| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
| |
The test passes after commit 5ab6ed93cd36
("faccessat(2): Honor AT_SYMLINK_NOFOLLOW").
Reported by: Jenkins
|
| |
|
|
|
|
| |
Fixes: 1a720cbec513
Reviewed by: imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/1282
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Notably:
- libc needs to #undef some of the macros from ssp/* for underlying
implementations
- ssp/* wants a __RENAME() macro (snatched more or less from NetBSD)
There's some extra hinkiness included for read(), since libc spells it
as "_read" while the rest of the world spells it "read."
Reviewed by: imp, ngie
Sponsored by: Stormshield
Sponsored by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D32307
|
| |
|
|
|
| |
Reviewed by: imp, emaste
Differential Revision: https://reviews.freebsd.org/D41512
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
These tests weren't run on x86 until CI grabbed them. It turns out,
there's a sign extension bug that surfaces on x86 with char being a
signed type.
NetBSD unearthed this when they took and improved the patch, so just
grab their solution until we get to merging in the latest version of
the test.
Reported by: CI (via ngie)
Fixes: 2f489a509e61 ("libc: fix some overflow scenarios in vis(3)")
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The previous incarnation of this would call wcrtomb() on the destination
buffer, and only check for overflow *after* it's happened.
Additionally, the conversion error / VIS_NOLOCALE path also didn't check
for overflow, and the overflow check at the end didn't account for the
fact that we still need to write a NUL terminator afterward.
Start by only doing the multibyte conversion into mbdst directly if we
have enough buffer space to guarantee it'll fit. An additional
MB_CUR_MAX buffer has been stashed on the stack to write into if we're
cutting it close at the end of the buffer, since we don't really have a
good way to determine the length of the wchar_t without just doing the
conversion. We'll do the conversion into the buffer that's guaranteed
to fit, then copy it over if the copy won't overflow.
The byte-for-byte overflow is a little bit easier, as we simply check
for overflow with each byte written and make sure we can still NUL
terminate after.
Tests added to exercise these edge cases.
Reviewed by: des
Sponsored by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D41328
|
| |
|
|
|
|
|
|
|
|
| |
- In the msgctl tests, there is no point in sleeping after a fork().
Just block immediately in wait().
- In non-blocking send/recv tests, just wait for the child to exit once
it's reached a message limit. If a bug prevents the child from
exiting promptly, the test will time out.
MFC after: 1 week
|
| |
|
|
|
|
|
| |
MFC after: 1 week
Sponsored by: Klara, Inc.
Reviewed by: allanjude
Differential Revision: https://reviews.freebsd.org/D38286
|
| |
|
|
|
|
| |
Sponsored by: Klara, Inc.
Reviewed by: ngie
Differential Revision: https://reviews.freebsd.org/D38177
|
| |
|
|
|
|
|
|
|
|
|
| |
These architectures fail to handle this special case, and will cause the
corresponding setjmp/_setjmp to return 0 rather than 1. Fix this and add
regression tests (also committed upstream).
PR: 268684
Reviewed by: arichardson, jhb
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D29363
|
| |
|
|
|
|
|
|
|
|
|
| |
The test tries to connect a socket to a closed port at 127.0.0.1. It
sets O_NONBLOCK on the socket first and expects to get EINPROGRESS from
connect(2), but this is not guaranteed, ECONNREFUSED is possible.
Handle both cases, and re-enable the test.
PR: 240621
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
|
| |
|
|
|
|
|
|
|
|
|
| |
The stack gap implementation is disabled by default now, so the test
passes.
This reverts commit dad71022bd7a8f95ab2ba656bec61e2424a1c3c5.
PR: 259969
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
|
| |
|
|
|
|
|
| |
This reverts commit 4f741801d86089a1c5d631ba1e0f1421cdcf7a7e.
As per discussion in PR: 260303 the reverted patch covered the
real issue with a fixed address of the top of the stack.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
With ASLR enabled by default, RLIMIT_STACK test fails due to the fact
that default stack gap can be as big as 15M. Because of that the
resource limit of 4M results in test program receiving SIGSEGV
immediately after exiting the setrlimit syscall. Since the idea of this
test is to check if rlim_cur does not extend past rlim_max, adjusting
the resource limit to 20M should not invalidate the test results.
Obtained from: Semihalf
Sponsored by: Alstom Group
Differential revision: https://reviews.freebsd.org/D33116
|
| |
|
|
|
|
|
| |
Reviewed by: kevans, ngie (previous version)
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D33143
|
| |
|
|
|
| |
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
|
| |
|
|
|
| |
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
|
| |
|
|
|
| |
PR: 259969
Sponsored by: The FreeBSD Foundation
|
| |
|
|
|
|
|
|
| |
Fix erroneous = that was meant to be ==.
