tnozaki / NetBSD / issues / #1 - vmx(4) driver causes kernel panic — Bitbucket

Issue #1 closed

Takehiko NOZAKI repo owner created an issue 2014-07-14

vmx(4) driver w/i386 kernel causes kernel panic on cvs update(maybe double m_freem() bug).

NetBSD-current has same problem.

Comments (5)

Takehiko NOZAKI reporter
the bug was introduced due to careless about m_defrag's prototype difference between OpenBSD and NetBSD.
- OpenBSD -- int m_defrag(struct mbuf *, int)
- NetBSD -- struct mbuf m_defrag(struct mbuf , int)
so, following code doesn't work as the author expected, and causes double free mbuf bug.
```
    case EFBIG:
        if (m_defrag(m, M_DONTWAIT) == 0 &&
            bus_dmamap_load_mbuf(sc->sc_dmat, map, m,
             BUS_DMA_NOWAIT) == 0)
            break;

        /* FALLTHROUGH */
    default:
        m_freem(m);
        return -1;
    }
```
analyzed by me and tsutsui@, thanks.
- 2014-07-14T18:02:24+00:00
Takehiko NOZAKI reporter
- changed status to resolved
BUGFIX: Issue #1 -- vmx(4) driver causes kernel panic.

→ <<cset b30f6b027612>>
- 2014-07-14T18:07:09+00:00
Takehiko NOZAKI reporter
- assigned issue to
  
  Takehiko NOZAKI
- 2014-07-14T18:51:32+00:00
Takehiko NOZAKI reporter
- edited description
- 2014-08-16T20:47:17+00:00
Takehiko NOZAKI reporter
- changed status to closed
- 2021-10-17T09:36:53+00:00
Log in to comment

Assignee: Takehiko NOZAKI

Type: bug

Priority: major

Status: closed

Votes: 0

Watchers: 1