Reintroduce UMA_SLAB_KMAP; however, change its spelling to

UMA_SLAB_KERNEL for consistency with its sibling UMA_SLAB_KMEM. (UMA_SLAB_KMAP met its original demise in revision 1.30 of vm/uma_core.c.) UMA_SLAB_KERNEL is now required by the jumbo frame allocators. Without it, UMA cannot correctly return pages from the jumbo frame zones to the VM system because it resets the pages' object field to NULL instead of the kernel object. In more detail, the jumbo frame zones are created with the option UMA_ZONE_REFCNT. This causes UMA to overwrite the pages' object field with the address of the slab. However, when UMA wants to release these pages, it doesn't know how to restore the object field, so it sets it to NULL. This change teaches UMA how to reset the object field to the kernel object. Crashes reported by: kris Fix tested by: kris Fix discussed with: jeff MFC after: 6 weeks
2008-04-04 18:41:12 +00:00 · 2008-04-04 18:41:12 +00:00 · 7630c26507
commit 7630c26507
parent 1ff6c09714
4 changed files with 10 additions and 2 deletions
--- a/sys/i386/i386/pmap.c
+++ b/sys/i386/i386/pmap.c
@ -561,7 +561,9 @@ static MALLOC_DEFINE(M_PMAPPDPT, "pmap", "pmap pdpt");
 static void *
 pmap_pdpt_allocf(uma_zone_t zone, int bytes, u_int8_t *flags, int wait)
 {
-	*flags = UMA_SLAB_PRIV;
+
+	/* Inform UMA that this allocator uses kernel_map/object. */
+	*flags = UMA_SLAB_KERNEL;
 	return (contigmalloc(PAGE_SIZE, M_PMAPPDPT, 0, 0x0ULL, 0xffffffffULL,
 	    1, 0));
 }
--- a/sys/kern/kern_mbuf.c
+++ b/sys/kern/kern_mbuf.c
@ -352,7 +352,8 @@ static void *
 mbuf_jumbo_alloc(uma_zone_t zone, int bytes, u_int8_t *flags, int wait)
 {

-	*flags = UMA_SLAB_PRIV;
+	/* Inform UMA that this allocator uses kernel_map/object. */
+	*flags = UMA_SLAB_KERNEL;
 	return (contigmalloc(bytes, M_JUMBOFRAME, wait, (vm_paddr_t)0,
 	    ~(vm_paddr_t)0, 1, 0));
 }
--- a/sys/vm/uma.h
+++ b/sys/vm/uma.h
@ -488,6 +488,7 @@ void uma_zone_set_freef(uma_zone_t zone, uma_free freef);
 */
 #define UMA_SLAB_BOOT	0x01		/* Slab alloced from boot pages */
 #define UMA_SLAB_KMEM	0x02		/* Slab alloced from kmem_map */
+#define UMA_SLAB_KERNEL	0x04		/* Slab alloced from kernel_map */
 #define UMA_SLAB_PRIV	0x08		/* Slab alloced from priv allocator */
 #define UMA_SLAB_OFFP	0x10		/* Slab is managed separately  */
 #define UMA_SLAB_MALLOC	0x20		/* Slab is a large malloc slab */
--- a/sys/vm/uma_core.c
+++ b/sys/vm/uma_core.c
@ -751,6 +751,8 @@ zone_drain(uma_zone_t zone)

 			if (flags & UMA_SLAB_KMEM)
 				obj = kmem_object;
+			else if (flags & UMA_SLAB_KERNEL)
+				obj = kernel_object;
 			else
 				obj = NULL;
 			for (i = 0; i < keg->uk_ppera; i++)
@ -871,6 +873,8 @@ slab_zalloc(uma_zone_t zone, int wait)

 				if (flags & UMA_SLAB_KMEM)
 					obj = kmem_object;
+				else if (flags & UMA_SLAB_KERNEL)
+					obj = kernel_object;
 				else
 					obj = NULL;
 				for (i = 0; i < keg->uk_ppera; i++)