[DTrace-devel] [PATCH v5 06/10] alloca: bcopy
Nick Alcock
nick.alcock at oracle.com
Thu Apr 14 13:26:02 UTC 2022
This is fairly simple given the machinery already present: we just need
to make sure the arguments are suitably alloca-tainted or non-tainted,
then call dt_cg_alloca_access_check on the alloca pointer to bounds
check it, and dt_cg_alloca_ptr to turn it into a real map_value pointer.
Since we validate the destination address completely ourselves, if the
underlying probe_read call fails we can even tell that it's a problem
with the source pointer, and report the failing address appropriately.
Signed-off-by: Nick Alcock <nick.alcock at oracle.com>
Signed-off-by: Kris Van Hees <kris.van.hees at oracle.com>
Reviewed-by: Kris Van Hees <kris.van.hees at oracle.com>
---
libdtrace/dt_cg.c | 68 ++++++++++++++++++-
.../alloca/err.alloca-bcopy-before-beyond.d | 27 ++++++++
.../alloca/err.alloca-bcopy-before-beyond.r | 3 +
.../alloca/err.alloca-bcopy-before-bottom.d | 27 ++++++++
.../alloca/err.alloca-bcopy-before-bottom.r | 3 +
.../alloca/err.alloca-bcopy-beyond-top.d | 27 ++++++++
.../alloca/err.alloca-bcopy-beyond-top.r | 3 +
.../alloca/err.alloca-bcopy-crossing-bottom.d | 27 ++++++++
.../alloca/err.alloca-bcopy-crossing-bottom.r | 3 +
.../alloca/err.alloca-bcopy-crossing-top.d | 27 ++++++++
.../alloca/err.alloca-bcopy-crossing-top.r | 3 +
.../err.alloca-scratch-exceeding-bcopy.d | 36 ++++++++++
.../err.alloca-scratch-exceeding-bcopy.r | 3 +
.../funcs/alloca/tst.alloca-bcopy-top.d | 28 ++++++++
.../funcs/alloca/tst.alloca-bcopy-top.r | 2 +
.../alloca/tst.alloca-scratch-filling-bcopy.d | 31 +++++++++
test/unittest/funcs/err.badbcopy.r | 4 ++
test/unittest/funcs/err.badbcopy1.r | 3 +
test/unittest/funcs/err.badbcopy2.r | 4 ++
test/unittest/funcs/err.badbcopy3.r | 4 ++
test/unittest/funcs/err.badbcopy4.d | 1 -
test/unittest/funcs/err.badbcopy4.r | 2 +-
test/unittest/funcs/err.badbcopy5.d | 1 -
test/unittest/funcs/err.badbcopy5.r | 2 +-
test/unittest/funcs/err.badbcopy6.d | 1 -
test/unittest/funcs/err.badbcopy6.r | 2 +-
.../funcs/{tst.bcopy.d => err.badbcopy7.d} | 17 ++---
test/unittest/funcs/err.badbcopy7.r | 4 ++
.../{err.badbcopy5.d => err.badbcopy8.d} | 13 ++--
test/unittest/funcs/err.badbcopy8.r | 3 +
test/unittest/funcs/tst.bcopy.d | 12 ++--
31 files changed, 361 insertions(+), 30 deletions(-)
create mode 100644 test/unittest/funcs/alloca/err.alloca-bcopy-before-beyond.d
create mode 100644 test/unittest/funcs/alloca/err.alloca-bcopy-before-beyond.r
create mode 100644 test/unittest/funcs/alloca/err.alloca-bcopy-before-bottom.d
create mode 100644 test/unittest/funcs/alloca/err.alloca-bcopy-before-bottom.r
create mode 100644 test/unittest/funcs/alloca/err.alloca-bcopy-beyond-top.d
create mode 100644 test/unittest/funcs/alloca/err.alloca-bcopy-beyond-top.r
create mode 100644 test/unittest/funcs/alloca/err.alloca-bcopy-crossing-bottom.d
create mode 100644 test/unittest/funcs/alloca/err.alloca-bcopy-crossing-bottom.r
