From owner-freebsd-current Tue Jan 21 02:07:22 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.4/8.8.4) id CAA11783 for current-outgoing; Tue, 21 Jan 1997 02:07:22 -0800 (PST) Received: from bunyip.cc.uq.oz.au (daemon@bunyip.cc.uq.oz.au [130.102.2.1]) by freefall.freebsd.org (8.8.4/8.8.4) with ESMTP id CAA11778 for ; Tue, 21 Jan 1997 02:07:15 -0800 (PST) Received: (from daemon@localhost) by bunyip.cc.uq.oz.au (8.8.4/8.8.4) id UAA18147; Tue, 21 Jan 1997 20:06:58 +1000 Received: by ogre.devetir.qld.gov.au (8.7.5/DEVETIR-E0.3a) id UAA13869; Tue, 21 Jan 1997 20:13:45 +1000 (EST) Date: Tue, 21 Jan 1997 20:13:45 +1000 (EST) From: Stephen McKay Message-Id: <199701211013.UAA13869@ogre.devetir.qld.gov.au> To: Mark Murray cc: freebsd-current@freebsd.org, syssgm@devetir.qld.gov.au Subject: Re: VM bogon? Was: Re: NIS breakage X-Newsreader: NN version 6.5.0 #1 (NOV) Sender: owner-current@freebsd.org X-Loop: FreeBSD.org Precedence: bulk Stephen McKay wrote: >Hmm. I've just been looking at copyout(). If the target pages are not >present, then their page table page might not be present either. In this >case, won't the attempt to check the target pages' writability cause a >fault? This fault would then be translated to EFAULT (Bad address) by >copyout_fault. In fact, I'm now so keen on my hypothesis that I've written some code. Unfortunately, I have no -current box to test it on. Thus, if Mr Murry wishes to risk all, the following patch may help. ** WARNING ** I have done no testing at all on this patch. ** WARNING ** --- support.s Tue Jan 21 11:48:00 1997 +++ support.s.new Tue Jan 21 19:43:35 1997 @@ -675,12 +675,17 @@ andb $0xfc,%dl 1: /* check PTE for each page */ + leal _PTmap(%edx),%eax + shrl $IDXSHIFT,%eax + andb $0xfc,%al + testb $0x01,_PTmap(%eax) /* PTE Page must be VALID */ + je 4f movb _PTmap(%edx),%al andb $0x07,%al /* Pages must be VALID + USERACC + WRITABLE */ cmpb $0x07,%al je 2f - /* simulate a trap */ +4: /* simulate a trap */ pushl %edx pushl %ecx shll $IDXSHIFT,%edx There is also some harmless cruft in trap.c left over from the days before page tables were automatically handled by the pmap routines: --- trap.c Tue Jan 21 11:48:03 1997 +++ trap.c.new Tue Jan 21 19:50:40 1997 @@ -781,7 +781,7 @@ unsigned addr; { struct proc *p; - vm_offset_t va, v; + vm_offset_t va; struct vmspace *vm; int rv; @@ -804,8 +804,6 @@ return (1); } } - - v = trunc_page(vtopte(va)); /* * fault the data page Good luck! Stephen.