https://git.reactos.org/?p=reactos.git;a=commitdiff;h=f606b36cffeaa3ab78bb730db2fcee80ba61d2f6
commit f606b36cffeaa3ab78bb730db2fcee80ba61d2f6 Author: Timo Kreuzer <[email protected]> AuthorDate: Sat Jul 2 17:46:41 2022 +0200 Commit: Timo Kreuzer <[email protected]> CommitDate: Tue Jul 5 19:29:05 2022 +0200 [NTOSKRNL] Fix a bug in MiDeleteVirtualAddresses When a PDE gets empty, we skip the address to the next PDE boundary, which might introduce an AddressGap, which wasn't handled before. --- ntoskrnl/mm/ARM3/virtual.c | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/ntoskrnl/mm/ARM3/virtual.c b/ntoskrnl/mm/ARM3/virtual.c index 4f5cd1b016b..5b54d8b4a28 100644 --- a/ntoskrnl/mm/ARM3/virtual.c +++ b/ntoskrnl/mm/ARM3/virtual.c @@ -714,10 +714,15 @@ MiDeleteVirtualAddresses(IN ULONG_PTR Va, if (MiDecrementPageTableReferences((PVOID)Va) == 0) { ASSERT(PointerPde->u.Long != 0); + /* Delete the PDE proper */ MiDeletePde(PointerPde, CurrentProcess); - /* Jump */ + + /* Continue with the next PDE */ Va = (ULONG_PTR)MiPdeToAddress(PointerPde + 1); + + /* Use this to detect address gaps */ + PointerPte++; break; } } @@ -733,8 +738,8 @@ MiDeleteVirtualAddresses(IN ULONG_PTR Va, if (Va > EndingAddress) return; - /* Otherwise, we exited because we hit a new PDE boundary, so start over */ - AddressGap = FALSE; + /* Check if we exited the loop regularly */ + AddressGap = (PointerPte != MiAddressToPte(Va)); } }
