Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 18 Apr 2003 14:06:23 -0700
From:      Terry Lambert <tlambert2@mindspring.com>
To:        stable@freebsd.org
Subject:   PATCH: fix for trap 12 on KVA space exhaustion
Message-ID:  <3EA068CF.50AE34EA@mindspring.com>
next in thread | raw e-mail | index | archive | help 
This is a multi-part message in MIME format.
--------------7FFB3632E32D39DEAF4FC1F3
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit

Because recent 4.x versions have increased the KVA space, there
is a possible panic where the available backing pages for the
KVA space are less than the available memory.

This results in a trap 12, due to a NULL pointer dereference in
malloc() in /usr/src/sys/kern_malloc.c.

This patch has been tested by two people, and it solves their
problems for them (over two weeks, no repeat of the crash, no
ill effects for the patch).

Please commit this patch to the 4.x branch.

For the discussion about this patch, see the thread in -hackers
~ 02 Apr 2003 entitled "Repeated similar panics on -STABLE".

-- Terry
--------------7FFB3632E32D39DEAF4FC1F3
Content-Type: text/plain; charset=us-ascii;
 name="kernmalloc.diff"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline;
 filename="kernmalloc.diff"

Index: kern_malloc.c
===================================================================
RCS file: /usr/cvs/src/sys/kern/kern_malloc.c,v
retrieving revision 1.64.2.4
diff -c -r1.64.2.4 kern_malloc.c
*** kern_malloc.c	26 Jul 2001 18:53:02 -0000	1.64.2.4
--- kern_malloc.c	18 Apr 2003 21:22:34 -0000
***************
*** 160,165 ****
--- 160,166 ----
  	indx = BUCKETINDX(size);
  	kbp = &bucket[indx];
  
+ restart:
  	while (ksp->ks_memuse >= ksp->ks_limit) {
  		if (flags & M_ASLEEP) {
  			if (ksp->ks_limblocks < 65535)
***************
*** 231,236 ****
--- 232,244 ----
  			kbp->kb_last = (caddr_t)freep;
  	}
  	va = kbp->kb_next;
+ 	if (va == NULL) {
+ 		if (flags & M_NOWAIT) {
+ 			splx(s);
+ 			return ((void *) NULL);
+ 		}
+ 		goto restart;
+ 	}
  	kbp->kb_next = ((struct freelist *)va)->next;
  #ifdef INVARIANTS
  	freep = (struct freelist *)va;

--------------7FFB3632E32D39DEAF4FC1F3--

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3EA068CF.50AE34EA>