Commit Graph

4019 Commits

Author SHA1 Message Date
John Baldwin
1432aa0c5e Add a new kernel option RESTARTABLE_PANICS. If this option is present,
then one can restart from a panic by resetting the panicstr variable to
NULL.  This commit conditionalizes the previously committed functionality
on this variable.  It also removes the __dead2 attribute from the panic()
function so that when one continues from a panic() the behavior will
be predictable.
2001-08-23 20:32:21 +00:00
John Baldwin
e2870579fa Clear the sx_xholder pointer when downgrading an exclusive lock. 2001-08-23 17:57:37 +00:00
Andrey A. Chernov
5d97bedb22 vn_stat(): if va_size (u_quad_t) > OFF_MAX, return EOVERFLOW, don't copy it
blindly to st_size
2001-08-23 17:56:48 +00:00
Andrey A. Chernov
6fb9fbceab Add yet one check for SEEK_END overflow 2001-08-23 17:09:23 +00:00
Andrey A. Chernov
db106eff39 lseek: fix check for vattr.va_size overflow. Check suggested by bde simple not
works with unsigned types.
2001-08-23 17:01:25 +00:00
Andrey A. Chernov
62be011ebd Oops, fix my broken handling of new l_len<0 case 2001-08-23 16:00:27 +00:00
Andrey A. Chernov
f510e1c2ec Originally BSD return EINVAL for l_len < 0, but now POSIX wants it too,
so implement POSIX l_len < 0 handling.
2001-08-23 15:40:30 +00:00
Andrey A. Chernov
6d24c65d96 Cosmetique: correct English in comments
Pointed by:	bde
2001-08-23 14:41:39 +00:00
Andrey A. Chernov
b82f5b624c Cosmetique: more <sys/*> into one group, separate include families by
blank line
2001-08-23 13:51:17 +00:00
Andrey A. Chernov
b44af710d3 Move <machine/*> after <sys/*>
Pointed by:	bde
2001-08-23 13:21:17 +00:00
Andrey A. Chernov
4b207d9868 Move <machine/*> after <sys/*>
Add missing fdrop() before EOVERFLOW

Pointed by:	bde
2001-08-23 13:19:32 +00:00
Andrey A. Chernov
69cc1d0d7f Detect off_t EOVERFLOW of start/end offsets calculations for adv. lock,
as POSIX require.
2001-08-23 07:42:40 +00:00
Thomas Moestl
040ef07af8 Regenerate from syscalls.master using the new makesyscalls.sh revision. 2001-08-22 23:27:20 +00:00
Thomas Moestl
a4189a088b Add padding before each element of the syscall argument structures in
sysproto.h in addition to the existing padding afterwards.
This is needed to support big-endian architectures like sparc64.

Reviewed by:	bde
Tested on alpha by:	jhb
2001-08-22 23:22:47 +00:00
Alexander Langer
b8c526df70 Fix a simple typo I just happened to find. 2001-08-22 19:12:24 +00:00
Matthew Dillon
0cf5e0ebd6 Remove the code that limited the buffer_map to 1/2 the size of the
kernel_map.  maxbcache takes care of this now and the 1/2 limit can
interfere with testing.

Suggested by: bde
2001-08-22 18:10:37 +00:00
Matthew Dillon
219d632c15 Move most of the kernel submap initialization code, including the
timeout callwheel and buffer cache, out of the platform specific areas
and into the machine independant area.  i386 and alpha adjusted here.
Other cpus can be fixed piecemeal.