create mode 100644 test/unittest/funcs/alloca/err.alloca-bcopy-crossing-top.d
create mode 100644 test/unittest/funcs/alloca/err.alloca-bcopy-crossing-top.r
create mode 100644 test/unittest/funcs/alloca/err.alloca-scratch-exceeding-bcopy.d
create mode 100644 test/unittest/funcs/alloca/err.alloca-scratch-exceeding-bcopy.r
create mode 100644 test/unittest/funcs/alloca/tst.alloca-bcopy-top.d
create mode 100644 test/unittest/funcs/alloca/tst.alloca-bcopy-top.r
create mode 100644 test/unittest/funcs/alloca/tst.alloca-scratch-filling-bcopy.d
create mode 100644 test/unittest/funcs/err.badbcopy.r
create mode 100644 test/unittest/funcs/err.badbcopy1.r
create mode 100644 test/unittest/funcs/err.badbcopy2.r
create mode 100644 test/unittest/funcs/err.badbcopy3.r
copy test/unittest/funcs/{tst.bcopy.d => err.badbcopy7.d} (64%)
create mode 100644 test/unittest/funcs/err.badbcopy7.r
copy test/unittest/funcs/{err.badbcopy5.d => err.badbcopy8.d} (63%)
create mode 100644 test/unittest/funcs/err.badbcopy8.r
diff --git a/libdtrace/dt_cg.c b/libdtrace/dt_cg.c
index 5c28d23f3eb3..87dc836e9033 100644
--- a/libdtrace/dt_cg.c
+++ b/libdtrace/dt_cg.c
@@ -4030,6 +4030,72 @@ dt_cg_subr_alloca(dt_node_t *dnp, dt_irlist_t *dlp, dt_regset_t *drp)
TRACE_REGSET(" subr-alloca:End ");
}
+static void
+dt_cg_subr_bcopy(dt_node_t *dnp, dt_irlist_t *dlp, dt_regset_t *drp)
+{
+ dt_node_t *src = dnp->dn_args;
+ dt_node_t *dst = src->dn_list;
+ dt_node_t *size = dst->dn_list;
+ int maxsize = yypcb->pcb_hdl->dt_options[DTRACEOPT_SCRATCHSIZE];
+ uint_t lbl_badsize = dt_irlist_label(dlp);
+ uint_t lbl_ok = dt_irlist_label(dlp);
+
+ TRACE_REGSET(" subr-bcopy:Begin");
+
+ dt_cg_node(src, dlp, drp);
+ if (src->dn_flags & DT_NF_ALLOCA)
+ dnerror(src, D_PROTO_ARG,
+ "bcopy( ) argument #1 is incompatible with prototype:\n"
+ "\tprototype: non-alloca pointer\n"
+ "\t argument: alloca pointer\n");
+ dt_cg_check_notnull(dlp, drp, src->dn_reg);
+
+ dt_cg_node(dst, dlp, drp);
+ if (!(dst->dn_flags & DT_NF_ALLOCA))
+ dnerror(dst, D_PROTO_ARG,
+ "bcopy( ) argument #2 is incompatible with prototype:\n"
+ "\tprototype: alloca pointer\n"
+ "\t argument: non-alloca pointer\n");
+ /* The dst will be NULL-checked in the alloca access check below. */
+
+ dt_cg_node(size, dlp, drp);
+ emit(dlp, BPF_BRANCH_IMM(BPF_JSLT, size->dn_reg, 0, lbl_badsize));
+ emit(dlp, BPF_BRANCH_IMM(BPF_JGT, size->dn_reg, maxsize, lbl_badsize));
+
+ dt_cg_alloca_access_check(dlp, drp, dst->dn_reg,
+ DT_ISREG, size->dn_reg);
+ dt_cg_alloca_ptr(dlp, drp, dst->dn_reg, dst->dn_reg);
+
+ if (dt_regset_xalloc_args(drp) == -1)
+ longjmp(yypcb->pcb_jmpbuf, EDT_NOREG);
+
+ emit(dlp, BPF_MOV_REG(BPF_REG_1, dst->dn_reg));
+ emit(dlp, BPF_MOV_REG(BPF_REG_2, size->dn_reg));
+ emit(dlp, BPF_MOV_REG(BPF_REG_3, src->dn_reg));
+ dt_regset_xalloc(drp, BPF_REG_0);
+ emit(dlp, BPF_CALL_HELPER(BPF_FUNC_probe_read));
+
+ /*
+ * At this point the dst is validated, so any problem must be with
+ * the src address.
