NetBSD Problem Report #56355

From beceeh@shaw.ca  Tue Aug 10 07:20:47 2021
Return-Path: <beceeh@shaw.ca>
Received: from mail.netbsd.org (mail.netbsd.org [199.233.217.200])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))
	(Client CN "mail.NetBSD.org", Issuer "mail.NetBSD.org CA" (not verified))
	by mollari.NetBSD.org (Postfix) with ESMTPS id 9D4E71A921F
	for <gnats-bugs@gnats.NetBSD.org>; Tue, 10 Aug 2021 07:20:47 +0000 (UTC)
Message-Id: <20210810071728.57CFE36DC0@katy.localdomain>
Date: Tue, 10 Aug 2021 00:17:28 -0700 (PDT)
From: Bch <beceeh@shaw.ca>
Reply-To: brad.harder@gmail.com
To: gnats-bugs@NetBSD.org
Cc: brad.harder@gmail.com
Subject: dtrace triggers double-fault in supervisor mode
X-Send-Pr-Version: 3.95

>Number:         56355
>Category:       kern
>Synopsis:       dtrace triggers double-fault in supervisor mode
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    kern-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Tue Aug 10 07:25:00 +0000 2021
>Last-Modified:  Wed Aug 18 11:30:01 +0000 2021
>Originator:     bch
>Release:        NetBSD 9.99.88
>Organization:
	method logic digital
>Environment:
System: NetBSD katy 9.99.88 NetBSD 9.99.88 (GENERIC) #158: Sat Aug 7 17:01:50 PDT 2021 root@katy:/usr/obj/sys/arch/amd64/compile/GENERIC amd64
Architecture: x86_64
Machine: amd64
>Description:
	Example of a successful run on FreeBSD:
# dtrace -n 'fbt:kernel:trap:entry { ustack(); }'

  0  57874                       trap:entry
              libc.so.7`memmove+0x10a
              libdtrace.so.2`dtrace_consume+0x2cd
              libdtrace.so.2`dtrace_work+0x5d
              dtrace`0x206ba3
              dtrace`0x20510f
              ld-elf.so.1`0x800233000



  0  57874                       trap:entry
              libc.so.7`0x80048b45f
              libc.so.7`vfprintf_l+0xb5
              dtrace`0x2083bf
              dtrace`0x206b44
              dtrace`0x20510f
              ld-elf.so.1`0x800233000

[...]


Various sample backtraces from ddb in NetBSD after faults by
"# dtrace -n 'fbt:netbsd:trap:entry { ustack(); }'":

[ 861.0276335] fatal double fault in supervisor mode
[ 861.0276335] trap type 13 code 0 rip 0xffffffff8285b388 cs 0x8 rflags 0x10282 cr2 0xffff990078a72ff8 ilevel 0 rsp 0xffff990078a73000
[ 861.0276335] curlwp 0xffff9202722f9340 pid 217.217 lowest kstack 0xffff990078a712c0
kernel: double fault trap, code=0
Stopped in pid 217.217 (rm) at  dtrace_fbt:fbt_invop+8: pushq   %r13
fbt_invop() at dtrace_fbt:fbt_invop+8
dtrace_invop() at dtrace:dtrace_invop+55
dtrace_invop_start() at dtrace:dtrace_invop_start+27
dtrace_getupcstack() at dtrace:dtrace_getupcstack+215
dtrace_probe() at dtrace:dtrace_probe+6181
fbt_invop() at dtrace_fbt:fbt_invop+192
dtrace_invop() at dtrace:dtrace_invop+55
dtrace_invop_start() at dtrace:dtrace_invop_start+27
dtrace_getupcstack() at dtrace:dtrace_getupcstack+215
dtrace_probe() at dtrace:dtrace_probe+6181
fbt_invop() at dtrace_fbt:fbt_invop+192
dtrace_invop() at dtrace:dtrace_invop+55
dtrace_invop_start() at dtrace:dtrace_invop_start+27
dtrace_getupcstack() at dtrace:dtrace_getupcstack+215
dtrace_probe() at dtrace:dtrace_probe+6181
fbt_invop() at dtrace_fbt:fbt_invop+192
dtrace_invop() at dtrace:dtrace_invop+55
dtrace_invop_start() at dtrace:dtrace_invop_start+27
dtrace_getupcstack() at dtrace:dtrace_getupcstack+215
dtrace_probe() at dtrace:dtrace_probe+6181
fbt_invop() at dtrace_fbt:fbt_invop+192
[...]
dtrace_invop() at dtrace:dtrace_invop+55
dtrace_invop_start() at dtrace:dtrace_invop_start+27
dtrace_getupcstack() at dtrace:dtrace_getupcstack+215
dtrace_probe() at dtrace:dtrace_probe+6181
fbt_invop() at dtrace_fbt:fbt_invop+192
dtrace_invop() at dtrace:dtrace_invop+55
dtrace_invop_start() at dtrace:dtrace_invop_start+27
dtrace_getupcstack() at dtrace:dtrace_getupcstack+215
dtrace_probe() at dtrace:dtrace_probe+6181
fbt_invop() at dtrace_fbt:fbt_invop+192
dtrace_invop() at dtrace:dtrace_invop+55
dtrace_invop_start() at dtrace:dtrace_invop_start+27
elf64_copyargs() at netbsd:elf64_copyargs+28
execve_runproc() at netbsd:execve_runproc+1185
execve1() at netbsd:execve1+79
sys_execve() at netbsd:sys_execve+42
syscall() at netbsd:syscall+406
--- syscall (number 59) ---
netbsd:syscall+406:
ds          35
es          35
fs          0
gs          0
rdi         18446744071564330048        trap
rsi         18446630826036113488
rbp         18446630826036113424
rbx         140187732537344
rdx         140187732537344
rcx         0
rax         18446744071603810864        dtrace_invop_start
r8          1
r9          18446630824154095616
r10         0
r11         0
r12         18446630826036113488
r13         18446744071564330048        trap
r14         18446623137861511552
r15         18446630824163618848
rip         18446744071604384648        fbt_invop+8
cs          8
rflags      66178
rsp         18446630826036113408
ss          16
dtrace_fbt:fbt_invop+8: pushq   %r13




