oracle and/or its affiliates. All rights reserved.
> + * Licensed under the Universal Permissive License v 1.0 as shown at
> + * http://oss.oracle.com/licenses/upl.
> + */
> +
> +/*
> + * ASSERTION: bcopies to across the bottom of alloca()ed memory fail.
> + *
> + * SECTION: Actions and Subroutines/alloca()
> + */
> +
> +#pragma D option quiet
> +
> +BEGIN
> +{
> + a = "01";
> + s = (char *)alloca(15);
> + bcopy(a, s-1, 2);
> + exit(0);
> +}
> +
> +ERROR
> +{
> + exit(1);
> +}
> diff --git a/test/unittest/funcs/alloca/err.alloca-bcopy-crossing-bottom.r b/test/unittest/funcs/alloca/err.alloca-bcopy-crossing-bottom.r
> new file mode 100644
> index 000000000000..187543b63023
> --- /dev/null
> +++ b/test/unittest/funcs/alloca/err.alloca-bcopy-crossing-bottom.r
> @@ -0,0 +1,3 @@
> +
> +-- @@stderr --
> +dtrace: error on enabled probe ID 3 (ID 1: dtrace:::BEGIN): invalid address ({ptr}) in action #1 at BPF pc NNN
> diff --git a/test/unittest/funcs/alloca/err.alloca-bcopy-crossing-top.d b/test/unittest/funcs/alloca/err.alloca-bcopy-crossing-top.d
> new file mode 100644
> index 000000000000..8d4e1609b119
> --- /dev/null
> +++ b/test/unittest/funcs/alloca/err.alloca-bcopy-crossing-top.d
> @@ -0,0 +1,27 @@
> +/*
> + * Oracle Linux DTrace.
> + * Copyright (c) 2022, Oracle and/or its affiliates. All rights reserved.
> + * Licensed under the Universal Permissive License v 1.0 as shown at
> + * http://oss.oracle.com/licenses/upl.
> + */
> +
> +/*
> + * ASSERTION: bcopies to across the end of alloca()ed memory fail.
> + *
> + * SECTION: Actions and Subroutines/alloca()
> + */
> +
> +#pragma D option quiet
> +
> +BEGIN
> +{
> + a = "01";
> + s = (char *)alloca(16);
> + bcopy(a, &s[15], 2);
> + exit(0);
> +}
> +
> +ERROR
> +{
> + exit(1);
> +}
> diff --git a/test/unittest/funcs/alloca/err.alloca-bcopy-crossing-top.r b/test/unittest/funcs/alloca/err.alloca-bcopy-crossing-top.r
> new file mode 100644
> index 000000000000..4257f5679dfd
> --- /dev/null
> +++ b/test/unittest/funcs/alloca/err.alloca-bcopy-crossing-top.r
> @@ -0,0 +1,3 @@
> +
> +-- @@stderr --
> +dtrace: error on enabled probe ID 3 (ID 1: dtrace:::BEGIN): invalid size ({ptr}) in action #1 at BPF pc NNN
> diff --git a/test/unittest/funcs/alloca/err.alloca-scratch-exceeding-bcopy.d b/test/unittest/funcs/alloca/err.alloca-scratch-exceeding-bcopy.d
> new file mode 100644
> index 000000000000..0d45362f968c
> --- /dev/null
> +++ b/test/unittest/funcs/alloca/err.alloca-scratch-exceeding-bcopy.d
> @@ -0,0 +1,36 @@
> +/*
> + * Oracle Linux DTrace.
> + * Copyright (c) 2022, Oracle and/or its affiliates. All rights reserved.
> + * Licensed under the Universal Permissive License v 1.0 as shown at
> + * http://oss.oracle.com/licenses/upl.
> + */
> +
> +/*
> + * ASSERTION: Exceeding the size of alloca()ed memory with a bcopy is an error.
> + *
> + * SECTION: Actions and Subroutines/alloca()
> + */
> +
> +/*
> + * Intentionally use an unaligned size, to make sure that errors are still
> + * emitted when accessing beyond the last byte when the size is not a
> + * multiple of the max type size.
