From bdb90e761302d44dcbb83f9d111da944e50a61b2 Mon Sep 17 00:00:00 2001 From: Doug Moore Date: Sun, 17 Nov 2019 06:50:36 +0000 Subject: [PATCH] The loop in vm_map_protect that verifies that all transition map entries are stabilized, repeatedly verifies the same entry. Check each entry in turn. Reviewed by: kib (code only), alc Tested by: pho MFC after: 7 days Differential Revision: https://reviews.freebsd.org/D22405 --- sys/vm/vm_map.c | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) diff --git a/sys/vm/vm_map.c b/sys/vm/vm_map.c index 682b0d8ac57..de8d0769674 100644 --- a/sys/vm/vm_map.c +++ b/sys/vm/vm_map.c @@ -2469,17 +2469,16 @@ again: vm_map_unlock(map); return (KERN_PROTECTION_FAILURE); } - if ((entry->eflags & MAP_ENTRY_IN_TRANSITION) != 0) - in_tran = entry; + if ((current->eflags & MAP_ENTRY_IN_TRANSITION) != 0) + in_tran = current; } /* - * Postpone the operation until all in transition map entries - * are stabilized. In-transition entry might already have its - * pages wired and wired_count incremented, but - * MAP_ENTRY_USER_WIRED flag not yet set, and visible to other - * threads because the map lock is dropped. In this case we - * would miss our call to vm_fault_copy_entry(). + * Postpone the operation until all in-transition map entries have + * stabilized. An in-transition entry might already have its pages + * wired and wired_count incremented, but not yet have its + * MAP_ENTRY_USER_WIRED flag set. In which case, we would fail to call + * vm_fault_copy_entry() in the final loop below. */ if (in_tran != NULL) { in_tran->eflags |= MAP_ENTRY_NEEDS_WAKEUP;