Mon Aug  9 08:05:57 PDT 2021
[ 835.7660203] fatal double fault in supervisor mode
[ 835.7660203] trap type 13 code 0 rip 0xffffffff827c3e53 cs 0x8 rflags 0x10082 cr2 0xffffbb80785c6ec8 ilevel 0 rsp 0xffffbb80785c6ed0
[ 835.7660203] curlwp 0xffffa754dd4de200 pid 1983.1983 lowest kstack 0xffffbb80785c52c0
kernel: double fault trap, code=0
Stopped in pid 1983.1983 (sshd) at      dtrace:dtrace_dif_emulate+26:   movq
%rsi,18446744073709551256(%rbp)
dtrace_dif_emulate() at dtrace:dtrace_dif_emulate+26
dtrace_probe() at dtrace:dtrace_probe+988
fbt_invop() at dtrace_fbt:fbt_invop+192
dtrace_invop() at dtrace:dtrace_invop+55
dtrace_invop_start() at dtrace:dtrace_invop_start+27
dtrace_getupcstack() at dtrace:dtrace_getupcstack+215
dtrace_probe() at dtrace:dtrace_probe+6181
fbt_invop() at dtrace_fbt:fbt_invop+192
dtrace_invop() at dtrace:dtrace_invop+55
dtrace_invop_start() at dtrace:dtrace_invop_start+27
dtrace_getupcstack() at dtrace:dtrace_getupcstack+215
dtrace_probe() at dtrace:dtrace_probe+6181
fbt_invop() at dtrace_fbt:fbt_invop+192
dtrace_invop() at dtrace:dtrace_invop+55
dtrace_invop_start() at dtrace:dtrace_invop_start+27
dtrace_getupcstack() at dtrace:dtrace_getupcstack+215
dtrace_probe() at dtrace:dtrace_probe+6181
fbt_invop() at dtrace_fbt:fbt_invop+192
dtrace_invop() at dtrace:dtrace_invop+55
dtrace_invop_start() at dtrace:dtrace_invop_start+27
---
dtrace_getupcstack() at dtrace:dtrace_getupcstack+215
dtrace_probe() at dtrace:dtrace_probe+6181
fbt_invop() at dtrace_fbt:fbt_invop+192
dtrace_invop() at dtrace:dtrace_invop+55
dtrace_invop_start() at dtrace:dtrace_invop_start+27
dtrace_getupcstack() at dtrace:dtrace_getupcstack+215
dtrace_probe() at dtrace:dtrace_probe+6181
fbt_invop() at dtrace_fbt:fbt_invop+192
dtrace_invop() at dtrace:dtrace_invop+55
ds          35
es          35
fs          0
gs          0
rdi         18446646581911618752
rsi         18446668759182373416
rbp         18446668759182373120
rbx         18446668757305319424
rdx         18446668757294981176
rcx         18446668757294981120
rax         1
r8          18446668759182373416
r9          18446668757305319424
r10         0
r11         582
r12         18446646581911618752
r13         18446668757305319424
r14         18446668757305253888
r15         18446668759182373416
rip         18446744071603764819        dtrace_dif_emulate+26
cs          8
rflags      65666
rsp         18446668759182372560
ss          16
dtrace:dtrace_dif_emulate+26:   movq    %rsi,18446744073709551256(%rbp)



Mon Aug  9 10:10:15 PDT 2021
[ 6969.8811677] fatal double fault in supervisor mode
[ 6969.8811677] trap type 13 code 0 rip 0xffffffff802083a9 cs 0x8 rflags 0x10082 cr2 0
[ 6969.8811677] curlwp 0xffff90c8be4dcac0 pid 2815.2815 lowest kstack 0xffff930078e070
kernel: double fault trap, code=0
Stopped in pid 2815.2815 (dtrace) at    netbsd:Xtrap14+9:       movq    %rdi,0(%
rsp)
Xtrap14() at netbsd:Xtrap14+9
dtrace_getupcstack() at dtrace:dtrace_getupcstack+215
dtrace_probe() at dtrace:dtrace_probe+6181
fbt_invop() at dtrace_fbt:fbt_invop+192
dtrace_invop() at dtrace:dtrace_invop+55
dtrace_invop_start() at dtrace:dtrace_invop_start+27
dtrace_getupcstack() at dtrace:dtrace_getupcstack+215
dtrace_probe() at dtrace:dtrace_probe+6181
fbt_invop() at dtrace_fbt:fbt_invop+192
dtrace_invop() at dtrace:dtrace_invop+55
dtrace_invop_start() at dtrace:dtrace_invop_start+27
dtrace_getupcstack() at dtrace:dtrace_getupcstack+215
dtrace_probe() at dtrace:dtrace_probe+6181
fbt_invop() at dtrace_fbt:fbt_invop+192
dtrace_invop() at dtrace:dtrace_invop+55
dtrace_invop_start() at dtrace:dtrace_invop_start+27
dtrace_getupcstack() at dtrace:dtrace_getupcstack+215
dtrace_probe() at dtrace:dtrace_probe+6181
fbt_invop() at dtrace_fbt:fbt_invop+192
dtrace_invop() at dtrace:dtrace_invop+55
dtrace_invop_start() at dtrace:dtrace_invop_start+27
dtrace_getupcstack() at dtrace:dtrace_getupcstack+215
dtrace_probe() at dtrace:dtrace_probe+6181
fbt_invop() at dtrace_fbt:fbt_invop+192
dtrace_invop() at dtrace:dtrace_invop+55
dtrace_invop_start() at dtrace:dtrace_invop_start+27
dtrace_getupcstack() at dtrace:dtrace_getupcstack+215
dtrace_probe() at dtrace:dtrace_probe+6181
fbt_invop() at dtrace_fbt:fbt_invop+192
dtrace_invop() at dtrace:dtrace_invop+55
dtrace_invop_start() at dtrace:dtrace_invop_start+27
dtrace_getupcstack() at dtrace:dtrace_getupcstack+215
dtrace_probe() at dtrace:dtrace_probe+6181
fbt_invop() at dtrace_fbt:fbt_invop+192
dtrace_invop() at dtrace:dtrace_invop+55
ds          35
es          35
fs          0
gs          0
rdi         127156438688512
rsi         20
rbp         18446624228970107056
rbx         127156438688504
rdx         127156453931168
rcx         0
rax         140187732537344
r8          18446624228970107432
r9          18446624227084328960
r10         0
r11         582
r12         19
r13         1
r14         127156453931168
r15         18446624227089657888
rip         18446744071564198825        Xtrap14+9
cs          8
rflags      65666
rsp         18446624228970106736
ss          0
netbsd:Xtrap14+9:       movq    %rdi,0(%rsp)