> + */
> +
> +#pragma D option quiet
> +#pragma D option scratchsize=9
> +
> +string a;
> +
> +BEGIN
> +{
> + a = "0123456789abcdefgh";
> + s = (char *)alloca(9);
> + bcopy(a, s, 17);
> + exit((s[0] == '0' && s[16] == 'g') ? 0 : 1);
> +}
> +
> +ERROR
> +{
> + exit(1);
> +}
> diff --git a/test/unittest/funcs/alloca/err.alloca-scratch-exceeding-bcopy.r b/test/unittest/funcs/alloca/err.alloca-scratch-exceeding-bcopy.r
> new file mode 100644
> index 000000000000..4257f5679dfd
> --- /dev/null
> +++ b/test/unittest/funcs/alloca/err.alloca-scratch-exceeding-bcopy.r
> @@ -0,0 +1,3 @@
> +
> +-- @@stderr --
> +dtrace: error on enabled probe ID 3 (ID 1: dtrace:::BEGIN): invalid size ({ptr}) in action #1 at BPF pc NNN
> diff --git a/test/unittest/funcs/alloca/tst.alloca-bcopy-top.d b/test/unittest/funcs/alloca/tst.alloca-bcopy-top.d
> new file mode 100644
> index 000000000000..8ae269053c57
> --- /dev/null
> +++ b/test/unittest/funcs/alloca/tst.alloca-bcopy-top.d
> @@ -0,0 +1,28 @@
> +/*
> + * Oracle Linux DTrace.
> + * Copyright (c) 2022, Oracle and/or its affiliates. All rights reserved.
> + * Licensed under the Universal Permissive License v 1.0 as shown at
> + * http://oss.oracle.com/licenses/upl.
> + */
> +
> +/*
> + * ASSERTION: bcopies to the last byte of alloca()ed memory succeed.
> + *
> + * SECTION: Actions and Subroutines/alloca()
> + */
> +
> +#pragma D option quiet
> +
> +BEGIN
> +{
> + a = "0";
> + s = (char *)alloca(15);
> + bcopy(a, &s[14], 1);
> + printf("%c\n", s[14]);
> + exit(0);
> +}
> +
> +ERROR
> +{
> + exit(1);
> +}
> diff --git a/test/unittest/funcs/alloca/tst.alloca-bcopy-top.r b/test/unittest/funcs/alloca/tst.alloca-bcopy-top.r
> new file mode 100644
> index 000000000000..77ac542d4fbf
> --- /dev/null
> +++ b/test/unittest/funcs/alloca/tst.alloca-bcopy-top.r
> @@ -0,0 +1,2 @@
> +0
> +
> diff --git a/test/unittest/funcs/alloca/tst.alloca-scratch-filling-bcopy.d b/test/unittest/funcs/alloca/tst.alloca-scratch-filling-bcopy.d
> new file mode 100644
> index 000000000000..367b74c3aa7c
> --- /dev/null
> +++ b/test/unittest/funcs/alloca/tst.alloca-scratch-filling-bcopy.d
> @@ -0,0 +1,31 @@
> +/*
> + * Oracle Linux DTrace.
> + * Copyright (c) 2022, Oracle and/or its affiliates. All rights reserved.
> + * Licensed under the Universal Permissive License v 1.0 as shown at
> + * http://oss.oracle.com/licenses/upl.
> + */
> +
> +/*
> + * ASSERTION: It is possible to store and load structures that fill up
> + * alloca()ed memory.
