From nobody Mon Jun 19 04:23:06 2023
X-Original-To: freebsd-hackers@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4QkxTT6nCQz4fkjy
	for <freebsd-hackers@mlmmj.nyi.freebsd.org>; Mon, 19 Jun 2023 04:23:25 +0000 (UTC)
	(envelope-from marklmi@yahoo.com)
Received: from sonic311-25.consmr.mail.gq1.yahoo.com (sonic311-25.consmr.mail.gq1.yahoo.com [98.137.65.206])
	(using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mx1.freebsd.org (Postfix) with ESMTPS id 4QkxTS3g2Tz3HnB
	for <freebsd-hackers@freebsd.org>; Mon, 19 Jun 2023 04:23:24 +0000 (UTC)
	(envelope-from marklmi@yahoo.com)
Authentication-Results: mx1.freebsd.org;
	dkim=pass header.d=yahoo.com header.s=s2048 header.b="lsjuOnY/";
	spf=pass (mx1.freebsd.org: domain of marklmi@yahoo.com designates 98.137.65.206 as permitted sender) smtp.mailfrom=marklmi@yahoo.com;
	dmarc=pass (policy=reject) header.from=yahoo.com
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1687148602; bh=xVs5mhpT9pzZuJIfD4nZZOy3UBb5tUfWZwN5tTWgCqc=; h=From:Subject:Date:To:References:From:Subject:Reply-To; b=lsjuOnY/PdZEjHkSFH93VnYv7ausJHq3cNGwOd4CfXH/0ZW2kpj3Hs8ziIGZb5+lySvPOfyppJpfNT2zRNFUYohmn7rKfQK4w78meXQlCIj9g6SvW5FToiDXgGRrXZpJUWgP3FW28yJI3agmbdKVKM/PgCssaKwgK13V1qcK6Ux3t0GQI20oHjj0KI25nyXXqMWYI5fQrSTqwExHy0OzAQdckTp087WWynGdlRN/KIuqqXaQ508HOlT4lMoHCz0YH6/MsmYnRsullTPsL8VxiFjnah3n772ZBm2eMGA0tmZ5VVs1EXvHuMlBiE7nHVDbak44bh5UJL+gYYimURXBgQ==
X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1687148602; bh=5h7HNRSoqwK7SozHEcZLhmkNEf2ISYEJcmxm9qiFr/j=; h=X-Sonic-MF:From:Subject:Date:To:From:Subject; b=rzZQuQ90AP5AXr/FxWHaPNsjXDrojEDybSbHcQVoBXSopVqqJBHUIb5BOZi7JR2rGgy3ZW8So1QWvMlQNXq2nWn68nT9gvQlLLPj5iJP0ZKTJuL52aaA864yyuJTaEp6ZU2/PIfSla5otN2MUlIB1cO3UeibZLkxZUr+24t+l3nb527Nz1he93JZk7kOr+vpsMtTNVIRm9wrwUhPPH8blYL9xyETt1Ak7QFaZG4nsnnCk9bMVBMyVrZ/9J1rEPAcTC37Tw02Kg9UZi+VC87ZGbN3wCQqAnazXyVqcdMBZL5RTLlICRtNEj/FZkRo9Hs1G5LyQ+V12qEjuEi1g7WLdg==
X-YMail-OSG: 5C1O0soVM1mwRyPG6FEk0k6pResw.Lp9JiUSPbedv7X_hafdV15G6bWDw8k9vOp
 k6Rge4qwUnHNHujNJzxehCOvkelnTsvH1fxThiJusSNYcTwVCHwtUUqWS3TsOinLQI7iCdq.BRS4
 gxlAlTYUF92gWb9X10AlPq.iFMm3vW9snITqohwTxLsepQ.gQLVjZqqlPbSpH2mkef97pnERDYsp
 Q7OsIuFjT8wRKV5hRRRjvsw7.xQ6Am5qW9R4TVSgcktILFWjgGIPnPF.noM.OxYY8R5thoaMOeSL
 WfHaAtNQYlffJNLjPzu.cQ2G5V4xaF8R1AnHulrOmVGL2nl_lDy5Gk6u.yK7w2ZDbjguIOObkReY
 5q1q9MXQSc6byXYp62wotQ8y.xk1Nf6H9VKsH0AtQ1yNEO6SYLnQl5NuSmSPiK1mW3Y101gdVgPY
 3mg0XjuoGyAhkEVi7p7YnaQcfcw9tH0A0pV0MxZsnC5VRMGU.Sjlapxqrzuz2cB.XJbdu7nfbeOo
 dlmq700Rl.THUwQ5pMPFnytlleOFPfqy549Z7dIg2mfHuyj1Tq4hvzCl5zg2v7M3hV9RbtlGw3R4
 pHaVSR3jbyR9NoRgpJe2k763n7hSck7iuyVZIxAFOy5A.8J8DACgmLwCGWE049kDwI5Yjot8GBst
 aJnsDfCWUGYxoBgI6xiPj5t9UlRQNTNJYOW6JsUKrT9i2AnknyCIEN54rHMzIxOz6gRxrnuQINpR
 7Bh.fCxDBrG88rCcFu_yFfOITpv.2LqXSlxT3efvuAN8mghtPE.FMA5o.ev5mBuTbDeQXtmrW92f
 tNBvew5GclfsqT1aMJ7Y2A4tf5qSP9ZHJ0jLqYOaNZM4uklSRo4DEPV8LdBdjli3ZvuqBpDESNi8
 ixjI2p.kchWffv1RBk8mQY4dEj21KZU8Y3jG_.xLj8m_SybRVTjG1Wx.m0qr1kEMbTl5RP_8UnN2
 gvFkHq.VGPnbPcsnS9iZAlpAaiv.BFGpqTRzOLjch3P.ukjzGvL2keT1vwjNeA2zcskUYzdHz9tX
 CinOJEHWsxuMkbJJGLNZ79eIEnHpwpWV.3eJiiKFT.l0UjpH3nvaqwMr9W3cQyBdv5TzODgzcToh
 OBCyVSBrtISnoCtKrJgImaQ.J6P74E.oiI7JFtAM86YU7NTBcfHP9U31VXlP_YwMDbjC4w6NBEcN
 EsaAE93DKWxjqBFlO_Zy2.Z5uDsMYlxAdiHmyirZhjFZxBYs53UNs1IVubgj1iU5o9WLhFiLkrem
 H1HeKicmjIW8z._p7XAnFcUJrhBqwPPvrXBOBZmLhBJ7TKVGS4xEWIE7.N0H14S_zJc6kIMJBx0z
