Date: Sun, 15 Mar 2015 23:53:48 +0200 From: Konstantin Belousov <kostikbel@gmail.com> To: Ian Lepore <ian@FreeBSD.org> Cc: svn-src-head@freebsd.org, svn-src-all@freebsd.org, src-committers@freebsd.org Subject: Re: svn commit: r279993 - in head/sys: dev/cxgb dev/cxgbe kern vm Message-ID: <20150315215348.GV2379@kib.kiev.ua> In-Reply-To: <201503141708.t2EH8TdR074383@svn.freebsd.org> References: <201503141708.t2EH8TdR074383@svn.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, Mar 14, 2015 at 05:08:29PM +0000, Ian Lepore wrote: > Author: ian > Date: Sat Mar 14 17:08:28 2015 > New Revision: 279993 > URL: https://svnweb.freebsd.org/changeset/base/279993 > > Log: > Set the SBUF_INCLUDENUL flag in sbuf_new_for_sysctl() so that sysctl > strings returned to userland include the nulterm byte. > > Some uses of sbuf_new_for_sysctl() write binary data rather than strings; > clear the SBUF_INCLUDENUL flag after calling sbuf_new_for_sysctl() in > those cases. (Note that the sbuf code still automatically adds a nulterm > byte in sbuf_finish(), but since it's not included in the length it won't > get copied to userland along with the binary data.) > > Remove explicit adding of a nulterm byte in a couple places now that it > gets done automatically by the sbuf drain code. > > PR: 195668 I get the following panic on r280044: panic: wrote past end of sbuf (256 >= 256) cpuid = 0 KDB: stack backtrace: db_trace_self_wrapper() at 0xffffffff8028db5b = db_trace_self_wrapper+0x2b/frame 0xfffffe022b6af5e0 vpanic() at 0xffffffff80356ad9 = vpanic+0x189/frame 0xfffffe022b6af660 kassert_panic() at 0xffffffff80356942 = kassert_panic+0x192/frame 0xfffffe022b6af6f0 sbuf_delete() at 0xffffffff803a3cad = sbuf_delete+0xad/frame 0xfffffe022b6af710 sysctl_kern_proc_args() at 0xffffffff80349b6d = sysctl_kern_proc_args+0x21d/frame 0xfffffe022b6af7a0 sysctl_root_handler_locked() at 0xffffffff80364034 = sysctl_root_handler_locked+0x94/frame 0xfffffe022b6af7e0 sysctl_root() at 0xffffffff80363878 = sysctl_root+0x188/frame 0xfffffe022b6af830 userland_sysctl() at 0xffffffff80363e12 = userland_sysctl+0x192/frame 0xfffffe022b6af8d0 sys___sysctl() at 0xffffffff80363c44 = sys___sysctl+0x74/frame 0xfffffe022b6af980 amd64_syscall() at 0xffffffff8057e9be = amd64_syscall+0x2ae/frame 0xfffffe022b6afab0 Xfast_syscall() at 0xffffffff8055d9bb = Xfast_syscall+0xfb/frame 0xfffffe022b6afab0 --- syscall (202, FreeBSD ELF64, sys___sysctl), rip = 0x800f9db0a, rsp = 0x7fffffffe2c8, rbp = 0x7fffffffe300 ---
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20150315215348.GV2379>