[src/trunk]: src/sys/uvm fix allocation handling bugs in amap_alloc1(). if t...

[cgd <cgd%NetBSD.org@localhost>]

details:   https://anonhg.NetBSD.org/src/rev/6ea0969c04e9
branches:  trunk
changeset: 474417:6ea0969c04e9
user:      cgd <cgd%NetBSD.org@localhost>
date:      Tue Jul 06 02:15:53 1999 +0000

description:
fix allocation handling bugs in amap_alloc1().  if the first or second
sub-structure malloc() failed, it was quite likely that the function
would return success incorrectly.  This is this direct cause of the bug
reported in PR#7897.  (Thanks to chs for helping to track it down.)

diffstat:

 sys/uvm/uvm_amap.c |  37 +++++++++++++++++++++----------------
 1 files changed, 21 insertions(+), 16 deletions(-)

diffs (53 lines):

diff -r f605e2079539 -r 6ea0969c04e9 sys/uvm/uvm_amap.c
--- a/sys/uvm/uvm_amap.c        Tue Jul 06 02:00:41 1999 +0000
+++ b/sys/uvm/uvm_amap.c        Tue Jul 06 02:15:53 1999 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: uvm_amap.c,v 1.20 1999/04/11 04:04:11 chs Exp $        */
+/*     $NetBSD: uvm_amap.c,v 1.21 1999/07/06 02:15:53 cgd Exp $        */
 
 /*
  *
@@ -191,23 +191,28 @@
        amap->am_maxslot = totalslots;
        amap->am_nslot = slots;
        amap->am_nused = 0;
-       MALLOC(amap->am_slots,  int *, totalslots * sizeof(int), M_UVMAMAP, waitf);
-       if (amap->am_slots) {
-               MALLOC(amap->am_bckptr, int *, totalslots * sizeof(int), M_UVMAMAP, waitf);
-               if (amap->am_bckptr) {
-                       MALLOC(amap->am_anon, struct vm_anon **, 
-                           totalslots * sizeof(struct vm_anon *), M_UVMAMAP, waitf);
-               }
-       }
+
+       amap->am_slots = malloc(totalslots * sizeof(int), M_UVMAMAP,
+           waitf);
+       if (amap->am_slots == NULL)
+               goto fail1;
+
+       amap->am_bckptr = malloc(totalslots * sizeof(int), M_UVMAMAP, waitf);
+       if (amap->am_bckptr == NULL)
+               goto fail2;
 
-       if (amap->am_anon)
-               return(amap);
+       amap->am_anon = malloc(totalslots * sizeof(struct vm_anon *),
+           M_UVMAMAP, waitf);
+       if (amap->am_anon == NULL)
+               goto fail3;
 
-       if (amap->am_slots) {
-               FREE(amap->am_slots, M_UVMAMAP);
-               if (amap->am_bckptr)
-                       FREE(amap->am_bckptr, M_UVMAMAP);
-       }
+       return(amap);
+
+fail3:
+       free(amap->am_bckptr, M_UVMAMAP);
+fail2:
+       free(amap->am_slots, M_UVMAMAP);
+fail1:
        pool_put(&uvm_amap_pool, amap);
        return (NULL);
 }