Subject: kern/36019: uvm_readahead.c:ra_startio() assumes (MAXPHYS & (MAXPHYS - 1)) == 0
To: None <kern-bug-people@netbsd.org, gnats-admin@netbsd.org,>
From: None <tsutsui@ceres.dti.ne.jp>
List: netbsd-bugs
Date: 03/16/2007 19:45:01
>Number: 36019
>Category: kern
>Synopsis: uvm_readahead.c:ra_startio() assumes (MAXPHYS & (MAXPHYS - 1)) == 0
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: kern-bug-people
>State: open
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Fri Mar 16 19:45:00 +0000 2007
>Originator: Izumi Tsutsui
>Release: NetBSD 4.99.15
>Organization:
>Environment:
System: NetBSD mirage 4.99.15
Architecture: m68000
Machine: sun2
maybe sun3 is also affected and
4.0_BETA2 has the same problem
>Description:
There is the following KASSERT() in sys/uvm/uvm_readahead.c:ra_startoi():
---
#define RA_IOCHUNK MAXPHYS /* read-ahead i/o chunk size */
:
const size_t chunksize = RA_IOCHUNK;
:
KASSERT((chunksize & (chunksize - 1)) == 0);
KASSERT((off & PAGE_MASK) == 0);
bytelen = ((off + chunksize) & -(off_t)chunksize) - off;
KASSERT((bytelen & PAGE_MASK) == 0);
npages = orignpages = bytelen >> PAGE_SHIFT;
---
but (MAXPHYS & (MAXPHYS - 1)) could be != 0 on some ports
so "KASSERT((chunksize & (chunksize - 1)) == 0)" can fail.
On sun2 (and sun3), MAXPHYS is 0xe000.
This will cause a panic "genfs_getpages: too many pages" later
on a kernel without DIAGNOSTIC due to wrong bytelen and npages.
>How-To-Repeat:
Boot sun2 GENERIC kernel (on TME) and copy a file into filesystem.
>Fix:
Choose proper RA_IOCHUNK in any case?