HomeFreeBSD
Diffusion FreeBSD src repository 8527bb2aee6c

dtrace: Fix a kernel panic in printm()
8527bb2aee6c
Actions

Description

dtrace: Fix a kernel panic in printm()

When using printm(), one should always pass a scratch pointer to it.
This is achieved by calling printm with memref

BEGIN { printm(fixed_len, memref(ptr, var_len)); }

which will return a pointer to the DTrace scratch space of size
sizeof(uintptr_t) * 2. However, one can easily call printm() as follows

BEGIN { printm(10, (void *)NULL); }

and panic the kernel as a result. This commit does two things:

(1) adds a new macro DTRACE_INSCRATCHPTR(mstate, ptr, howmany) which
    checks if a certain pointer is in the DTrace scratch space;
(2) uses DTRACE_INSCRATCHPTR() to implement a check on printm()'s DIFO
    return value in order to avoid the panic and sets CPU_DTRACE_BADADDR
    if the address is not in the scratch space.

Reviewed by: markj
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D41722

Details

Provenance
domagoj.stolfa_gmail.comAuthored on Sep 6 2023, 1:25 PM
markjCommitted on Sep 6 2023, 2:00 PM
Reviewer
markj
Differential Revision
D41722: dtrace: Fix a kernel panic in printm().
Parents
rG56e3123fc864: libcasper: reference system.fileargs service
Branches
Unknown
Tags
Unknown

Changes (1)

PathSize
sys/
cddl/
contrib/
opensolaris/
uts/
common/
dtrace/

rG8527bb2aee6c

View Options

sys/cddl/contrib/opensolaris/uts/common/dtrace/dtrace.c

Loading...