Revision 1.10 from NetBSD t_wait.c
Obtained from: NetBSD
|
| |
|
|
| |
Sponsored by: Netflix
|
| |
|
|
|
|
|
|
|
|
| |
It appears that the stackframe layout can be slightly different depending on
compiler and target architecture. For example, when using CHERI LLVM for RISC-V
we can actually overflow the buffer by up to 8 bytes without SSP detecting it.
Fix this by increasing the overflow to 15 bytes.
Reviewed By: ngie, emaste
Differential Revision: https://reviews.freebsd.org/D28997
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Since https://github.com/freebsd/atf/commit/4581cefc1e3811dd3c926b5dd4b15fd63d2e19da
ATF opens the results file on startup. This fixes problems like
capsicumized tests not being able to open the file on exit.
However, this test closes all file descriptors above 3 to get a
deterministic fd table allocation for the child. Instead of using closefrom
(which will close the ATF output file FD) I've changed this test use
the lowest available fd and pass that to the helper program as a string.
We could also try to re-open the results file in ATF if we get a EBADF
error, but that will fail when running under Capsicum.
Reviewed By: cem
Differential Revision: https://reviews.freebsd.org/D28684
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Since https://github.com/freebsd/atf/commit/4581cefc1e3811dd3c926b5dd4b15fd63d2e19da
ATF opens the results file on startup. This fixes problems like
capsicumized tests not being able to open the file on exit.
However, this test closes all file descriptors just to check that
socketpair returns fd 3+4 and thereby also closes the ATF results file.
This then results in an EBADF when writing the result so the test is
reported as broken.
While system calls that create new file descriptors (must?) use the lowest
available file descriptor number, it does not seem useful to test this
property here. Drop the check for FD==3/4 to unbreak the testsuite.
We could also try to re-open the results file in ATF if we get a EBADF
error, but that will fail when running under Capsicum.
Reviewed By: cem
Differential Revision: https://reviews.freebsd.org/D28683
|
| |
|
|
|
|
|
|
|
|
|
|
| |
The rpc_control() API does not accept the CLCR_SET_RPCB_TIMEOUT command,
it only accepts RPC_SVC_CONNMAXREC_GET/RPC_SVC_CONNMAXREC_SET, so it was
not doing anything.
Instead of incorrectly calling this API, use clnt_create_timed() instead.
I noticed this because the test was timing out after 120s in the CheriBSD CI.
Reviewed By: ngie
Differential Revision: https://reviews.freebsd.org/D28478
|
| |
|
|
|
|
|
|
|
| |
Add shims to map NetBSD's API to CPUSET(9). Obviously the invalid input
parts of these tests are relatively useless since we're just testing the
shims that aren't used elsewhere, there's still some amount of value in
the parts testing valid inputs.
Differential Revision: https://reviews.freebsd.org/D27307
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Part of the libregex functionality leaked into the tests it shares with
the standard regex(3). Introduce a P flag to set the REG_POSIX cflag to
indicate that libc regex should effectively do nothing while libregex should
specifically run it in non-extended mode.
This unbreaks the libc/regex test run.
Reported by: Jenkins
Notes:
svn path=/head/; revision=368371
|
| |
|
|
|
|
|
|
|
|
| |
This is the last of the needed GNU expressions before we can unleash bsdgrep
by default. \b is effectively an agnostic equivalent of \< and \>, while
\B will match every space that isn't making a transition from
nonchar -> char or char -> nonchar.
Notes:
svn path=/head/; revision=368358
|
| |
|
|
|
|
|
|
|
|
|
| |
This fixes a "suggested parens" compile warning-into-error
that shows up on gcc-6.4.
Reviewed by: ngie
Differential Revision: https://reviews.freebsd.org/D26789
Notes:
svn path=/head/; revision=366727
|
| |
|
|
|
|
|
|
|
|
|
|
| |
An old it_value of {4,3} is valid. Allow it.
Reviewed by: bdrewery
MFC after: 2 weeks
Sponsored by: Dell EMC Isilon
Differential Revision: https://reviews.freebsd.org/D26445
Notes:
svn path=/head/; revision=366346
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In IEEE 1003.1-2008 [1] and earlier revisions, BRE/ERE grammar allows for
any character to be escaped, but "ORD_CHAR preceded by an unescaped
<backslash> character [gives undefined results]".
Historically, we've interpreted an escaped ordinary character as the
ordinary character itself. This becomes problematic when some extensions
give special meanings to an otherwise ordinary character
(e.g. GNU's \b, \s, \w), meaning we may have two different valid
interpretations of the same sequence.