Reviewed by:    freebsd-smp, jake
2001-08-22 04:07:27 +00:00
John Baldwin
61e9650010 Clear db_active in boot() so that one can call the boot function (as well
as use the panic command) w/o having to manually clear db_active first
to avoid the db_error() in mi_switch().
2001-08-21 23:29:40 +00:00
John Baldwin
b285782b29 Release the sched_lock before bombing out in mi_switch() via db_error().
This makes things slightly easier if you call a function that calls
mi_switch() as it keeps the locking before and after closer.
2001-08-21 23:10:37 +00:00
John Baldwin
1a5333c37c Allow one to restart from a panic in DDB by clearing the panicstr
variable to NULL.  Note that since panic() is marked with __dead2, this
has somewhat unpredictable results at best.
2001-08-21 22:55:20 +00:00
Andrey A. Chernov
383f169d4a Make lseek() POSIXed: for non character special files
1) handle off_t overflow with EOVERFLOW
2) handle negative offsets with EINVAL

Reviewed by:	arch discussion
2001-08-21 21:20:42 +00:00
John Baldwin
161778121a Add a hook to mi_switch() to abort via db_error() if we attempt to
perform a context switch from DDB.

Consulting from:	bde
2001-08-21 20:09:05 +00:00
John Baldwin
91a4536f22 - Fix a bug in the previous workaround for the tsleep/endtsleep race.
callout_stop() would fail in two cases:
    1) The timeout was currently executing, and
    2) The timeout had already executed.
  We only needed to work around the race for 1).  We caught some instances
  of 2) via the PS_TIMEOUT flag, however, if endtsleep() fired after the
  process had been woken up but before it had resumed execution,
  PS_TIMEOUT would not be set, but callout_stop() would fail, so we
  would block the process until endtsleep() resumed it.  Except that
  endtsleep() had already run and couldn't resume it.  This adds a new flag
  PS_TIMOFAIL to indicate the case of 2) when PS_TIMEOUT isn't set.
- Implement this race fix for condition variables as well.

Tested by:	sos
2001-08-21 18:42:45 +00:00
Peter Wemm
e8ebc08f80 Make COMPAT_43 optional again. XXX we need COMPAT_FBSD3 etc for this
stuff.
2001-08-21 02:32:59 +00:00
Ian Dowse
8774836bf8 Avoid sleeping while holding a mutex in dounmount(). This problem
has existed for a long time, but I made it worse a few months ago
by by adding calls to VFS_ROOT() and checkdirs() in revision 1.179.

Also, remove the LK_REENABLE flag in the lockmgr() call; this flag
has been ignored by the lockmgr code for 4 years. This was the only
remaining mention of it apart from its definition.

Reviewed by:	jhb
2001-08-20 19:16:31 +00:00
Matthew Dillon
e1616f3a7b Conditionalize VM_SWZONE_SIZE_MAX and VM_BCACHE_SIZE_MAX so MD sections
that don't define these constants don't break.
2001-08-20 16:29:13 +00:00
Dima Dorfman
fcd7e67061 Sync the default module search path with the one in
sys/boot/common/module.c.

PR:		21405
Submitted by:	Makoto MATSUSHITA <matusita@jp.FreeBSD.org>
2001-08-20 01:12:28 +00:00
Matthew Dillon
2f9e4e8025 Limit the amount of KVM reserved for the buffer cache and for swap-meta
information.  The default limits only effect machines with > 1GB of ram
and can be overriden with two new kernel conf variables VM_SWZONE_SIZE_MAX
and VM_BCACHE_SIZE_MAX, or with loader variables kern.maxswzone and
kern.maxbcache.  This has the effect of leaving more KVM available for
sizing NMBCLUSTERS and 'maxusers' and should avoid tripups where a sysad
adds memory to a machine and then sees the kernel panic on boot due to
running out of KVM.

Also change the default swap-meta auto-sizing calculation to allocate half
of what it was previously allocating.  The prior defaults were way too high.
Note that we cannot afford to run out of swap-meta structures so we still
stay somewhat conservative here.
2001-08-20 00:41:12 +00:00
Julian Elischer
a8cfc0ee40 Forgot to remove this un-needed test. (M_WAITOK won't fail)
I vaguely remember someone once proving it COULD return NULL..
was that changed?

