Author: cem
Date: Sun Dec 6 17:46:12 2015
New Revision: 291907
URL: https://svnweb.freebsd.org/changeset/base/291907
Log:
vm_fault_hold: handle vm_page_rename failure
On vm_page_rename failure, fix a missing object unlock and a double free of
a page.
First remove the old page, then rename into other page into first_object,
then free the old page. This avoids the problem on rename failure. This is
a little ugly but seems to be the most straightforward solution.
Tested with:
$ sysctl debug.fail_point.uma_zalloc_arg="1%return"
$ kyua test -k /usr/tests/sys/Kyuafile
Submitted by: Ryan Libby <[email protected]>
Reviewed by: kib
Seen by: alc
Sponsored by: EMC / Isilon Storage Division
Differential Revision: https://reviews.freebsd.org/D4326
Modified:
head/sys/vm/vm_fault.c
Modified: head/sys/vm/vm_fault.c
==============================================================================
--- head/sys/vm/vm_fault.c Sun Dec 6 17:39:13 2015 (r291906)
+++ head/sys/vm/vm_fault.c Sun Dec 6 17:46:12 2015 (r291907)
@@ -839,7 +839,7 @@ vnode_locked:
* get rid of the unnecessary page
*/
vm_page_lock(fs.first_m);
- vm_page_free(fs.first_m);
+ vm_page_remove(fs.first_m);
vm_page_unlock(fs.first_m);
/*
* grab the page and put it into the
@@ -848,9 +848,13 @@ vnode_locked:
*/
if (vm_page_rename(fs.m, fs.first_object,
fs.first_pindex)) {
+ VM_OBJECT_WUNLOCK(fs.first_object);
unlock_and_deallocate(&fs);
goto RetryFault;
}
+ vm_page_lock(fs.first_m);
+ vm_page_free(fs.first_m);
+ vm_page_unlock(fs.first_m);
#if VM_NRESERVLEVEL > 0
/*
* Rename the reservation.
_______________________________________________
[email protected] mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "[email protected]"
