Update on Re: (2) Hold up a bit updating your source trees...

Matthew Dillon dillon at apollo.backplane.com
Sat May 1 15:11:54 PDT 2004

    I believe I have finally tracked down the crashing problem I had.  It
    has nothing to do with the MMX/XMM copy code :-).

    Instead the problem was related to the PIPE code, but only when the
    sysctl's were set up for legacy algorithms.  By default the PIPE code
    uses SFBUFs which are not effected by the bug.

    The bug was simple.  I was forgetting to pmap_qremove() the pages 
    I had pmap_qenter()'d into the pmap before calling kmem_free().
    This caused the KMEM system to try to treat the PTE's as being accounted
    for by the pmap and totally screwed up all the pmap's reference counts,
    potentially causing page table entries to be freed (and potentially
    later reused) while they were still mapped into a process!

    But it took a long time for me to find it because I thought it was in
    the MMX/XXM subsystem instead of the pipe code.

    In anycase, I will know for sure by tonight.  Nobody needs to do anything,
    other then not modify any of the kern.pipe sysctl's (well, don't modify
    kern.pipe.dwrite_sfbuf from its default value of '1' if you value your
    data!).  When I've verified that I have fixed the problem, hopefully by
    tonight, I will commit the fix.

    I believe it is safe to turn on MMX/XMM optimized copies, which you can do
    in /boot/loader.conf with 'kern.mmxopt=1'.  I will change the default to
    1 next week if I do not encounter any more problems.


More information about the Kernel mailing list