Mon Aug  9 18:07:44 PDT 2021
katy$ Aug  9 16:33:25 katy_v0 su: bch to root on /dev/pts/0
[ 4707.3916637] -bch dtrace_getupstack(): 20
[ 4707.3916637] -bch dtrace_getupstack(): 20
[ 4707.3916637] -bch dtrace_getupstack(): 20
[ 4707.3916637] -bch dtrace_getupstack(): 20
[ 4707.3916637] -bch dtrace_getupstack(): 20
[ 4707.3916637] -bch dtrace_getupstack(): 20
[ 4707.3916637] fatal double fault in supervisor mode
[ 4707.3916637] trap type 13 code 0 rip 0xffffffff827c3e53 cs 0x8 rflags 0x10082 cr2 0
[ 4707.3916637] curlwp 0xfffffbdba1e6b580 pid 502.502 lowest kstack 0xffff9a80784702c0
kernel: double fault trap, code=0
Stopped in pid 502.502 (pickup) at      dtrace:dtrace_dif_emulate+26:   movq
%rsi,18446744073709551256(%rbp)
dtrace_dif_emulate() at dtrace:dtrace_dif_emulate+26
dtrace_probe() at dtrace:dtrace_probe+988
fbt_invop() at dtrace_fbt:fbt_invop+192
dtrace_invop() at dtrace:dtrace_invop+55
dtrace_invop_start() at dtrace:dtrace_invop_start+27
dtrace_getupcstack() at dtrace:dtrace_getupcstack+215
dtrace_probe() at dtrace:dtrace_probe+6196
fbt_invop() at dtrace_fbt:fbt_invop+192
dtrace_invop() at dtrace:dtrace_invop+55
dtrace_invop_start() at dtrace:dtrace_invop_start+27
dtrace_getupcstack() at dtrace:dtrace_getupcstack+215
dtrace_probe() at dtrace:dtrace_probe+6196
fbt_invop() at dtrace_fbt:fbt_invop+192
dtrace_invop() at dtrace:dtrace_invop+55
dtrace_invop_start() at dtrace:dtrace_invop_start+27
dtrace_getupcstack() at dtrace:dtrace_getupcstack+215
dtrace_probe() at dtrace:dtrace_probe+6196
fbt_invop() at dtrace_fbt:fbt_invop+192
dtrace_invop() at dtrace:dtrace_invop+55
dtrace_invop_start() at dtrace:dtrace_invop_start+27
dtrace_getupcstack() at dtrace:dtrace_getupcstack+215
dtrace_probe() at dtrace:dtrace_probe+6196
fbt_invop() at dtrace_fbt:fbt_invop+192
dtrace_invop() at dtrace:dtrace_invop+55
dtrace_invop_start() at dtrace:dtrace_invop_start+27
dtrace_getupcstack() at dtrace:dtrace_getupcstack+215
dtrace_probe() at dtrace:dtrace_probe+6196
fbt_invop() at dtrace_fbt:fbt_invop+192
dtrace_invop() at dtrace:dtrace_invop+55
dtrace_invop_start() at dtrace:dtrace_invop_start+27
dtrace_getupcstack() at dtrace:dtrace_getupcstack+215
dtrace_probe() at dtrace:dtrace_probe+6196
fbt_invop() at dtrace_fbt:fbt_invop+192
dtrace_invop() at dtrace:dtrace_invop+55
ds          35
es          35
fs          0
gs          0
rdi         18446739519667471936
rsi         18446632475297260072
rbp         18446632475297259776
rbx         18446632473421537280
rdx         18446632473411264568
rcx         18446632473411264512
rax         1
r8          18446632475297260072
r9          18446632473421537280
r10         0
r11         4294967293
r12         18446739519667471936
r13         18446632473421537280
r14         18446632473421602816
r15         18446632475297260072
rip         18446744071603764819        dtrace_dif_emulate+26
cs          8
rflags      65666
rsp         18446632475297259216
ss          0
dtrace:dtrace_dif_emulate+26:   movq    %rsi,18446744073709551256(%rbp)






Mon Aug  9 18:20:31 PDT 2021
[ 277.0165899] -bch dtrace_getupstack(): 20
[ 277.0165899] -bch dtrace_getupstack(): 20
[ 277.0165899] -bch dtrace_getupstack(): 20
[ 277.0165899] -bch dtrace_getupstack(): 20
[ 277.0165899] -bch dtrace_getupstack(): 20
[ 277.0165899] -bch dtrace_getupstack(): 20
[ 277.0165899] fatal double fault in supervisor mode
[ 277.0165899] trap type 13 code 0 rip 0xffffffff827c3e53 cs 0x8 rflags 0x10082 cr2 00
[ 277.0165899] curlwp 0xffffd45f5ca4b100 pid 1761.1761 lowest kstack 0xffffdd807835020
kernel: double fault trap, code=0
Stopped in pid 1761.1761 (pickup) at    dtrace:dtrace_dif_emulate+26:   movq
%rsi,18446744073709551256(%rbp)
dtrace_dif_emulate() at dtrace:dtrace_dif_emulate+26
dtrace_probe() at dtrace:dtrace_probe+988
fbt_invop() at dtrace_fbt:fbt_invop+192
dtrace_invop() at dtrace:dtrace_invop+55
dtrace_invop_start() at dtrace:dtrace_invop_start+27
dtrace_getupcstack() at dtrace:dtrace_getupcstack+215
dtrace_probe() at dtrace:dtrace_probe+6196
fbt_invop() at dtrace_fbt:fbt_invop+192
dtrace_invop() at dtrace:dtrace_invop+55
dtrace_invop_start() at dtrace:dtrace_invop_start+27
dtrace_getupcstack() at dtrace:dtrace_getupcstack+215
dtrace_probe() at dtrace:dtrace_probe+6196
fbt_invop() at dtrace_fbt:fbt_invop+192
dtrace_invop() at dtrace:dtrace_invop+55
dtrace_invop_start() at dtrace:dtrace_invop_start+27
dtrace_getupcstack() at dtrace:dtrace_getupcstack+215
dtrace_probe() at dtrace:dtrace_probe+6196
fbt_invop() at dtrace_fbt:fbt_invop+192
dtrace_invop() at dtrace:dtrace_invop+55
dtrace_invop_start() at dtrace:dtrace_invop_start+27
dtrace_getupcstack() at dtrace:dtrace_getupcstack+215
dtrace_probe() at dtrace:dtrace_probe+6196
fbt_invop() at dtrace_fbt:fbt_invop+192
dtrace_invop() at dtrace:dtrace_invop+55
dtrace_invop_start() at dtrace:dtrace_invop_start+27
dtrace_getupcstack() at dtrace:dtrace_getupcstack+215
dtrace_probe() at dtrace:dtrace_probe+6196
fbt_invop() at dtrace_fbt:fbt_invop+192
dtrace_invop() at dtrace:dtrace_invop+55
dtrace_invop_start() at dtrace:dtrace_invop_start+27
dtrace_getupcstack() at dtrace:dtrace_getupcstack+215
dtrace_probe() at dtrace:dtrace_probe+6196
fbt_invop() at dtrace_fbt:fbt_invop+192
dtrace_invop() at dtrace:dtrace_invop+55
ds          35
es          35
fs          0
gs          0
rdi         18446696104877567616
rsi         18446706142575141416
rbp         18446706142575141120
rbx         18446706140700598272
rdx         18446706140690325560
rcx         18446706140690325504
rax         1
r8          18446706142575141416
r9          18446706140700598272
r10         0
r11         4294967293
r12         18446696104877567616
r13         18446706140700598272
r14         18446706140700663808
r15         18446706142575141416
rip         18446744071603764819        dtrace_dif_emulate+26
cs          8
rflags      65666
rsp         18446706142575140560
ss          0
dtrace:dtrace_dif_emulate+26:   movq    %rsi,18446744073709551256(%rbp)

>How-To-Repeat:
	# dtrace -n 'fbt:netbsd:trap:entry { ustack(); }'
>Fix:

>Audit-Trail:
From: bch <brad.harder@gmail.com>
To: gnats-bugs@netbsd.org, "riastradh@netbsd.org" <riastradh@netbsd.org>
Cc: 
Subject: Re: kern/56355: dtrace triggers double-fault in supervisor mode
Date: Tue, 10 Aug 2021 11:49:28 -0700

 --000000000000c8c97c05c938f60c
 Content-Type: text/plain; charset="UTF-8"
 Content-Transfer-Encoding: quoted-printable

 On Tue, Aug 10, 2021 at 00:25 <gnats-admin@netbsd.org> wrote:

 > Thank you very much for your problem report.
 > It has the internal identification `kern/56355'.
 > The individual assigned to look at your
 > report is: kern-bug-people.
 >
 > >Category:       kern
 > >Responsible:    kern-bug-people
 > >Synopsis:       dtrace triggers double-fault in supervisor mode
 > >Arrival-Date:   Tue Aug 10 07:25:00 +0000 2021
 >

 ~50000 probes, and I found one that simply shouldn=E2=80=99t be there. Prop=
 osed
 patch after discussion w @riastradh:

