[mdb-discuss] mdb :r command corrupts arguments for 64 bit x86 debug target

2010-02-08 Thread Alan Coopersmith 
Kuriakose Kuruvilla wrote:
> Hi J?rgen
> 
> This is because of the strncpy() in string_unquote() at mdb_lex.1:699
> .
> 
> 
> The source and destination overlap but the manpage for strncpy.3c says...
>   If
>   copying  takes  place  between  objects  that  overlap,  the
>   behavior of strcpy(), strncpy(), and strlcpy() is undefined.

Sounds like issues with the recent amd64 optimization of strcpy that were
discussed a few weeks ago in opensolaris-code, including CR 6914012.

See the "amd64 & strcpy() on SXCE NV 129 vs. POSIX.1-2008" thread on
http://mail.opensolaris.org/pipermail/opensolaris-code/2009-December/thread.html
and
http://mail.opensolaris.org/pipermail/opensolaris-code/2010-January/thread.html

-- 
-Alan Coopersmith-   alan.coopersmith at sun.com
 Sun Microsystems, Inc. - X Window System Engineering

[mdb-discuss] mdb :r command corrupts arguments for 64 bit x86 debug target

2010-02-08 Thread Kuriakose Kuruvilla 
Hi J?rgen

This is because of the strncpy() in string_unquote() at mdb_lex.1:699
.

The source and destination overlap but the manpage for strncpy.3c says...
   If
   copying  takes  place  between  objects  that  overlap,  the
   behavior of strcpy(), strncpy(), and strlcpy() is undefined.

Similar behaviour an be seen in the following short program...

#include 
#include 

int
main()
{
char *x = "abcdefghijklmnn";
char *y = x+1;
printf("%s\n",x);
strncpy(x, y, 13);
x[13]=0;
printf("%s\n",x);
return (0);
}


32bit output

abcdefghijklmnn
bcdefghijklmn


64bit output

abcdefghijklmnn
bcdefhiijklmn

The other strncpy() and the strcpy() in string_unquote() also involve 
overlapping source and destination strings.

Thanks for reporting this.
/kuriakose


On 02/06/10 12:34, J?rgen Keil wrote:
> Can anyone reproduce this:
>
> I'm running SX:CE b129 amd64, bfu'ed to current ON bits;
> the same problem exists on OpenSolaris dev build b132.
>
> I'm trying to debug a /usr/sbin/amd64/update_drv problem,
> using mdb.  Problem is that the debug target somehow
> receives a :r quoted string argument slightly modified.
>
> Here's an example that reproduces the issue with
> a 64-bit "echo" test program:
>
> % cat x.c
> #include
>
> int
> main(int argc, char **argv)
> {
>   int i;
>   for (i = 1; argv[i] != NULL; i++)
>   printf("%s ", argv[i]);
>   printf("\n");
>   return 0;
> }
>
> % cc -m64 -o x x.c
>
> % ./x -d -i '"pci1814,601"' rtls
> -d -i "pci1814,601" rtls
>
> Ok, test program works as expected.
> Now the same under mdb control:
>
> % mdb ./x
>> :r -d -i '"pci1814,601"' rtls
> -d -i "pci1144,601" rtls
> mdb: target has terminated
>
>
> Note how the "pci1814,601" string
> argument was modified when running
> under mdb.
>
> The problem does not happen with a
> 32-bit debug target.

[mdb-discuss] mdb :r command corrupts arguments for 64 bit x86 debug target

2010-02-06 Thread Jürgen Keil 
> Can anyone reproduce this:
> ...
> % mdb ./x
> > :r -d -i '"pci1814,601"' rtls
> -d -i "pci1144,601" rtls 

I've filed bug 6924074 for it.
-- 
This message posted from opensolaris.org

[mdb-discuss] mdb :r command corrupts arguments for 64 bit x86 debug target

2010-02-06 Thread Jürgen Keil 
Can anyone reproduce this:

I'm running SX:CE b129 amd64, bfu'ed to current ON bits;
the same problem exists on OpenSolaris dev build b132.

I'm trying to debug a /usr/sbin/amd64/update_drv problem,
using mdb.  Problem is that the debug target somehow
receives a :r quoted string argument slightly modified.

Here's an example that reproduces the issue with
a 64-bit "echo" test program:

% cat x.c
#include 

int
main(int argc, char **argv)
{
int i;
for (i = 1; argv[i] != NULL; i++)
printf("%s ", argv[i]);
printf("\n");
return 0;
}

% cc -m64 -o x x.c

% ./x -d -i '"pci1814,601"' rtls
-d -i "pci1814,601" rtls 

Ok, test program works as expected.
Now the same under mdb control:

% mdb ./x
> :r -d -i '"pci1814,601"' rtls
-d -i "pci1144,601" rtls 
mdb: target has terminated


Note how the "pci1814,601" string
argument was modified when running
under mdb.

The problem does not happen with a
32-bit debug target.
-- 
This message posted from opensolaris.org