From owner-svn-src-all@FreeBSD.ORG  Tue Jul 30 12:17:46 2013
Return-Path: <owner-svn-src-all@FreeBSD.ORG>
Delivered-To: svn-src-all@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115])
 (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTP id 0F697E9E;
 Tue, 30 Jul 2013 12:17:46 +0000 (UTC) (envelope-from jlh@FreeBSD.org)
Received: from svn.freebsd.org (svn.freebsd.org
 [IPv6:2001:1900:2254:2068::e6a:0])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (No client certificate requested)
 by mx1.freebsd.org (Postfix) with ESMTPS id F00BD2D2C;
 Tue, 30 Jul 2013 12:17:45 +0000 (UTC)
Received: from svn.freebsd.org ([127.0.1.70])
 by svn.freebsd.org (8.14.7/8.14.7) with ESMTP id r6UCHjhr006512;
 Tue, 30 Jul 2013 12:17:45 GMT (envelope-from jlh@svn.freebsd.org)
Received: (from jlh@localhost)
 by svn.freebsd.org (8.14.7/8.14.5/Submit) id r6UCHj0d006511;
 Tue, 30 Jul 2013 12:17:45 GMT (envelope-from jlh@svn.freebsd.org)
Message-Id: <201307301217.r6UCHj0d006511@svn.freebsd.org>
From: Jeremie Le Hen <jlh@FreeBSD.org>
Date: Tue, 30 Jul 2013 12:17:45 +0000 (UTC)
To: src-committers@freebsd.org, svn-src-all@freebsd.org,
 svn-src-stable@freebsd.org, svn-src-stable-9@freebsd.org
Subject: svn commit: r253801 - stable/9/sys/vm
X-SVN-Group: stable-9
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-BeenThere: svn-src-all@freebsd.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: "SVN commit messages for the entire src tree \(except for &quot;
 user&quot; and &quot; projects&quot; \)" <svn-src-all.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/svn-src-all>,
 <mailto:svn-src-all-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-all>
List-Post: <mailto:svn-src-all@freebsd.org>
List-Help: <mailto:svn-src-all-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/svn-src-all>,
 <mailto:svn-src-all-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 30 Jul 2013 12:17:46 -0000

Author: jlh
Date: Tue Jul 30 12:17:45 2013
New Revision: 253801
URL: http://svnweb.freebsd.org/changeset/base/253801

Log:
  MFC r253554:
    Fix a panic in the racct code when munlock(2) is called with incorrect values.
  
    The racct code in sys_munlock() assumed that the boundaries provided by
    the userland were correct as long as vm_map_unwire() returned
    successfully.  However the latter contains its own logic and sometimes
    manages to do something out of those boundaries, even if they are buggy.
    This change makes the racct code to use the accounting done by the vm
    layer, as it is done in other places such as vm_mlock().
  
    Despite fixing the panic, Alan Cox pointed that this code is still
    race-y though: two simultaneous callers will produce incorrect values.
  
    Reviewed by:  alc
  
  MFC r253556:
    Fix previous commit when option RACCT is not used.
  
  Approved by:	re (kib)

Modified:
  stable/9/sys/vm/vm_mmap.c
Directory Properties:
  stable/9/sys/   (props changed)

Modified: stable/9/sys/vm/vm_mmap.c
==============================================================================
--- stable/9/sys/vm/vm_mmap.c	Tue Jul 30 11:31:18 2013	(r253800)
+++ stable/9/sys/vm/vm_mmap.c	Tue Jul 30 12:17:45 2013	(r253801)
@@ -1221,6 +1221,9 @@ sys_munlock(td, uap)
 {
 	vm_offset_t addr, end, last, start;
 	vm_size_t size;
+#ifdef RACCT
+	vm_map_t map;
+#endif
 	int error;
 
 	error = priv_check(td, PRIV_VM_MUNLOCK);
@@ -1238,7 +1241,9 @@ sys_munlock(td, uap)
 #ifdef RACCT
 	if (error == KERN_SUCCESS) {
 		PROC_LOCK(td->td_proc);
-		racct_sub(td->td_proc, RACCT_MEMLOCK, ptoa(end - start));
+		map = &td->td_proc->p_vmspace->vm_map;
+		racct_set(td->td_proc, RACCT_MEMLOCK,
+		    ptoa(pmap_wired_count(map->pmap)));
 		PROC_UNLOCK(td->td_proc);
 	}
 #endif