Reminded by: BDE

MFC after:	2 weeks
2001-08-19 04:30:13 +00:00
Julian Elischer
ad4ff09012 fix typo
Submitted by:	Ian Dowse <iedowse@maths.tcd.ie>
2001-08-18 17:43:29 +00:00
Mark Peek
29b7fbd17f Unbreak linux compatibility by providing the correct length of the buffer.
Reported by:	"Pierre Y. Dampure" <pierre.dampure@westmarsh.com>,
		"Niels Chr. Bank-Pedersen" <ncbp@bank-pedersen.dk>
Pointy hat to:	mp
2001-08-18 04:24:30 +00:00
Julian Elischer
8f364875fe Don't alocate a 400 byte buffer on the stack,
Nor 800 bytes of structures..

MFC after:	2 weeks
2001-08-18 02:53:50 +00:00
Dima Dorfman
0c1bb4fbf1 Implement a LOCAL_PEERCRED socket option which returns a
`struct xucred` with the credentials of the connected peer.
Obviously this only works (and makes sense) on SOCK_STREAM
sockets.  This works for both the connect(2) and listen(2)
callers.

There is precise documentation of the semantics in unix(4).

Reviewed by:	dwmalone (eyeballed)
2001-08-17 22:01:18 +00:00
Peter Wemm
0ecd57ad0b Fix part of another problem that bde pointed out. This is different
to what bde suggested though.
2001-08-16 23:43:24 +00:00
Peter Wemm
5a66a2532b Remove redundant null-termination. The buffer is already explicitly
zeroed, and we intentionally leave -1 on the strncpy length to leave
the original \0.

Submitted by: bde
2001-08-16 20:18:43 +00:00
Peter Wemm
a75a0c55f4 Don't explicitly null-terminate. The buffer we are copying into is
already zeroed, and we explicitly leave the last byte untouched.

Submitted by: bde
2001-08-16 20:16:20 +00:00
Mark Peek
911c2be00b Reduce stack allocation (stack-fast?).
elf_load_file()   =>  352 to 52 bytes
    exec_elf_imgact() => 1072 to 48 bytes
    elf_corehdr()     =>  396 to  8 bytes

Reviewed by:	julian
2001-08-16 16:14:26 +00:00
Peter Wemm
77330eeba7 Use the backwards compatability mechanisms so that ps/top etc dont have
unnecessary breakage.

While here, use explicit sizes for the string fields so that we dont
have unintentional changes again in the future when key tunables change.

This still is not quite right, but a june userland is happy with
a -current kernel with these tweaks.
2001-08-16 08:41:15 +00:00
Peter Wemm
6eef6816a8 Use explicit sizes for the prpsinfo command length string so that
we dont have any more unexpected changes in core dumps.  This gets us
back to the original core dump layout from a few days ago.
2001-08-16 08:35:51 +00:00
Bruce Evans
a572c95c3b Don't dump on the label sector or below. This avoids clobbering the
label if the dump device overflaps the label (which is a slight
misconfiguration).  Dump routines don't use dscheck(), so the normal
write protection of the label doesn't help.

Reduced some nearby overflow bugs.  In disk_dumpcheck(), there was
(fatal but fail-safe) overflow on i386's with 4GB of memory, at least
if Maxmem was the top page (can this happen?).  The fix assumes that
the sector size divides PAGE_SIZE (dump routines already assume this).
In setdumpdev(), the corresponding overflow occurred with only about
2GB of memory on all machines with 32-bit ints.  This allowed setdumpdev()
to succeed when it shouldn't have, but then disk_dumpcheck() failed
safe later.  Except in old versions of FreeBSD like RELENG_3 where
there is no disk_dumpcheck().

