From 303f52d5000713cb17e90a786541b51b80434b68 Mon Sep 17 00:00:00 2001
From: Peter Wemm <peter@FreeBSD.org>
Date: Fri, 16 Nov 2001 02:28:33 +0000
Subject: [PATCH] Merge rev 1.264 from i386/pmap.c (tegge via alfred): Protect
 against an infinite loop when prefaulting pages.  This can happen when the vm
 system maps past the end of an object or tries to map a zero length object,
 the pmap layer misses the fact that offsets wrap into negative numbers and we
 get stuck.

---
 sys/alpha/alpha/pmap.c | 5 ++++-
 sys/ia64/ia64/pmap.c   | 5 ++++-
 2 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/sys/alpha/alpha/pmap.c b/sys/alpha/alpha/pmap.c
index f17856652ed0..3d523be53f61 100644
--- a/sys/alpha/alpha/pmap.c
+++ b/sys/alpha/alpha/pmap.c
@@ -2444,8 +2444,11 @@ pmap_object_init_pt(pmap_t pmap, vm_offset_t addr,
 		return;
 	}
 
-	if (psize + pindex > object->size)
+	if (psize + pindex > object->size) {
+		if (object->size < pindex)
+			return;		  
 		psize = object->size - pindex;
+	}
 
 	mpte = NULL;
 	/*
diff --git a/sys/ia64/ia64/pmap.c b/sys/ia64/ia64/pmap.c
index 31728f9415d8..126a75bd3237 100644
--- a/sys/ia64/ia64/pmap.c
+++ b/sys/ia64/ia64/pmap.c
@@ -1856,8 +1856,11 @@ pmap_object_init_pt(pmap_t pmap, vm_offset_t addr,
 		return;
 	}
 
-	if (psize + pindex > object->size)
+	if (psize + pindex > object->size) {
+		if (object->size < pindex)
+			return;		  
 		psize = object->size - pindex;
+	}
 
 	/*
 	 * if we are processing a major portion of the object, then scan the