From e1a37303c89696a110c61a156768ea15cc03a246 Mon Sep 17 00:00:00 2001 From: Robert Morris Date: Fri, 20 Sep 2019 12:13:57 -0400 Subject: [PATCH] yet another sbrk() bug fix, and usertest --- kernel/vm.c | 3 ++- user/usertests.c | 25 ++++++++++++++++++++++--- 2 files changed, 24 insertions(+), 4 deletions(-) diff --git a/kernel/vm.c b/kernel/vm.c index 8036be7..c5da0c1 100644 --- a/kernel/vm.c +++ b/kernel/vm.c @@ -270,7 +270,8 @@ uvmdealloc(pagetable_t pagetable, uint64 oldsz, uint64 newsz) return oldsz; uint64 newup = PGROUNDUP(newsz); - uvmunmap(pagetable, newup, oldsz - newup, 1); + if(newup < PGROUNDUP(oldsz)) + uvmunmap(pagetable, newup, oldsz - newup, 1); return newsz; } diff --git a/user/usertests.c b/user/usertests.c index 0f4a443..608cd3f 100644 --- a/user/usertests.c +++ b/user/usertests.c @@ -1924,9 +1924,10 @@ pgbug(char *s) } // does the kernel panic if a process sbrk()s its size to be less than -// a page, or zero? +// a page, or zero, or reduces the break by an amount too small to +// cause a page to be freed? void -zerosize(char *s) +sbrkbugs(char *s) { int pid = fork(); if(pid < 0){ @@ -1959,6 +1960,24 @@ zerosize(char *s) } wait(0); + pid = fork(); + if(pid < 0){ + printf("fork failed\n"); + exit(1); + } + if(pid == 0){ + // set the break in the middle of a page. + sbrk((10*4096 + 2048) - (uint64)sbrk(0)); + + // reduce the break a bit, but not enough to + // cause a page to be freed. this used to cause + // a panic. + sbrk(-10); + + exit(0); + } + wait(0); + exit(0); } @@ -2000,7 +2019,7 @@ main(int argc, char *argv[]) char *s; } tests[] = { {pgbug, "pgbug" }, - {zerosize, "zerosize" }, + {sbrkbugs, "sbrkbugs" }, {reparent, "reparent" }, {twochildren, "twochildren"}, {forkfork, "forkfork"},