 --- a/external/cddl/osnet/dev/fbt/fbt.c Thu Aug 05 09:46:09 2021 -0700
 +++ b/external/cddl/osnet/dev/fbt/fbt.c Tue Aug 10 11:39:10 2021 -0700
 @@ -178,6 +178,7 @@
             strncmp(name, "lockdebug_", 10) =3D=3D 0 ||
             strncmp(name, "kauth_", 5) =3D=3D 0 ||
             strncmp(name, "ktext_write", 11) =3D=3D 0 ||
 +           strncmp(name, "trap", 4) =3D=3D 0 ||
             strncmp(name, "fbt_", 4) =3D=3D 0) {
                 return (1);
         }






 >

 --000000000000c8c97c05c938f60c
 Content-Type: text/html; charset="UTF-8"
 Content-Transfer-Encoding: quoted-printable

 <div><br></div><div><br><div class=3D"gmail_quote"><div dir=3D"ltr" class=
 =3D"gmail_attr">On Tue, Aug 10, 2021 at 00:25 &lt;<a href=3D"mailto:gnats-a=
 dmin@netbsd.org">gnats-admin@netbsd.org</a>&gt; wrote:<br></div><blockquote=
  class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1px #ccc soli=
 d;padding-left:1ex">Thank you very much for your problem report.<br>
 It has the internal identification `kern/56355&#39;.<br>
 The individual assigned to look at your<br>
 report is: kern-bug-people. <br>
 <br>
 &gt;Category:=C2=A0 =C2=A0 =C2=A0 =C2=A0kern<br>
 &gt;Responsible:=C2=A0 =C2=A0 kern-bug-people<br>
 &gt;Synopsis:=C2=A0 =C2=A0 =C2=A0 =C2=A0dtrace triggers double-fault in sup=
 ervisor mode<br>
 &gt;Arrival-Date:=C2=A0 =C2=A0Tue Aug 10 07:25:00 +0000 2021<br>
 </blockquote><div dir=3D"auto"><br></div><div dir=3D"auto">~50000 probes, a=
 nd I found one that simply shouldn=E2=80=99t be there. Proposed patch after=
  discussion w @riastradh:</div><div dir=3D"auto"><br></div><div dir=3D"auto=
 "><div dir=3D"auto">--- a/external/cddl/osnet/dev/fbt/fbt.c Thu Aug 05 09:4=
 6:09 2021 -0700</div><div dir=3D"auto">+++ b/external/cddl/osnet/dev/fbt/fb=
 t.c Tue Aug 10 11:39:10 2021 -0700</div><div dir=3D"auto">@@ -178,6 +178,7 =
 @@</div><div dir=3D"auto">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 strncmp=
 (name, &quot;lockdebug_&quot;, 10) =3D=3D 0 ||</div><div dir=3D"auto">=C2=
 =A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 strncmp(name, &quot;kauth_&quot;, 5)=
  =3D=3D 0 ||</div><div dir=3D"auto">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=
 =A0 strncmp(name, &quot;ktext_write&quot;, 11) =3D=3D 0 ||</div><div dir=3D=
 "auto">+ =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 strncmp(name, &quot;trap&quot;,=
  4) =3D=3D 0 ||</div><div dir=3D"auto">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =
 =C2=A0 strncmp(name, &quot;fbt_&quot;, 4) =3D=3D 0) {</div><div dir=3D"auto=
 ">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 return (1);</div>=
 <div dir=3D"auto">=C2=A0 =C2=A0 =C2=A0 =C2=A0 }</div><div dir=3D"auto"><br>=
 </div></div><div dir=3D"auto"><br></div><div dir=3D"auto"><br></div><div di=
 r=3D"auto"><br></div><div dir=3D"auto"><br></div><blockquote class=3D"gmail=
 _quote" style=3D"margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:=
 1ex"><br>
 </blockquote></div></div>

 --000000000000c8c97c05c938f60c--

From: bch <brad.harder@gmail.com>
To: gnats-bugs@netbsd.org, "riastradh@netbsd.org" <riastradh@netbsd.org>
Cc: 
Subject: Re: kern/56355: dtrace triggers double-fault in supervisor mode
Date: Tue, 10 Aug 2021 13:26:08 -0700

 --000000000000843d9705c93a506b
 Content-Type: text/plain; charset="UTF-8"
 Content-Transfer-Encoding: quoted-printable

 On Tue, Aug 10, 2021 at 11:49 bch <brad.harder@gmail.com> wrote:

 >
 >
 > On Tue, Aug 10, 2021 at 00:25 <gnats-admin@netbsd.org> wrote:
 >
 >> Thank you very much for your problem report.
 >> It has the internal identification `kern/56355'.
 >> The individual assigned to look at your
 >> report is: kern-bug-people.
 >>
 >> >Category:       kern
 >> >Responsible:    kern-bug-people
 >> >Synopsis:       dtrace triggers double-fault in supervisor mode
 >> >Arrival-Date:   Tue Aug 10 07:25:00 +0000 2021
 >>
 >

 Updated - move logic to arch-specific (x86) code:

 --- a/external/cddl/osnet/dev/fbt/x86/fbt_isa.c Thu Aug 05 09:46:09 2021
 -0700
 +++ b/external/cddl/osnet/dev/fbt/x86/fbt_isa.c Tue Aug 10 12:19:50 2021
 -0700
 @@ -251,8 +251,9 @@
         /*
          * Exclude some more symbols which can be called from probe context=
 .
          */
 -       if (strcmp(name, "x86_curcpu") =3D=3D 0 ||
 -           strcmp(name, "x86_curlwp") =3D=3D 0) {
 +       if (strncmp(name, "x86_curcpu", 10) =3D=3D 0 ||
 +           strncmp(name, "trap", 4) =3D=3D 0 ||
 +           strncmp(name, "x86_curlwp", 10) =3D=3D 0) {
                 return 0;
         }
  #endif





 > ~50000 probes, and I found one that simply shouldn=E2=80=99t be there. Pr=
 oposed
 > patch after discussion w @riastradh:
 >
 > --- a/external/cddl/osnet/dev/fbt/fbt.c Thu Aug 05 09:46:09 2021 -0700
 > +++ b/external/cddl/osnet/dev/fbt/fbt.c Tue Aug 10 11:39:10 2021 -0700
 > @@ -178,6 +178,7 @@
 >             strncmp(name, "lockdebug_", 10) =3D=3D 0 ||
 >             strncmp(name, "kauth_", 5) =3D=3D 0 ||
 >             strncmp(name, "ktext_write", 11) =3D=3D 0 ||
 > +           strncmp(name, "trap", 4) =3D=3D 0 ||
 >             strncmp(name, "fbt_", 4) =3D=3D 0) {
 >                 return (1);
 >         }
 >
 >
 >
 >
 >
 >
 >>

 --000000000000843d9705c93a506b
 Content-Type: text/html; charset="UTF-8"
 Content-Transfer-Encoding: quoted-printable

