New tests:
- access_regs_set_unaligned_pc_0x1
- access_regs_set_unaligned_pc_0x3
- access_regs_set_unaligned_pc_0x7
The purpose of these tests is check whether unaligned PC can panic the
kernel. If there is a panic it is fine to return EINVAL on PT_SETREGS.
New tests check respectively pc |= 0x1, pc |= 0x3 and pc |= 0x7.
Inspired by https://marc.info/?l=openbsd-bugs&m=107558043319084&w=2
While there fix access_regs6 to really test PT_SETREGS.
where curcpu() is defined as curlwp->l_cpu:
- mi_switch(): undo the ~2007ish optimisation to unlock curlwp before
calling cpu_switchto(). It's not safe to let other actors mess with the
LWP (in particular l->l_cpu) while it's still context switching. This
removes l->l_ctxswtch.
- Move the LP_RUNNING flag into l->l_flag and rename to LW_RUNNING since
it's now covered by the LWP's lock.
- Ditch lwp_exit_switchaway() and just call mi_switch() instead. Everything
is in cache anyway so it wasn't buying much by trying to avoid saving old
state. This means cpu_switchto() will never be called with prevlwp ==
NULL.
- Remove some KERNEL_LOCK handling which hasn't been needed for years.
Both desc and note header needs to be aligned. Therefore, we need
to realign after skipping past desc as well.
While at it, fix the other alignment fix to use roundup() macro.
PT_LWPINFO is a legacy ptrace(2) operation that was originally intended
to retrieve the thread (LWP) information inside a traced process.
It has a number of flaws and is confused with PT_LWPINFO from FreeBSD.
PT_LWPSTATUS and PT_LWPNEXT address the problems (shortly by: rename,
removal of pl_event) and introduces new features: signal context
(pl_sigpend, pl_sigmask), LWP name (pl_name), LWP TLS base address
(pl_private). The private pointer was so far missing information for
a debugger.
PT_LWPSTATUS@nnn is now shipped with core(5) files and contain LWP specific
information, so far missed in the core(5) files.
PT_LWPSTATUS retrieves LWP information for the prompted thread.
PT_LWPNEXT retrieves LWP information for the next thread, borrowing the
semantics from NetBSD specific PT_LWPINFO.
PT_LWPINFO is namespaced with __LEGACY_PT_LWPINFO and still available for
the foreseeable future, without plans of removing it.
Add ATF tests for PT_LWPSTATUS + PT_LWPNEXT.
Keep ATF tests for PT_LWPINFO.
Switch GDB to new API.
Proposed on tech-kern@.
Changes:
- membar_producer();
*p = v;
=>
atomic_store_release(p, v);
(Effectively like using membar_exit instead of membar_producer,
which is what we should have been doing all along so that stores by
the `reader' can't affect earlier loads by the writer, such as
KASSERT(p->refcnt == 0) in the writer and atomic_inc(&p->refcnt) in
the reader.)
- p = *pp;
if (p != NULL) membar_datadep_consumer();
=>
p = atomic_load_consume(pp);
(Only makes a difference on DEC Alpha. As long as lists generally
have at least one element, this is not likely to make a big
difference, and keeps the code simpler and clearer.)
No other functional change intended. While here, annotate each
synchronizing load and store with its counterpart in a comment.
Since the tests don't (usually) fail no-one ever noticed the missing char.
That is, the "received this" and "expected this" strings were supposed
to appear in the output err message as "<<string>>" but one of those
closing '>' chars was missing.
No-one should ever notice this change in normal operation, as the tests
are not intended to fail.
Change the code to remove the LWP id assumptions that broke after
src/sys/kern/kern_lwp.c r. 1.206.
Original code by <mgorny>, tested and tweaked by myself.
- Add 'mach' and 'vcpu' backpointers in the nvmm_io and nvmm_mem
structures.
- Rename 'nvmm_callbacks' to 'nvmm_assist_callbacks'.
- Rename and migrate NVMM_MACH_CONF_CALLBACKS to NVMM_VCPU_CONF_CALLBACKS,
it now becomes per-VCPU.
issues in the libnvmm API.
