kernel - Fix x86-64 pmap race
authorMatthew Dillon <dillon@apollo.backplane.com>
Wed, 2 Nov 2011 06:42:06 +0000 (23:42 -0700)
committerMatthew Dillon <dillon@apollo.backplane.com>
Wed, 2 Nov 2011 06:42:06 +0000 (23:42 -0700)
* Fix a x86-64 pmap race where a pte can get ripped out from under
  the pmap_remove*() code.  Recheck the pte after locking pt_pv.

sys/platform/pc64/x86_64/pmap.c

index ce6e44e..2ef1346 100644 (file)
@@ -2801,6 +2801,17 @@ kernel_skip:
                                pte_pv = pv_get(pmap, pmap_pte_pindex(sva));
                        }
 
+                       /*
+                        * *ptep can get ripped out while we were blocked.
+                        */
+                       if (*ptep == 0) {
+                               if (pte_pv) {
+                                       pv_put(pte_pv);
+                                       pte_pv = NULL;
+                               }
+                               continue;
+                       }
+
                        /*
                         * Ready for the callback.  The locked pte_pv (if
                         * not NULL) is consumed by the callback.