+ */
+ emit(dlp, BPF_BRANCH_IMM(BPF_JEQ, BPF_REG_0, 0, lbl_ok));
+ dt_regset_free(drp, BPF_REG_0);
+ dt_regset_free_args(drp);
+ dt_cg_probe_error(yypcb, DTRACEFLT_BADADDR, DT_ISREG, src->dn_reg);
+ emitl(dlp, lbl_badsize,
+ BPF_NOP());
+ dt_cg_probe_error(yypcb, DTRACEFLT_BADSIZE, DT_ISREG, size->dn_reg);
+ emitl(dlp, lbl_ok,
+ BPF_NOP());
+
+ dt_regset_free(drp, src->dn_reg);
+ dt_regset_free(drp, dst->dn_reg);
+ dt_regset_free(drp, size->dn_reg);
+
+ TRACE_REGSET(" subr-bcopy:End ");
+}
+
static void
dt_cg_subr_strchr(dt_node_t *dnp, dt_irlist_t *dlp, dt_regset_t *drp)
{
@@ -4504,7 +4570,7 @@ static dt_cg_subr_f *_dt_cg_subr[DIF_SUBR_MAX + 1] = {
[DIF_SUBR_COPYOUT] = NULL,
[DIF_SUBR_COPYOUTSTR] = NULL,
[DIF_SUBR_ALLOCA] = &dt_cg_subr_alloca,
- [DIF_SUBR_BCOPY] = NULL,
+ [DIF_SUBR_BCOPY] = &dt_cg_subr_bcopy,
[DIF_SUBR_COPYINTO] = NULL,
[DIF_SUBR_MSGDSIZE] = NULL,
[DIF_SUBR_MSGSIZE] = NULL,
diff --git a/test/unittest/funcs/alloca/err.alloca-bcopy-before-beyond.d b/test/unittest/funcs/alloca/err.alloca-bcopy-before-beyond.d
new file mode 100644
index 000000000000..332b265da83b
--- /dev/null
+++ b/test/unittest/funcs/alloca/err.alloca-bcopy-before-beyond.d
@@ -0,0 +1,27 @@
+/*
+ * Oracle Linux DTrace.
+ * Copyright (c) 2022, Oracle and/or its affiliates. All rights reserved.
+ * Licensed under the Universal Permissive License v 1.0 as shown at
+ * http://oss.oracle.com/licenses/upl.
+ */
+
+/*
+ * ASSERTION: bcopies overlapping the whole of alloca()ed memory fail.
+ *
+ * SECTION: Actions and Subroutines/alloca()
+ */
+
+#pragma D option quiet
+
+BEGIN
+{
+ a = "0";
+ s = (char *)alloca(15);
+ bcopy(a, s-1, 17);
+ exit(0);
+}
+
+ERROR
+{
+ exit(1);
+}
diff --git a/test/unittest/funcs/alloca/err.alloca-bcopy-before-beyond.r b/test/unittest/funcs/alloca/err.alloca-bcopy-before-beyond.r
new file mode 100644
index 000000000000..187543b63023
--- /dev/null
+++ b/test/unittest/funcs/alloca/err.alloca-bcopy-before-beyond.r
@@ -0,0 +1,3 @@
+
+-- @@stderr --
+dtrace: error on enabled probe ID 3 (ID 1: dtrace:::BEGIN): invalid address ({ptr}) in action #1 at BPF pc NNN
diff --git a/test/unittest/funcs/alloca/err.alloca-bcopy-before-bottom.d b/test/unittest/funcs/alloca/err.alloca-bcopy-before-bottom.d
new file mode 100644
index 000000000000..add768246489
--- /dev/null
+++ b/test/unittest/funcs/alloca/err.alloca-bcopy-before-bottom.d
@@ -0,0 +1,27 @@
+/*
+ * Oracle Linux DTrace.
+ * Copyright (c) 2022, Oracle and/or its affiliates. All rights reserved.
+ * Licensed under the Universal Permissive License v 1.0 as shown at
+ * http://oss.oracle.com/licenses/upl.
+ */
+
+/*
+ * ASSERTION: bcopies to before the bottom of alloca()ed memory fail.