> + *
> + * SECTION: Actions and Subroutines/alloca()
> + */
> +
> +#pragma D option quiet
> +#pragma D option scratchsize=8
> +
> +string a;
> +
> +BEGIN
> +{
> + a = "01234567";
> + s = (char *)alloca(8);
> + bcopy(a, s, 8);
> + exit((s[0] == '0' && s[7] == '7') ? 0 : 1);
> +}
> +
> +ERROR
> +{
> + exit(1);
> +}
> diff --git a/test/unittest/funcs/err.badbcopy.r b/test/unittest/funcs/err.badbcopy.r
> new file mode 100644
> index 000000000000..4044968637eb
> --- /dev/null
> +++ b/test/unittest/funcs/err.badbcopy.r
> @@ -0,0 +1,4 @@
> +-- @@stderr --
> +dtrace: failed to compile script test/unittest/funcs/err.badbcopy.d: line 26: bcopy( ) argument #1 is incompatible with prototype:
> + prototype: non-alloca pointer
> + argument: alloca pointer
> diff --git a/test/unittest/funcs/err.badbcopy1.r b/test/unittest/funcs/err.badbcopy1.r
> new file mode 100644
> index 000000000000..187543b63023
> --- /dev/null
> +++ b/test/unittest/funcs/err.badbcopy1.r
> @@ -0,0 +1,3 @@
> +
> +-- @@stderr --
> +dtrace: error on enabled probe ID 3 (ID 1: dtrace:::BEGIN): invalid address ({ptr}) in action #1 at BPF pc NNN
> diff --git a/test/unittest/funcs/err.badbcopy2.r b/test/unittest/funcs/err.badbcopy2.r
> new file mode 100644
> index 000000000000..fb3e346398ff
> --- /dev/null
> +++ b/test/unittest/funcs/err.badbcopy2.r
> @@ -0,0 +1,4 @@
> +-- @@stderr --
> +dtrace: failed to compile script test/unittest/funcs/err.badbcopy2.d: line 25: bcopy( ) argument #2 is incompatible with prototype:
> + prototype: alloca pointer
> + argument: non-alloca pointer
> diff --git a/test/unittest/funcs/err.badbcopy3.r b/test/unittest/funcs/err.badbcopy3.r
> new file mode 100644
> index 000000000000..95dfe2bf58ac
> --- /dev/null
> +++ b/test/unittest/funcs/err.badbcopy3.r
> @@ -0,0 +1,4 @@
> +-- @@stderr --
> +dtrace: failed to compile script test/unittest/funcs/err.badbcopy3.d: line 22: bcopy( ) argument #2 is incompatible with prototype:
> + prototype: alloca pointer
> + argument: non-alloca pointer
> diff --git a/test/unittest/funcs/err.badbcopy4.d b/test/unittest/funcs/err.badbcopy4.d
> index 842b72709dc1..8237d8463b7f 100644
> --- a/test/unittest/funcs/err.badbcopy4.d
> +++ b/test/unittest/funcs/err.badbcopy4.d
> @@ -4,7 +4,6 @@
> * Licensed under the Universal Permissive License v 1.0 as shown at
> * http://oss.oracle.com/licenses/upl.
> */
> -/* @@xfail: dtv2 */
>
> /*
> * ASSERTION:
> diff --git a/test/unittest/funcs/err.badbcopy4.r b/test/unittest/funcs/err.badbcopy4.r
> index 81695e6b2a12..187543b63023 100644
> --- a/test/unittest/funcs/err.badbcopy4.r
> +++ b/test/unittest/funcs/err.badbcopy4.r
> @@ -1,3 +1,3 @@
>
> -- @@stderr --
> -dtrace: error on enabled probe ID 1 (ID 1: dtrace:::BEGIN): invalid address ({ptr}) in action #2 at DIF offset 52
> +dtrace: error on enabled probe ID 3 (ID 1: dtrace:::BEGIN): invalid address ({ptr}) in action #1 at BPF pc NNN
> diff --git a/test/unittest/funcs/err.badbcopy5.d b/test/unittest/funcs/err.badbcopy5.d
> index de8001a809fc..3c05ec8a97dd 100644
> --- a/test/unittest/funcs/err.badbcopy5.d
> +++ b/test/unittest/funcs/err.badbcopy5.d
> @@ -4,7 +4,6 @@
> * Licensed under the Universal Permissive License v 1.0 as shown at
> * http://oss.oracle.com/licenses/upl.
