These tests are known to be faulty. These fatures aren't ready.
They tend to break to unrelated changes to the codebase.
Base Clang and GCC are in general dated to use with sanitizers as these
features are being fixed on HEAD versions of both compilers (mostly Clang).
These tests are known to be faulty. These fatures aren't ready.
They tend to break to unrelated changes to the codebase and require.
Base Clang and GCC are in general dated to use with sanitizers as these
features are being fixed on HEAD versions of both compilers (mostly Clang).
patterns, and variable expansion substring matching)
Currently (2018-07-10) all 3 sub-tests fail (sh bugs...)
Expect to see 14 (of 261) case matching sub-tests fail, 11 (of 167) filename
expansion (glob) sub-tests fail, and 6 (of 87) var substring sub-tests fail.
Also expect those numbers to reduce as sh bugs are fixed.
Assert that -9223372036854775808 % -1 and -9223372036854775808 / -1 return
message about overflow / underflow detected.
These tests pass correctly.
Sponsored by <The NetBSD Foundation>
If we write a byte character into a pointer, a compiler can emit a
read-modify-write operation, especially when a CPU cannot access directly
a character wide address.
In this scenario calling mmap(2) with PROT_WRITE, without PROT_READ will
emit unexpected trap.
There are two possible workarounds for this issue:
- write register wide memory without rmw sequence,
- mark the region with additional protection PROT_READ
Both work for NetBSD/alpha.
Go for the latter as perhaps more safe for dump compilers emitting rmw
sequences.
Investigated by <martin>
to bytes_transfer() which asserted that the size is < the size of 512 AuxInfo
structs. On a 32 bit system, an AuxInfo is 8 bytes, and 512 AuxInfo
structs is thus 4096 bytes, and 4096 is not < 4096, so the assertion
failed. It would probably work as a <= assert, but I am not confident
enough with this test case to make that call, so instead increase the
array size to be 513 instead, 4096 is < 513*8 so happiness should return
and all should be right with the world. At least for this one test.
(There was no problem on 64 bit systems as AuxInfo is bigger there.)
Add new tests:
- traceme_crash_trap
- traceme_crash_segv
- traceme_crash_ill (temporarily disabled)
- traceme_crash_fpe
- traceme_crash_bus
- unrelated_tracer_sees_crash_trap
- unrelated_tracer_sees_crash_segv
- unrelated_tracer_sees_crash_ill (temporarily disabled)
- unrelated_tracer_sees_crash_fpe
- unrelated_tracer_sees_crash_bus
These tests verify two subtle kernel paths that differ internally:
- for a tracer that is a parent of a traced program (and not vforked)
real parent == tracer
- for a tracer that is an unrelated process of a traced program
real parent != tracer
Regressions in the signal code can cause to break one of the scenarios, and
keep working the other one. It might be propagated to a scenario like:
- attaching to a process with a debugger (over pid)
- starting a process inside a debugger
We can assert on the ATF level that both will be functional.
While there, cover all the crash signals as testing is done practically
for free. While the Machine Independent signal routing code for crash
signals is mostly the same in the kernel, we can verify whether Machine
Dependent parts works as expected emitting the proper signal number and
signal code (si_code).
There have been already caught an unexpected behavior on Alpha, that
instead of SIGBUS we receive SIGSEGV.
Another benefit is that it's easier to catch races, as they pop up more
frequently. (This already helped to catch bugs more quickly)
These tests will help assert correctness of future kernel changes in the
signal routines.
All tests pass.
Sponsored by <The NetBSD Foundation>
This functionality now works.
Correct the code path in this test.
Add additional sanity check with PT_GET_SIGINFO and validating si_code.
Sponsored by <The NetBSD Foundation>
A function that returns a value that is not used, can be optimized out by
a compiler. Try to fool the compiler with calling libc functions that shall
trigger a division by zero crash.
