NetBSD Problem Report #49073

From mrg@eterna.com.au  Tue Aug  5 09:28:47 2014
Return-Path: <mrg@eterna.com.au>
Received: from mail.netbsd.org (mail.netbsd.org [149.20.53.66])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(Client CN "mail.netbsd.org", Issuer "Postmaster NetBSD.org" (verified OK))
	by mollari.NetBSD.org (Postfix) with ESMTPS id 69C03A943C
	for <gnats-bugs@gnats.NetBSD.org>; Tue,  5 Aug 2014 09:28:47 +0000 (UTC)
Message-Id: <20140805092843.F266CB383@splode.eterna.com.au>
Date: Tue,  5 Aug 2014 19:28:43 +1000 (EST)
From: mrg@eterna.com.au
Reply-To: mrg@eterna.com.au
To: gnats-bugs@gnats.NetBSD.org
Subject: uvm_mapent_alloc() can return NULL, yet isn't always checked
X-Send-Pr-Version: 3.95

>Number:         49073
>Category:       kern
>Synopsis:       uvm_mapent_alloc() can return NULL, yet isn't always checked
>Confidential:   no
>Severity:       critical
>Priority:       high
>Responsible:    kern-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Tue Aug 05 09:30:00 +0000 2014
>Originator:     matthew green
>Release:        -current, 20140804
>Organization:
people's front against (bozotic) www (softwar foundation)
>Environment:
>Description:

	while reading about minherit(2), i noticed that all calls to
	UVM_MAP_CLIP_START() or UVM_MAP_CLIP_END() can cause a page
	fault in the case that uvm_mapent_alloc() returns NULL.  in
	the distant UVM past, this function would panic() instead.
	the failure seems to be handled in all other cases, but the
	several functions in uvm_amap.c and uvm_map.c that call 
	these all seem to be potential issues.

>How-To-Repeat:
	N/A
>Fix:
	probably need to fix these macros and their backends to return
	a failure case, and to have these callers handle failure.
	these are the functions needing attention:

	uvm_amap.c:
		amap_copy()
	uvm_map.c:
		uvm_unmap_remove() -- currently can't fail, would need
			non-trivial work
		uvm_map_extract()
		uvm_map_submap()
		uvm_map_protect()
		uvm_map_inherit()
		uvm_map_advice()
		uvm_map_pageable()
NetBSD Home
NetBSD PR Database Search
(Contact us) $NetBSD: query-full-pr,v 1.39 2013/11/01 18:47:49 spz Exp $
$NetBSD: gnats_config.sh,v 1.8 2006/05/07 09:23:38 tsutsui Exp $
Copyright © 1994-2014 The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.