git: f94bfc469df9 - main - vm_object_coalesce(): check that coalescing does not revive stale pages
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Wed, 17 Dec 2025 03:53:16 UTC
The branch main has been updated by kib:
URL: https://cgit.FreeBSD.org/src/commit/?id=f94bfc469df9a2bc78ed15cc42525d09e3413e0b
commit f94bfc469df9a2bc78ed15cc42525d09e3413e0b
Author: Konstantin Belousov <kib@FreeBSD.org>
AuthorDate: 2025-11-22 18:43:57 +0000
Commit: Konstantin Belousov <kib@FreeBSD.org>
CommitDate: 2025-12-17 03:40:31 +0000
vm_object_coalesce(): check that coalescing does not revive stale pages
Reviewed by: alc, markj
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D54219
---
sys/vm/vm_object.c | 17 +++++++++++++++++
1 file changed, 17 insertions(+)
diff --git a/sys/vm/vm_object.c b/sys/vm/vm_object.c
index 413ba5459e3d..117900135ac3 100644
--- a/sys/vm/vm_object.c
+++ b/sys/vm/vm_object.c
@@ -2244,6 +2244,23 @@ vm_object_coalesce(vm_object_t prev_object, vm_ooffset_t prev_offset,
if (next_pindex + next_size > prev_object->size)
prev_object->size = next_pindex + next_size;
+#ifdef INVARIANTS
+ /*
+ * Re-check: there must be no pages in the next range backed
+ * by prev_entry's object. Otherwise, the resulting
+ * corruption is same as faulting in a non-zeroed page.
+ */
+ if (vm_check_pg_zero) {
+ vm_pindex_t pidx;
+
+ pidx = swap_pager_seek_data(prev_object, next_pindex);
+ KASSERT(pidx >= next_pindex + next_size,
+ ("found obj %p pindex %#jx e %#jx %#jx %#jx",
+ prev_object, pidx, (uintmax_t)prev_offset,
+ (uintmax_t)prev_size, (uintmax_t)next_size));
+ }
+#endif
+
VM_OBJECT_WUNLOCK(prev_object);
return (TRUE);
}