On Sat, Dec 31, 2011 at 11:49:13PM -0500, Geoff wrote:
> These patches are submitted for your amusement.
Nice catch below (but why hide a good bugfix in so many lines?) :)
> Index: uvm/uvm_pmemrange.c
> ===================================================================
> RCS file: /cvs/src/sys/uvm/uvm_pmemrange.c,v
> retrieving revision 1.33
> diff -u -r1.33 uvm_pmemrange.c
> --- uvm/uvm_pmemrange.c 3 Dec 2011 20:07:06 -0000 1.33
> +++ uvm/uvm_pmemrange.c 1 Jan 2012 04:18:25 -0000
> @@ -912,6 +912,8 @@
> fend = atop(VM_PAGE_TO_PHYS(found)) + found->fpgsz;
> if (fstart >= fend)
> continue;
> + if (end && fstart >= end)
> + continue;
> if (boundary != 0) {
> fend =
> MIN(fend, PMR_ALIGN(fstart + 1, boundary));
Without this statement, a subtraction could lead to double handout of
memory. And the check I thought was there, is only in DEBUG mode.
Diff below incorporates your fix and also ensures the validation is
there.
--
Ariane
Index: uvm/uvm_pmemrange.c
===================================================================
RCS file: /cvs/src/sys/uvm/uvm_pmemrange.c,v
retrieving revision 1.33
diff -u -d -p -r1.33 uvm_pmemrange.c
--- uvm/uvm_pmemrange.c 3 Dec 2011 20:07:06 -0000 1.33
+++ uvm/uvm_pmemrange.c 3 Jan 2012 22:44:14 -0000
@@ -673,7 +673,7 @@ uvm_pmr_extract_range(struct uvm_pmemran
/* Add selected pages to result. */
for (pg_i = pg + before_sz; pg_i != after; pg_i++) {
- KDASSERT(pg_i->pg_flags & PQ_FREE);
+ KASSERT(pg_i->pg_flags & PQ_FREE);
pg_i->fpgsz = 0;
TAILQ_INSERT_TAIL(result, pg_i, pageq);
}
@@ -910,7 +910,7 @@ drain_found:
fstart = PMR_ALIGN(fstart, align);
fend = atop(VM_PAGE_TO_PHYS(found)) + found->fpgsz;
- if (fstart >= fend)
+ if (fstart >= fend || (end != 0 && fstart >= end))
continue;
if (boundary != 0) {
fend =
