ilo-pona/xv6-65oo2
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Activity

fix a potential kernel crash

Browse source 
add a regression test for it
This commit is contained in:
Robert Morris 2019-09-20 09:41:03 -04:00
parent 57e40a0204
commit 402e7b5605
2 changed files with 17 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
kernel/vm.c
View file

@ -99,6 +99,9 @@ walkaddr(pagetable_t pagetable, uint64 va)
pte_t *pte; pte_t *pte;
uint64 pa; uint64 pa;
if(va >= MAXVA)
return 0;
pte = walk(pagetable, va, 0); pte = walk(pagetable, va, 0);
if(pte == 0) if(pte == 0)
return 0; return 0;
@ -408,7 +411,7 @@ copyinstr(pagetable_t pagetable, char *dst, uint64 srcva, uint64 max)
int got_null = 0; int got_null = 0;
while(got_null == 0 && max > 0){ while(got_null == 0 && max > 0){
va0 = (uint)PGROUNDDOWN(srcva); va0 = PGROUNDDOWN(srcva);
pa0 = walkaddr(pagetable, va0); pa0 = walkaddr(pagetable, va0);
if(pa0 == 0) if(pa0 == 0)
return -1; return -1;

13
user/usertests.c
View file

@ -1908,6 +1908,18 @@ stacktest(char *s)
exit(xstatus); exit(xstatus);
} }
// copyinstr() used to cast the virtual page address to uint,
// which (with certain wild system call arguments) could
// result in a kernel page fault.
void
pgbug(char *s)
{
char *argv[1];
argv[0] = 0;
exec((char*)0xeaeb0b5b00002f5e, argv);
exit(0);
}
// run each test in its own process. run returns 1 if child's exit() // run each test in its own process. run returns 1 if child's exit()
// indicates success. // indicates success.
int int
@ -1945,6 +1957,7 @@ main(int argc, char *argv[])
void (*f)(char *); void (*f)(char *);
char *s; char *s;
} tests[] = { } tests[] = {
{pgbug, "pgbug" },
{reparent, "reparent" }, {reparent, "reparent" },
{twochildren, "twochildren"}, {twochildren, "twochildren"},
{forkfork, "forkfork"}, {forkfork, "forkfork"},