Kernel: Don't unregister Region from RegionTree *before* unmapping it

If we unregister from the RegionTree before unmapping, there's a race where a new region can get inserted at the same address that we're about to unmap. If this happens, ~Region() will then unmap the newly inserted region, which now finds itself with cleared-out page table entries.
author: Andreas Kling <kling@serenityos.org> 2022-04-05 13:46:50 +0200
committer: Andreas Kling <kling@serenityos.org> 2022-04-05 13:46:50 +0200
commit: 0a83c0354696d2058d9de16283cb8574edb0b946 (patch)
tree: a56d8c1b2934b29446e5fd396b072312d9f6d0f3 /Kernel/Memory
parent: a3db0ab14fc627de999d68474c32b90fd08f9910 (diff)
download: serenity-0a83c0354696d2058d9de16283cb8574edb0b946.zip
1 files changed, 3 insertions, 3 deletions
diff --git a/Kernel/Memory/Region.cpp b/Kernel/Memory/Region.cpp
index 43d58e67b7..2ba28e17c2 100644
--- a/Kernel/Memory/Region.cpp
+++ b/Kernel/Memory/Region.cpp
@@ -64,9 +64,6 @@ Region::~Region()
 
     m_vmobject->remove_region(*this);
 
-    if (is_kernel())
-        MM.unregister_kernel_region(*this);
-
     if (m_page_directory) {
         SpinlockLocker pd_locker(m_page_directory->get_lock());
         if (!is_readable() && !is_writable() && !is_executable()) {
@@ -77,6 +74,9 @@ Region::~Region()
             VERIFY(!m_page_directory);
         }
     }
+
+    if (is_kernel())
+        MM.unregister_kernel_region(*this);
 }
 
 ErrorOr<NonnullOwnPtr<Region>> Region::create_unbacked()
author	Andreas Kling <kling@serenityos.org>	2022-04-05 13:46:50 +0200
committer	Andreas Kling <kling@serenityos.org>	2022-04-05 13:46:50 +0200
commit	0a83c0354696d2058d9de16283cb8574edb0b946 (patch)
tree	a56d8c1b2934b29446e5fd396b072312d9f6d0f3 /Kernel/Memory
parent	a3db0ab14fc627de999d68474c32b90fd08f9910 (diff)
download	serenity-0a83c0354696d2058d9de16283cb8574edb0b946.zip