Sponsored by <The NetBSD Foundation>
These crash signals are crucial for proper handling of abnormal conditions
in a program. The additional purpose of these tests it to assure the proper
handling of these signals for the coming ptrace(2)-related changes in the
signal routing code.
Add a stub for ILL scenarios.
All tests pass (on amd64).
The shell ATF script contains duplicated code. There should be a way to
deduplicate it, without rewrite to C.
Sponsored by <The NetBSD Foundation>
Make the initial buffer larger to stop triggering the runtime assert about
its size.
Its size is probably larger than all real use cases, but it's good enough
for the purpose of ATF tests and immune of potential AUXV size.
Sponsored by <The NetBSD Foundation>
On i386 there is no need to switch execution mode.
Use 0x23 SS selector for i386, amd64 used 0x4f.
Based on pointers from <maxv>.
Sponsored by <The NetBSD Foundation>
Merge all the PT_WRITE*/PT_READ* and PIOD_* the test cases into the common
body.
Changes:
- treat D and I variations exactly the same
- stop testing 2-3-4 attempts to perform the same read/write operation
- stop testing interlocked (handshake) read/write operations
- rename the tests
- test write to .text section (with D and I type of operations)
New tests:
- bytes_transfer_piod_read_d_8
- bytes_transfer_piod_read_d_16
- bytes_transfer_piod_read_d_32
- bytes_transfer_piod_read_d_64
- bytes_transfer_piod_read_i_8
- bytes_transfer_piod_read_i_16
- bytes_transfer_piod_read_i_32
- bytes_transfer_piod_read_i_64
- bytes_transfer_piod_write_d_8
- bytes_transfer_piod_write_d_16
- bytes_transfer_piod_write_d_32
- bytes_transfer_piod_write_d_64
- bytes_transfer_piod_write_i_8
- bytes_transfer_piod_write_i_16
- bytes_transfer_piod_write_i_32
- bytes_transfer_piod_write_i_64
- bytes_transfer_read_d
- bytes_transfer_read_i
- bytes_transfer_write_d
- bytes_transfer_write_i
- bytes_transfer_piod_read_d_8_text
- bytes_transfer_piod_read_d_16_text
- bytes_transfer_piod_read_d_32_text
- bytes_transfer_piod_read_d_64_text
- bytes_transfer_piod_read_i_8_text
- bytes_transfer_piod_read_i_16_text
- bytes_transfer_piod_read_i_32_text
- bytes_transfer_piod_read_i_64_text
- bytes_transfer_piod_write_d_8_text
- bytes_transfer_piod_write_d_16_text
- bytes_transfer_piod_write_d_32_text
- bytes_transfer_piod_write_d_64_text
- bytes_transfer_piod_write_i_8_text
- bytes_transfer_piod_write_i_16_text
- bytes_transfer_piod_write_i_32_text
- bytes_transfer_piod_write_i_64_text
- bytes_transfer_read_d_text
- bytes_transfer_read_i_text
- bytes_transfer_write_d_text
- bytes_transfer_write_i_text
- bytes_transfer_piod_read_auxv
These tests are now covering all usual code paths.
All tests pass.
The PaX MPROTECT violating ones automatically detect whether to be skipped.
Eliminated 4x more code than removed.
Sponsored by <The NetBSD Foundation>
traceme_vfork_breakpoint used to test SIGTRAP event. Reuse its code for:
SIGSEGV, SIGILL, SIGFPE and SIGBUS.
The SIGILL case is disabled as of now as it required addition of
PTRACE_ILLEGAL_ASM in MD ptrace(2) headers.
Added tests:
- traceme_vfork_crash_trap
- traceme_vfork_crash_segv (renamed from traceme_vfork_breakpoint)
- traceme_vfork_crash_ill (disabled)
- traceme_vfork_crash_fpe
- traceme_vfork_crash_bus
All enabled tests pass.
Sponsored by <The NetBSD Foundation>
Introduce:
- trigger_trap()
- trigger_segv()
- trigger_ill()
- trigger_fpe()
- trigger_bus()
These functions generate appropriate signals caused by crashes.
