On Wed, May 30, 2012 at 09:33:38PM -0700, Philip Guenther wrote: > The problem was in the handling of munlock(addr, 0). The zero length case > wasn't detected, resulting in an iterator being started after its end > point. :-/ > > The diff below fixes the code to have munlock() return success when len==0 > and adds an assertion to catch the iterators getting screwed up by other > means. With this, I was unable to get bitcoind to crash my system.
Weird case... okay by me. > > > Philip > > Index: uvm/uvm_map.c > =================================================================== > RCS file: /cvs/src/sys/uvm/uvm_map.c,v > retrieving revision 1.153 > diff -u -p -r1.153 uvm_map.c > --- uvm/uvm_map.c 19 Apr 2012 12:42:03 -0000 1.153 > +++ uvm/uvm_map.c 31 May 2012 04:30:19 -0000 > @@ -2054,6 +2054,8 @@ uvm_map_pageable(struct vm_map *map, vad > > if (start > end) > return EINVAL; > + if (start == end) > + return 0; /* nothing to do */ > if (start < map->min_offset) > return EFAULT; /* why? see first XXX below */ > if (end > map->max_offset) > @@ -2106,8 +2108,10 @@ uvm_map_pageable(struct vm_map *map, vad > error = EINVAL; > goto out; > } > - } else > + } else { > + KASSERT(last != first); > last = RB_PREV(uvm_map_addr, &map->addr, last); > + } > > /* > * Wire/unwire pages here.