Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 4 Dec 1997 23:13:06 -0500 (EST)
From:      cgull+usenet-881294066@smoke.marlboro.vt.us
To:        davidg@freebsd.org, dg@root.com, hackers@freebsd.org
Subject:   fatal kernel bug in -current, or pointy hat time :)
Message-ID:  <199712050413.XAA04479@smoke.marlboro.vt.us>
next in thread | raw e-mail | index | archive | help 

--n5D5bjVLbs
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit

DG's performance-tweaking patch last night to the kernel malloc left
out a little something.

There's a little problem with the structure ordering rearrangement in
sys/malloc.h: the initializer for the struct needs to be rearranged ,
too :) This causes malloc to think it has no memory available, which
is quickly fatal.  In my case (and probably everybody else's) it
causes a null pointer dereference and kernel page fault.

The first part of the patch in this batch fixes this bug.

The other two parts follow on my earlier ddb_input malloc-bug patch,
and are much less important.

Now, not having commit privileges means I don't have a FreeBSD-labeled
pointy hat handy...would somebody send it round? :)

  --jh


--n5D5bjVLbs
Content-Type: text/plain
Content-Description: stars, moon, planet, point
Content-Disposition: inline;
	filename="zot"
Content-Transfer-Encoding: 7bit

--- sys/malloc.h.old	Thu Dec  4 03:44:22 1997
+++ sys/malloc.h	Thu Dec  4 22:26:40 1997
@@ -63,7 +63,8 @@
 };
 
 #define	MALLOC_DEFINE(type, shortdesc, longdesc) \
-	struct malloc_type type[1] = { { shortdesc, M_MAGIC } }; \
+	struct malloc_type type[1] = { { NULL, 0, 0, 0, 0, 0, 0, \
+					 M_MAGIC, shortdesc, 0, 0 } }; \
 	struct __hack
 
 #define	MALLOC_DECLARE(type) \
--- kern/kern_malloc.c.old	Thu Nov  6 22:39:34 1997
+++ kern/kern_malloc.c	Thu Dec  4 20:47:39 1997
@@ -408,6 +408,9 @@
 	if (type->ks_magic != M_MAGIC) 
 		panic("malloc type lacks magic");
 
+	if (cnt.v_page_count == 0)
+		panic("malloc_init not allowed before vm init");
+
 	/*
 	 * Limit maximum memory for each type to 60% of malloc area size or
 	 * 60% of physical memory, whichever is smaller.
--- ddb/db_input.c.dist	Thu Nov  6 22:37:29 1997
+++ ddb/db_input.c	Thu Dec  4 22:36:58 1997
@@ -32,7 +32,6 @@
  */
 
 #include <sys/param.h>
-#include <sys/malloc.h>
 #include <sys/systm.h>
 
 #include <machine/cons.h>

--n5D5bjVLbs
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit


-- 
Mr. Belliveau said, "the difference was the wise,       John Hood,     cgull
intelligent look on the face of the cow."  He was      	                   @
*so* right.  --Ofer Inbar                               smoke.marlboro.vt.us

--n5D5bjVLbs--

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199712050413.XAA04479>