svn commit: r253140 - head/sys/amd64/amd64
Alan Cox
alc at rice.edu
Wed Jul 10 14:49:22 UTC 2013
On Jul 10, 2013, at 2:24 AM, Konstantin Belousov wrote:
> Author: kib
> Date: Wed Jul 10 09:24:03 2013
> New Revision: 253140
> URL: http://svnweb.freebsd.org/changeset/base/253140
>
> Log:
> Clear m->object for the page taken from the delayed free list for
> reuse as the pv chink page in reclaim_pv_chunk(). Having non-NULL
> m->object is wrong for page not owned by an object and confuses both
> vm_page_free_toq() and vm_page_remove() when the page is freed later.
>
> Reported and tested by: pho
> Sponsored by: The FreeBSD Foundation
> MFC after: 3 days
>
This problem only exists in HEAD. Older branches don't abuse the object field for this purpose. They use one of the splay tree pointers that were eliminated from HEAD with the introduction of the radix tree. On the other hand, the same problem must exist in HEAD's i386 pmap. As an aside, I think it's better to abuse the page's pageq field rather its object field.
> Modified:
> head/sys/amd64/amd64/pmap.c
>
> Modified: head/sys/amd64/amd64/pmap.c
> ==============================================================================
> --- head/sys/amd64/amd64/pmap.c Wed Jul 10 08:21:09 2013 (r253139)
> +++ head/sys/amd64/amd64/pmap.c Wed Jul 10 09:24:03 2013 (r253140)
> @@ -2234,6 +2234,7 @@ reclaim_pv_chunk(pmap_t locked_pmap, str
> if (m_pc == NULL && free != NULL) {
> m_pc = free;
> free = (void *)m_pc->object;
> + m_pc->object = NULL;
> /* Recycle a freed page table page. */
> m_pc->wire_count = 1;
> atomic_add_int(&cnt.v_wire_count, 1);
>
More information about the svn-src-head
mailing list