Module Name: src Committed By: martin Date: Sat Apr 1 16:22:15 UTC 2023
Modified Files: src/sys/uvm [netbsd-9]: uvm_map.c Log Message: Pull up following revision(s) (requested by riastradh in ticket #1625): sys/uvm/uvm_map.c: revision 1.403 mmap(2): Avoid arithmetic overflow in search for free space. PR kern/56900 To generate a diff of this commit: cvs rdiff -u -r1.362.2.4 -r1.362.2.5 src/sys/uvm/uvm_map.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
Modified files: Index: src/sys/uvm/uvm_map.c diff -u src/sys/uvm/uvm_map.c:1.362.2.4 src/sys/uvm/uvm_map.c:1.362.2.5 --- src/sys/uvm/uvm_map.c:1.362.2.4 Sat Apr 1 16:03:48 2023 +++ src/sys/uvm/uvm_map.c Sat Apr 1 16:22:14 2023 @@ -1,4 +1,4 @@ -/* $NetBSD: uvm_map.c,v 1.362.2.4 2023/04/01 16:03:48 martin Exp $ */ +/* $NetBSD: uvm_map.c,v 1.362.2.5 2023/04/01 16:22:14 martin Exp $ */ /* * Copyright (c) 1997 Charles D. Cranor and Washington University. @@ -66,7 +66,7 @@ */ #include <sys/cdefs.h> -__KERNEL_RCSID(0, "$NetBSD: uvm_map.c,v 1.362.2.4 2023/04/01 16:03:48 martin Exp $"); +__KERNEL_RCSID(0, "$NetBSD: uvm_map.c,v 1.362.2.5 2023/04/01 16:22:14 martin Exp $"); #include "opt_ddb.h" #include "opt_pax.h" @@ -2026,7 +2026,21 @@ uvm_map_findspace(struct vm_map *map, va /* Try to find the space in the red-black tree */ /* Check slot before any entry */ - hint = topdown ? entry->next->start - length : entry->end; + if (topdown) { + KASSERTMSG(entry->next->start >= vm_map_min(map), + "map=%p entry=%p entry->next=%p" + " entry->next->start=0x%"PRIxVADDR" min=0x%"PRIxVADDR, + map, entry, entry->next, + entry->next->start, vm_map_min(map)); + if (length > entry->next->start - vm_map_min(map)) + hint = vm_map_min(map); /* XXX goto wraparound? */ + else + hint = entry->next->start - length; + KASSERT(hint >= vm_map_min(map)); + } else { + hint = entry->end; + } + switch (uvm_map_space_avail(&hint, length, uoffset, align, flags, topdown, entry)) { case 1: