Date: Tue, 3 Nov 2020 11:27:18 +0100 From: Hans Petter Selasky <hps@selasky.org> To: xtouqh@hotmail.com, hackers@freebsd.org Subject: Re: KASSERT(val != 0) not triggering in linux_errno.c reading outside of array Message-ID: <563d4b8d-bbf6-662f-6899-192f55342a86@selasky.org> In-Reply-To: <AM0PR06MB3986D1AA1E59725F4D677727C0110@AM0PR06MB3986.eurprd06.prod.outlook.com> References: <AM0PR06MB39867F0AE62A737D2EE596F5C0110@AM0PR06MB3986.eurprd06.prod.outlook.com> <77d2eef0-9cc8-aa39-6d28-a7fb41e233ac@selasky.org> <AM0PR06MB398671E9C991E0A1B4223660C0110@AM0PR06MB3986.eurprd06.prod.outlook.com> <c87d3aef-7a66-48bb-ca9e-fe4ae4e9f1d3@selasky.org> <AM0PR06MB3986D1AA1E59725F4D677727C0110@AM0PR06MB3986.eurprd06.prod.outlook.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 2020-11-03 11:17, xtouqh@hotmail.com wrote:
> Hans Petter Selasky wrote:
>> Hi,
>>
>> Should:
>>
>> for (i = 1; i < sizeof(linux_errtbl); i++) {
>>
>> Be:
>>
>> for (i = 1; i < sizeof(linux_errtbl)/sizeof(linux_errtbl[0]);
>> i++) {
>>
>>
>> Or:
>>
>> for (i = 1; i < (int)nitems(linux_errtbl); i++) {
>
> That's right, and I added the same comment in the review. My question
> is different though -- with the issue present, KASSERT() should have
> triggered (there are 0 values with incorrect indexes, added printf()
> confirms that) exposing the bug, but it does not -- WHY? -- I just want
> to understand what's going on.
Hi,
You would need to run kgdb to dump the content of linux_errtbl and
beyond to see what data is there.
If the linux_errtbl is in the .text section then likely some other table
follows after it, likely with non-zero data, so the KASSERT() doesn't
trigger :-(
--HPS
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?563d4b8d-bbf6-662f-6899-192f55342a86>