baddof.c revision 4fe01614e64281d82c5a22f0050e55f1e0bdbdae
9512fe850e98fdd448c638ca63fdd92a8a510255ahl * CDDL HEADER START
9512fe850e98fdd448c638ca63fdd92a8a510255ahl * The contents of this file are subject to the terms of the
9512fe850e98fdd448c638ca63fdd92a8a510255ahl * Common Development and Distribution License (the "License").
9512fe850e98fdd448c638ca63fdd92a8a510255ahl * You may not use this file except in compliance with the License.
9512fe850e98fdd448c638ca63fdd92a8a510255ahl * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9512fe850e98fdd448c638ca63fdd92a8a510255ahl * See the License for the specific language governing permissions
9512fe850e98fdd448c638ca63fdd92a8a510255ahl * and limitations under the License.
9512fe850e98fdd448c638ca63fdd92a8a510255ahl * When distributing Covered Code, include this CDDL HEADER in each
9512fe850e98fdd448c638ca63fdd92a8a510255ahl * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
9512fe850e98fdd448c638ca63fdd92a8a510255ahl * If applicable, add the following below this CDDL HEADER, with the
9512fe850e98fdd448c638ca63fdd92a8a510255ahl * fields enclosed by brackets "[]" replaced with your own identifying
9512fe850e98fdd448c638ca63fdd92a8a510255ahl * information: Portions Copyright [yyyy] [name of copyright owner]
9512fe850e98fdd448c638ca63fdd92a8a510255ahl * CDDL HEADER END
73427c57f824c3ec3b396181b163f37d50c5b3b1ahl * Copyright 2007 Sun Microsystems, Inc. All rights reserved.
9512fe850e98fdd448c638ca63fdd92a8a510255ahl * Use is subject to license terms.
9512fe850e98fdd448c638ca63fdd92a8a510255ahl#pragma ident "%Z%%M% %I% %E% SMI"
9512fe850e98fdd448c638ca63fdd92a8a510255ahl unsigned char saved;
9512fe850e98fdd448c638ca63fdd92a8a510255ahl * We are going iterate through, flipping one bit and attempting
9512fe850e98fdd448c638ca63fdd92a8a510255ahl * to enable.
9512fe850e98fdd448c638ca63fdd92a8a510255ahl * That failed -- restore the bit and drive on.
9512fe850e98fdd448c638ca63fdd92a8a510255ahl * That worked -- and it may have enabled probes. To keep
9512fe850e98fdd448c638ca63fdd92a8a510255ahl * enabled probes down to a reasonable level, we'll close
9512fe850e98fdd448c638ca63fdd92a8a510255ahl * and reopen pseudodevice if we have more than 10,000
9512fe850e98fdd448c638ca63fdd92a8a510255ahl * probes enabled.
9512fe850e98fdd448c638ca63fdd92a8a510255ahl for (;;) {
9512fe850e98fdd448c638ca63fdd92a8a510255ahl * Now we want to get as many bits away as possible. We flip
9512fe850e98fdd448c638ca63fdd92a8a510255ahl * bits randomly -- getting as far away as we can until we don't
9512fe850e98fdd448c638ca63fdd92a8a510255ahl * seem to be making any progress.
9512fe850e98fdd448c638ca63fdd92a8a510255ahl for (i = 0; i < LEAP_DISTANCE; i++) {
9512fe850e98fdd448c638ca63fdd92a8a510255ahl * Pick a random bit and corrupt it.
9512fe850e98fdd448c638ca63fdd92a8a510255ahl * Let's see if that managed to get us valid DOF...
9512fe850e98fdd448c638ca63fdd92a8a510255ahl * Success! This will be our new base for valid DOF.
9512fe850e98fdd448c638ca63fdd92a8a510255ahl * No luck -- we'll restore those bits and try flipping a
9512fe850e98fdd448c638ca63fdd92a8a510255ahl * different set. Note that this must be done in reverse
9512fe850e98fdd448c638ca63fdd92a8a510255ahl * order...
9512fe850e98fdd448c638ca63fdd92a8a510255ahl * First, we need to compile our provided D into DOF.
9512fe850e98fdd448c638ca63fdd92a8a510255ahl if ((dtp = dtrace_open(DTRACE_VERSION, 0, &err)) == NULL) {
9512fe850e98fdd448c638ca63fdd92a8a510255ahl for (;;) {
9512fe850e98fdd448c638ca63fdd92a8a510255ahl * Open another instance of the dtrace device.
4fe01614e64281d82c5a22f0050e55f1e0bdbdaeraf /* NOTREACHED */
4fe01614e64281d82c5a22f0050e55f1e0bdbdaeraf return (0);