Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 25 May 2012 05:28:14 +0000 (UTC)
From:      Alan Cox <alc@FreeBSD.org>
To:        src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org
Subject:   svn commit: r235973 - head/sys/amd64/amd64
Message-ID:  <201205250528.q4P5SEGl082737@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help 
Author: alc
Date: Fri May 25 05:28:14 2012
New Revision: 235973
URL: http://svn.freebsd.org/changeset/base/235973

Log:
  Correct an error in pmap_pv_reclaim().  In a rare case, when it should have
  returned NULL, it might instead return a pointer to a page that it had just
  unmapped.

Modified:
  head/sys/amd64/amd64/pmap.c

Modified: head/sys/amd64/amd64/pmap.c
==============================================================================
--- head/sys/amd64/amd64/pmap.c	Fri May 25 05:01:27 2012	(r235972)
+++ head/sys/amd64/amd64/pmap.c	Fri May 25 05:28:14 2012	(r235973)
@@ -2058,14 +2058,14 @@ pmap_pv_reclaim(pmap_t locked_pmap)
 	pt_entry_t *pte, tpte;
 	pv_entry_t pv;
 	vm_offset_t va;
-	vm_page_t free, m;
+	vm_page_t free, m, m_pc;
 	uint64_t inuse, freemask;
 	int bit, field, freed;
 	
 	rw_assert(&pvh_global_lock, RA_WLOCKED);
 	PMAP_LOCK_ASSERT(locked_pmap, MA_OWNED);
 	pmap = NULL;
-	free = m = NULL;
+	free = m_pc = NULL;
 	TAILQ_INIT(&newtail);
 	while ((pc = TAILQ_FIRST(&pv_chunks)) != NULL && free == NULL) {
 		TAILQ_REMOVE(&pv_chunks, pc, pc_lru);
@@ -2141,8 +2141,8 @@ pmap_pv_reclaim(pmap_t locked_pmap)
 			PV_STAT(pc_chunk_count--);
 			PV_STAT(pc_chunk_frees++);
 			/* Entire chunk is free; return it. */
-			m = PHYS_TO_VM_PAGE(DMAP_TO_PHYS((vm_offset_t)pc));
-			dump_drop_page(m->phys_addr);
+			m_pc = PHYS_TO_VM_PAGE(DMAP_TO_PHYS((vm_offset_t)pc));
+			dump_drop_page(m_pc->phys_addr);
 			break;
 		}
 		TAILQ_INSERT_HEAD(&pmap->pm_pvchunk, pc, pc_list);
@@ -2157,15 +2157,15 @@ pmap_pv_reclaim(pmap_t locked_pmap)
 		if (pmap != locked_pmap)
 			PMAP_UNLOCK(pmap);
 	}
-	if (m == NULL && free != NULL) {
-		m = free;
-		free = m->right;
+	if (m_pc == NULL && free != NULL) {
+		m_pc = free;
+		free = m_pc->right;
 		/* Recycle a freed page table page. */
-		m->wire_count = 1;
+		m_pc->wire_count = 1;
 		atomic_add_int(&cnt.v_wire_count, 1);
 	}
 	pmap_free_zero_pages(free);
-	return (m);
+	return (m_pc);
 }
 
 /*

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201205250528.q4P5SEGl082737>