 <div><br></div><div><br><div class=3D"gmail_quote"><div dir=3D"ltr" class=
 =3D"gmail_attr">On Tue, Aug 10, 2021 at 11:49 bch &lt;<a href=3D"mailto:bra=
 d.harder@gmail.com">brad.harder@gmail.com</a>&gt; wrote:<br></div><blockquo=
 te class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1px #ccc so=
 lid;padding-left:1ex"><div><br></div><div><br><div class=3D"gmail_quote"></=
 div></div><div><div class=3D"gmail_quote"><div dir=3D"ltr" class=3D"gmail_a=
 ttr">On Tue, Aug 10, 2021 at 00:25 &lt;<a href=3D"mailto:gnats-admin@netbsd=
 .org" target=3D"_blank">gnats-admin@netbsd.org</a>&gt; wrote:<br></div><blo=
 ckquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1px #c=
 cc solid;padding-left:1ex">Thank you very much for your problem report.<br>
 It has the internal identification `kern/56355&#39;.<br>
 The individual assigned to look at your<br>
 report is: kern-bug-people. <br>
 <br>
 &gt;Category:=C2=A0 =C2=A0 =C2=A0 =C2=A0kern<br>
 &gt;Responsible:=C2=A0 =C2=A0 kern-bug-people<br>
 &gt;Synopsis:=C2=A0 =C2=A0 =C2=A0 =C2=A0dtrace triggers double-fault in sup=
 ervisor mode<br>
 &gt;Arrival-Date:=C2=A0 =C2=A0Tue Aug 10 07:25:00 +0000 2021<br>
 </blockquote><div dir=3D"auto"></div></div></div></blockquote><div dir=3D"a=
 uto"><br></div><div dir=3D"auto"><br></div><div dir=3D"auto">Updated - move=
  logic to arch-specific (x86) code:</div><div dir=3D"auto"><br></div><div d=
 ir=3D"auto"><div dir=3D"auto">--- a/external/cddl/osnet/dev/fbt/x86/fbt_isa=
 .c Thu Aug 05 09:46:09 2021 -0700</div><div dir=3D"auto">+++ b/external/cdd=
 l/osnet/dev/fbt/x86/fbt_isa.c Tue Aug 10 12:19:50 2021 -0700</div><div dir=
 =3D"auto">@@ -251,8 +251,9 @@</div><div dir=3D"auto">=C2=A0 =C2=A0 =C2=A0 =
 =C2=A0 /*</div><div dir=3D"auto">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0* Exclud=
 e some more symbols which can be called from probe context.</div><div dir=
 =3D"auto">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0*/</div><div dir=3D"auto">- =C2=
 =A0 =C2=A0 =C2=A0 if (strcmp(name, &quot;x86_curcpu&quot;) =3D=3D 0 ||</div=
 ><div dir=3D"auto">- =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 strcmp(name, &quot;=
 x86_curlwp&quot;) =3D=3D 0) {</div><div dir=3D"auto">+ =C2=A0 =C2=A0 =C2=A0=
  if (strncmp(name, &quot;x86_curcpu&quot;, 10) =3D=3D 0 ||</div><div dir=3D=
 "auto">+ =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 strncmp(name, &quot;trap&quot;,=
  4) =3D=3D 0 ||</div><div dir=3D"auto">+ =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0=
  strncmp(name, &quot;x86_curlwp&quot;, 10) =3D=3D 0) {</div><div dir=3D"aut=
 o">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 return 0;</div><=
 div dir=3D"auto">=C2=A0 =C2=A0 =C2=A0 =C2=A0 }</div><div dir=3D"auto">=C2=
 =A0#endif</div><div dir=3D"auto"><br></div></div><div dir=3D"auto"><br></di=
 v><div dir=3D"auto"><br></div><div dir=3D"auto"><br></div><blockquote class=
 =3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1px #ccc solid;padd=
 ing-left:1ex"><div><div class=3D"gmail_quote"><div dir=3D"auto"><br></div><=
 /div></div><div><div class=3D"gmail_quote"><div dir=3D"auto">~50000 probes,=
  and I found one that simply shouldn=E2=80=99t be there. Proposed patch aft=
 er discussion w @riastradh:</div><div dir=3D"auto"><br></div><div dir=3D"au=
 to"><div dir=3D"auto">--- a/external/cddl/osnet/dev/fbt/fbt.c Thu Aug 05 09=
 :46:09 2021 -0700</div><div dir=3D"auto">+++ b/external/cddl/osnet/dev/fbt/=
 fbt.c Tue Aug 10 11:39:10 2021 -0700</div><div dir=3D"auto">@@ -178,6 +178,=
 7 @@</div><div dir=3D"auto">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 strnc=
 mp(name, &quot;lockdebug_&quot;, 10) =3D=3D 0 ||</div><div dir=3D"auto">=C2=
 =A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 strncmp(name, &quot;kauth_&quot;, 5)=
  =3D=3D 0 ||</div><div dir=3D"auto">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=
 =A0 strncmp(name, &quot;ktext_write&quot;, 11) =3D=3D 0 ||</div><div dir=3D=
 "auto">+ =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 strncmp(name, &quot;trap&quot;,=
  4) =3D=3D 0 ||</div><div dir=3D"auto">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =
 =C2=A0 strncmp(name, &quot;fbt_&quot;, 4) =3D=3D 0) {</div><div dir=3D"auto=
 ">=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 return (1);</div>=
 <div dir=3D"auto">=C2=A0 =C2=A0 =C2=A0 =C2=A0 }</div><div dir=3D"auto"><br>=
 </div></div><div dir=3D"auto"><br></div><div dir=3D"auto"><br></div><div di=
 r=3D"auto"><br></div><div dir=3D"auto"><br></div><blockquote class=3D"gmail=
 _quote" style=3D"margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:=
 1ex"><br>
 </blockquote></div></div>
 </blockquote></div></div>

 --000000000000843d9705c93a506b--

From: "Christos Zoulas" <christos@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc: 
Subject: PR/56355 CVS commit: src/external/cddl/osnet/dev/fbt/x86
Date: Wed, 11 Aug 2021 07:16:49 -0400

 Module Name:	src
 Committed By:	christos
 Date:		Wed Aug 11 11:16:49 UTC 2021

 Modified Files:
 	src/external/cddl/osnet/dev/fbt/x86: fbt_isa.c

 Log Message:
 PR/56355: Brad Harder: dtrace triggers double-fault in supervisor mode


 To generate a diff of this commit:
 cvs rdiff -u -r1.3 -r1.4 src/external/cddl/osnet/dev/fbt/x86/fbt_isa.c

 Please note that diffs are not public domain; they are subject to the
 copyright notices on the relevant files.

From: David Holland <dholland-bugs@netbsd.org>
To: gnats-bugs@netbsd.org
Cc: 
Subject: Re: kern/56355: dtrace triggers double-fault in supervisor mode
Date: Wed, 11 Aug 2021 20:08:06 +0000

 On Tue, Aug 10, 2021 at 08:30:02PM +0000, bch wrote:
  >  Updated - move logic to arch-specific (x86) code:
  > [snip]

 I expect every arch needs the equivalent of this? (They're not all
 called "trap", but quite a few are)

 -- 
 David A. Holland
 dholland@netbsd.org

From: bch <brad.harder@gmail.com>
To: gnats-bugs@netbsd.org
Cc: gnats-admin@netbsd.org, kern-bug-people@netbsd.org, netbsd-bugs@netbsd.org
Subject: Re: kern/56355: dtrace triggers double-fault in supervisor mode
Date: Wed, 11 Aug 2021 13:56:48 -0700

 --00000000000008aeb705c94edc8a
 Content-Type: text/plain; charset="UTF-8"
 Content-Transfer-Encoding: quoted-printable

 On Wed, Aug 11, 2021 at 13:10 David Holland <dholland-bugs@netbsd.org>
 wrote:

 > The following reply was made to PR kern/56355; it has been noted by GNATS=
 .
 >
 > From: David Holland <dholland-bugs@netbsd.org>
 > To: gnats-bugs@netbsd.org
 > Cc:
 > Subject: Re: kern/56355: dtrace triggers double-fault in supervisor mode
 > Date: Wed, 11 Aug 2021 20:08:06 +0000
 >
 >  On Tue, Aug 10, 2021 at 08:30:02PM +0000, bch wrote:
 >   >  Updated - move logic to arch-specific (x86) code:
 >   > [snip]
 >
 >  I expect every arch needs the equivalent of this? (They're not all
 >  called "trap", but quite a few are)


 I=E2=80=99ll take a look.

