[patch] IA32 subsyscall list fixes

[patch] IA32 subsyscall list fixes

[Mark Wielaard]

[-- Attachment #1.1: Type: text/plain, Size: 724 bytes --]

Hi,

Rick found an off by one error in the IA32 IPC subsyscall list, we
forgot to skip subcall zero. This patch fixes that and adds an extra
sanity/robustness check in case someone tries to make a socket or ipc
subsyscall with an unknown number.

2007-07-31  Mark Wielaard  <mwielaard@redhat.com>

    Fixes bug #4865
    * LinuxIa32Syscall.java (unknownIpcSubSyscall): New static field.
    (unknownSocketSubSyscall): Likewise.
    (ipcSubcallList): Add unknown numbers, including zero.
    (syscallByNum): Bounds check socketSubcallList and ipcSubcallList
    arrays before returning possible unknown subsyscall.

This makes it possible to ftrace FryskGui which is a nice stress tests.

Cheers,

Mark

[-- Attachment #1.2: LinuxIa32Syscall.patch --]
[-- Type: text/x-patch, Size: 3234 bytes --]

Index: frysk-core/frysk/proc/LinuxIa32Syscall.java
===================================================================
RCS file: /cvs/frysk/frysk-core/frysk/proc/LinuxIa32Syscall.java,v
retrieving revision 1.7
diff -u -r1.7 LinuxIa32Syscall.java
--- frysk-core/frysk/proc/LinuxIa32Syscall.java	4 May 2007 18:26:54 -0000	1.7
+++ frysk-core/frysk/proc/LinuxIa32Syscall.java	31 Jul 2007 10:43:55 -0000
@@ -498,6 +498,8 @@
     new SocketSubSyscall ("recvmsg",    SOCKET_NUM, 5, "i:iiipp ")
   };
 
+  private static final SocketSubSyscall unknownSocketSubSyscall =
+    new SocketSubSyscall ("<unknown>", SOCKET_NUM);
 
   static class IpcSubSyscall
     extends Ia32Syscall
@@ -522,32 +524,36 @@
   }
   /**FIXME: No argument list here.*/
   static Syscall[] ipcSubcallList = {
+    new IpcSubSyscall ("<unknown0>",  IPC_NUM),
     new IpcSubSyscall ("semop",  IPC_NUM),
     new IpcSubSyscall ("semget", IPC_NUM),
     new IpcSubSyscall ("semctl",  IPC_NUM),
     new IpcSubSyscall ("semtimedop", IPC_NUM),
-    new IpcSubSyscall ("",  IPC_NUM),
-    new IpcSubSyscall ("", IPC_NUM),
-    new IpcSubSyscall ("",  IPC_NUM),
-    new IpcSubSyscall ("", IPC_NUM),
-    new IpcSubSyscall ("",  IPC_NUM),
-    new IpcSubSyscall ("", IPC_NUM),
+    new IpcSubSyscall ("<unknown5>",  IPC_NUM),
+    new IpcSubSyscall ("<unknown6>", IPC_NUM),
+    new IpcSubSyscall ("<unknown7>",  IPC_NUM),
+    new IpcSubSyscall ("<unknown8>", IPC_NUM),
+    new IpcSubSyscall ("<unknown9>",  IPC_NUM),
+    new IpcSubSyscall ("<unknown10>", IPC_NUM),
     new IpcSubSyscall ("msgsnd",  IPC_NUM),
     new IpcSubSyscall ("msgrcv", IPC_NUM),
     new IpcSubSyscall ("msgget",  IPC_NUM),
     new IpcSubSyscall ("msgctl", IPC_NUM),
-    new IpcSubSyscall ("",  IPC_NUM),
-    new IpcSubSyscall ("", IPC_NUM),
-    new IpcSubSyscall ("",  IPC_NUM),
-    new IpcSubSyscall ("", IPC_NUM),
-    new IpcSubSyscall ("",  IPC_NUM),
-    new IpcSubSyscall ("", IPC_NUM),
+    new IpcSubSyscall ("<unknown15>",  IPC_NUM),
+    new IpcSubSyscall ("<unknown16>", IPC_NUM),
+    new IpcSubSyscall ("<unknown17>",  IPC_NUM),
+    new IpcSubSyscall ("<unknown18>", IPC_NUM),
+    new IpcSubSyscall ("<unknown19>",  IPC_NUM),
+    new IpcSubSyscall ("<unknown20>", IPC_NUM),
     new IpcSubSyscall ("shmat",  IPC_NUM),
     new IpcSubSyscall ("shmdt", IPC_NUM),
     new IpcSubSyscall ("shmget",  IPC_NUM),
     new IpcSubSyscall ("shmctl", IPC_NUM)
   };
 
+  private static final IpcSubSyscall unknownIpcSubSyscall =
+    new IpcSubSyscall ("<unknown>", IPC_NUM);
+
   public static Syscall syscallByNum (Task task, int number)
   {
     if (number != SOCKET_NUM && number != IPC_NUM)
@@ -567,11 +573,17 @@
 	
 	if (number == SOCKET_NUM)
 	  {
-	    return socketSubcallList[subSyscallNumber];
+	    if (subSyscallNumber < socketSubcallList.length)
+	      return socketSubcallList[subSyscallNumber];
+	    else
+	      return unknownSocketSubSyscall;
 	  }
 	else
 	  {
-	    return ipcSubcallList[subSyscallNumber];
+	    if (subSyscallNumber < ipcSubcallList.length)
+	      return ipcSubcallList[subSyscallNumber];
+	    else
+	      return unknownIpcSubSyscall;
 	  }
       }
   }

[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 189 bytes --]

Re: [patch] IA32 subsyscall list fixes

[Andrew Cagney]

Mark,

You mentioned an off-by-one error in the syscall code.  Is that now 
being tested?

Andrew

Re: [patch] IA32 subsyscall list fixes

[Mark Wielaard]

[-- Attachment #1: Type: text/plain, Size: 748 bytes --]

Hi Andrew,

On Tue, 2007-07-31 at 11:30 -0400, Andrew Cagney wrote:
> You mentioned an off-by-one error in the syscall code.  Is that now 
> being tested?

If you ftrace FryskGui as in the bug report (or any other non-trivial
program) yes. There have also been guards added to the code to test that
this cannot be happening again.

Subsyscalls are IA32 specific and aren't explicitly covered by the
auditlibs tests as far as I can see (except for the major syscall
numbers of course). If you want you can try to add them explicitly to
TestSyscallsWithAudit given auditlib code to detect them (I don't know
if auditlib can provide that info yet though). If not, let me know and I
add it to my list to investigate.

Cheers,

Mark

[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 189 bytes --]