https://bugs.dragonflybsd.org/https://bugs.dragonflybsd.org/favicon.ico?16293952082008-01-08T14:08:00ZDragonFlyBSD bugtrackerDragonFlyBSD - Bug #910: Kernel panic while doing sysctl -ahttps://bugs.dragonflybsd.org/issues/910?journal_id=40952008-01-08T14:08:00Zdillon
<ul></ul><p>:Hi,<br />:<br />:one of my machines running HEAD experienced a kernel panic. The command I<br />:executed before the panic was "sysctl -a | less" to get a list of sysctls.<br />:It seems that there is an overflow within the strlen function ...<br />:<br />:kernel, crash dump, dmesg and pciconf -lv is available here:<br />:<br />:http://www.mathematik.uni-marburg.de/~schmidtm/dfly_crash/<br />:<br />:...<br />:#11 0xc02ddb9a in strlen (str=0xd0686f55 <Address 0xd0686f55 out of bounds>) at /usr/src/sys/libkern/strlen.c:41<br />:#12 0xc02c2153 in sysctl_vm_zone (oidp=0xc03b42a0, arg1=0x0, arg2=0, req=0xcec0fc08) at /usr/src/sys/vm/vm_zone.c:447</p>
<pre><code>The vm_zone->zname is pointing to illegal storage. Very weird, a whole<br /> bunch of zones have bad zname's. They look like they've come from a<br /> dynamic module, and there are a whole bunch of them. Is there a module<br /> you are loading and unloading a lot? It must be zinit'ing a new zone<br /> and not cleaning it up at unload time.</code></pre>
<pre><code>We don't have a zone unloader. Looks like we'll have to write a<br /> procedure to clean out a zone and remove it from the list in addition<br /> to finding the module that is trying to use the zone.</code></pre>
<pre><code>zlist -> [28 zones with bad zname pointers] -> [system zones with good<br /> zname pointers].</code></pre>
<pre><code>-Matt</code></pre> DragonFlyBSD - Bug #910: Kernel panic while doing sysctl -ahttps://bugs.dragonflybsd.org/issues/910?journal_id=40962008-01-08T16:55:00Zmatthias
<ul></ul><p>I did some modification to some rc.d scripts and unloaded pf and ipl<br />some times to check if the scripts are correct.</p>
<pre><code>Matthias</code></pre> DragonFlyBSD - Bug #910: Kernel panic while doing sysctl -ahttps://bugs.dragonflybsd.org/issues/910?journal_id=40972008-01-08T18:06:00Zsepherosa
<ul></ul><p>As far as I know, pf module can't be safely unloaded.</p> DragonFlyBSD - Bug #910: Kernel panic while doing sysctl -ahttps://bugs.dragonflybsd.org/issues/910?journal_id=40982008-01-08T18:20:00Zmatthias
<ul></ul><p>He sephe,</p>
<p>It this just state-of-the-art or can we fix this?</p>
<pre><code>Matthias</code></pre> DragonFlyBSD - Bug #910: Kernel panic while doing sysctl -ahttps://bugs.dragonflybsd.org/issues/910?journal_id=40992008-01-08T18:27:00Zsepherosa
<ul></ul><p>I think we don't have function to destroy zone initialized by zinit()<br />(used by pf), so currently pf module can't be unloaded.</p>
<p>Best Regards,<br />sephe</p> DragonFlyBSD - Bug #910: Kernel panic while doing sysctl -ahttps://bugs.dragonflybsd.org/issues/910?journal_id=41002008-01-09T02:51:02Zdillon
<ul></ul><p>:I think we don't have function to destroy zone initialized by zinit()<br />:(used by pf), so currently pf module can't be unloaded.<br />:<br />:Best Regards,<br />:sephe</p>
<pre><code>ZONE_DESTROY() in pfvar.h is a NOP.</code></pre>
<pre><code>Anyone want to have a go at writing a zdestroy() function for<br /> vm/vm_zone.c to complement the zinit() function?</code></pre>
<pre><code>-Matt<br /> Matthew Dillon <br /> &lt;<a class="email" href="mailto:dillon@backplane.com">dillon@backplane.com</a>&gt;</code></pre> DragonFlyBSD - Bug #910: Kernel panic while doing sysctl -ahttps://bugs.dragonflybsd.org/issues/910?journal_id=42382008-01-28T17:23:32Zmatthias
<ul></ul><p>Close this issue. A stress test with module loading/unloading and sysctl shows <br />that nth@'s recent zdestroy() patch fixes that issue.</p>