Date: Tue, 20 Jan 2004 01:35:40 -0800 (PST) From: Matthew Dillon <dillon@apollo.backplane.com> To: freebsd-hackers@freebsd.org Subject: Possible sequencing bug in vmspace_exec() and vmspace_unshare(). Message-ID: <200401200935.i0K9Zedb007090@apollo.backplane.com>
next in thread | raw e-mail | index | archive | help
This is the code:
p->p_vmspace = newvmspace;
pmap_pinit2(vmspace_pmap(newvmspace));
vmspace_free(oldvmspace);
if (p == curthread->td_proc) /* XXXKSE ? */
pmap_activate(curthread);
What I don't understand is how the old vmspace can possibly be freed
before the new map is activated. Wouldn't that clear out the pte's in
the active MMU mapping? There seems to be a small window of opportunity
where a TLB load could blow the kernel up.
Shouldn't the vmspace_free() call occur after the pmap_activate()?
-Matt
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200401200935.i0K9Zedb007090>