From owner-freebsd-bugs@freebsd.org  Wed Sep 13 21:54:58 2017
Return-Path: <owner-freebsd-bugs@freebsd.org>
Delivered-To: freebsd-bugs@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id EA5E5E116C1
 for <freebsd-bugs@mailman.ysv.freebsd.org>;
 Wed, 13 Sep 2017 21:54:58 +0000 (UTC)
 (envelope-from bugzilla-noreply@freebsd.org)
Received: from kenobi.freebsd.org (kenobi.freebsd.org
 [IPv6:2001:1900:2254:206a::16:76])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id D767D7C72D
 for <freebsd-bugs@FreeBSD.org>; Wed, 13 Sep 2017 21:54:58 +0000 (UTC)
 (envelope-from bugzilla-noreply@freebsd.org)
Received: from bugs.freebsd.org ([127.0.1.118])
 by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id v8DLsvDg033866
 for <freebsd-bugs@FreeBSD.org>; Wed, 13 Sep 2017 21:54:58 GMT
 (envelope-from bugzilla-noreply@freebsd.org)
From: bugzilla-noreply@freebsd.org
To: freebsd-bugs@FreeBSD.org
Subject: [Bug 218911] [uma] Memory corruption with certain item sizes
Date: Wed, 13 Sep 2017 21:54:57 +0000
X-Bugzilla-Reason: AssignedTo
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: Base System
X-Bugzilla-Component: kern
X-Bugzilla-Version: 11.0-STABLE
X-Bugzilla-Keywords: patch
X-Bugzilla-Severity: Affects Some People
X-Bugzilla-Who: commit-hook@freebsd.org
X-Bugzilla-Status: New
X-Bugzilla-Resolution: 
X-Bugzilla-Priority: ---
X-Bugzilla-Assigned-To: freebsd-bugs@FreeBSD.org
X-Bugzilla-Flags: 
X-Bugzilla-Changed-Fields: 
Message-ID: <bug-218911-8-qlto4ur1nZ@https.bugs.freebsd.org/bugzilla/>
In-Reply-To: <bug-218911-8@https.bugs.freebsd.org/bugzilla/>
References: <bug-218911-8@https.bugs.freebsd.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
X-BeenThere: freebsd-bugs@freebsd.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: Bug reports <freebsd-bugs.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-bugs>,
 <mailto:freebsd-bugs-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-bugs/>
List-Post: <mailto:freebsd-bugs@freebsd.org>
List-Help: <mailto:freebsd-bugs-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-bugs>,
 <mailto:freebsd-bugs-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 13 Sep 2017 21:54:59 -0000

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D218911

--- Comment #6 from commit-hook@freebsd.org ---
A commit references this bug:

Author: markj
Date: Wed Sep 13 21:54:38 UTC 2017
New revision: 323564
URL: https://svnweb.freebsd.org/changeset/base/323564

Log:
  Widen uk_pgoff, the slab header offset field.

  16 bits is only wide enough for kegs with an item size of up to 64KB.
  At that size or larger, slab headers are typically offpage because the
  item size is a multiple of the page size, but there is no requirement
  that this be the case.

  We can widen the field without affecting the layout of struct uma_keg
  since the removal of uk_slabsize in r315077 left an adjacent hole.

  PR:           218911
  MFC after:    2 weeks

Changes:
  head/sys/vm/uma_int.h

--=20
You are receiving this mail because:
You are the assignee for the bug.=