Project

General

Profile

Bug #4681

bcmp(NULL, NULL, 0) panics in DEBUG kernel

Added by Marcel Telka about 6 years ago. Updated about 6 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
Category:
kernel
Start date:
2014-03-11
Due date:
% Done:

0%

Estimated time:
Difficulty:
Medium
Tags:
needs-triage

Description

The bcmp(NULL, NULL, 0) call panices in DEBUG kernel, but it works correctly in non-DEBUG.

> ::status
debugging crash dump vmcore.18 (64-bit) from cheetah
operating system: 5.11 NexentaOS_4:b85b1f49ed:debug (i86pc)
image uuid: f65c2219-e1b4-6eb7-a722-c104fec9bc4a
panic message: bcmp: arguments below kernelbase
dump content: kernel pages and pages from PID -1
>

The debug version of bcmp(9f) should be fixed to skip the check in a case the len is zero.


Related issues

Related to illumos gate - Bug #4342: NULL pointer dereference in rfs4_op_setclientid()Resolved2013-11-20

Actions

History

#1

Updated by Marcel Telka about 6 years ago

To reproduce the issue you need to run the following nfsv4shell script twice on debug kernel:

connect localhost
compound {Setclientid "" "" {0 0 0}}
#2

Updated by Rich Lowe about 6 years ago

  • Subject changed from bcmp(NULL, NULL, 0) panices in DEBUG kernel to bcmp(NULL, NULL, 0) panics in DEBUG kernel
#3

Updated by Marcel Telka about 6 years ago

  • Status changed from In Progress to Pending RTI
#4

Updated by Electric Monk about 6 years ago

git commit 549e8c979a99086fc1357b214aa17a620f4bf2b1

Author: Marcel Telka <marcel.telka@nexenta.com>

4681 bcmp(NULL, NULL, 0) panics in DEBUG kernel
Reviewed by: Saso Kiselkov <saso.kiselkov@nexenta.com>
Reviewed by: Garrett D'Amore <garrett@damore.org>
Reviewed by: Josef Sipek <josef.sipek@nexenta.com>
Approved by: Dan McDonald <danmcd@omniti.com>

#5

Updated by Marcel Telka about 6 years ago

  • Status changed from Pending RTI to Resolved

Also available in: Atom PDF