Date: Wed, 13 Sep 2017 21:54:57 +0000 From: bugzilla-noreply@freebsd.org To: freebsd-bugs@FreeBSD.org Subject: [Bug 218911] [uma] Memory corruption with certain item sizes Message-ID: <bug-218911-8-qlto4ur1nZ@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-218911-8@https.bugs.freebsd.org/bugzilla/> References: <bug-218911-8@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D218911 --- Comment #6 from commit-hook@freebsd.org --- A commit references this bug: Author: markj Date: Wed Sep 13 21:54:38 UTC 2017 New revision: 323564 URL: https://svnweb.freebsd.org/changeset/base/323564 Log: Widen uk_pgoff, the slab header offset field. 16 bits is only wide enough for kegs with an item size of up to 64KB. At that size or larger, slab headers are typically offpage because the item size is a multiple of the page size, but there is no requirement that this be the case. We can widen the field without affecting the layout of struct uma_keg since the removal of uk_slabsize in r315077 left an adjacent hole. PR: 218911 MFC after: 2 weeks Changes: head/sys/vm/uma_int.h --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-218911-8-qlto4ur1nZ>