> */
> -/* @@xfail: dtv2 */
>
> /*
> * ASSERTION:
> diff --git a/test/unittest/funcs/err.badbcopy5.r b/test/unittest/funcs/err.badbcopy5.r
> index cb8d73ffed0d..187543b63023 100644
> --- a/test/unittest/funcs/err.badbcopy5.r
> +++ b/test/unittest/funcs/err.badbcopy5.r
> @@ -1,3 +1,3 @@
>
> -- @@stderr --
> -dtrace: error on enabled probe ID 1 (ID 1: dtrace:::BEGIN): invalid address ({ptr}) in action #2 at DIF offset 40
> +dtrace: error on enabled probe ID 3 (ID 1: dtrace:::BEGIN): invalid address ({ptr}) in action #1 at BPF pc NNN
> diff --git a/test/unittest/funcs/err.badbcopy6.d b/test/unittest/funcs/err.badbcopy6.d
> index 17ae9785fb3f..6d1792809970 100644
> --- a/test/unittest/funcs/err.badbcopy6.d
> +++ b/test/unittest/funcs/err.badbcopy6.d
> @@ -4,7 +4,6 @@
> * Licensed under the Universal Permissive License v 1.0 as shown at
> * http://oss.oracle.com/licenses/upl.
> */
> -/* @@xfail: dtv2 */
>
> #pragma D option quiet
>
> diff --git a/test/unittest/funcs/err.badbcopy6.r b/test/unittest/funcs/err.badbcopy6.r
> index 9ff5e81e9ca9..4257f5679dfd 100644
> --- a/test/unittest/funcs/err.badbcopy6.r
> +++ b/test/unittest/funcs/err.badbcopy6.r
> @@ -1,3 +1,3 @@
>
> -- @@stderr --
> -dtrace: error on enabled probe ID 1 (ID 1: dtrace:::BEGIN): invalid address ({ptr}) in action #1 at DIF offset 92 at BPF pc NNN
> +dtrace: error on enabled probe ID 3 (ID 1: dtrace:::BEGIN): invalid size ({ptr}) in action #1 at BPF pc NNN
> diff --git a/test/unittest/funcs/tst.bcopy.d b/test/unittest/funcs/err.badbcopy7.d
> similarity index 64%
> copy from test/unittest/funcs/tst.bcopy.d
> copy to test/unittest/funcs/err.badbcopy7.d
> index 8e6b6ac40bb7..3fd5fc271f58 100644
> --- a/test/unittest/funcs/tst.bcopy.d
> +++ b/test/unittest/funcs/err.badbcopy7.d
> @@ -4,11 +4,10 @@
> * Licensed under the Universal Permissive License v 1.0 as shown at
> * http://oss.oracle.com/licenses/upl.
> */
> -/* @@xfail: dtv2 */
>
> /*
> * ASSERTION:
> - * bcopy should copy from one memory location to another
> + * bcopy should not copy when the source is scratch space
> *
> * SECTION: Actions and Subroutines/alloca();
> * Actions and Subroutines/bcopy()
> @@ -22,20 +21,12 @@ BEGIN
> {
> ptr = alloca(sizeof(unsigned long));
> bcopy((void *)&`max_pfn, ptr, sizeof(unsigned long));
> - ulongp = (unsigned long *)ptr;
> - ret = (`max_pfn == *ulongp) ? 0 : 1;
> -}
> -
> -tick-1
> -/ret == 0/
> -{
> + ptr2 = alloca(sizeof(unsigned long));
> + bcopy(ptr, ptr2, sizeof(unsigned long));
> exit(0);
> }
>
> -tick-1
> -/ret == 1/
> +ERROR
> {
> - printf("memory address contained 0x%x, expected 0x%x\n",
> - *ulongp, `max_pfn);
> exit(1);
> }
> diff --git a/test/unittest/funcs/err.badbcopy7.r b/test/unittest/funcs/err.badbcopy7.r
> new file mode 100644
> index 000000000000..37e915634d2a
> --- /dev/null
> +++ b/test/unittest/funcs/err.badbcopy7.r
> @@ -0,0 +1,4 @@
> +-- @@stderr --
> +dtrace: failed to compile script test/unittest/funcs/err.badbcopy7.d: line 25: bcopy( ) argument #1 is incompatible with prototype:
> + prototype: non-alloca pointer
> + argument: alloca pointer
> diff --git a/test/unittest/funcs/err.badbcopy5.d b/test/unittest/funcs/err.badbcopy8.d
> similarity index 63%
> copy from test/unittest/funcs/err.badbcopy5.d
> copy to test/unittest/funcs/err.badbcopy8.d
> index de8001a809fc..768886fcba82 100644
> --- a/test/unittest/funcs/err.badbcopy5.d
> +++ b/test/unittest/funcs/err.badbcopy8.d
> @@ -4,12 +4,11 @@
> * Licensed under the Universal Permissive License v 1.0 as shown at
> * http://oss.oracle.com/licenses/upl.
