Folks,

With the new sysctl()s I added a week ago for support for a
non-setgid kmem ps(1), I introduced a slow kernel memory leak
that is triggered by requesting the command line of a system
or zombie process.  There is also a vaguely similar but much
harder to trigger memory leak in the procfs cmdline handler
that has been present for quite some time.

For -current users, make sure you have at least revision
1.67 of sys/kern/kern_sysctl.c if you currently have rev
1.62 or later to fix the sysctl problem and revision 1.8 of
sys/miscfs/procfs/procfs_cmdline.c if you currently have rev
1.2 or later to fix the procfs problem.  Note that there have
been some relative major changes to kern_sysctl.c in the last
week and you may need to upgrade your entire kernel source
tree and not just that one file.  If this is not possbile,
you can use anoncvs to get just the diffs between rev 1.66 and
1.67.

The 1.4 release branch also contains the procfs problem - there
should be a fix available on the 1.4 branch shortly.  A copy
of the procfs fix is included below and should apply cleanly
to the 1.4 branch for those who do not want to wait until the
1.4 branch is updated.

Simon.
--
Index: procfs_cmdline.c
===================================================================
RCS file: /cvsroot/syssrc/sys/miscfs/procfs/procfs_cmdline.c,v
retrieving revision 1.7
retrieving revision 1.8
diff -p -u -r1.7 -r1.8
--- procfs_cmdline.c	2000/05/16 13:45:25	1.7
+++ procfs_cmdline.c	2000/06/01 13:43:08	1.8
@@ -105,8 +105,10 @@ procfs_docmdline(curp, p, pfs, uio)
 	 * Lock the process down in memory.
 	 */
 	/* XXXCDC: how should locking work here? */
-	if ((p->p_flag & P_WEXIT) || (p->p_vmspace->vm_refcnt < 1))
+	if ((p->p_flag & P_WEXIT) || (p->p_vmspace->vm_refcnt < 1)) {
+		free(arg, M_TEMP);
 		return (EFAULT);
+	}
 	PHOLD(p);
 	p->p_vmspace->vm_refcnt++;	/* XXX */