diff options
| author | Martin Pieuchot <mpi@cvs.openbsd.org> | 2024-11-16 10:09:09 +0000 |
|---|---|---|
| committer | Martin Pieuchot <mpi@cvs.openbsd.org> | 2024-11-16 10:09:09 +0000 |
| commit | be35ad05711194820f5255328ec8ef589bc60acb (patch) | |
| tree | 0a7703bb3196cc98b5e9acdb95914949198df8c6 | |
| parent | 7faa7bf3840229486d4956280b0cb1fedbe1670a (diff) | |
Do not dereference `pve' after releasing `pv_mtx'.
Prevent a race where anything can happen on `pve' resultint in an incorrect
locking of a given pmap. Found the hardway by sthen@.
ok jsg@, miod@, kettenis@, jca@
| -rw-r--r-- | sys/arch/i386/i386/pmapae.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/sys/arch/i386/i386/pmapae.c b/sys/arch/i386/i386/pmapae.c index c8a0d668ed9..f5155942ebc 100644 --- a/sys/arch/i386/i386/pmapae.c +++ b/sys/arch/i386/i386/pmapae.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pmapae.c,v 1.74 2024/11/08 13:18:29 jsg Exp $ */ +/* $OpenBSD: pmapae.c,v 1.75 2024/11/16 10:09:08 mpi Exp $ */ /* * Copyright (c) 2006-2008 Michael Shalayeff @@ -1347,7 +1347,7 @@ pmap_page_remove_pae(struct vm_page *pg) pm = pve->pv_pmap; mtx_leave(&pg->mdpage.pv_mtx); - ptes = pmap_map_ptes_pae(pve->pv_pmap); /* locks pmap */ + ptes = pmap_map_ptes_pae(pm); /* locks pmap */ /* * We dropped the pvlist lock before grabbing the pmap |