- Rename NVMM_CAPABILITY_VERSION to NVMM_KERN_VERSION, and check it in
libnvmm. Introduce NVMM_USER_VERSION, for future use.
- In libnvmm, open "/dev/nvmm" as read-only and with O_CLOEXEC. This is to
avoid sharing the VMs with the children if the process forks. In the
NVMM driver, force O_CLOEXEC on open().
- Rename the following things for consistency:
nvmm_exit* -> nvmm_vcpu_exit*
nvmm_event* -> nvmm_vcpu_event*
NVMM_EXIT_* -> NVMM_VCPU_EXIT_*
NVMM_EVENT_INTERRUPT_HW -> NVMM_VCPU_EVENT_INTR
NVMM_EVENT_EXCEPTION -> NVMM_VCPU_EVENT_EXCP
Delete NVMM_EVENT_INTERRUPT_SW, unused already.
- Slightly reorganize the MI/MD definitions, for internal clarity.
- Split NVMM_VCPU_EXIT_MSR in two: NVMM_VCPU_EXIT_{RD,WR}MSR. Also provide
separate u.rdmsr and u.wrmsr fields. This is more consistent with the
other exit reasons.
- Change the types of several variables:
event.type enum -> u_int
event.vector uint64_t -> uint8_t
exit.u.*msr.msr: uint64_t -> uint32_t
exit.u.io.type: enum -> bool
exit.u.io.seg: int -> int8_t
cap.arch.mxcsr_mask: uint64_t -> uint32_t
cap.arch.conf_cpuid_maxops: uint64_t -> uint32_t
- Delete NVMM_VCPU_EXIT_MWAIT_COND, it is AMD-only and confusing, and we
already intercept 'monitor' so it is never armed.
- Introduce vmx_exit_insn() for NVMM-Intel, similar to svm_exit_insn().
The 'npc' field wasn't getting filled properly during certain VMEXITs.
- Introduce nvmm_vcpu_configure(). Similar to nvmm_machine_configure(),
but as its name indicates, the configuration is per-VCPU and not per-VM.
Migrate and rename NVMM_MACH_CONF_X86_CPUID to NVMM_VCPU_CONF_CPUID.
This becomes per-VCPU, which makes more sense than per-VM.
- Extend the NVMM_VCPU_CONF_CPUID conf to allow triggering VMEXITs on
specific leaves. Until now we could only mask the leaves. An uint32_t
is added in the structure:
uint32_t mask:1;
uint32_t exit:1;
uint32_t rsvd:30;
The two first bits select the desired behavior on the leaf. Specifying
zero on both resets the leaf to the default behavior. The new
NVMM_VCPU_EXIT_CPUID exit reason is added.
Fix a race condition that caused PT_GET_SIGINFO to return incorrect
information when multiple signals were delivered concurrently
to different LWPs. Add a regression test that verifies that when 50
threads concurrently use pthread_kill() on themselves, the debugger
receives all signals with correct information.
The kernel uses separate signal queues for each LWP. However,
the signal context used to implement PT_GET_SIGINFO is stored in 'struct
proc' and therefore common to all LWPs in the process. Previously,
this member was filled in kpsignal2(), i.e. when the signal was sent.
This meant that if another LWP managed to send another signal
concurrently, the data was overwritten before the process was stopped.
As a result, PT_GET_SIGINFO did not report the correct LWP and signal
(it could even report a different signal than wait()). This can be
quite reliably reproduced with the number of 20 LWPs, however it can
also occur with 10.
This patch moves setting of signal context to issignal(), just before
the process is actually stopped. The data is taken from per-LWP
or per-process signal queue. The added test confirms that the debugger
correctly receives all signals, and PT_GET_SIGINFO reports both correct
LWP and signal number.
Reviewed by kamil.
address size is 16 bits, regardless of the actual operating mode. With
this special map there can be two registers referenced at once, and
also disp16-only.
Implement this special behavior, and add associated tests. While here
simplify a few things.
With this in place, the Windows 95 installer initializes correctly.
Part of PR/54611.
GCC_NO_FORMAT_TRUNCATION -Wno-format-truncation (GCC 7/8)
GCC_NO_STRINGOP_TRUNCATION -Wno-stringop-truncation (GCC 8)
GCC_NO_STRINGOP_OVERFLOW -Wno-stringop-overflow (GCC 8)
GCC_NO_CAST_FUNCTION_TYPE -Wno-cast-function-type (GCC 8)
use these to turn off warnings for most GCC-8 complaints. many
of these are false positives, most of the real bugs are already
commited, or are yet to come.
we plan to introduce versions of (some?) of these that use the
"-Wno-error=" form, which still displays the warnings but does
not make it an error, and all of the above will be re-considered
as either being "fix me" (warning still displayed) or "warning
is wrong."
This is a torture, but on purpose to catch LWP_CREATED and LWP_EXITED bugs.
The threads do nothing other than calling sched_yield() in a loop.
MAXLWP is now defined to 2048 on all ports.
This change effects the following tests:
- trace_thread_nolwpevents
- trace_thread_lwpexit
- trace_thread_lwpcreate
- trace_thread_lwpcreate_and_exit
avoid passing the same pointer in multiple arguments for restrict
marked arguments:
- sigaction() wants separate in/out
- use memmove() not memcpy() for overlapping regions (this may fix
a real bug in nvi -- but it seems unlikely)
- select() wants separate read/write/except
- sigprocmask() wants separate set/oset
Assert that PT_GET_PROCESS_STATE for !child and !lwp events returns
non-error and zeroed struct ptrace_state.
These checks are not really special to traceme_raise, it's just an
opportunity to reuse them in an existing tests without writing a dedicated
one.
This behavior is needed to maintain in 3rd party software (GDB).
validate that utimes() cannot update the times of a file on a read only
filesystem. The values are never actually used, but since
src/sys/kern/vfs_syscalls.c 1.535
they are validated for sanity, and the syscall returns EINVAL if the
values passed are invalid (tv_usec <0 or >= 1000000). If that happens
we don't get as far as the test which produces the EROFS that is expected
from this test (these tests - one for each filesystem type).
So, init the timeval structs (just to 0, the values will still not be
used) so that the EINVAL doesn't bite us before we're eaten by the EROFS
which is the way we're supposed to die.
If the syscall API args were labelled as "const" the compiler probably
would have caught the use of uninit'd vars and complained much sooner.
- Add cchar command to director test language to allow a complex character
to be defined and passed to the slave.
- Removed the distinction between args and returns internally to prevent
confusing the two which leads to errors and/or crashes.
- Converted mutt_test to use the new cchar definition and fixed the
check files for the test.
filesystem tests. Use the new -J option to pass the raw device into
the cleaner. This avoids the not rump safe getdiskrawname call and
makes sure we use an internal rump device name for cleaning. This
should fix bin/54488.
Define _REENTRANT for MKSANITIZER build. This is needed for at least stdio
code. This caused new build issued with duplicated symbols in few places
and rump kernel code picking different code paths borrowed from libc.
Handle all this in one go.
Add bsd.sanitizer.mk to share common code used by programs and libraries.
Switch from realall to beforeinstall target in .syms files. This is more
reliable in MKSANITIZER.
It didn't work correctly because rumphijack for vmstat didn't work expectedly;
vmstat has the sgid bit for kvm(3) and that prevents rumphijack from working.
Address the issue by cloning a vmstat binary without the sgid bit temporarily
and using it for rumphijack. Note that it's a workaround. vmstat should stop
using kvm(3) for /dev/kmem and drop the sgid bit eventually.
Allow to rename snprintf-like functions to avoid clashes with a sanitizer.
This tests needs a fixup to remove 'undef symbol' from the test code
generator.
A receiver of an ICMPv6 request packet creates a stale cache entry and it turns
into the delay state on replying the packet. After 5 second, the receiver sends
an NS packet as a reachability confirmation, which disturbs the test and causes
a unexpected result.
Should fix PR misc/54451
differences more exact, allowing between 0 and 1 s delay between the
expected wakeup and the actual event happening.