PR:		28164 (label clobbering part)
MFC after:	1 week
2001-08-15 11:35:45 +00:00
Jason Evans
54db32e945 Implement kernel semaphores.
Reviewed by:	jhb
2001-08-14 22:13:14 +00:00
Jason Evans
d55229b72e Add sx_try_upgrade() and sx_downgrade().
Submitted by:	Alexander Kabaev <ak03@gte.com>
2001-08-13 21:25:30 +00:00
John Baldwin
3f085c228e If we've panic'd already, then just bail in lockmgr rather than blocking or
possibly panic'ing again.
2001-08-10 23:29:15 +00:00
Bill Paul
c214e6636e Fix some of the GDB linkage setup. The l_name member of the gdb linkage
structure is always free()ed yet only sometimes malloc()ed. In particular,
it was simply set to point to l_filename from the a linker_file_t in
link_elf_link_preload_finish(). The l_filename had been malloc()ed inside
the kern_linker.c module and was being free()ed twice: once by
link_elf_unload_file() and again by linker_file_unload(), leading to
a panic.

How to duplicate the problem:

- Pre-load a kernel module from the loader, i.e. if_sis.ko
- Boot system
- Attempt to unload module with kldunload if_sis
- Bewm

The problem here is that the case where the module was loaded with kldload
after system boot would work correctly, so this bug went unnoticed until
I stubbed my toe on it just now. (Also, you can only trip this bug if
you compile a kernel with options DDB, but that's the default now.)

Fix: remember to malloc() a separate copy of the module name for the
l_name member of the gdb linkage structure in three places where the
linkage structure can be initialized.
2001-08-10 23:15:13 +00:00
John Baldwin
688ebe120c - Close races with signals and other AST's being triggered while we are in
the process of exiting the kernel.  The ast() function now loops as long
  as the PS_ASTPENDING or PS_NEEDRESCHED flags are set.  It returns with
  preemption disabled so that any further AST's that arrive via an
  interrupt will be delayed until the low-level MD code returns to user
  mode.
- Use u_int's to store the tick counts for profiling purposes so that we
  do not need sched_lock just to read p_sticks.  This also closes a
  problem where the call to addupc_task() could screw up the arithmetic
  due to non-atomic reads of p_sticks.
- Axe need_proftick(), aston(), astoff(), astpending(), need_resched(),
  clear_resched(), and resched_wanted() in favor of direct bit operations
  on p_sflag.
- Fix up locking with sched_lock some.  In addupc_intr(), use sched_lock
  to ensure pr_addr and pr_ticks are updated atomically with setting
  PS_OWEUPC.  In ast() we clear pr_ticks atomically with clearing
  PS_OWEUPC.  We also do not grab the lock just to test a flag.
- Simplify the handling of Giant in ast() slightly.

Reviewed by:	bde (mostly)
2001-08-10 22:53:32 +00:00
John Baldwin
827dcaf663 Make witness compile w/o DDB.
Reported by:	wpaul
2001-08-10 22:33:59 +00:00
Ian Dowse
a9a8ba3d71 Arbitrarily limit to 64k the number of bytes that can be read at
a time using the ogetdirentries() compatibility syscall. This is a
hack to ensure that rediculous values don't get passed to MALLOC().

Reviewed by:	kris
2001-08-10 22:14:18 +00:00
John Baldwin
8791b43513 Work around a race between msleep() and endtsleep() where it was possible
for endtsleep() to be executing when msleep() resumed, for endtsleep()
to spin on sched_lock long enough for the other process to loop on
msleep() and sleep again resulting in endtsleep() waking up the "wrong"
msleep.

Obtained from:	BSD/OS
2001-08-10 21:08:56 +00:00
John Baldwin
a45982d2ea Change callout_stop() to return an integer. If callout_stop() succeeds in
removing the callout entry, return 1.  If callout_stop() fails to remove
the callout entry because it is currently executing or has already been
executed, then the function returns 0.  The idea was obtained from BSD/OS,
however, BSD/OS changed untimeout(), and I've just changed callout_stop()
to be more conservative.

Obtained from:	BSD/OS
2001-08-10 21:06:59 +00:00
John Baldwin
4d33620270 Style nit: covert a couple of if (p_wchan) tests to if (p_wchan != NULL). 2001-08-10 20:56:25 +00:00