To make this easier to deal with and given that the standard calls this
undefined, we should throw an error (EESCAPE) if we run into this scenario
to ease transition into a state where some escaped ordinaries are blessed
with a special meaning -- it will either error out or have extended
behavior, rather than have two entirely different versions of undefined
behavior that leave the consumer of regex(3) guessing as to what behavior
will be used or leaving them with false impressions.
This change bumps the symbol version of regcomp to FBSD_1.6 and provides the
old escape semantics for legacy applications, just in case one has an older
application that would immediately turn into a pumpkin because of an
extraneous escape that's embedded or otherwise critical to its operation.
This is the final piece needed before enhancing libregex with GNU extensions
and flipping the switch on bsdgrep.
[1] http://pubs.opengroup.org/onlinepubs/9699919799.2016edition/
PR: 229925 (exp-run, courtesy of antoine)
Differential Revision: https://reviews.freebsd.org/D10510
Notes:
svn path=/head/; revision=363679
|
| |
|
|
|
|
|
|
|
|
| |
The version that ended upstream was ultimately slightly different than the
version committed here; notably, statvfs() is used but it's redefined
appropriately to statfs() on FreeBSD since we don't provide the fstypename
for the former interface.
Notes:
svn path=/head/; revision=357688
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The revokex test does not work when the scratch directory is created on NFS.
Given the nature of NFS, it likely can never work without looking like a
security hole since O_SEARCH would rely on the server knowing that the
directory did have +x at the time of open and that it's OK for it to have
been revoked based on POSIX specification for O_SEARCH.
This does mean that O_SEARCH is only partially functional on NFS in general,
but I suspect the execute bit getting revoked in the process is likely not
common.
Reviewed by: kib
Differential Revision: https://reviews.freebsd.org/D23573
Notes:
svn path=/head/; revision=357671
|
| |
|
|
|
|
|
|
|
| |
The RCSID data was wrong, so this is effectively a record-only merge
with correction of said data. No further changes should be needed in this
area, as we've now upstreamed our local changes to this specific test.
Notes:
svn path=/head/; revision=357636
|
| |
|
|
|
|
|
|
|
|
|
|
| |
In FreeBSD's O_SEARCH implementation, O_SEARCH in conjunction with O_RDWR or
O_WRONLY is explicitly rejected. In this case, O_RDWR was not necessary
anyways as the file will get created with or without it.
This was submitted upstream as misc/54940 and committed in rev 1.8 of the
file.
Notes:
svn path=/head/; revision=357580
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Coverity correctly reports this as a resource leak. It's an admittedly minor
one, but plug it anyways.
This has been submitted upstream as misc/54939.
CID: 978288
Notes:
svn path=/head/; revision=357556
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
O_SEARCH is defined by POSIX [0] to open a directory for searching, skipping
permissions checks on the directory itself after the initial open(). This is
close to the semantics we've historically applied for O_EXEC on a directory,
which is UB according to POSIX. Conveniently, O_SEARCH on a file is also
explicitly undefined behavior according to POSIX, so O_EXEC would be a fine
choice. The spec goes on to state that O_SEARCH and O_EXEC need not be
distinct values, but they're not defined to be the same value.
This was pointed out as an incompatibility with other systems that had made
its way into libarchive, which had assumed that O_EXEC was an alias for
O_SEARCH.
This defines compatibility O_SEARCH/FSEARCH (equivalent to O_EXEC and FEXEC
respectively) and expands our UB for O_EXEC on a directory. O_EXEC on a
directory is checked in vn_open_vnode already, so for completeness we add a
NOEXECCHECK when O_SEARCH has been specified on the top-level fd and do not
re-check that when descending in namei.
[0] https://pubs.opengroup.org/onlinepubs/9699919799/
Reviewed by: kib
Differential Revision: https://reviews.freebsd.org/D23247
Notes:
svn path=/head/; revision=357412
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The current code clearly intended for these to be octal based on the values
used, but the octal prefix was forgotten. Add it now for correctness, but
note that we don't currently execute these tests.
This has been submitted upstream as misc/54902, so I've omitted the standard
FreeBSD markers that we tend to put into netbsd-tests for upstream-candidate
identification.
Reviewed by: ngie
MFC after: 3 days
Notes:
svn path=/head/; revision=357195
|
| |
|
|
|
|
|
|
|
|
| |
Commit r352807 fixed various signal numbers and codes from page faults;
adjust the tests so they expect the fixes to be present.
PR: 211924
Notes:
svn path=/head/; revision=352869
|
| |
|
|
|
|
|
|
| |
PR: 240621
Sponsored by: The FreeBSD Foundation
Notes:
svn path=/head/; revision=352448
|
| |
|
|
|
|
|
|
| |
PR: 237450
Sponsored by: The FreeBSD Foundation
Notes:
svn path=/head/; revision=352227
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
gets is unsafe and shouldn't be used (for many years now). Leave it in
the existing symbol version so anything that previously linked aginst it
still runs, but do not allow new software to link against it.