 -bch



 >
 >  --
 >  David A. Holland
 >  dholland@netbsd.org
 >
 >

 --00000000000008aeb705c94edc8a
 Content-Type: text/html; charset="UTF-8"
 Content-Transfer-Encoding: quoted-printable

 <div><br></div><div><br><div class=3D"gmail_quote"><div dir=3D"ltr" class=
 =3D"gmail_attr">On Wed, Aug 11, 2021 at 13:10 David Holland &lt;<a href=3D"=
 mailto:dholland-bugs@netbsd.org">dholland-bugs@netbsd.org</a>&gt; wrote:<br=
 ></div><blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-=
 left:1px #ccc solid;padding-left:1ex">The following reply was made to PR ke=
 rn/56355; it has been noted by GNATS.<br>
 <br>
 From: David Holland &lt;<a href=3D"mailto:dholland-bugs@netbsd.org" target=
 =3D"_blank">dholland-bugs@netbsd.org</a>&gt;<br>
 To: <a href=3D"mailto:gnats-bugs@netbsd.org" target=3D"_blank">gnats-bugs@n=
 etbsd.org</a><br>
 Cc: <br>
 Subject: Re: kern/56355: dtrace triggers double-fault in supervisor mode<br=
 >
 Date: Wed, 11 Aug 2021 20:08:06 +0000<br>
 <br>
 =C2=A0On Tue, Aug 10, 2021 at 08:30:02PM +0000, bch wrote:<br>
 =C2=A0 &gt;=C2=A0 Updated - move logic to arch-specific (x86) code:<br>
 =C2=A0 &gt; [snip]<br>
 <br>
 =C2=A0I expect every arch needs the equivalent of this? (They&#39;re not al=
 l<br>
 =C2=A0called &quot;trap&quot;, but quite a few are)</blockquote><div dir=3D=
 "auto"><br></div><div dir=3D"auto">I=E2=80=99ll take a look.</div><div dir=
 =3D"auto"><br></div><div dir=3D"auto">-bch</div><div dir=3D"auto"><br></div=
 ><div dir=3D"auto"><br></div><blockquote class=3D"gmail_quote" style=3D"mar=
 gin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex" dir=3D"auto"><b=
 r>
 <br>
 =C2=A0-- <br>
 =C2=A0David A. Holland<br>
 =C2=A0<a href=3D"mailto:dholland@netbsd.org" target=3D"_blank">dholland@net=
 bsd.org</a><br>
 <br>
 </blockquote></div></div>

 --00000000000008aeb705c94edc8a--

From: Taylor R Campbell <riastradh@NetBSD.org>
To: bch <brad.harder@gmail.com>
Cc: gnats-bugs@netbsd.org
Subject: Re: kern/56355: dtrace triggers double-fault in supervisor mode
Date: Sun, 15 Aug 2021 15:08:11 +0000

 > Date: Tue, 10 Aug 2021 13:26:08 -0700
 > From: bch <brad.harder@gmail.com>
 >=20
 > @@ -251,8 +251,9 @@
 >         /*
 >          * Exclude some more symbols which can be called from probe conte=
 xt.
 >          */
 > -       if (strcmp(name, "x86_curcpu") =3D=3D 0 ||
 > -           strcmp(name, "x86_curlwp") =3D=3D 0) {
 > +       if (strncmp(name, "x86_curcpu", 10) =3D=3D 0 ||
 > +           strncmp(name, "trap", 4) =3D=3D 0 ||
 > +           strncmp(name, "x86_curlwp", 10) =3D=3D 0) {
 >                 return 0;

 This patch changes the semantics of the code so that it excludes any
 names that _start_ with `trap', `x86_curcpu', or `x86_curlwp', such as
 `trapsignal'.  The use of strncmp instead of strcmp should be restored
 (and the list should maybe be sorted lexicographically).

From: bch <brad.harder@gmail.com>
To: Taylor R Campbell <riastradh@netbsd.org>
Cc: gnats-bugs@netbsd.org
Subject: Re: kern/56355: dtrace triggers double-fault in supervisor mode
Date: Sun, 15 Aug 2021 09:05:52 -0700

 --000000000000eecb1f05c99b42f0
 Content-Type: text/plain; charset="UTF-8"
 Content-Transfer-Encoding: quoted-printable

 On Sun, Aug 15, 2021 at 08:10 Taylor R Campbell <riastradh@netbsd.org>
 wrote:

 > > Date: Sun, 15 Aug 2021 15:08:11 +0000
 > > From: Taylor R Campbell <riastradh@NetBSD.org>
 > >
 > > > Date: Tue, 10 Aug 2021 13:26:08 -0700
 > > > From: bch <brad.harder@gmail.com>
 > > >
 > > > @@ -251,8 +251,9 @@
 > > >         /*
 > > >          * Exclude some more symbols which can be called from probe
 > context.
 > > >          */
 > > > -       if (strcmp(name, "x86_curcpu") =3D=3D 0 ||
 > > > -           strcmp(name, "x86_curlwp") =3D=3D 0) {
 > > > +       if (strncmp(name, "x86_curcpu", 10) =3D=3D 0 ||
 > > > +           strncmp(name, "trap", 4) =3D=3D 0 ||
 > > > +           strncmp(name, "x86_curlwp", 10) =3D=3D 0) {
 > > >                 return 0;
 > >
 > > This patch changes the semantics of the code so that it excludes any
 > > names that _start_ with `trap', `x86_curcpu', or `x86_curlwp', such as
 > > `trapsignal'.  The use of strncmp instead of strcmp should be restored
 > > (and the list should maybe be sorted lexicographically).
 >
 > Errr, I mean: this code should use strcmp, not strncmp.


 If you read through to the MI exclusion code at fbt_exclude(), it=E2=80=99s=
  using
 strncmp(). Should that be changed too, or otherwise, why pick strcmp() v
 strncmp()?


