Change Details

The following test case previously panicked the kernel in the same way and no longer does (courtesy of jhb): #include <sys/types.h> #include <sys/mman.h> #include <machine/pte.h> #include <err.h> #include <stdio.h> #include <unistd.h> #define MAP_LENGTH (16 * 1024 * 1024) /* * We need to dirty all the pages to get them promoted to superpages. * The first page in each superpage also needs to "look" like a page * of dirty PTEs (PTE_V | PTE_SW_MANAGED | PTE_D) but with physical * addresses that are invalid so that PHYS_TO_VM_PAGE returns NULL. */ static void touch_pages(char *p, size_t len) { pt_entry_t *l3; void *end; l3 = (pt_entry_t *)p; end = p + len; while (l3 < end) { *l3 = 0xfffffffffffffe00 | PTE_SW_MANAGED | PTE_D | PTE_V; l3++; } } int main(int ac, char **av) { char *p; pid_t pid; int i; p = mmap(NULL, MAP_LENGTH, PROT_READ | PROT_WRITE, MAP_ANON, -1, 0); if (p == MAP_FAILED) err(1, "mmap"); printf("mapping: %p\n", p); touch_pages(p, MAP_LENGTH); pid = fork(); if (pid == -1) err(1, "fork"); if (pid == 0) { printf("child %d\n", (int)getpid()); return (0); } return (0); }

The following test case previously panicked the kernel in the same way and no longer does (courtesy of jhb): ``` #include <sys/types.h> #include <sys/mman.h> #include <machine/pte.h> #include <err.h> #include <stdio.h> #include <unistd.h> #define MAP_LENGTH (16 * 1024 * 1024) /* * We need to dirty all the pages to get them promoted to superpages. * The first page in each superpage also needs to "look" like a page * of dirty PTEs (PTE_V | PTE_SW_MANAGED | PTE_D) but with physical * addresses that are invalid so that PHYS_TO_VM_PAGE returns NULL. */ static void touch_pages(char *p, size_t len) { pt_entry_t *l3; void *end; l3 = (pt_entry_t *)p; end = p + len; while (l3 < end) { *l3 = 0xfffffffffffffe00 | PTE_SW_MANAGED | PTE_D | PTE_V; l3++; } } int main(int ac, char **av) { char *p; pid_t pid; int i; p = mmap(NULL, MAP_LENGTH, PROT_READ | PROT_WRITE, MAP_ANON, -1, 0); if (p == MAP_FAILED) err(1, "mmap"); printf("mapping: %p\n", p); touch_pages(p, MAP_LENGTH); pid = fork(); if (pid == -1) err(1, "fork"); if (pid == 0) { printf("child %d\n", (int)getpid()); return (0); } return (0); } ```

The following test case previously panicked the kernel in the same way and no longer does (courtesy of jhb): ``` #include <sys/types.h> #include <sys/mman.h> #include <machine/pte.h> #include <err.h> #include <stdio.h> #include <unistd.h> #define MAP_LENGTH (16 * 1024 * 1024) /* * We need to dirty all the pages to get them promoted to superpages. * The first page in each superpage also needs to "look" like a page * of dirty PTEs (PTE_V | PTE_SW_MANAGED | PTE_D) but with physical * addresses that are invalid so that PHYS_TO_VM_PAGE returns NULL. */ static void touch_pages(char *p, size_t len) { pt_entry_t *l3; void *end; l3 = (pt_entry_t *)p; end = p + len; while (l3 < end) { *l3 = 0xfffffffffffffe00 | PTE_SW_MANAGED | PTE_D | PTE_V; l3++; } } int main(int ac, char **av) { char *p; pid_t pid; int i; p = mmap(NULL, MAP_LENGTH, PROT_READ | PROT_WRITE, MAP_ANON, -1, 0); if (p == MAP_FAILED) err(1, "mmap"); printf("mapping: %p\n", p); touch_pages(p, MAP_LENGTH); pid = fork(); if (pid == -1) err(1, "fork"); if (pid == 0) { printf("child %d\n", (int)getpid()); return (0); } return (0); } ```