 GU0Jve_lOOHGcV2FrNDkrYCFDsATpUzHB3tGl4pCoPBGtwnAnPWuHNg32HAOA1EKsm9nnsJTm10x
 D1GNHrVQnkIAeatVtuqPZLJq2MNjZ6dTRwQrtw5mAEBGamMJEKaAOo9_59kJyHf0IiGh7xDQ7zke
 bUqeTpdbkka_7io5efW_bfMI4REX89shDgOHM.NKzEPIJEVEMzUz6mJQo3eeAH6b3a4tsZ3hFfXL
 pzPomXvwgDtQKOp_eZFIcVeLvOXUKTVn9L5wrWLd2BTgacS3YgUcpW7s2HiKnfoSyt7UxQeIpJIc
 BA2TLd6BONulyD2465W2wMhzCUOv8KwT1McOHVI1MVyqaCvIoOEBwKKrDg81iB_ZYCY1q5D7LgR2
 ZGutX5KBbSrkLm8uwpqJcPHNqNPdchX_mRFS_9cNXyNvWhHawaossULCUdNK52j9nswmgEwU.xVo
 PTRD3vOWdHaJRBlObH8Do_u2YMEUv4ElYIWnj7_A3dUoGpB6XVvWNsHw8zIqZwgdZNtUQvZ_YN_p
 uhZhf_G7S8Skh10oHfz6tn_Wp5tXVSzO82hmChvSqpRJEx4IALq9D7JyU61hNycssSzDj6EM32tb
 bmskyF_J6pJOZJWMWN10Wy_ZOQpVmO4exggf6MPHe9cUdT0TlK7W9mvWo88ZEhfqoawPSqtGoIm9
 I0oIfUeSTLKWltqw9Y5cOa00kWb9a_6CHG2YaKxRhNx1EqRRNYFOg6Rq9DGz_WfMjR9q9KqL8upQ
 BBRdWP2OhubiHxUa4s8LzBxunsI__8_6W13dgzHLcXtu8liImzyLcPj8GE51c8jejA0zlLSXJFJP
 gb3.lFKlgQNlDb4PMyUwQCLnXF7qkFt0tLqAtwrmKzDpnkmKeke9twJxusCEAv5.LDvEvxx4f_9o
 iW80rEIv.VyxXX74YNtHNaL4OUCL4uGbu4bzVjcgL9YC_2X84N6QhUCZwiA--
X-Sonic-MF: <marklmi@yahoo.com>
X-Sonic-ID: fb8ed35b-23f4-449e-a8e7-94f12a8c2f31
Received: from sonic.gate.mail.ne1.yahoo.com by sonic311.consmr.mail.gq1.yahoo.com with HTTP; Mon, 19 Jun 2023 04:23:22 +0000
Received: by hermes--production-gq1-6db989bfb-hz24p (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 2aea78817ac687626930465d0529a87c;
          Mon, 19 Jun 2023 04:23:17 +0000 (UTC)
From: Mark Millard <marklmi@yahoo.com>
Content-Type: text/plain;
	charset=us-ascii
Content-Transfer-Encoding: 7bit
List-Id: Technical discussions relating to FreeBSD <freebsd-hackers.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-hackers
List-Help: <mailto:freebsd-hackers+help@freebsd.org>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Subscribe: <mailto:freebsd-hackers+subscribe@freebsd.org>
List-Unsubscribe: <mailto:freebsd-hackers+unsubscribe@freebsd.org>
Sender: owner-freebsd-hackers@freebsd.org
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3731.600.7\))
Subject: top vs.  array sorted_state's out of bounds indexing (and related
 issues)
Message-Id: <DA51FDC7-EAF0-486E-9A85-22044D621E7D@yahoo.com>
Date: Sun, 18 Jun 2023 21:23:06 -0700
To: FreeBSD Hackers <freebsd-hackers@freebsd.org>
X-Mailer: Apple Mail (2.3731.600.7)
References: <DA51FDC7-EAF0-486E-9A85-22044D621E7D.ref@yahoo.com>
X-Spamd-Result: default: False [-1.56 / 15.00];
	NEURAL_HAM_SHORT(-1.00)[-1.000];
	NEURAL_HAM_LONG(-0.99)[-0.989];
	NEURAL_SPAM_MEDIUM(0.93)[0.930];
	DMARC_POLICY_ALLOW(-0.50)[yahoo.com,reject];
	MV_CASE(0.50)[];
	R_DKIM_ALLOW(-0.20)[yahoo.com:s=s2048];
	R_SPF_ALLOW(-0.20)[+ptr:yahoo.com];
	MIME_GOOD(-0.10)[text/plain];
	TO_MATCH_ENVRCPT_ALL(0.00)[];
	FROM_HAS_DN(0.00)[];
	RCVD_VIA_SMTP_AUTH(0.00)[];
	RCPT_COUNT_ONE(0.00)[1];
	ARC_NA(0.00)[];
	RCVD_IN_DNSWL_NONE(0.00)[98.137.65.206:from];
	DWL_DNSWL_NONE(0.00)[yahoo.com:dkim];
	RCVD_TLS_LAST(0.00)[];
	MLMMJ_DEST(0.00)[freebsd-hackers@freebsd.org];
	TO_DN_ALL(0.00)[];
	RCVD_COUNT_THREE(0.00)[3];
	FREEMAIL_FROM(0.00)[yahoo.com];
	MID_RHS_MATCH_FROM(0.00)[];
	DKIM_TRACE(0.00)[yahoo.com:+];
	MIME_TRACE(0.00)[0:+];
	FROM_EQ_ENVFROM(0.00)[];
	ASN(0.00)[asn:36647, ipnet:98.137.64.0/20, country:US];
	FREEMAIL_ENVFROM(0.00)[yahoo.com];
	RWL_MAILSPIKE_POSSIBLE(0.00)[98.137.65.206:from]
X-Rspamd-Queue-Id: 4QkxTS3g2Tz3HnB
X-Spamd-Bar: -
X-ThisMailContainsUnwantedMimeParts: N