Also convert the QEMU special case code to the same scheme, but for now
disable it (with XXX mark) and see if the proper timing limits fix that
case too.
If not, we will re-enable the QEMU special case.
(it doesn't - that is, shouldn't) which includes processing -- as an
"end of options". The first arg is (always) the format string.
Remove/fix tests that assumed the contrary.
Problem (with printf) pointed out on tech-userlevel by Thierry Laronde.
Add a first test for triggering a core dump in the debugged process
(via PT_DUMPCORE) and verifying it. The test finds procinfo note
and checks its contents.
The core dump is processed through libelf. However, it only provides
for finding all note segments (or sections?). I had to implement
finding and processing individual notes myself. I've added
a core_find_note() function that will be reused in future tests.
Reviewed by kamil.
Introduce two new ptrace() requests: PT_GETXSTATE and PT_SETXSTATE,
that provide access to the extended (and extensible) set of FPU
registers on amd64 and i386. At the moment, this covers AVX (YMM)
and AVX-512 (ZMM, opmask) registers. It can be easily extended
to cover further register types without breaking backwards
compatibility.
PT_GETXSTATE issues the XSAVE instruction with all kernel-supported
extended components enabled. The data is copied into 'struct xstate'
(which -- unlike the XSAVE area itself -- has stable format
and offsets).
PT_SETXSTATE issues the XRSTOR instruction to restore the register
values from user-provided 'struct xstate'. The function replaces only
the specific XSAVE components that are listed in 'xs_rfbm' field,
making it possible to issue partial updates.
Both syscalls take a 'struct iovec' pointer rather than a direct
argument. This requires the caller to explicitly specify the buffer
size. As a result, existing code will continue to work correctly
when the structure is extended (performing partial reads/updates).
Previous version compared the pad's output binary passed mulaw-slinear
conversion and frequency conversion with the prepared "good result".
In such case, a test may fail when the implemantation changes. In fact,
the frequency conversion algorithm was changed in isaki-audio2, so
output waveforms is not completely the same (but that's no problem with
the audio waveforms).
New version uses slinear_le/2ch/44100Hz input data and compares the
output binary with the input data. pad with no conversions should
output the same binary.
Fix PR kern/54187.
mknod with mode & S_IFIFO and dev=0 shall behave like mkfifo.
Update the documentation to reflect this state.
Add ATF tests.
This is an in-kernel implementation as typically user-space programs use
mkfifo(2) directly, however whenever there is need to bypass libc (like in
valgrind) then portable POSIX software calls the mknod syscall.
Noted on tech-kern@ by Greg Troxel.
make the latter number show the actual number of ICMP packets the test
attempted to send. Thus, the two numbers can now be meaningfully
compared, and their difference indicates the number of packets lost.
KERN_PROC_CWD in sysctl(3)
That is kern.proc.$$.KERN_PROC_CWD (I think - not that it matters here)
The effect is that -lrump now requires -lrumpvfs
This set of changes fixes (I believe) regular dynamic builds,
more might be required for static builds (will be verified soon).
binary80 arithmetic and never rounded to binary32 at the end, so it
appeared farther from the correctly rounded result in binary32 than expected.
Force binary32 using volatile float.
PR lib/54232: lib/libm/t_cos:cosf_angles regression on i386
From Riastradh.
Add tests:
- user_va0_disable_pt_continue
- user_va0_disable_pt_syscall
- user_va0_disable_pt_detach
Assert that setting PC to 0x0 in PT_CONTINUE/PT_SYSCALL/PT_DETACH for
vm.user_va0_disable==0 is disallowed.
Provide three ranges in the conf space: <libnvmm:0-100>, <MI:100-200> and
<MD:200-...>. Remove nvmm_callbacks_register(), and replace it by the conf
op NVMM_MACH_CONF_CALLBACKS, handled by libnvmm. The callbacks are now
per-machine, and the emulators should now do:
- nvmm_callbacks_register(&cbs);
+ nvmm_machine_configure(&mach, NVMM_MACH_CONF_CALLBACKS, &cbs);
This provides more granularity, for example if the process runs two VMs
and wants different callbacks for each.
