Attachment 182796 Details for Bug 219451 – libdtrace: Prevent an assertion from triggering with certain llquantize() parameters

[patch] libdtrace: Prevent an assertion from triggering with certain llquantize() parameters

libdtrace-Prevent-an-assertion-from-triggering.diff (text/plain), 5.04 KB, created by Fabian Keil on 2017-05-22 09:46:18 UTC

(hide)

Description:

Filename:

MIME Type:

Creator: Fabian Keil

Created: 2017-05-22 09:46:18 UTC

Size: 5.04 KB

patch

obsolete

>From 23e6ef10fb5dddc036847fe981b491f344a50df6 Mon Sep 17 00:00:00 2001
>From: Fabian Keil <fk@fabiankeil.de>
>Date: Sun, 21 May 2017 14:09:13 +0200
>Subject: [PATCH] libdtrace: Prevent an assertion from triggering with certain
> llquantize() parameters
>
>The dtrace command that reached the assertion:
>
>     fk@t520 ~ $sudo dtrace -n 'syscall::read:return /execname == "privoxy"/ { @[execname] = llquantize(arg0, 100, 0, 10, 100); @m = max(arg0)}'
>     [...]
>                 9800 |                                         0
>                 9900 |                                         0
>                10000 |@@@@@@@@@@@@@@@@@@@@                     37
>                20000 |                                         0
>     Assertion failed: (value < next), file /usr/src/cddl/lib/libdtrace/../../../cddl/contrib/opensolaris/lib/libdtrace/common/dt_consume.c, line 1083.
>     Abort trap
>
>     (gdb) where
>     #0  0x00000008011effda in thr_kill () from /lib/libc.so.7
>     #1  0x00000008011effa4 in __raise (s=6) at /usr/src/lib/libc/gen/raise.c:52
>     #2  0x00000008011eff19 in abort () at /usr/src/lib/libc/stdlib/abort.c:65
>     #3  0x000000080088c3b2 in __assert (expr=0x8008d3172 "value < next", file=0x8008d3078 "/usr/src/cddl/lib/libdtrace/../../../cddl/contrib/opensolaris/lib/libdtrace/common/dt_consume.c", line=1083)
>         at /usr/src/cddl/lib/libdtrace/../../../cddl/compat/opensolaris/include/assert.h:56
>     #4  0x000000080088c190 in dt_print_llquantize (dtp=0x802633000, fp=0x8014c37e8, addr=0x80269a110, size=7840, normal=1) at /usr/src/cddl/lib/libdtrace/../../../cddl/contrib/opensolaris/lib/libdtrace/common/dt_consume.c:1083
>     #5  0x000000080088e37d in dt_print_datum (dtp=0x802633000, fp=0x8014c37e8, rec=0x8026900e8, addr=0x80269a110 "d", size=7848, aggdata=0x802690150, normal=1, pd=0x7fffffffe750)
>         at /usr/src/cddl/lib/libdtrace/../../../cddl/contrib/opensolaris/lib/libdtrace/common/dt_consume.c:2211
>     #6  0x000000080088dc12 in dt_print_aggs (aggsdata=0x7fffffffe630, naggvars=1, arg=0x7fffffffe750) at /usr/src/cddl/lib/libdtrace/../../../cddl/contrib/opensolaris/lib/libdtrace/common/dt_consume.c:2313
>     #7  0x000000080088e6cf in dt_print_agg (aggdata=0x802690150, arg=0x7fffffffe750) at /usr/src/cddl/lib/libdtrace/../../../cddl/contrib/opensolaris/lib/libdtrace/common/dt_consume.c:2361
>     #8  0x0000000800895f8b in dt_aggregate_walk_sorted (dtp=0x802633000, func=0x80088e610 <dt_print_agg>, arg=0x7fffffffe750, sfunc=0x0)
>         at /usr/src/cddl/lib/libdtrace/../../../cddl/contrib/opensolaris/lib/libdtrace/common/dt_aggregate.c:1585
>     #9  0x0000000800895d39 in dtrace_aggregate_walk_sorted (dtp=0x802633000, func=0x80088e610 <dt_print_agg>, arg=0x7fffffffe750)
>         at /usr/src/cddl/lib/libdtrace/../../../cddl/contrib/opensolaris/lib/libdtrace/common/dt_aggregate.c:1605
>     #10 0x0000000800897f12 in dtrace_aggregate_print (dtp=0x802633000, fp=0x8014c37e8, func=0x800895d10 <dtrace_aggregate_walk_sorted>)
>         at /usr/src/cddl/lib/libdtrace/../../../cddl/contrib/opensolaris/lib/libdtrace/common/dt_aggregate.c:2130
>     #11 0x0000000000403a5e in main (argc=<optimized out>, argv=<optimized out>) at /usr/src/cddl/usr.sbin/dtrace/../../../cddl/contrib/opensolaris/cmd/dtrace/dtrace.c:2005
>     (gdb) f 4
>     #4  0x000000080088c190 in dt_print_llquantize (dtp=0x802633000, fp=0x8014c37e8, addr=0x80269a110, size=7840, normal=1) at /usr/src/cddl/lib/libdtrace/../../../cddl/contrib/opensolaris/lib/libdtrace/common/dt_consume.c:1083
>     1083			assert(value < next);
>     (gdb) p step
>     $2915 = 77662796314522419
>     (gdb) p value
>     $2916 = 7834326075677972872
>     (gdb) p next
>     $2917 = 7766279631452241920
>
>It works as expected when replacing the 10 with a 5.
>Various other parameter combinations work as expected as well
>and I've used similar commands for weeks without issues.
>
>The problem is reproducible with other execnames as long as the probe fires.
>
>The "@m = max(arg0)" part isn't required to trigger the assertion but
>I only noticed it after already patching the system where libdtrace is
>build with reduced optimizations.
>
>This commit may not be the best solution but it seems to reliably
>prevent the core dumps and the output continues to look reasonable.
>
>The code flow in dt_print_llquantize() seems strange to me and maybe the
>loop should break if "bin" reaches "last_bin" instead. My impression is that
>it does a bunch of cycles at the end without doing meaningful work.
>
>Obtained from: ElectroBSD
>---
> cddl/contrib/opensolaris/lib/libdtrace/common/dt_consume.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
>diff --git a/cddl/contrib/opensolaris/lib/libdtrace/common/dt_consume.c b/cddl/contrib/opensolaris/lib/libdtrace/common/dt_consume.c
>index 3b66c3522cdc..cce4246317ce 100644
>--- a/cddl/contrib/opensolaris/lib/libdtrace/common/dt_consume.c
>+++ b/cddl/contrib/opensolaris/lib/libdtrace/common/dt_consume.c
>@@ -1083,7 +1083,7 @@ dt_print_llquantize(dtrace_hdl_t *dtp, FILE *fp, const void *addr,
> 		assert(value < next);
> 		bin++;
> 
>-		if ((value += step) != next)
>+		if ((value += step) < next)
> 			continue;
> 
> 		next = value * factor;
>-- 
>2.12.1
>

Actions: View | Diff

Attachments on bug 219451: 182796