 -bch


 >

 --000000000000eecb1f05c99b42f0
 Content-Type: text/html; charset="UTF-8"
 Content-Transfer-Encoding: quoted-printable

 <div><br></div><div><br><div class=3D"gmail_quote"><div dir=3D"ltr" class=
 =3D"gmail_attr">On Sun, Aug 15, 2021 at 08:10 Taylor R Campbell &lt;<a href=
 =3D"mailto:riastradh@netbsd.org">riastradh@netbsd.org</a>&gt; wrote:<br></d=
 iv><blockquote class=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8ex;bord=
 er-left-width:1px;border-left-style:solid;padding-left:1ex;border-left-colo=
 r:rgb(204,204,204)" dir=3D"auto">&gt; Date: Sun, 15 Aug 2021 15:08:11 +0000=
 <br>
 &gt; From: Taylor R Campbell &lt;riastradh@NetBSD.org&gt;<br>
 &gt; <br>
 &gt; &gt; Date: Tue, 10 Aug 2021 13:26:08 -0700<br>
 &gt; &gt; From: bch &lt;<a href=3D"mailto:brad.harder@gmail.com" target=3D"=
 _blank">brad.harder@gmail.com</a>&gt;<br>
 &gt; &gt; <br>
 &gt; &gt; @@ -251,8 +251,9 @@<br>
 &gt; &gt;=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0/*<br>
 &gt; &gt;=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 * Exclude some more symbols whi=
 ch can be called from probe context.<br>
 &gt; &gt;=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 */<br>
 &gt; &gt; -=C2=A0 =C2=A0 =C2=A0 =C2=A0if (strcmp(name, &quot;x86_curcpu&quo=
 t;) =3D=3D 0 ||<br>
 &gt; &gt; -=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0strcmp(name, &quot;x86_=
 curlwp&quot;) =3D=3D 0) {<br>
 &gt; &gt; +=C2=A0 =C2=A0 =C2=A0 =C2=A0if (strncmp(name, &quot;x86_curcpu&qu=
 ot;, 10) =3D=3D 0 ||<br>
 &gt; &gt; +=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0strncmp(name, &quot;tra=
 p&quot;, 4) =3D=3D 0 ||<br>
 &gt; &gt; +=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0strncmp(name, &quot;x86=
 _curlwp&quot;, 10) =3D=3D 0) {<br>
 &gt; &gt;=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0retu=
 rn 0;<br>
 &gt; <br>
 &gt; This patch changes the semantics of the code so that it excludes any<b=
 r>
 &gt; names that _start_ with `trap&#39;, `x86_curcpu&#39;, or `x86_curlwp&#=
 39;, such as<br>
 &gt; `trapsignal&#39;.=C2=A0 The use of strncmp instead of strcmp should be=
  restored<br>
 &gt; (and the list should maybe be sorted lexicographically).<br>
 <br>
 Errr, I mean: this code should use strcmp, not strncmp.=C2=A0</blockquote><=
 div dir=3D"auto"><br></div><div dir=3D"auto">If you read through to the MI =
 exclusion code at fbt_exclude(), it=E2=80=99s using strncmp(). Should that =
 be changed too, or otherwise, why pick strcmp() v strncmp()?</div><div dir=
 =3D"auto"><br></div><div dir=3D"auto"><br></div><div dir=3D"auto">-bch</div=
 ><div dir=3D"auto"><br></div><blockquote class=3D"gmail_quote" style=3D"mar=
 gin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-style:solid;padding=
 -left:1ex;border-left-color:rgb(204,204,204)" dir=3D"auto"><br>
 </blockquote></div></div>

 --000000000000eecb1f05c99b42f0--

From: bch <brad.harder@gmail.com>
To: Taylor R Campbell <riastradh@netbsd.org>
Cc: gnats-bugs@netbsd.org
Subject: Re: kern/56355: dtrace triggers double-fault in supervisor mode
Date: Sun, 15 Aug 2021 09:13:59 -0700

 --000000000000f72a2805c99b5fa4
 Content-Type: text/plain; charset="UTF-8"
 Content-Transfer-Encoding: quoted-printable

 On Sun, Aug 15, 2021 at 09:05 bch <brad.harder@gmail.com> wrote:

 >
 >
 > On Sun, Aug 15, 2021 at 08:10 Taylor R Campbell <riastradh@netbsd.org>
 > wrote:
 >
 >> > Date: Sun, 15 Aug 2021 15:08:11 +0000
 >> > From: Taylor R Campbell <riastradh@NetBSD.org>
 >> >
 >> > > Date: Tue, 10 Aug 2021 13:26:08 -0700
 >> > > From: bch <brad.harder@gmail.com>
 >> > >
 >> > > @@ -251,8 +251,9 @@
 >> > >         /*
 >> > >          * Exclude some more symbols which can be called from probe
 >> context.
 >> > >          */
 >> > > -       if (strcmp(name, "x86_curcpu") =3D=3D 0 ||
 >> > > -           strcmp(name, "x86_curlwp") =3D=3D 0) {
 >> > > +       if (strncmp(name, "x86_curcpu", 10) =3D=3D 0 ||
 >> > > +           strncmp(name, "trap", 4) =3D=3D 0 ||
 >> > > +           strncmp(name, "x86_curlwp", 10) =3D=3D 0) {
 >> > >                 return 0;
 >> >
 >> > This patch changes the semantics of the code so that it excludes any
 >> > names that _start_ with `trap', `x86_curcpu', or `x86_curlwp', such as
 >> > `trapsignal'.  The use of strncmp instead of strcmp should be restored
 >> > (and the list should maybe be sorted lexicographically).
 >>
 >> Errr, I mean: this code should use strcmp, not strncmp.
 >
 >
 > If you read through to the MI exclusion code at fbt_exclude(), it=E2=80=
 =99s using
 > strncmp(). Should that be changed too, or otherwise, why pick strcmp() v
 > strncmp()?
 >

 * fbt_excluded()


 >
 > -bch
 >
 >
 >>

 --000000000000f72a2805c99b5fa4
 Content-Type: text/html; charset="UTF-8"
 Content-Transfer-Encoding: quoted-printable