Reintroduce the test for reading i386 general-purpose register values
from the debugged program. This time it's split into one test for the six
registers not normally used by the compiler (eax..edx, esi, edi), and another
for ebp, esp. This leaves enough free registers for the latter to work
without MMX.
Add new tests verifying that PT_GETREGS provides correct register values
from the underlying program. The test uses inline assembly in the child program
to set registers to well-known constants, then compares the results obtained
via PT_GETREGS against them.
Reviewed by kamil.
in the past, but managed to re-surface...
The expression "${0+\}}" should expand to "}" not "\}"
Almost all other shells handle it that way (incl FreeBSD & dash).
Issue pointed out by Martijn Dekker.
Add ATF sub-tests for the 4 old var expand operators (${var+word}
${var-word} ${var-word} and ${var?word} - including the forms
with the ':' included) and amongst those tests include test cases
for this issue, so if the bug tries to appear again, we can squash
it quicker. (The newer pattern matching operators are already
well tested as part of testing patterns.)
Rename trace_thrad[1234] to more meaningful names:
- trace_thread_nolwpevents
- trace_thread_lwpexit
- trace_thread_lwpcreate
- trace_thread_lwpcreate_and_exit
In my local tests LWP CREATE events work as expected.
LWP EXIT ones are still racy and keep them disabled racy.
PR kern/51995
The F spec is one of those, it should be terminated with \0 just like all
the others (irrelevant that it has no extra data to delimit).
Fix <sys/mman.h> to define the snprintb() format string correctly (include
the missing \0's). Fix the copy of that definition included into
snprintb(3) to match the updated mman.h version (ride the date bump
from the day before yesterday .. this is the same change, just corrected).
Undo the previous snprintb.c change ("off by one" fix) which was an
attempt to make the broken mman.h usage work (and did, but not the way
it should be done). Also, after using the new * format (instead of only
when something has already matched) skip the associated data so we don't
attempt to interpret it as more field specifiers. This func needs lots of TLC!
Fix the ATF tests for snprintb() to not assume that F format is really
exactly like f format, and has data after the field specifier. It doesn't.
Add several more tests (including testing the '*' field operator
recently added).
These codes are not portable between CPUs and kernels.
Change the checks to return any valid si_code in the defined range of ILL
values.
PR port-sparc/54140 by Andreas Gustafsson
C11 Thread support library is a portable threading C API between OSs,
similar to std::threads in the C++ world.
The library is implemented as a thin shim over POSIX interfaces.
NetBSD implements the API as a part of the POSIX threading library
(libpthread(3)).
C11 threads(3) are in the process of making them an integral part
of the POSIX standard. The interface has been implemented in major
OSs and used with stopgap libraries for older versions of them.
C11 threading library is already used (with a stopgap implementation)
in the NetBSD distribution in MESA.
Original implementation by myself from 2016.
ATF tests are new and cover almost all interfaces.
Proposed on tech-userlevel@.
Added tests:
- traceme_vfork_clone
- traceme_vfork_clone_vm
- traceme_vfork_clone_fs
- traceme_vfork_clone_files
- traceme_vfork_clone_sighand
- traceme_vfork_clone_vfork
All tests pass. Validate that children do not trigger any signals and dead
locks when traced by a vfork(2)ed parent.
Fix handling of "$@" (that is, double quoted dollar at), when it
appears in a string which will be subject to field splitting.
Eg:
${0+"$@" }
More common usages, like the simple "$@" or ${0+"$@"} end up
being entirely quoted, so no field splitting happens, and the
problem was avoided.
See the PR for more details.
This ends up making a bunch of old hack code (and some that was
relatively new) vanish - for now it is just #if 0'd or commented out.
Cleanups of that stuff will happen later.
That some of the worst $@ hacks are now gone does not mean that processing
of "$@" does not retain a very special place in every hackers heart.
RIP extreme ugliness - long live the merely ordinary ugly.
Added a new bin/sh ATF test case to verify that all this remains fixed.
that is harmless, but also pointless (in sh, quotes do not make strings,
everything is a string, rather they hide characters which would have
some other meaning unquoted (like spaces) - quotes are not needed around
strings like "descr" so remove them...
