The computations of vm_map_splay_split and vm_map_splay_merge touch both children of every entry on the search path as part of updating values of the max_free field. By comparing the max_free values of an entry and its child on the search path, we can avoid accessing the child off the path in cases where the max_free value decreases along the path.
However, this requires that the vm_map structure begins in a consistent state. A recent change added consistency checks on exit from the link, unlink, splay, findspace and resize_free operations, but those conditions are not checked on entry to those functions, and they may not hold. In particular, the clip_start and clip_end operations alter start or end fields, invalidating map consistency before invoking a link operation to fix things. This patch makes clipping a part of the link operation to avoid this inconsistency. Also several resize_free operations are preceded by changes to an entry end. This patch makes changing that value part of the resize_free operation.
With all changes that change the size of free zones limited to these few functions, the map invariants hold on entry to these map functions, and it's safe to make inferences about max_free values to avoid accessing so many map entries.
Tested by: pho