 <div><br></div><div><br><div class=3D"gmail_quote"><div dir=3D"ltr" class=
 =3D"gmail_attr">On Sun, Aug 15, 2021 at 09:05 bch &lt;<a href=3D"mailto:bra=
 d.harder@gmail.com">brad.harder@gmail.com</a>&gt; wrote:<br></div><blockquo=
 te class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1px #ccc so=
 lid;padding-left:1ex"><div><br></div><div><br><div class=3D"gmail_quote"></=
 div></div><div><div class=3D"gmail_quote"><div dir=3D"ltr" class=3D"gmail_a=
 ttr">On Sun, Aug 15, 2021 at 08:10 Taylor R Campbell &lt;<a href=3D"mailto:=
 riastradh@netbsd.org" target=3D"_blank">riastradh@netbsd.org</a>&gt; wrote:=
 <br></div><blockquote class=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8=
 ex;border-left-width:1px;border-left-style:solid;padding-left:1ex;border-le=
 ft-color:rgb(204,204,204)" dir=3D"auto">&gt; Date: Sun, 15 Aug 2021 15:08:1=
 1 +0000<br>
 &gt; From: Taylor R Campbell &lt;riastradh@NetBSD.org&gt;<br>
 &gt; <br>
 &gt; &gt; Date: Tue, 10 Aug 2021 13:26:08 -0700<br>
 &gt; &gt; From: bch &lt;<a href=3D"mailto:brad.harder@gmail.com" target=3D"=
 _blank">brad.harder@gmail.com</a>&gt;<br>
 &gt; &gt; <br>
 &gt; &gt; @@ -251,8 +251,9 @@<br>
 &gt; &gt;=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0/*<br>
 &gt; &gt;=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 * Exclude some more symbols whi=
 ch can be called from probe context.<br>
 &gt; &gt;=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 */<br>
 &gt; &gt; -=C2=A0 =C2=A0 =C2=A0 =C2=A0if (strcmp(name, &quot;x86_curcpu&quo=
 t;) =3D=3D 0 ||<br>
 &gt; &gt; -=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0strcmp(name, &quot;x86_=
 curlwp&quot;) =3D=3D 0) {<br>
 &gt; &gt; +=C2=A0 =C2=A0 =C2=A0 =C2=A0if (strncmp(name, &quot;x86_curcpu&qu=
 ot;, 10) =3D=3D 0 ||<br>
 &gt; &gt; +=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0strncmp(name, &quot;tra=
 p&quot;, 4) =3D=3D 0 ||<br>
 &gt; &gt; +=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0strncmp(name, &quot;x86=
 _curlwp&quot;, 10) =3D=3D 0) {<br>
 &gt; &gt;=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0retu=
 rn 0;<br>
 &gt; <br>
 &gt; This patch changes the semantics of the code so that it excludes any<b=
 r>
 &gt; names that _start_ with `trap&#39;, `x86_curcpu&#39;, or `x86_curlwp&#=
 39;, such as<br>
 &gt; `trapsignal&#39;.=C2=A0 The use of strncmp instead of strcmp should be=
  restored<br>
 &gt; (and the list should maybe be sorted lexicographically).<br>
 <br>
 Errr, I mean: this code should use strcmp, not strncmp.=C2=A0</blockquote><=
 div dir=3D"auto"><br></div></div></div><div><div class=3D"gmail_quote"><div=
  dir=3D"auto">If you read through to the MI exclusion code at fbt_exclude()=
 , it=E2=80=99s using strncmp(). Should that be changed too, or otherwise, w=
 hy pick strcmp() v strncmp()?</div><div dir=3D"auto"></div></div></div></bl=
 ockquote><div dir=3D"auto"><br></div><div dir=3D"auto">* fbt_excluded()</di=
 v><div dir=3D"auto"><br></div><blockquote class=3D"gmail_quote" style=3D"ma=
 rgin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div><div clas=
 s=3D"gmail_quote"><div dir=3D"auto"><br></div><div dir=3D"auto"><br></div><=
 div dir=3D"auto">-bch</div><div dir=3D"auto"><br></div><blockquote class=3D=
 "gmail_quote" style=3D"margin:0px 0px 0px 0.8ex;border-left-width:1px;borde=
 r-left-style:solid;padding-left:1ex;border-left-color:rgb(204,204,204)" dir=
 =3D"auto"><br>
 </blockquote></div></div>
 </blockquote></div></div>

 --000000000000f72a2805c99b5fa4--

From: Taylor R Campbell <riastradh@NetBSD.org>
To: bch <brad.harder@gmail.com>, gnats-bugs@netbsd.org
Cc: 
Subject: Re: kern/56355: dtrace triggers double-fault in supervisor mode
Date: Sun, 15 Aug 2021 15:10:47 +0000

 > Date: Sun, 15 Aug 2021 15:08:11 +0000
 > From: Taylor R Campbell <riastradh@NetBSD.org>
 >=20
 > > Date: Tue, 10 Aug 2021 13:26:08 -0700
 > > From: bch <brad.harder@gmail.com>
 > >=20
 > > @@ -251,8 +251,9 @@
 > >         /*
 > >          * Exclude some more symbols which can be called from probe con=
 text.
 > >          */
 > > -       if (strcmp(name, "x86_curcpu") =3D=3D 0 ||
 > > -           strcmp(name, "x86_curlwp") =3D=3D 0) {
 > > +       if (strncmp(name, "x86_curcpu", 10) =3D=3D 0 ||
 > > +           strncmp(name, "trap", 4) =3D=3D 0 ||
 > > +           strncmp(name, "x86_curlwp", 10) =3D=3D 0) {
 > >                 return 0;
 >=20
 > This patch changes the semantics of the code so that it excludes any
 > names that _start_ with `trap', `x86_curcpu', or `x86_curlwp', such as
 > `trapsignal'.  The use of strncmp instead of strcmp should be restored
 > (and the list should maybe be sorted lexicographically).

 Errr, I mean: this code should use strcmp, not strncmp.

From: "Christos Zoulas" <christos@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc: 
Subject: PR/56355 CVS commit: src/external/cddl/osnet/dev/fbt/x86
Date: Sun, 15 Aug 2021 12:33:57 -0400

 Module Name:	src
 Committed By:	christos
 Date:		Sun Aug 15 16:33:57 UTC 2021

 Modified Files:
 	src/external/cddl/osnet/dev/fbt/x86: fbt_isa.c

 Log Message:
 PR/56355: Taylor Campbell: restore strcmp() over strncmp()


 To generate a diff of this commit:
 cvs rdiff -u -r1.4 -r1.5 src/external/cddl/osnet/dev/fbt/x86/fbt_isa.c

 Please note that diffs are not public domain; they are subject to the
 copyright notices on the relevant files.

From: Taylor R Campbell <riastradh@NetBSD.org>
To: bch <brad.harder@gmail.com>
Cc: gnats-bugs@netbsd.org
Subject: Re: kern/56355: dtrace triggers double-fault in supervisor mode
Date: Sun, 15 Aug 2021 18:42:14 +0000

 > Date: Sun, 15 Aug 2021 09:05:52 -0700
 > From: bch <brad.harder@gmail.com>
 > 
 > On Sun, Aug 15, 2021 at 08:10 Taylor R Campbell <riastradh@netbsd.org>
 > wrote:
 > 
 > > > Date: Sun, 15 Aug 2021 15:08:11 +0000
 > > > From: Taylor R Campbell <riastradh@NetBSD.org>
 > > >
 > > > This patch changes the semantics of the code so that it excludes any
 > > > names that _start_ with `trap', `x86_curcpu', or `x86_curlwp', such as
 > > > `trapsignal'.  The use of strncmp instead of strcmp should be restored
 > > > (and the list should maybe be sorted lexicographically).
 > >
 > > Errr, I mean: this code should use strcmp, not strncmp.
 > 
 > If you read through to the MI exclusion code at fbt_exclude(), it's using
 > strncmp(). Should that be changed too, or otherwise, why pick strcmp() v
 > strncmp()?

 fbt_excluded is meant to exclude any function whose name starts with
 `dtrace_', `dtrace_safe_', `fbt_', &c., which is what, e.g.,
 strncmp(name, "fbt_", 4) does.  But we want to exclude the function
 `trap' specifically, not all functions that happen to start with
 `trap' like `trapsignal', hence strcmp(name, "trap").

From: "Taylor R Campbell" <riastradh@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc: 
Subject: PR/56355 CVS commit: src/external/cddl/osnet/dev/fbt/x86
Date: Wed, 18 Aug 2021 11:26:17 +0000

 Module Name:	src
 Committed By:	riastradh
 Date:		Wed Aug 18 11:26:17 UTC 2021

 Modified Files:
 	src/external/cddl/osnet/dev/fbt/x86: fbt_isa.c

 Log Message:
 PR/56355: Exclude the symbol trap, not all symbols other than trap.


 To generate a diff of this commit:
 cvs rdiff -u -r1.5 -r1.6 src/external/cddl/osnet/dev/fbt/x86/fbt_isa.c

 Please note that diffs are not public domain; they are subject to the
 copyright notices on the relevant files.

NetBSD Home
NetBSD PR Database Search

(Contact us) $NetBSD: query-full-pr,v 1.46 2020/01/03 16:35:01 leot Exp $
$NetBSD: gnats_config.sh,v 1.9 2014/08/02 14:16:04 spz Exp $
Copyright © 1994-2020 The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.