svn commit: r279993 - in head/sys: dev/cxgb dev/cxgbe kern vm

Konstantin Belousov kostikbel at gmail.com
Sun Mar 15 21:53:55 UTC 2015 

On Sat, Mar 14, 2015 at 05:08:29PM +0000, Ian Lepore wrote:
> Author: ian
> Date: Sat Mar 14 17:08:28 2015
> New Revision: 279993
> URL: https://svnweb.freebsd.org/changeset/base/279993
> 
> Log:
>   Set the SBUF_INCLUDENUL flag in sbuf_new_for_sysctl() so that sysctl
>   strings returned to userland include the nulterm byte.
>   
>   Some uses of sbuf_new_for_sysctl() write binary data rather than strings;
>   clear the SBUF_INCLUDENUL flag after calling sbuf_new_for_sysctl() in
>   those cases.  (Note that the sbuf code still automatically adds a nulterm
>   byte in sbuf_finish(), but since it's not included in the length it won't
>   get copied to userland along with the binary data.)
>   
>   Remove explicit adding of a nulterm byte in a couple places now that it
>   gets done automatically by the sbuf drain code.
>   
>   PR:		195668

I get the following panic on r280044:

panic: wrote past end of sbuf (256 >= 256)
cpuid = 0
KDB: stack backtrace:
db_trace_self_wrapper() at 0xffffffff8028db5b = db_trace_self_wrapper+0x2b/frame 0xfffffe022b6af5e0
vpanic() at 0xffffffff80356ad9 = vpanic+0x189/frame 0xfffffe022b6af660
kassert_panic() at 0xffffffff80356942 = kassert_panic+0x192/frame 0xfffffe022b6af6f0
sbuf_delete() at 0xffffffff803a3cad = sbuf_delete+0xad/frame 0xfffffe022b6af710
sysctl_kern_proc_args() at 0xffffffff80349b6d = sysctl_kern_proc_args+0x21d/frame 0xfffffe022b6af7a0
sysctl_root_handler_locked() at 0xffffffff80364034 = sysctl_root_handler_locked+0x94/frame 0xfffffe022b6af7e0
sysctl_root() at 0xffffffff80363878 = sysctl_root+0x188/frame 0xfffffe022b6af830
userland_sysctl() at 0xffffffff80363e12 = userland_sysctl+0x192/frame 0xfffffe022b6af8d0
sys___sysctl() at 0xffffffff80363c44 = sys___sysctl+0x74/frame 0xfffffe022b6af980
amd64_syscall() at 0xffffffff8057e9be = amd64_syscall+0x2ae/frame 0xfffffe022b6afab0
Xfast_syscall() at 0xffffffff8055d9bb = Xfast_syscall+0xfb/frame 0xfffffe022b6afab0
--- syscall (202, FreeBSD ELF64, sys___sysctl), rip = 0x800f9db0a, rsp = 0x7fffffffe2c8, rbp = 0x7fffffffe300 ---

More information about the svn-src-all mailing list