Do not left shift signed integer in a way that the signedness bit is
changed.
sys/kern/kern_lwp.c:1849:27, left shift of 1 by 31 places cannot be represented in type 'int'
Detected with Kernel Undefined Behavior Sanitizer.
Reported by <Harry Pantazis>
Do not shift a signed integer causing change of the signed bit.
sys/kern/sys_mqueue.c:881:23, left shift of 1 by 31 places cannot be represented in type 'int'
Detected with Kernel Undefined Behavior Sanitizer.
Reported by <Harry Pantazis>
Do not shift a signed integer causing change of the signed bit.
sys/kern/sys_mqueue.c:712:24, left shift of 1 by 31 places cannot be represented in type 'int'
Detected with Kernel Undefined Behavior Sanitizer.
Reported by <Harry Pantazis>
Do not left shift a signed integer changing its signedness bit.
sys/kern/subr_pool.c:251:30, left shift of 1 by 31 places cannot be represented in type 'int'
Detected with Kernel Undefined Behavior Sanitizer.
Reported by <Harry Pantazis>
Change the type of left shifted integer from signed to unsigned.
sys/kern/subr_pool.c:274:13, left shift of 1 by 31 places cannot be represented in type 'int'
Detected with Kernel Undefined Behavior Sanitizer.
Reported by <Harry Pantazis>
Detected with Kernel Undefined Behavior Sanitizer.
There were at least a single place reported, for consistency fix all the
left bit shift operations.
sys/kern/kern_descrip.c:345:2, left shift of 1 by 31 places cannot be represented in type 'int'
sys/kern/kern_descrip.c:346:28, left shift of 1 by 31 places cannot be represented in type 'int'
Reported by <Harry Pantazis>
Detected with Kernel Undefined Behavior Sanitizer.
There were at least a single place reported, for consistency fix all the
left bit shift operations.
sys/kern/kern_descrip.c:1492:3, left shift of 1 by 31 places cannot be represented in type 'int'
sys/kern/kern_descrip.c:1493:28, left shift of 1 by 31 places cannot be represented in type 'int'
Reported by <Harry Pantazis>
Detected with Kernel Undefined Behavior Sanitizer.
sys/kern/kern_descrip.c:188:34, left shift of 1 by 31 places cannot be represented in type 'int'
Reported by <Harry Pantazis>
Detected with Kernel Undefined Behavior Sanitizer.
There were at least a single place reported, for consistency fix all the
left bit shift operations.
sys/kern/kern_descrip.c:302:26, left shift of 1 by 31 places cannot be represented in type 'int'
Reported by <Harry Pantazis>
The node (and child nodes) is initialized in sysctl_net_pktq_setup, but the call
of sysctl_net_pktq_setup is skipped unexpectedly.
sysctl_net_pktq_setup is skipped if in6_present is false that indicates the
netinet6 component isn't loaded on rump kernels. However the flag is
accidentally always false because the flag is turned on in in6_dom_init that is
called after if_sysctl_setup on both normal and rump kernels.
Fix the issue by moving if_sysctl_setup after in6_dom_init (domaininit on normal
kernels). This fix is ad-hoc but good enough for netbsd-8. We should refine
the initialization order of network components in the future.
Pointed out by hikaru@
super-general, it turns out I also made it a little to cumbersome
to use (if my tired fingers are any indication). So, this is a
course-correction -- one string per entry (like of_compat_data,
which it will soon replace), and remove the over-verbose macros.
experimental PMAP_DIRECT if available; the direct code paths now survive
longer than the pmap_enter() variant, but still triggers panic during
build.sh tools run; remove some obsolete sysctls
add some XXXs to mark places which need attention to make this more stable
Note: the loan case is now actually significantly slower than the
non-loan case on MP systems, due to synchronous IPIs triggered by
marking the page read-only by uvm_loan(); this is being discussed
in the email thread
https://mail-index.netbsd.org/tech-kern/2018/05/21/msg023441.html
that is basically the same issue due to which loaning was disabled
for sosend()
Don't allow to PT_ATTACH from a vfork(2)ed child (before exec(3)/_exit(3))
to its parent. Return error with EPERM errno.
This scenario does not have a purpose and there is no clear picture how to
route signals.
Sponsored by <The NetBSD Foundation>
this changes the upstream vendor from OpenSolaris to FreeBSD,
and this version is based on FreeBSD svn r315983.
in addition to the 10 years of improvements from upstream,
this version also has these NetBSD-specific enhancements:
- dtrace FBT probes can now be placed in kernel modules.
