Bug 199891
| Summary: | [patch] 'vmstat -i' output is wrong on RPi | ||||||||
|---|---|---|---|---|---|---|---|---|---|
| Product: | Base System | Reporter: | Jia-Shiun Li <jiashiun> | ||||||
| Component: | bin | Assignee: | freebsd-bugs (Nobody) <bugs> | ||||||
| Status: | Closed FIXED | ||||||||
| Severity: | Affects Many People | CC: | loos | ||||||
| Priority: | --- | ||||||||
| Version: | CURRENT | ||||||||
| Hardware: | Any | ||||||||
| OS: | Any | ||||||||
| Attachments: |
|
||||||||
Created attachment 156290 [details]
patch to vmstat.c
Add boundary check to intrnames in dointr().
But probably kernel & user space need to agree on how to treat the buffer safely.
A commit references this bug: Author: loos Date: Wed May 13 02:25:54 UTC 2015 New revision: 282829 URL: https://svnweb.freebsd.org/changeset/base/282829 Log: Fix the vmstat -i output on ARM. The consumers of hw.intrnames expect a NULL byte at end of the string containing the interrupt names. On ARM all the interrupt name slots are initialized and this leave no room for the terminating NULL byte, which makes vmstat read beyond the end of intrnames. PR: 199891 Tested on: RPi 2 and BeagleBone Black Changes: head/sys/arm/arm/intr.c |
Created attachment 156288 [details] original 'vmstat -i' output on RPi 'vmstat -i' output is wrong on RPi. (See attached file) The cause is in sufficient check for end of intrnames in dointr(). It only looks for zero-length string as end of buffer. But on every architecture FreeBSD supports, intrnames are all initialized to array of strings of 19 spaces plus NUL in kernel. The check will always make intrname run over the end of buffer. x86 does not see this probably due to implementation of memory allocator. On arch like RPi, vmstat did not encounter immediate consecutive \0s to be intepreted as zero-length string. Thus it treated data after the buffer as long interrupt names.