From owner-svn-src-all@FreeBSD.ORG  Wed Aug 13 05:44:09 2014
Return-Path: <owner-svn-src-all@FreeBSD.ORG>
Delivered-To: svn-src-all@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115])
 (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id 5B63BF72;
 Wed, 13 Aug 2014 05:44:09 +0000 (UTC)
Received: from svn.freebsd.org (svn.freebsd.org
 [IPv6:2001:1900:2254:2068::e6a:0])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 2E5012FE3;
 Wed, 13 Aug 2014 05:44:09 +0000 (UTC)
Received: from svn.freebsd.org ([127.0.1.70])
 by svn.freebsd.org (8.14.9/8.14.9) with ESMTP id s7D5i9EG009665;
 Wed, 13 Aug 2014 05:44:09 GMT (envelope-from kib@FreeBSD.org)
Received: (from kib@localhost)
 by svn.freebsd.org (8.14.9/8.14.9/Submit) id s7D5i8TA009662;
 Wed, 13 Aug 2014 05:44:08 GMT (envelope-from kib@FreeBSD.org)
Message-Id: <201408130544.s7D5i8TA009662@svn.freebsd.org>
X-Authentication-Warning: svn.freebsd.org: kib set sender to kib@FreeBSD.org
 using -f
From: Konstantin Belousov <kib@FreeBSD.org>
Date: Wed, 13 Aug 2014 05:44:08 +0000 (UTC)
To: src-committers@freebsd.org, svn-src-all@freebsd.org,
 svn-src-head@freebsd.org
Subject: svn commit: r269907 - in head/sys: kern vm
X-SVN-Group: head
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-BeenThere: svn-src-all@freebsd.org
X-Mailman-Version: 2.1.18-1
Precedence: list
List-Id: "SVN commit messages for the entire src tree \(except for &quot;
 user&quot; and &quot; projects&quot; \)" <svn-src-all.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/svn-src-all>,
 <mailto:svn-src-all-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-all/>
List-Post: <mailto:svn-src-all@freebsd.org>
List-Help: <mailto:svn-src-all-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/svn-src-all>,
 <mailto:svn-src-all-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 13 Aug 2014 05:44:09 -0000

Author: kib
Date: Wed Aug 13 05:44:08 2014
New Revision: 269907
URL: http://svnweb.freebsd.org/changeset/base/269907

Log:
  If vm_page_grab() allocates a new page, the page is not inserted into
  page queue even when the allocation is not wired.  It is
  responsibility of the vm_page_grab() caller to ensure that the page
  does not end on the vm_object queue but not on the pagedaemon queue,
  which would effectively create unpageable unwired page.
  
  In exec_map_first_page() and vm_imgact_hold_page(), activate the page
  immediately after unbusying it, to avoid leak.
  
  In the uiomove_object_page(), deactivate page before the object is
  unlocked.  There is no leak, since the page is deactivated after
  uiomove_fromphys() finished.  But allowing non-queued non-wired page
  in the unlocked object queue makes it impossible to assert that leak
  does not happen in other places.
  
  Reviewed by:	alc
  Sponsored by:	The FreeBSD Foundation
  MFC after:	1 week

Modified:
  head/sys/kern/kern_exec.c
  head/sys/kern/uipc_shm.c
  head/sys/vm/vm_glue.c

Modified: head/sys/kern/kern_exec.c
==============================================================================
--- head/sys/kern/kern_exec.c	Wed Aug 13 05:15:28 2014	(r269906)
+++ head/sys/kern/kern_exec.c	Wed Aug 13 05:44:08 2014	(r269907)
@@ -993,6 +993,7 @@ exec_map_first_page(imgp)
 	vm_page_xunbusy(ma[0]);
 	vm_page_lock(ma[0]);
 	vm_page_hold(ma[0]);
+	vm_page_activate(ma[0]);
 	vm_page_unlock(ma[0]);
 	VM_OBJECT_WUNLOCK(object);
 

Modified: head/sys/kern/uipc_shm.c
==============================================================================
--- head/sys/kern/uipc_shm.c	Wed Aug 13 05:15:28 2014	(r269906)
+++ head/sys/kern/uipc_shm.c	Wed Aug 13 05:44:08 2014	(r269907)
@@ -197,6 +197,12 @@ uiomove_object_page(vm_object_t obj, siz
 	vm_page_xunbusy(m);
 	vm_page_lock(m);
 	vm_page_hold(m);
+	if (m->queue == PQ_NONE) {
+		vm_page_deactivate(m);
+	} else {
+		/* Requeue to maintain LRU ordering. */
+		vm_page_requeue(m);
+	}
 	vm_page_unlock(m);
 	VM_OBJECT_WUNLOCK(obj);
 	error = uiomove_fromphys(&m, offset, tlen, uio);
@@ -208,12 +214,6 @@ uiomove_object_page(vm_object_t obj, siz
 	}
 	vm_page_lock(m);
 	vm_page_unhold(m);
-	if (m->queue == PQ_NONE) {
-		vm_page_deactivate(m);
-	} else {
-		/* Requeue to maintain LRU ordering. */
-		vm_page_requeue(m);
-	}
 	vm_page_unlock(m);
 
 	return (error);

Modified: head/sys/vm/vm_glue.c
==============================================================================
--- head/sys/vm/vm_glue.c	Wed Aug 13 05:15:28 2014	(r269906)
+++ head/sys/vm/vm_glue.c	Wed Aug 13 05:44:08 2014	(r269907)
@@ -251,6 +251,7 @@ vm_imgact_hold_page(vm_object_t object, 
 	vm_page_xunbusy(m);
 	vm_page_lock(m);
 	vm_page_hold(m);
+	vm_page_activate(m);
 	vm_page_unlock(m);
 out:
 	VM_OBJECT_WUNLOCK(object);