Subject: kern/29651: divide by zero in kernel if vm.bufmem* variables set wrong
To: None <kern-bug-people@netbsd.org, gnats-admin@netbsd.org,>
From: Simon Burge <simonb@wasabisystems.com>
List: netbsd-bugs
Date: 03/10/2005 14:36:00
>Number: 29651
>Category: kern
>Synopsis: divide by zero in kernel if vm.bufmem* variables set wrong
>Confidential: no
>Severity: serious
>Priority: low
>Responsible: kern-bug-people
>State: open
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Thu Mar 10 14:36:00 +0000 2005
>Originator: Simon Burge <simonb@wasabisystems.com>
>Release: NetBSD 2.99.16, sources from March 7, 2005.
>Organization:
Wasabi Systems
>Environment:
System:
NetBSD pc532 2.99.16 NetBSD 2.99.16 (PC532)
#66: Thu Mar 10 23:53:53 EST 2005
simonb@thoreau:/var/tmp/PC532 pc532
Architecture: i386
Machine: i386
>Description:
If the bufmem_lowater and bufmem_hiwater variables are set
to the same value, we can get a devide-by-zero in the kernel
in buf_lotsfree() at the following lines:
thresh = (bufmem - bufmem_lowater) /
((bufmem_hiwater - bufmem_lowater) / 16);
>How-To-Repeat:
sysctl -w vm.bufmem_lowater=65536
sysctl -w vm.bufmem_hiwater=65536
wait, then see:
fatal divide by zero in supervisor mode
trap type=6, pc=0xe006e0eb, tear=0xf7000, msr=0xaf
panic: trap
>Fix:
None given. Add some sort of checking to sysctl_bufvm_update()?