Page MenuHomeFreeBSD
Differential D18767

Handle overflow in calculating max kmem size.
ClosedPublic
Actions

Authored by kib on Jan 7 2019, 4:00 AM.
Tags
None
Referenced Files
Unknown Object (File)
Thu, Nov 7, 3:10 AM
Unknown Object (File)
Thu, Oct 24, 8:52 AM
Unknown Object (File)
Oct 1 2024, 5:41 AM
Unknown Object (File)
Sep 13 2024, 8:08 AM
Unknown Object (File)
Sep 10 2024, 10:24 PM
Unknown Object (File)
Sep 10 2024, 7:41 PM
Unknown Object (File)
Sep 4 2024, 4:45 AM
Unknown Object (File)
Aug 31 2024, 2:59 PM
View All 47 Files
Subscribers
emaste
imp
pho

Details

Reviewers
alc
markj
Commits
rS343017: Handle overflow in calculating max kmem size.
Summary

vm_kmem_size is u_long, and it might be not capable of holding page count times PAGE_SIZE, even when scaled down by VM_KMEM_SIZE_SCALE. As bde reported, 12G PAE config ends up with zero for kmem size.

Explicitly check for overflow and clamp kmem size at vm_kmem_size_max. If we end up at zero size because VM_KMEM_SIZE_MAX is not defined, panic with clear explanation rather then failing in weird way.

Diff Detail

Repository
rS FreeBSD src repository - subversion
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

kib created this revision.Jan 7 2019, 4:00 AM
Herald added a subscriber: imp. · View Herald TranscriptJan 7 2019, 4:00 AM
Harbormaster completed remote builds in B21855: Diff 52618.Jan 7 2019, 4:00 AM
kib added a subscriber: pho.Jan 7 2019, 4:00 AM
markj added inline comments.Jan 7 2019, 5:57 AM
sys/kern/kern_malloc.c
935 ↗(On Diff #52618)

Why does vm_kmem_size * PAGE_SIZE < vm_kmem_size imply that the overflowed value is 0?

Also, if vm_kmem_size_max == 0 and vm_kmem_size_min != 0, the code above may just silently set vm_kmem_size = vm_kmem_size_min in the overflow case. Shouldn't we panic in that case too?

kib added inline comments.Jan 7 2019, 6:49 AM
sys/kern/kern_malloc.c
935 ↗(On Diff #52618)

I only want to panic if the value for the vm_kmem_size is insane. If there are some defined values for VM_KMEM_SIZE_MIN/MAX, and they are used, this should be fine. Even if only _MIN is defined and used.

So no, the overflow does not imply that the overflown value is zero, it only means that we fall back to vm_kmem_size_max, whatever it is (except zero).

markj added inline comments.Jan 8 2019, 12:30 AM
sys/kern/kern_malloc.c
935 ↗(On Diff #52618)

But if there is an overflow and vm_kmem_size_max == vm_kmem_size_min == 0, we may set vm_kmem_size to a non-zero insane value.

kib updated this revision to Diff 52654.Jan 8 2019, 1:05 AM

Do not that vm_kmem_size_max > 0 when handling overflow.
We will panic later if it is 0.

Harbormaster completed remote builds in B21876: Diff 52654.Jan 8 2019, 1:05 AM
markj accepted this revision.Jan 8 2019, 1:07 AM
This revision is now accepted and ready to land.Jan 8 2019, 1:07 AM
Closed by commit rS343017: Handle overflow in calculating max kmem size. (authored by kib). · Explain WhyJan 14 2019, 7:31 AM
This revision was automatically updated to reflect the committed changes.

Revision Contents
Changeset List

PathSize
head/
sys/
kern/
7 lines

Diff 52821

View Options

head/sys/kern/kern_malloc.c

Loading...