Idan Horowitz f972eda7ed Kernel: Mark cloned volatile purgeable AnonymousVMOjects as purged ...

Our existing AnonymousVMObject cloning flow contains an optimization
wherein purgeable VMObjects which are marked volatile during the clone
are created as a new zero-filled VMObject (as if it was purged), which
lets us skip the expensive COW process.

Unfortunately, one crucial part was missing: Marking the cloned region
as purged, (which is the value returned from madvise when unmarking the
region as volatile) so the userland logic was left unaware of the
effective zero-ing of their memory region, resulting in odd behaviour
and crashes in places like our malloc's large allocation support.

2023-12-22 10:57:59 +01:00

15 KiB

Raw Blame History

View Raw