Author: kib
Date: Fri Feb 24 08:09:16 2017
New Revision: 314195
URL: https://svnweb.freebsd.org/changeset/base/314195
Log:
Properly handle possible underflow in vm_fault_prefault().
In vm_fault_prefault(), if backward count causes underflow in
calculation of
starta = addra - backward * PAGE_SIZE;
then starta must be clipped to entry->start, instead of zero.
Clipping to zero allowed mapping outside of the map entries address
ranges, in particular, map at zero.
Submitted by: Yanko Yankulov <yanko.yanku...@gmail.com>
Reviewed by: alc
MFC after: 1 week
Modified:
head/sys/vm/vm_fault.c
Modified: head/sys/vm/vm_fault.c
==============================================================================
--- head/sys/vm/vm_fault.c Fri Feb 24 07:53:56 2017 (r314194)
+++ head/sys/vm/vm_fault.c Fri Feb 24 08:09:16 2017 (r314195)
@@ -1368,11 +1368,12 @@ vm_fault_prefault(const struct faultstat
entry = fs->entry;
- starta = addra - backward * PAGE_SIZE;
- if (starta < entry->start) {
+ if (addra < backward * PAGE_SIZE) {
starta = entry->start;
- } else if (starta > addra) {
- starta = 0;
+ } else {
+ starta = addra - backward * PAGE_SIZE;
+ if (starta < entry->start)
+ starta = entry->start;
}
/*
_______________________________________________
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
