From owner-p4-projects@FreeBSD.ORG Wed Aug 26 12:01:13 2009 Return-Path: Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id 474BF10656AE; Wed, 26 Aug 2009 12:01:13 +0000 (UTC) Delivered-To: perforce@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 0BC5210656A8 for ; Wed, 26 Aug 2009 12:01:13 +0000 (UTC) (envelope-from zec@fer.hr) Received: from repoman.freebsd.org (repoman.freebsd.org [IPv6:2001:4f8:fff6::29]) by mx1.freebsd.org (Postfix) with ESMTP id EE7248FC3A for ; Wed, 26 Aug 2009 12:01:12 +0000 (UTC) Received: from repoman.freebsd.org (localhost [127.0.0.1]) by repoman.freebsd.org (8.14.3/8.14.3) with ESMTP id n7QC1Cvx032048 for ; Wed, 26 Aug 2009 12:01:12 GMT (envelope-from zec@fer.hr) Received: (from perforce@localhost) by repoman.freebsd.org (8.14.3/8.14.3/Submit) id n7QC1Cbm032046 for perforce@freebsd.org; Wed, 26 Aug 2009 12:01:12 GMT (envelope-from zec@fer.hr) Date: Wed, 26 Aug 2009 12:01:12 GMT Message-Id: <200908261201.n7QC1Cbm032046@repoman.freebsd.org> X-Authentication-Warning: repoman.freebsd.org: perforce set sender to zec@fer.hr using -f From: Marko Zec To: Perforce Change Reviews Cc: Subject: PERFORCE change 167829 for review X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 26 Aug 2009 12:01:13 -0000 http://perforce.freebsd.org/chv.cgi?CH=167829 Change 167829 by zec@zec_tpx32 on 2009/08/26 12:00:31 Attempt to preempt panics in vnet_alloc() call graph by doing a brute-force check whether a reasonable amount of kmem is available. This is not guaranteed to work all the time (no protection against races on memory allocations), but given that now jail -c may fail as vnet_alloc() fails, this could serve as an indicator to sysadmins that an imminent panic due to kmem starvation may be around the corner. This is a better-than-nothing alternative to current behavior, which guarantees a panic on jail -c vnet when kmem is in short supply. Affected files ... .. //depot/projects/vimage-commit2/src/sys/kern/kern_jail.c#34 edit .. //depot/projects/vimage-commit2/src/sys/net/vnet.c#6 edit Differences ... ==== //depot/projects/vimage-commit2/src/sys/kern/kern_jail.c#34 (text+ko) ==== @@ -1199,6 +1199,11 @@ /* Allocate a new vnet if specified. */ pr->pr_vnet = (pr_flags & PR_VNET) ? vnet_alloc() : ppr->pr_vnet; + if (pr->pr_vnet == NULL) { + prison_deref(pr, PD_LIST_XLOCKED); + error = ENOMEM; + goto done_releroot; + } #endif /* * Allocate a dedicated cpuset for each jail. @@ -2456,7 +2461,7 @@ sx_downgrade(&allprison_lock); #ifdef VIMAGE - if (pr->pr_vnet != ppr->pr_vnet) + if (pr->pr_vnet != NULL && pr->pr_vnet != ppr->pr_vnet) vnet_destroy(pr->pr_vnet); #endif if (pr->pr_root != NULL) { ==== //depot/projects/vimage-commit2/src/sys/net/vnet.c#6 (text+ko) ==== @@ -216,6 +216,18 @@ { struct vnet *vnet; + /* + * Do not proceed with a lengthy chain of direct and indirect + * mallocs if kmem shortage can be anticipated. This ad-hoc + * check applies only to non-default vnets. + */ + if (vnet0 != NULL) { + vnet = malloc(1024*1024, M_VNET, M_NOWAIT | M_ZERO); + if (vnet == NULL) + return (NULL); + free(vnet, M_VNET); + } + vnet = malloc(sizeof(struct vnet), M_VNET, M_WAITOK | M_ZERO); vnet->vnet_magic_n = VNET_MAGIC_N;