+ *
+ * SECTION: Actions and Subroutines/alloca()
+ */
+
+#pragma D option quiet
+
+BEGIN
+{
+ a = "0";
+ s = (char *)alloca(15);
+ bcopy(a, s-1, 1);
+ exit(0);
+}
+
+ERROR
+{
+ exit(1);
+}
diff --git a/test/unittest/funcs/alloca/err.alloca-bcopy-before-bottom.r b/test/unittest/funcs/alloca/err.alloca-bcopy-before-bottom.r
new file mode 100644
index 000000000000..187543b63023
--- /dev/null
+++ b/test/unittest/funcs/alloca/err.alloca-bcopy-before-bottom.r
@@ -0,0 +1,3 @@
+
+-- @@stderr --
+dtrace: error on enabled probe ID 3 (ID 1: dtrace:::BEGIN): invalid address ({ptr}) in action #1 at BPF pc NNN
diff --git a/test/unittest/funcs/alloca/err.alloca-bcopy-beyond-top.d b/test/unittest/funcs/alloca/err.alloca-bcopy-beyond-top.d
new file mode 100644
index 000000000000..5ed1eaa50261
--- /dev/null
+++ b/test/unittest/funcs/alloca/err.alloca-bcopy-beyond-top.d
@@ -0,0 +1,27 @@
+/*
+ * Oracle Linux DTrace.
+ * Copyright (c) 2022, Oracle and/or its affiliates. All rights reserved.
+ * Licensed under the Universal Permissive License v 1.0 as shown at
+ * http://oss.oracle.com/licenses/upl.
+ */
+
+/*
+ * ASSERTION: bcopies to past the end of alloca()ed memory fail.
+ *
+ * SECTION: Actions and Subroutines/alloca()
+ */
+
+#pragma D option quiet
+
+BEGIN
+{
+ a = "01";
+ s = (char *)alloca(16);
+ bcopy(a, &s[16], 1);
+ exit(0);
+}
+
+ERROR
+{
+ exit(1);
+}
diff --git a/test/unittest/funcs/alloca/err.alloca-bcopy-beyond-top.r b/test/unittest/funcs/alloca/err.alloca-bcopy-beyond-top.r
new file mode 100644
index 000000000000..187543b63023
--- /dev/null
+++ b/test/unittest/funcs/alloca/err.alloca-bcopy-beyond-top.r
@@ -0,0 +1,3 @@
+
+-- @@stderr --
+dtrace: error on enabled probe ID 3 (ID 1: dtrace:::BEGIN): invalid address ({ptr}) in action #1 at BPF pc NNN
diff --git a/test/unittest/funcs/alloca/err.alloca-bcopy-crossing-bottom.d b/test/unittest/funcs/alloca/err.alloca-bcopy-crossing-bottom.d
new file mode 100644
index 000000000000..fa3a8d5c320c
--- /dev/null
+++ b/test/unittest/funcs/alloca/err.alloca-bcopy-crossing-bottom.d
@@ -0,0 +1,27 @@
+/*
+ * Oracle Linux DTrace.
+ * Copyright (c) 2022, Oracle and/or its affiliates. All rights reserved.
+ * Licensed under the Universal Permissive License v 1.0 as shown at
+ * http://oss.oracle.com/licenses/upl.
+ */
+
+/*
+ * ASSERTION: bcopies to across the bottom of alloca()ed memory fail.
+ *
+ * SECTION: Actions and Subroutines/alloca()
+ */
+
+#pragma D option quiet
+
+BEGIN
+{
+ a = "01";
+ s = (char *)alloca(15);
+ bcopy(a, s-1, 2);
+ exit(0);
+}
+
+ERROR
+{
+ exit(1);
+}
diff --git a/test/unittest/funcs/alloca/err.alloca-bcopy-crossing-bottom.r b/test/unittest/funcs/alloca/err.alloca-bcopy-crossing-bottom.r
new file mode 100644
index 000000000000..187543b63023
--- /dev/null
+++ b/test/unittest/funcs/alloca/err.alloca-bcopy-crossing-bottom.r
@@ -0,0 +1,3 @@
+
+-- @@stderr --
+dtrace: error on enabled probe ID 3 (ID 1: dtrace:::BEGIN): invalid address ({ptr}) in action #1 at BPF pc NNN
diff --git a/test/unittest/funcs/alloca/err.alloca-bcopy-crossing-top.d b/test/unittest/funcs/alloca/err.alloca-bcopy-crossing-top.d
new file mode 100644
index 000000000000..8d4e1609b119
--- /dev/null
+++ b/test/unittest/funcs/alloca/err.alloca-bcopy-crossing-top.d
@@ -0,0 +1,27 @@
+/*
+ * Oracle Linux DTrace.