(The compatability/legacy implementation must not be static so that
the symbol and in particular the compat sym gets@FBSD_1.0 make it
into libc.)
PR: 222796 (exp-run)
Reported by: Paul Vixie
Reviewed by: allanjude, cy, eadler, gnn, jhb, kib, ngie (some earlier)
Relnotes: Yes
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D12298
Notes:
svn path=/head/; revision=351659
|
| |
|
|
|
|
|
|
|
|
| |
lib.libregex.exhaust_test.regcomp_too_big on i386 as they are flakey on it
PR: 237450
Sponsored by: The FreeBSD Foundation
Notes:
svn path=/head/; revision=350219
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When O_CREAT is specified, the third, variadic argument is
required as the permission. If on is not passed, then depending
on the ABI, either the contents of the third argument register
or some arbitrary stuff on the stack will be used as the permission.
This has been merged to NetBSD.
Reviewed by: asomers, ngie
Obtained from: CheriBSD
Sponsored by: DARPA, AFRL
Differential Revision: https://reviews.freebsd.org/D20972
Notes:
svn path=/head/; revision=350067
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Historically we have not distinguished between kernel wirings and user
wirings for accounting purposes. User wirings (via mlock(2)) were
subject to a global limit on the number of wired pages, so if large
swaths of physical memory were wired by the kernel, as happens with
the ZFS ARC among other things, the limit could be exceeded, causing
user wirings to fail.
The change adds a new counter, v_user_wire_count, which counts the
number of virtual pages wired by user processes via mlock(2) and
mlockall(2). Only user-wired pages are subject to the system-wide
limit which helps provide some safety against deadlocks. In
particular, while sources of kernel wirings typically support some
backpressure mechanism, there is no way to reclaim user-wired pages
shorting of killing the wiring process. The limit is exported as
vm.max_user_wired, renamed from vm.max_wired, and changed from u_int
to u_long.
The choice to count virtual user-wired pages rather than physical
pages was done for simplicity. There are mechanisms that can cause
user-wired mappings to be destroyed while maintaining a wiring of
the backing physical page; these make it difficult to accurately
track user wirings at the physical page layer.
The change also closes some holes which allowed user wirings to succeed
even when they would cause the system limit to be exceeded. For
instance, mmap() may now fail with ENOMEM in a process that has called
mlockall(MCL_FUTURE) if the new mapping would cause the user wiring
limit to be exceeded.
Note that bhyve -S is subject to the user wiring limit, which defaults
to 1/3 of physical RAM. Users that wish to exceed the limit must tune
vm.max_user_wired.
Reviewed by: kib, ngie (mlock() test changes)
Tested by: pho (earlier version)
MFC after: 45 days
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D19908
Notes:
svn path=/head/; revision=347532
|
| |
|
|
|
|
|
| |
MFC after: 3 days
Notes:
svn path=/head/; revision=345516
|
| |
|
|
|
|
|
|
| |
Reported by: jenkins
Approved by: kib (mentor, implicit)
Notes:
svn path=/head/; revision=340492
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This was shown to be a problem by side effect of now-enabled test case,
which was going through C, en_US.UTF-8, ja_JP.SJIS, and ja_JP.eucJP,
and failing eventually as data in mbrtowc's mbstate, that was
perfectly correct for en_US.UTF-8 was treated as incorrect for
ja_JP.SJIS, failing the entire test case.
This makes the persistent mbstates to be per ctype-component,
and not per-locale so we could easily reset the mbstates when
only LC_CTYPE is changed.
Reviewed by: bapt, pfg
Approved by: kib (mentor, implicit)
Differential Revision: https://reviews.freebsd.org/D17796
Notes:
svn path=/head/; revision=340276
|
| |
|
|
|
|
|
|
|
|
|
|
| |
strftime(3), and allow them to process space-padded input.
PR: 230720
Submitted by: rlittle@inetco.com (original version)
Approved by: kib (mentor, implicit)
Differential Revision: https://reviews.freebsd.org/D17761
Notes:
svn path=/head/; revision=340106
|
| |
|
|
|
|
|
|
|
|
|
|
| |
issues fixed recently, and disabling the failing ones (mostly due to TZ
parsing differences with NetBSD).
Reviewed by: ngie
Approved by: kib (mentor)
Differential Revision: https://reviews.freebsd.org/D17546
Notes:
svn path=/head/; revision=339904
|
| |
|
|
|
|
|
|
|
| |
__riscv__ is not pre-defined anymore by latest version of GNU compiler.
Sponsored by: DARPA, AFRL
Notes:
svn path=/head/; revision=337238
|