usr.bin/top/machine.c (from main) has:

/*
. . . The process states are ordered as follows (from least
 *      to most important):  WAIT, zombie, sleep, stop, start, run.  The
 *      array declaration below maps a process state index into a number
 *      that reflects this ordering.
 */

static int sorted_state[] = {
        0,      /* not used             */
        3,      /* sleep                */
        1,      /* ABANDONED (WAIT)     */
        6,      /* run                  */
        5,      /* start                */
        2,      /* zombie               */
        4       /* stop                 */
};

Note the elements are 0..6, so 7 elements.

It is accessed via code like:

sorted_state[(unsigned char)(b)->ki_stat]

But ->ki_stat has the values listed in
sys/sys/proc.h :

/*
 * These were process status values (p_stat), now they are only used in
 * legacy conversion code.
 */
#define SIDL    1               /* Process being created by fork. */
#define SRUN    2               /* Currently runnable. */
#define SSLEEP  3               /* Sleeping on an address. */
#define SSTOP   4               /* Process debugging or suspension. */
#define SZOMB   5               /* Awaiting collection by parent. */
#define SWAIT   6               /* Waiting for interrupt. */
#define SLOCK   7               /* Blocked on a lock. */

This leads to element indexes (including the
"unused" 0) of 0..7 so spanning 8 elements.

Thus there is a out of bounds error involved when
->ki_stat == SLOCK .

(I later show the ki_stat assignments.)

There is also the issue that:

SIDL   is misidentified as: sleep
SRUN   is misidentified as: ABANDONED (WAIT)
SSLEEP is misidentified as: run
SZOMB  is misidentified as: start
SWAIT  is misidentified as: zombie
SLOCK  is out of bounds (as indicated above).

So the sort order in top is not as documented.


For reference, from sys/kern/kern_proc.c :

        if (p->p_state == PRS_NORMAL) { /* approximate. */
                if (TD_ON_RUNQ(td) ||
                    TD_CAN_RUN(td) ||
                    TD_IS_RUNNING(td)) {
                        kp->ki_stat = SRUN;
                } else if (P_SHOULDSTOP(p)) {
                        kp->ki_stat = SSTOP;
                } else if (TD_IS_SLEEPING(td)) {
                        kp->ki_stat = SSLEEP;
                } else if (TD_ON_LOCK(td)) {
                        kp->ki_stat = SLOCK;
                } else {
                        kp->ki_stat = SWAIT;
                }
        } else if (p->p_state == PRS_ZOMBIE) {
                kp->ki_stat = SZOMB;
        } else {
                kp->ki_stat = SIDL;
        }

===
Mark Millard
marklmi at yahoo.com