+ * Copyright (c) 2022, Oracle and/or its affiliates. All rights reserved.
+ * Licensed under the Universal Permissive License v 1.0 as shown at
+ * http://oss.oracle.com/licenses/upl.
+ */
+
+/*
+ * ASSERTION: bcopies to across the end of alloca()ed memory fail.
+ *
+ * SECTION: Actions and Subroutines/alloca()
+ */
+
+#pragma D option quiet
+
+BEGIN
+{
+ a = "01";
+ s = (char *)alloca(16);
+ bcopy(a, &s[15], 2);
+ exit(0);
+}
+
+ERROR
+{
+ exit(1);
+}
diff --git a/test/unittest/funcs/alloca/err.alloca-bcopy-crossing-top.r b/test/unittest/funcs/alloca/err.alloca-bcopy-crossing-top.r
new file mode 100644
index 000000000000..4257f5679dfd
--- /dev/null
+++ b/test/unittest/funcs/alloca/err.alloca-bcopy-crossing-top.r
@@ -0,0 +1,3 @@
+
+-- @@stderr --
+dtrace: error on enabled probe ID 3 (ID 1: dtrace:::BEGIN): invalid size ({ptr}) in action #1 at BPF pc NNN
diff --git a/test/unittest/funcs/alloca/err.alloca-scratch-exceeding-bcopy.d b/test/unittest/funcs/alloca/err.alloca-scratch-exceeding-bcopy.d
new file mode 100644
index 000000000000..0d45362f968c
--- /dev/null
+++ b/test/unittest/funcs/alloca/err.alloca-scratch-exceeding-bcopy.d
@@ -0,0 +1,36 @@
+/*
+ * Oracle Linux DTrace.
+ * Copyright (c) 2022, Oracle and/or its affiliates. All rights reserved.
+ * Licensed under the Universal Permissive License v 1.0 as shown at
+ * http://oss.oracle.com/licenses/upl.
+ */
+
+/*
+ * ASSERTION: Exceeding the size of alloca()ed memory with a bcopy is an error.
+ *
+ * SECTION: Actions and Subroutines/alloca()
+ */
+
+/*
+ * Intentionally use an unaligned size, to make sure that errors are still
+ * emitted when accessing beyond the last byte when the size is not a
+ * multiple of the max type size.
+ */
+
+#pragma D option quiet
+#pragma D option scratchsize=9
+
+string a;
+
+BEGIN
+{
+ a = "0123456789abcdefgh";
+ s = (char *)alloca(9);
+ bcopy(a, s, 17);
+ exit((s[0] == '0' && s[16] == 'g') ? 0 : 1);
+}
+
+ERROR
+{
+ exit(1);
+}
diff --git a/test/unittest/funcs/alloca/err.alloca-scratch-exceeding-bcopy.r b/test/unittest/funcs/alloca/err.alloca-scratch-exceeding-bcopy.r
new file mode 100644
index 000000000000..4257f5679dfd
--- /dev/null
+++ b/test/unittest/funcs/alloca/err.alloca-scratch-exceeding-bcopy.r
@@ -0,0 +1,3 @@
+
+-- @@stderr --
+dtrace: error on enabled probe ID 3 (ID 1: dtrace:::BEGIN): invalid size ({ptr}) in action #1 at BPF pc NNN
diff --git a/test/unittest/funcs/alloca/tst.alloca-bcopy-top.d b/test/unittest/funcs/alloca/tst.alloca-bcopy-top.d
new file mode 100644
index 000000000000..8ae269053c57
--- /dev/null
+++ b/test/unittest/funcs/alloca/tst.alloca-bcopy-top.d
@@ -0,0 +1,28 @@
+/*
+ * Oracle Linux DTrace.
+ * Copyright (c) 2022, Oracle and/or its affiliates. All rights reserved.
+ * Licensed under the Universal Permissive License v 1.0 as shown at
+ * http://oss.oracle.com/licenses/upl.
+ */
+
+/*
+ * ASSERTION: bcopies to the last byte of alloca()ed memory succeed.
