git: kernel - Fix vmspace termination race

Matthew Dillon dillon at
Thu Feb 9 10:14:22 PST 2017

commit 009afa1dc45e8007200fc7dc2b200d0b89b85932
Author: Matthew Dillon <dillon at>
Date:   Thu Feb 9 10:09:43 2017 -0800

    kernel - Fix vmspace termination race
    * Fix a SMP race which can cause a vmspace structure to be double-freed
      to its objcache, resulting in corruption.
    * Typical panic was a kernel seg fault at 'vm_copyin+2'.  What was in fact
      happening was that corruption of the vmspace was racing against reuse and
      a decrement of the pmap copyin function pointer.  This decrement caused
      function calls through the pointer to get very confused.
    Reported-by: tuxillo

Summary of changes:
 sys/vm/vm_map.c | 47 ++++++++++++++++++++++++++---------------------
 1 file changed, 26 insertions(+), 21 deletions(-)

DragonFly BSD source repository

More information about the Commits mailing list