mirror of
https://github.com/opnsense/src.git
synced 2026-04-26 08:37:50 -04:00
ae672aa5e3
After r361988 fixed the reference count leak on booke64, it became possible for an iteration somewhere in the middle of a page to become stale, with the page vanishing (correctly) due to all PTEs on that page going away. pte_find_next() would start at that iterator, and move along 'higher' order directory pages until it finds a valid one, without zeroing out the lower order pages. For instance: /* Find next pte at or above 0x10002000. */ pte = pte_find_next(pmap, &(0x10002000)); pte_remove(pmap, pte); /* This pte was the last reference in the page table page, page is * gone. */ pte = pte_find_next(pmap, 0x10002000); /* pte_find_next will see 0x10002000's page is gone, and jump to the * next one, but starting iteration at the '0x2000' slot, skipping * 0x0000 and 0x1000. */ This caused some processes, like git, to trip the KASSERT() in pmap_release(). Fix this by zeroing all lower order iterators at each level. |
||
|---|---|---|
| .. | ||
| aim | ||
| amigaone | ||
| booke | ||
| conf | ||
| cpufreq | ||
| fpu | ||
| include | ||
| mambo | ||
| mikrotik | ||
| mpc85xx | ||
| ofw | ||
| powermac | ||
| powernv | ||
| powerpc | ||
| ps3 | ||
| pseries | ||
| psim | ||