+ *
+ * SECTION: Actions and Subroutines/alloca()
+ */
+
+#pragma D option quiet
+
+BEGIN
+{
+ a = "0";
+ s = (char *)alloca(15);
+ bcopy(a, &s[14], 1);
+ printf("%c\n", s[14]);
+ exit(0);
+}
+
+ERROR
+{
+ exit(1);
+}
diff --git a/test/unittest/funcs/alloca/tst.alloca-bcopy-top.r b/test/unittest/funcs/alloca/tst.alloca-bcopy-top.r
new file mode 100644
index 000000000000..77ac542d4fbf
--- /dev/null
+++ b/test/unittest/funcs/alloca/tst.alloca-bcopy-top.r
@@ -0,0 +1,2 @@
+0
+
diff --git a/test/unittest/funcs/alloca/tst.alloca-scratch-filling-bcopy.d b/test/unittest/funcs/alloca/tst.alloca-scratch-filling-bcopy.d
new file mode 100644
index 000000000000..367b74c3aa7c
--- /dev/null
+++ b/test/unittest/funcs/alloca/tst.alloca-scratch-filling-bcopy.d
@@ -0,0 +1,31 @@
+/*
+ * Oracle Linux DTrace.
+ * Copyright (c) 2022, Oracle and/or its affiliates. All rights reserved.
+ * Licensed under the Universal Permissive License v 1.0 as shown at
+ * http://oss.oracle.com/licenses/upl.
+ */
+
+/*
+ * ASSERTION: It is possible to store and load structures that fill up
+ * alloca()ed memory.
+ *
+ * SECTION: Actions and Subroutines/alloca()
+ */
+
+#pragma D option quiet
+#pragma D option scratchsize=8
+
+string a;
+
+BEGIN
+{
+ a = "01234567";
+ s = (char *)alloca(8);
+ bcopy(a, s, 8);
+ exit((s[0] == '0' && s[7] == '7') ? 0 : 1);
+}
+
+ERROR
+{
+ exit(1);
+}
diff --git a/test/unittest/funcs/err.badbcopy.r b/test/unittest/funcs/err.badbcopy.r
new file mode 100644
index 000000000000..4044968637eb
--- /dev/null
+++ b/test/unittest/funcs/err.badbcopy.r
@@ -0,0 +1,4 @@
+-- @@stderr --
+dtrace: failed to compile script test/unittest/funcs/err.badbcopy.d: line 26: bcopy( ) argument #1 is incompatible with prototype:
+ prototype: non-alloca pointer
+ argument: alloca pointer
diff --git a/test/unittest/funcs/err.badbcopy1.r b/test/unittest/funcs/err.badbcopy1.r
new file mode 100644
index 000000000000..187543b63023
--- /dev/null
+++ b/test/unittest/funcs/err.badbcopy1.r
@@ -0,0 +1,3 @@
+
+-- @@stderr --
+dtrace: error on enabled probe ID 3 (ID 1: dtrace:::BEGIN): invalid address ({ptr}) in action #1 at BPF pc NNN
diff --git a/test/unittest/funcs/err.badbcopy2.r b/test/unittest/funcs/err.badbcopy2.r
new file mode 100644
index 000000000000..fb3e346398ff
--- /dev/null
+++ b/test/unittest/funcs/err.badbcopy2.r
@@ -0,0 +1,4 @@
+-- @@stderr --
+dtrace: failed to compile script test/unittest/funcs/err.badbcopy2.d: line 25: bcopy( ) argument #2 is incompatible with prototype:
+ prototype: alloca pointer
+ argument: non-alloca pointer
diff --git a/test/unittest/funcs/err.badbcopy3.r b/test/unittest/funcs/err.badbcopy3.r
new file mode 100644
index 000000000000..95dfe2bf58ac
--- /dev/null
+++ b/test/unittest/funcs/err.badbcopy3.r
@@ -0,0 +1,4 @@
+-- @@stderr --
+dtrace: failed to compile script test/unittest/funcs/err.badbcopy3.d: line 22: bcopy( ) argument #2 is incompatible with prototype:
+ prototype: alloca pointer
+ argument: non-alloca pointer
diff --git a/test/unittest/funcs/err.badbcopy4.d b/test/unittest/funcs/err.badbcopy4.d
index 842b72709dc1..8237d8463b7f 100644
--- a/test/unittest/funcs/err.badbcopy4.d
+++ b/test/unittest/funcs/err.badbcopy4.d
@@ -4,7 +4,6 @@
* Licensed under the Universal Permissive License v 1.0 as shown at
* http://oss.oracle.com/licenses/upl.
*/
-/* @@xfail: dtv2 */
/*
* ASSERTION:
diff --git a/test/unittest/funcs/err.badbcopy4.r b/test/unittest/funcs/err.badbcopy4.r
index 81695e6b2a12..187543b63023 100644
--- a/test/unittest/funcs/err.badbcopy4.r
+++ b/test/unittest/funcs/err.badbcopy4.r
@@ -1,3 +1,3 @@
-- @@stderr --
-dtrace: error on enabled probe ID 1 (ID 1: dtrace:::BEGIN): invalid address ({ptr}) in action #2 at DIF offset 52
+dtrace: error on enabled probe ID 3 (ID 1: dtrace:::BEGIN): invalid address ({ptr}) in action #1 at BPF pc NNN
diff --git a/test/unittest/funcs/err.badbcopy5.d b/test/unittest/funcs/err.badbcopy5.d
index de8001a809fc..3c05ec8a97dd 100644
--- a/test/unittest/funcs/err.badbcopy5.d
+++ b/test/unittest/funcs/err.badbcopy5.d
@@ -4,7 +4,6 @@
* Licensed under the Universal Permissive License v 1.0 as shown at
* http://oss.oracle.com/licenses/upl.
*/
-/* @@xfail: dtv2 */
/*
* ASSERTION:
diff --git a/test/unittest/funcs/err.badbcopy5.r b/test/unittest/funcs/err.badbcopy5.r
index cb8d73ffed0d..187543b63023 100644
--- a/test/unittest/funcs/err.badbcopy5.r
+++ b/test/unittest/funcs/err.badbcopy5.r
@@ -1,3 +1,3 @@
-- @@stderr --
-dtrace: error on enabled probe ID 1 (ID 1: dtrace:::BEGIN): invalid address ({ptr}) in action #2 at DIF offset 40
+dtrace: error on enabled probe ID 3 (ID 1: dtrace:::BEGIN): invalid address ({ptr}) in action #1 at BPF pc NNN
diff --git a/test/unittest/funcs/err.badbcopy6.d b/test/unittest/funcs/err.badbcopy6.d
index 17ae9785fb3f..6d1792809970 100644
--- a/test/unittest/funcs/err.badbcopy6.d
+++ b/test/unittest/funcs/err.badbcopy6.d
@@ -4,7 +4,6 @@
* Licensed under the Universal Permissive License v 1.0 as shown at
* http://oss.oracle.com/licenses/upl.
*/
-/* @@xfail: dtv2 */
#pragma D option quiet
diff --git a/test/unittest/funcs/err.badbcopy6.r b/test/unittest/funcs/err.badbcopy6.r
index 9ff5e81e9ca9..4257f5679dfd 100644
--- a/test/unittest/funcs/err.badbcopy6.r
+++ b/test/unittest/funcs/err.badbcopy6.r
@@ -1,3 +1,3 @@
-- @@stderr --
-dtrace: error on enabled probe ID 1 (ID 1: dtrace:::BEGIN): invalid address ({ptr}) in action #1 at DIF offset 92 at BPF pc NNN
+dtrace: error on enabled probe ID 3 (ID 1: dtrace:::BEGIN): invalid size ({ptr}) in action #1 at BPF pc NNN
diff --git a/test/unittest/funcs/tst.bcopy.d b/test/unittest/funcs/err.badbcopy7.d
similarity index 64%
copy from test/unittest/funcs/tst.bcopy.d
copy to test/unittest/funcs/err.badbcopy7.d
index 8e6b6ac40bb7..3fd5fc271f58 100644
--- a/test/unittest/funcs/tst.bcopy.d
+++ b/test/unittest/funcs/err.badbcopy7.d
@@ -4,11 +4,10 @@
* Licensed under the Universal Permissive License v 1.0 as shown at
* http://oss.oracle.com/licenses/upl.
