Module Name: src Committed By: rin Date: Thu Sep 2 07:55:56 UTC 2021
Modified Files: src/sys/arch/sh3/sh3: pmap.c Log Message: PR port-sh3/56381 pmap_enter() returns ENOMEM if __pmap_pte_alloc() fails and PMAP_CANFAIL flag is specified. In this case, remove pv via __pmap_pv_remove() if it is added to p-v map list via __pmap_pv_enter(). Otherwise, pmap becomes an inconsistent state, which results in an infinite loop in pmap_page_protect(), as reported in the PR. Also, KASSERT's are added for sure, in order to detect the infinite loops. Great thanks to chs@ for finding out this bug!! To generate a diff of this commit: cvs rdiff -u -r1.85 -r1.86 src/sys/arch/sh3/sh3/pmap.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
Modified files: Index: src/sys/arch/sh3/sh3/pmap.c diff -u src/sys/arch/sh3/sh3/pmap.c:1.85 src/sys/arch/sh3/sh3/pmap.c:1.86 --- src/sys/arch/sh3/sh3/pmap.c:1.85 Mon Jul 26 21:43:11 2021 +++ src/sys/arch/sh3/sh3/pmap.c Thu Sep 2 07:55:56 2021 @@ -1,4 +1,4 @@ -/* $NetBSD: pmap.c,v 1.85 2021/07/26 21:43:11 andvar Exp $ */ +/* $NetBSD: pmap.c,v 1.86 2021/09/02 07:55:56 rin Exp $ */ /*- * Copyright (c) 2002 The NetBSD Foundation, Inc. @@ -30,7 +30,7 @@ */ #include <sys/cdefs.h> -__KERNEL_RCSID(0, "$NetBSD: pmap.c,v 1.85 2021/07/26 21:43:11 andvar Exp $"); +__KERNEL_RCSID(0, "$NetBSD: pmap.c,v 1.86 2021/09/02 07:55:56 rin Exp $"); #include <sys/param.h> #include <sys/systm.h> @@ -385,9 +385,12 @@ pmap_enter(pmap_t pmap, vaddr_t va, padd else { pte = __pmap_pte_alloc(pmap, va); if (pte == NULL) { - if (flags & PMAP_CANFAIL) + if (flags & PMAP_CANFAIL) { + if (pg != NULL) + __pmap_pv_remove(pmap, pg, va); return ENOMEM; - panic("pmap_enter: cannot allocate pte"); + } + panic("%s: __pmap_pte_alloc failed", __func__); } } @@ -724,8 +727,14 @@ pmap_page_protect(struct vm_page *pg, vm /* Remove all */ s = splvm(); while ((pv = SLIST_FIRST(&pvh->pvh_head)) != NULL) { + pmap = pv->pv_pmap; va = pv->pv_va; - pmap_remove(pv->pv_pmap, va, va + PAGE_SIZE); +#ifdef DIAGNOSTIC + pt_entry_t *pte = __pmap_pte_lookup(pmap, va); + KASSERT(pte != NULL); + KASSERT(*pte != 0); +#endif + pmap_remove(pmap, va, va + PAGE_SIZE); } splx(s); }