- ZFS now supports mmap().
Stop resetting signal masks for crash signals under a debugger.
If we set a trap (either software or hardware one) in the code, we don't
want to see reset of signal handlers in a traced child as a knock-on effect
in the original code.
Maintain the vfork(2) + ptrace(2) special case functional.
No regressions are observed in ATF ptrace(2) and kernel/t_trapsignal tests.
Sponsored by <The NetBSD Foundation>
Switch from kpsignal(9) to sigswitch() as it allows to bypass signal
masking rules of a crash signal.
There are no regressions in existing tests.
Sponsored by <The NetBSD Foundation>
This is a missing part of the previous commit.
While there fix a typo in a newly added comment in the ptrace(2) code.
Sponsored by <The NetBSD Foundation>
traceme_signal_nohandler2 checks emitting SIGSTOP to a traced process
with the PT_CONTINUE operation.
The expected behavior is to simulate a behavior of receiving SIGSTOP,
generating SIGCHLD to its parent (in this case the debugger) and ability
to call wait(2)-like function receiving the stopped child event.
The previous behavior was unstopping the process and it has been adjusted
in the kernel code.
FreeBSD keeps unstopping a process for emitting SIGSTOP.
Linux handles this scenario in the same way as NetBSD now.
While there, implement the missing bits in the userland ATF test for
traceme_signal_nohandler2: receiving and validating 2nd SIGSTOP event and
continuing the process, followed by its normal termination.
Sponsored by <The NetBSD Foundation>
used and usable, due to reliability and limited & complicated MD support.
Going forward, we need to concentrate on interface which do not map anything
into kernel in first place (such as direct map or KVA-less I/O), rather
than making those mappings cheaper to do.
Keep the traditional BSD behavior masking SIGTSTP, SIGTTIN and SIGTTOU in
a vfork(2)ed child before exec(3)/exit(3). This is useful in shells and
prevents deadlocking, when a parent cannot unstop the sleeping child.
Change the behavior for SIGSTOP. This signal is by design not maskable and
this property shall be obeyed without exceptions. The STOP behavior is
expected in the context of debuggers and useful in standalone programs.
It is still possible to stop a vfork(2)ed child, however it requires
proc.curproc.stopfork=1, but it is not a flexible solution.
FreeBSD and OpenBSD keep masking SIGSTOP in a vfork(2)ed child.
Linux does not mask stop signals in the same scenarios.
This fixes ATF test: t_vfork:raise2.
No known regressions reported in the existing ATF tests.
Discussed with <kre>
Sponsored by <The NetBSD Foundation>
Follow the FreeBSD approach of not routing signals to the parent that is
a became tracer after calling PT_TRACE_ME by the vfork(2)ed child (before
exec(3)/exit(3)).
Now if a child calls raise(3), the signal is processed directly to this
child.
Add new ATF ptrace(2) tests:
- traceme_vfork_raise1 (SIGKILL)
- traceme_vfork_raise2 (SIGSTOP) // temporarily disabled
- traceme_vfork_raise3 (SIGABRT)
- traceme_vfork_raise4 (SIGHUP)
- traceme_vfork_raise5 (SIGCONT)
The FreeBSD implementation introduces P_PPTRACE for this special case.
Right know keep opencoding check of this case in the kernel. It might be
refactored in future.
The Linux kernel does not follow this approach and causes dead locking of
the processes (parent and child).
Defer handling SIGSTOP into future.
This is an intermediate step towards correct handling of fork(2) and
vfork(2) in the context of ptrace(2).
All new tests pass.
There are no regressions in existing ATF ptrace(2) tests.
Sponsored by <The NetBSD Foundation>
This alters the invented values (ie: statistically calculated)
that are returned - for small values, the values are likely going to
be different than they were, but that's largely nonsense anyway
(except that the sum of utime & stime does equal cpu time consumed
by the process). Once the values get large enough to be meaningful
the difference made by this change will be in the noise, and irrelevant.
This needs a couple of additions to struct proc, so we are now into 8.99.17
e_tracesig used to be implemented for Darwin compat. Nowadays the Darwin
compatiblity layer is gone and there are no other users.
This functionality isn't used where it shall be used in the existing
codebase.
If we want to emulate debugging interfaces in compat layers we would need
to implement that from scratch anyway. We would need to be bug compatible
with other OSes too.
Proposed on tech-kern@.
Welcome to NetBSD 8.99.16!
Sponsored by <The NetBSD Foundation>