*/
-/* @@xfail: dtv2 */
/*
* ASSERTION:
- * bcopy should copy from one memory location to another
+ * bcopy should not copy when the source is scratch space
*
* SECTION: Actions and Subroutines/alloca();
* Actions and Subroutines/bcopy()
@@ -22,20 +21,12 @@ BEGIN
{
ptr = alloca(sizeof(unsigned long));
bcopy((void *)&`max_pfn, ptr, sizeof(unsigned long));
- ulongp = (unsigned long *)ptr;
- ret = (`max_pfn == *ulongp) ? 0 : 1;
-}
-
-tick-1
-/ret == 0/
-{
+ ptr2 = alloca(sizeof(unsigned long));
+ bcopy(ptr, ptr2, sizeof(unsigned long));
exit(0);
}
-tick-1
-/ret == 1/
+ERROR
{
- printf("memory address contained 0x%x, expected 0x%x\n",
- *ulongp, `max_pfn);
exit(1);
}
diff --git a/test/unittest/funcs/err.badbcopy7.r b/test/unittest/funcs/err.badbcopy7.r
new file mode 100644
index 000000000000..37e915634d2a
--- /dev/null
+++ b/test/unittest/funcs/err.badbcopy7.r
@@ -0,0 +1,4 @@
+-- @@stderr --
+dtrace: failed to compile script test/unittest/funcs/err.badbcopy7.d: line 25: bcopy( ) argument #1 is incompatible with prototype:
+ prototype: non-alloca pointer
+ argument: alloca pointer
diff --git a/test/unittest/funcs/err.badbcopy5.d b/test/unittest/funcs/err.badbcopy8.d
similarity index 63%
copy from test/unittest/funcs/err.badbcopy5.d
copy to test/unittest/funcs/err.badbcopy8.d
index de8001a809fc..768886fcba82 100644
--- a/test/unittest/funcs/err.badbcopy5.d
+++ b/test/unittest/funcs/err.badbcopy8.d
@@ -4,12 +4,11 @@
* Licensed under the Universal Permissive License v 1.0 as shown at
* http://oss.oracle.com/licenses/upl.
*/
-/* @@xfail: dtv2 */
/*
* ASSERTION:
* bcopy should not copy from one memory location to another
- * if the source memory location is not valid.
+ * if the copy size is very large.
*
* SECTION: Actions and Subroutines/alloca();
* Actions and Subroutines/bcopy()
@@ -17,15 +16,17 @@
*/
#pragma D option quiet
+#pragma D option scratchsize=256
-int *badptr;
BEGIN
{
- ptr = alloca(sizeof(int));
+ ptr = alloca(20);
- /* Attempt to copy from a invalid address */
- bcopy(badptr, ptr, sizeof(int));
+ /* Attempt to bcopy to scratch memory that isn't allocated,
+ with a max exceeding the verifier-checked bound of
+ 2*scratchsize. */
+ bcopy((void *)&`max_pfn, ptr, 2048000);
exit(0);
}
diff --git a/test/unittest/funcs/err.badbcopy8.r b/test/unittest/funcs/err.badbcopy8.r
new file mode 100644
index 000000000000..4257f5679dfd
--- /dev/null
+++ b/test/unittest/funcs/err.badbcopy8.r
@@ -0,0 +1,3 @@
+
+-- @@stderr --
+dtrace: error on enabled probe ID 3 (ID 1: dtrace:::BEGIN): invalid size ({ptr}) in action #1 at BPF pc NNN
diff --git a/test/unittest/funcs/tst.bcopy.d b/test/unittest/funcs/tst.bcopy.d
index 8e6b6ac40bb7..bc664f0a387c 100644
--- a/test/unittest/funcs/tst.bcopy.d
+++ b/test/unittest/funcs/tst.bcopy.d
@@ -4,7 +4,6 @@
* Licensed under the Universal Permissive License v 1.0 as shown at
* http://oss.oracle.com/licenses/upl.
*/
-/* @@xfail: dtv2 */
/*
* ASSERTION:
@@ -23,7 +22,10 @@ BEGIN
ptr = alloca(sizeof(unsigned long));
bcopy((void *)&`max_pfn, ptr, sizeof(unsigned long));
ulongp = (unsigned long *)ptr;
- ret = (`max_pfn == *ulongp) ? 0 : 1;
+ /* DTv2: doing this needs deref-implies-copyin, which isn't there yet. */
+/* ret = (`max_pfn == *ulongp) ? 0 : 1; */
+ ret = *ulongp; ret = 0;
+ ulong_deref = *ulongp;
}
tick-1
@@ -35,7 +37,9 @@ tick-1
tick-1
/ret == 1/
{
- printf("memory address contained 0x%x, expected 0x%x\n",
- *ulongp, `max_pfn);
+ /* DTdv2: this error message has the same problem. */
+/* printf("memory address contained 0x%x, expected 0x%x\n",
+ ulong_deref, `max_pfn); */
+ printf("memory address contained wrong contents\n");
exit(1);
}
--
2.35.1
More information about the DTrace-devel
mailing list