> */
> -/* @@xfail: dtv2 */
>
> /*
> * ASSERTION:
> * bcopy should not copy from one memory location to another
> - * if the source memory location is not valid.
> + * if the copy size is very large.
> *
> * SECTION: Actions and Subroutines/alloca();
> * Actions and Subroutines/bcopy()
> @@ -17,15 +16,17 @@
> */
>
> #pragma D option quiet
> +#pragma D option scratchsize=256
>
> -int *badptr;
>
> BEGIN
> {
> - ptr = alloca(sizeof(int));
> + ptr = alloca(20);
>
> - /* Attempt to copy from a invalid address */
> - bcopy(badptr, ptr, sizeof(int));
> + /* Attempt to bcopy to scratch memory that isn't allocated,
> + with a max exceeding the verifier-checked bound of
> + 2*scratchsize. */
> + bcopy((void *)&`max_pfn, ptr, 2048000);
> exit(0);
> }
>
> diff --git a/test/unittest/funcs/err.badbcopy8.r b/test/unittest/funcs/err.badbcopy8.r
> new file mode 100644
> index 000000000000..4257f5679dfd
> --- /dev/null
> +++ b/test/unittest/funcs/err.badbcopy8.r
> @@ -0,0 +1,3 @@
> +
> +-- @@stderr --
> +dtrace: error on enabled probe ID 3 (ID 1: dtrace:::BEGIN): invalid size ({ptr}) in action #1 at BPF pc NNN
> diff --git a/test/unittest/funcs/tst.bcopy.d b/test/unittest/funcs/tst.bcopy.d
> index 8e6b6ac40bb7..bc664f0a387c 100644
> --- a/test/unittest/funcs/tst.bcopy.d
> +++ b/test/unittest/funcs/tst.bcopy.d
> @@ -4,7 +4,6 @@
> * Licensed under the Universal Permissive License v 1.0 as shown at
> * http://oss.oracle.com/licenses/upl.
> */
> -/* @@xfail: dtv2 */
>
> /*
> * ASSERTION:
> @@ -23,7 +22,10 @@ BEGIN
> ptr = alloca(sizeof(unsigned long));
> bcopy((void *)&`max_pfn, ptr, sizeof(unsigned long));
> ulongp = (unsigned long *)ptr;
> - ret = (`max_pfn == *ulongp) ? 0 : 1;
> + /* DTv2: doing this needs deref-implies-copyin, which isn't there yet. */
> +/* ret = (`max_pfn == *ulongp) ? 0 : 1; */
> + ret = *ulongp; ret = 0;
> + ulong_deref = *ulongp;
> }
>
> tick-1
> @@ -35,7 +37,9 @@ tick-1
> tick-1
> /ret == 1/
> {
> - printf("memory address contained 0x%x, expected 0x%x\n",
> - *ulongp, `max_pfn);
> + /* DTdv2: this error message has the same problem. */
> +/* printf("memory address contained 0x%x, expected 0x%x\n",
> + ulong_deref, `max_pfn); */
> + printf("memory address contained wrong contents\n");
> exit(1);
> }
> --
> 2.35.1
More information about the DTrace-devel
mailing list