Re: svn commit: r328996 - head/sys/kern
On 08/02/2018 00:41, Steven Hartland wrote:
> What would be the expected behavior if this was triggered, app crash or kernel
> panic...?
To be honest, I haven't analyzed it much.
I would expect either a crash when trying to unbusy a page that is not busy
or hanging while forever waiting for a leaked page to get unbusied or hitting
some KASSERT.
> On 07/02/2018 21:52, Andriy Gapon wrote:
>> Author: avg
>> Date: Wed Feb 7 21:51:59 2018
>> New Revision: 328996
>> URL: https://svnweb.freebsd.org/changeset/base/328996
>>
>> Log:
>> exec_map_first_page: fix an inverse condition introduced in r254138
>>
>> While the bug itself was serious, as we could either pass a non-busied
>> page to vm_pager_get_pages() or leak a busy page, it could only be
>> triggered under a very rare condition where the page is already inserted
>> into the object, but it is not valid yet.
>>
>> Reviewed by: kib
>> MFC after: 2 weeks
>>
>> Modified:
>> head/sys/kern/kern_exec.c
>>
>> Modified: head/sys/kern/kern_exec.c
>> ==
>> --- head/sys/kern/kern_exec.cWed Feb 7 20:36:37 2018
>> (r328995)
>> +++ head/sys/kern/kern_exec.cWed Feb 7 21:51:59 2018
>> (r328996)
>> @@ -1009,7 +1009,7 @@ exec_map_first_page(imgp)
>> if ((ma[i] = vm_page_next(ma[i - 1])) != NULL) {
>> if (ma[i]->valid)
>> break;
>> -if (vm_page_tryxbusy(ma[i]))
>> +if (!vm_page_tryxbusy(ma[i]))
>> break;
>> } else {
>> ma[i] = vm_page_alloc(object, i,
>>
>
--
Andriy Gapon
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
Re: svn commit: r328996 - head/sys/kern
What would be the expected behavior if this was triggered, app crash or
kernel panic...?
On 07/02/2018 21:52, Andriy Gapon wrote:
Author: avg
Date: Wed Feb 7 21:51:59 2018
New Revision: 328996
URL: https://svnweb.freebsd.org/changeset/base/328996
Log:
exec_map_first_page: fix an inverse condition introduced in r254138
While the bug itself was serious, as we could either pass a non-busied
page to vm_pager_get_pages() or leak a busy page, it could only be
triggered under a very rare condition where the page is already inserted
into the object, but it is not valid yet.
Reviewed by: kib
MFC after: 2 weeks
Modified:
head/sys/kern/kern_exec.c
Modified: head/sys/kern/kern_exec.c
==
--- head/sys/kern/kern_exec.c Wed Feb 7 20:36:37 2018(r328995)
+++ head/sys/kern/kern_exec.c Wed Feb 7 21:51:59 2018(r328996)
@@ -1009,7 +1009,7 @@ exec_map_first_page(imgp)
if ((ma[i] = vm_page_next(ma[i - 1])) != NULL) {
if (ma[i]->valid)
break;
- if (vm_page_tryxbusy(ma[i]))
+ if (!vm_page_tryxbusy(ma[i]))
break;
} else {
ma[i] = vm_page_alloc(object, i,
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r328996 - head/sys/kern
Author: avg
Date: Wed Feb 7 21:51:59 2018
New Revision: 328996
URL: https://svnweb.freebsd.org/changeset/base/328996
Log:
exec_map_first_page: fix an inverse condition introduced in r254138
While the bug itself was serious, as we could either pass a non-busied
page to vm_pager_get_pages() or leak a busy page, it could only be
triggered under a very rare condition where the page is already inserted
into the object, but it is not valid yet.
Reviewed by: kib
MFC after:2 weeks
Modified:
head/sys/kern/kern_exec.c
Modified: head/sys/kern/kern_exec.c
==
--- head/sys/kern/kern_exec.c Wed Feb 7 20:36:37 2018(r328995)
+++ head/sys/kern/kern_exec.c Wed Feb 7 21:51:59 2018(r328996)
@@ -1009,7 +1009,7 @@ exec_map_first_page(imgp)
if ((ma[i] = vm_page_next(ma[i - 1])) != NULL) {
if (ma[i]->valid)
break;
- if (vm_page_tryxbusy(ma[i]))
+ if (!vm_page_tryxbusy(ma[i]))
break;
} else {
ma[i] = vm_page_alloc(object, i,
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