A debugger is required to collect the crashes regardless of signal masking,
catching or ignoring rules.
While there, append __used argument to can_we_set_dbregs().
Sponsored by <The NetBSD Foundation>
Share code in: attach1, attach2 and race1 in the same function body.
Rename thsee tests to more verbose names:
- tracer_sees_terminaton_before_the_parent
- tracer_sysctl_lookup_without_duplicates
- unrelated_tracer_sees_terminaton_before_the_parent
Rename attach3 to parent_attach_to_its_child.
Rename attach4 to child_attach_to_its_parent.
Share code in attach5, attach6 and attach7 in the same function body and
reanem the tests to:
- tracee_sees_its_original_parent_getppid
- tracee_sees_its_original_parent_sysctl_kinfo_proc2
- tracee_sees_its_original_parent_procfs_status
Reduce the code by around 50%.
No functional change intended. All tests pass.
Sponsored by <The NetBSD Foundation>
These tests emit signal from a tracer/parent to the child and verify the
behavior in the case of SIG_BLOCK (masked) and SIG_IGN (ignored).
The signal is not reported by the child process.
These tests pass.
While there, rename for consistency with other tests:
- traceme_sighandler_catch[1-3] -> traceme_sendsignal_handle[1-3]
- traceme_signal_nohandler[1-5] -> traceme_sendsignal_simple[1-5]
Sponsored by <The NetBSD Foundation>
There are at least four types of SIGTRAP events:
- software/hardware single step (trace trap)
- software breakpoint
- hardware breakpoint/watchpoint
- kernel event (exec, fork, vfork, vfork-done, lwp-create, lwp-exit)
A program can execute software breakpoint without the context of being
traced and this is a regular crash signal emitting SIGTRAP (TRAP_BRKPT).
Rename original trap_* tests (trap_simple, trap_handle, trap_mask,
trap_handle_recurse and trap_ignore) to segv_* tests and restrict them for
SIGSEGV.
Add new tests: trap_* testing the same scenarios as segv_ ones, however
verifying the software breakpoint trap (SIGTRAP).
Keep the original name of h_segv.c, and extend it for software breakpoint
events.
The purpose of these tests is to verify SIGTRAP kernel paths without the
ptrace(2) context.
All tests pass.
Sponsored by <The NetBSD Foundation>
Adapt the test to be independent from the software breakpoint trap
behavior, whether the Program Counter is moved or not. Just kill the
process after catching the expected signal, instead of pretending to resume
it.
This test passes.
Sponsored by <The NetBSD Foundation>
traceme_signal_nohandler2 checks emitting SIGSTOP to a traced process
with the PT_CONTINUE operation.
The expected behavior is to simulate a behavior of receiving SIGSTOP,
generating SIGCHLD to its parent (in this case the debugger) and ability
to call wait(2)-like function receiving the stopped child event.
The previous behavior was unstopping the process and it has been adjusted
in the kernel code.
FreeBSD keeps unstopping a process for emitting SIGSTOP.
Linux handles this scenario in the same way as NetBSD now.
While there, implement the missing bits in the userland ATF test for
traceme_signal_nohandler2: receiving and validating 2nd SIGSTOP event and
continuing the process, followed by its normal termination.
Sponsored by <The NetBSD Foundation>
SIGTSTP, SIGTTIN and SIGTTOU are special case signals ignored in a
vfork(2)ed child. Assert the behavior of raise(2) after calling
PT_TRACE_ME.
Renumber existing traceme_vfork_raise tests.
Sponsored by <The NetBSD Foundation>
raise(SIGSTOP) is now handled correctly by the kernel, in a child that
vfork(2)ed and called PT_TRACE_ME.
Implement a helper process emitting SIGKILL to a stopped child of a
vfork(2)ed process.
Sponsored by <The NetBSD Foundation>
kamil