From 9174ca7ba352135f98a6430dc3b09a4740948bce Mon Sep 17 00:00:00 2001 From: Tor Egge Date: Mon, 28 Jun 2004 20:26:35 +0000 Subject: [PATCH] Initialize result->backing_object_offset before linking result onto the list of vm objects shadowing source in vm_object_shadow(). This closes a race where vm_object_collapse() could be called with a partially uninitialized object argument causing symptoms that looked like hardware problems, e.g. signal 6, 10, 11 or a /bin/sh busy-waiting for a nonexistant child process. --- sys/vm/vm_object.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/sys/vm/vm_object.c b/sys/vm/vm_object.c index e7b297b5830..37017377ca1 100644 --- a/sys/vm/vm_object.c +++ b/sys/vm/vm_object.c @@ -1216,6 +1216,11 @@ vm_object_shadow( * shadowed object. */ result->backing_object = source; + /* + * Store the offset into the source object, and fix up the offset into + * the new object. + */ + result->backing_object_offset = *offset; if (source != NULL) { VM_OBJECT_LOCK(source); LIST_INSERT_HEAD(&source->shadow_head, result, shadow_list); @@ -1233,11 +1238,6 @@ vm_object_shadow( PQ_L2_MASK; } - /* - * Store the offset into the source object, and fix up the offset into - * the new object. - */ - result->backing_object_offset = *offset; /* * Return the new things