Be more consistent with line wrap style, try to avoid wrapping in the
middle of a (sh) word where possible. Avoid \ use when it is not needed.
Un-KNF (C style) - sh has no declarations, there is no need to leave
blank lines at the head of a function to mark the end of the declarations.
This should be a NFC - but the quoting really was broken before, just
was probably harmless breakage.
Fix cgdconfig to report verification failures with gpt and mbr
verification methods (and not treat them as silent hard errors).
This also causes the cgd to be unconfigured when one of those
verification methods fails.
Add ATF tests to check that bad verification is reported, and
does not leave the cgd configured.
Patches from the PR applied.
Verify whether nested fork(2)/vfork(2)/clone(2) calls are supported in a
fork(2)ed/vforked(2) child.
The interesting ones are non-forked parent and non-forked child scenarios,
in particular double vfork(2).
userspace. The old fetch(9) and store(9) APIs (fubyte(), fuword(),
subyte(), suword(), etc.) are retired and replaced with new ufetch(9)
and ustore(9) APIs that can return proper error codes, etc. and are
implemented consistently across all platforms. The interrupt-safe
variants are no longer supported (and several of the existing attempts
at fuswintr(), etc. were buggy and not actually interrupt-safe).
Also augmement the ucas(9) API, making it consistently available on
all plaforms, supporting uniprocessor and multiprocessor systems, even
those that do not have CAS or LL/SC primitives.
Welcome to NetBSD 8.99.37.
The __clone(2) API is a variation of fork(2)/vfork(2) operations.
New tests:
- clone_signalignored
- clone_signalmasked
- clone_vm_signalignored
- clone_vm_signalmasked
- clone_fs_signalignored
- clone_fs_signalmasked
- clone_files_signalignored
- clone_files_signalmasked
- clone_vfork_signalignored
- clone_vfork_signalmasked
All new tests pass.
CLONE_SIGHAND tests are right now disabled as they cannot reuse the shared
signal operations (wait(2)) to wait for a clonee.
Another nit is that wait(2) must be used right now with WALLSIG as for some
reason the default variation doesn't work.
Merge all the changes from the recent FreeBSD HEAD snapshot
into our local copy.
FreeBSD actively maintains this program in their sources and their
repository contains over 100 commits with changes.
Keep the delta between the FreeBSD and NetBSD versions to absolute
minimum, mostly RCS Id and compatiblity fixes.
Major chages in this import:
- Added an option -ldi<N> to control indentation of local variable names.
- Added option -P for loading user-provided files as profiles
- Added -tsn for setting tabsize
- Rename -nsac/-sac ("space after cast") to -ncs/-cs
- Added option -fbs Enables (disables) splitting the function declaration and opening brace across two lines.
- Respect SIMPLE_BACKUP_SUFFIX environment variable in indent(1)
- Group global option variables into an options structure
- Use bsearch() for looking up type keywords.
- Don't produce unneeded space character in function declarators
- Don't unnecessarily add a blank before a comment ends.
- Don't ignore newlines after comments that follow braces.
Merge the FreeBSD intend(1) tests with our ATF framework.
All tests pass.
Upgrade prepared by Manikishan Ghantasala.
Final polishing by myself.
Part II, checkin new files.
Merge all the changes from the recent FreeBSD HEAD snapshot
into our local copy.
FreeBSD actively maintains this program in their sources and their
repository contains over 100 commits with changes.
Keep the delta between the FreeBSD and NetBSD versions to absolute
minimum, mostly RCS Id and compatiblity fixes.
Major chages in this import:
- Added an option -ldi<N> to control indentation of local variable names.
- Added option -P for loading user-provided files as profiles
- Added -tsn for setting tabsize
- Rename -nsac/-sac ("space after cast") to -ncs/-cs
- Added option -fbs Enables (disables) splitting the function declaration and opening brace across two lines.
- Respect SIMPLE_BACKUP_SUFFIX environment variable in indent(1)
- Group global option variables into an options structure
- Use bsearch() for looking up type keywords.
- Don't produce unneeded space character in function declarators
- Don't unnecessarily add a blank before a comment ends.
- Don't ignore newlines after comments that follow braces.
Merge the FreeBSD intend(1) tests with our ATF framework.
All tests pass.
Upgrade prepared by Manikishan Ghantasala.
Final polishing by myself.
Add a top-level check for the KCOV device, instead of deferring it ot each
thread. The thread-based solution was flaky.
PR kern/54064 by Andreas Gustafsson
For some reason I had initially concluded that it wasn't doable; verily it
is, so let's do it.
The reserved 'flags' argument of nvmm_gpa_map() becomes 'prot' and takes
mmap-like protection codes.
A suitable test was actually there already - but the results
were not verified. So just add a test that the result string
is what is expected. (Previously for len==128 and bytes==10000
it would have returned "0E" now it returns 10000 as it should.)
Add new tests verifying dup2(2) scenarios:
- kcov_dup2
- kcov_basic_dup2_pc
- kcov_basic_dup2_cmp
The dup2(2) trick is used by syzkaller and assert that it works.
All new tests pass.
While there add minor non-functional cleanup changes.
Allow to specify mode in KCOV_IOC_ENABLE synchronizing the functionality
with Linux, FreeBSD and OpenBSD. As a NetBSD (and OpenBSD) specific of
the ioctl(2) interface, the mode argument has to be specified as &value
rather than value.
There are 3 modes available:
1. KCOV_MODE_NONE -- no trace specified, useful for testing purposes
2. KCOV_MODE_TRACE_PC -- trace the kernel program counter
3. KCOV_MODE_TRACE_CMP -- trace comparison instructions and switch statements
Adapt the ATF tests and documentation for new API.
The KCOV_MODE_TRACE_CMP mode is implemented but still awaits for the
GCC 8.x upgrade or selection of Clang/LLVM as the kernel compiler.
Obtained from OpenBSD and adapted for NetBSD by myself.
Reuse the fd_clone() API to associate kcov descriptors (KD) with a file
descriptor. Each fd (/dev/kcov) can be reused for a single LWP.
Add new ATF regression tests and cleanup existing code there. All tests
pass.
Refresh the kcov(4) man page documentation.
Developed with help from <maxv>.
Transform original tests into new ones:
- fork_singalmasked
- fork_singalignored
- vfork_singalmasked
- vfork_singalignored
- vforkdone_singalmasked
- vforkdone_singalignored
All the signalignored ones pass, the remaining ones of them fail.
- Reorder it, to match the CPU encoding. This is the universal order,
also used by Qemu. Drop the seg_to_nvmm[] tables.
- Compress it. This divides its size by two.
- Rename some of its fields, to better match the x86 spec. Also, take S
out of Type, this was a NetBSD-ism that was likely confusing to other
people.
New macros prefer 64-bit atomic operations whenever accessible.
As a fallback they use volatile move operations that are not known
to have negative effect in KCOV even if interrupted in the middle of
operation.
Enable kcov_basic and kcov_thread tests on targets without
__HAVE_ATOMIC64_OPS.
Restrict the 64-bit atomics to ports defining __HAVE_ATOMIC64_OPS.
Using 64-bit atomics is still good for i586 fuzzing, but the tests are
build for earlier CPUs. This makes this code to be disabled in i386 builds.
There is a similar situation with few other ports that offer 64-bit atomics
in certain CPU models and ABIs.
The KCOV driver implements collection of code coverage inside the kernel.
It can be enabled on a per process basis from userland, allowing the kernel
program counter to be collected during syscalls triggered by the same
process.
The device is oriented towards kernel fuzzers, in particular syzkaller.
Currently the only supported coverage type is -fsanitize-coverage=trace-pc.
The KCOV driver was initially developed in Linux. A driver based on the
same concept was then implemented in FreeBSD and OpenBSD.
Documentation is borrowed from OpenBSD and ATF tests from FreeBSD.
This patch has been prepared by Siddharth Muralee, improved by <maxv>
and polished by myself before importing into the mainline tree.
All ATF tests pass.