OK, this is another fix for the infamous i386 "PTDI panic". This fix is the

same as is used in 'vslock()'. The situation when this occurs is when a
process tries to read or write to another process vm space and the _segment_
referenced have not yet been mapped. A certain way of crashing a system is
to debug a program larger than 4 Mb (yes, those critters exist!). Set a break
in an address above 4 Mb and pmap_enter panics because it can't fault in a
new ptd page since it is not the process itself that calls pmap_enter.
This is a fix, not a solution, but at least a user can't crash the kernel.

1 files changed, 6 insertions, 2 deletions

diff --git a/sys/miscfs/procfs/procfs_mem.c b/sys/miscfs/procfs/procfs_mem.c
index 733c8e02753..8953fe1b665 100644
--- a/sys/miscfs/procfs/procfs_mem.c
+++ b/sys/miscfs/procfs/procfs_mem.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: procfs_mem.c,v 1.7 1997/09/11 05:26:14 millert Exp $	*/
+/*	$OpenBSD: procfs_mem.c,v 1.8 1998/08/30 13:42:14 pefo Exp $	*/
 /*	$NetBSD: procfs_mem.c,v 1.8 1996/02/09 22:40:50 christos Exp $	*/
 
 /*
@@ -157,9 +157,13 @@ procfs_rwmem(p, uio)
 		 */
 		if (!error && writing && object->shadow) {
 			m = vm_page_lookup(object, off);
-			if (m == 0 || (m->flags & PG_COPYONWRITE))
+			if (m == 0 || (m->flags & PG_COPYONWRITE)) {
+#ifdef __i386__
+				pmap_prefault(map, uva, 4);
+#endif
 				error = vm_fault(map, pageno,
 							VM_PROT_WRITE, FALSE);
+				}
 		}
 
 		/* Find space in kernel_map for the page we're interested in */