Module Name: src
Committed By: martin
Date: Fri Aug 4 13:15:25 UTC 2023
Modified Files:
src/sys/uvm [netbsd-8]: uvm_map.c
Log Message:
Pull up following revision(s) (requested by riastradh in ticket #1880):
sys/uvm/uvm_map.c: revision 1.403 (patch)
mmap(2): Avoid arithmetic overflow in search for free space.
PR kern/56900
To generate a diff of this commit:
cvs rdiff -u -r1.351.2.5 -r1.351.2.6 src/sys/uvm/uvm_map.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/uvm/uvm_map.c
diff -u src/sys/uvm/uvm_map.c:1.351.2.5 src/sys/uvm/uvm_map.c:1.351.2.6
--- src/sys/uvm/uvm_map.c:1.351.2.5 Sat Apr 1 16:05:00 2023
+++ src/sys/uvm/uvm_map.c Fri Aug 4 13:15:25 2023
@@ -1,4 +1,4 @@
-/* $NetBSD: uvm_map.c,v 1.351.2.5 2023/04/01 16:05:00 martin Exp $ */
+/* $NetBSD: uvm_map.c,v 1.351.2.6 2023/08/04 13:15:25 martin Exp $ */
/*
* Copyright (c) 1997 Charles D. Cranor and Washington University.
@@ -66,7 +66,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: uvm_map.c,v 1.351.2.5 2023/04/01 16:05:00 martin Exp $");
+__KERNEL_RCSID(0, "$NetBSD: uvm_map.c,v 1.351.2.6 2023/08/04 13:15:25 martin Exp $");
#include "opt_ddb.h"
#include "opt_pax.h"
@@ -2014,7 +2014,21 @@ uvm_map_findspace(struct vm_map *map, va
/* Try to find the space in the red-black tree */
/* Check slot before any entry */
- hint = topdown ? entry->next->start - length : entry->end;
+ if (topdown) {
+ KASSERTMSG(entry->next->start >= vm_map_min(map),
+ "map=%p entry=%p entry->next=%p"
+ " entry->next->start=0x%"PRIxVADDR" min=0x%"PRIxVADDR,
+ map, entry, entry->next,
+ entry->next->start, vm_map_min(map));
+ if (length > entry->next->start - vm_map_min(map))
+ hint = vm_map_min(map); /* XXX goto wraparound? */
+ else
+ hint = entry->next->start - length;
+ KASSERT(hint >= vm_map_min(map));
+ } else {
+ hint = entry->end;
+ }
+
switch (uvm_map_space_avail(&hint, length, uoffset, align, flags,
topdown, entry)) {
case 1:
