From 4cb8b041d129fca8dd4ae23860e440a568a30dd1 Mon Sep 17 00:00:00 2001
From: Konstantin Belousov <kib@FreeBSD.org>
Date: Tue, 24 Sep 2013 13:52:47 +0000
Subject: [PATCH] In pmap_clear_modify(), initialize pvh even for fictitious
 managed page, otherwise the small mappings loop would use uninitialized
 value. Note that currently pmap_clear_modify() is not called for fictitious
 pages.

Sponsored by:	The FreeBSD Foundation
Approved by:	re (glebius)
---
 sys/amd64/amd64/pmap.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/sys/amd64/amd64/pmap.c b/sys/amd64/amd64/pmap.c
index e4a662ac7183..5cc99a58101f 100644
--- a/sys/amd64/amd64/pmap.c
+++ b/sys/amd64/amd64/pmap.c
@@ -5331,13 +5331,13 @@ pmap_clear_modify(vm_page_t m)
 	 */
 	if ((m->aflags & PGA_WRITEABLE) == 0)
 		return;
+	pvh = pa_to_pvh(VM_PAGE_TO_PHYS(m));
 	rw_rlock(&pvh_global_lock);
 	lock = VM_PAGE_TO_PV_LIST_LOCK(m);
 	rw_wlock(lock);
 restart:
 	if ((m->flags & PG_FICTITIOUS) != 0)
 		goto small_mappings;
-	pvh = pa_to_pvh(VM_PAGE_TO_PHYS(m));
 	TAILQ_FOREACH_SAFE(pv, &pvh->pv_list, pv_next, next_pv) {
 		pmap = PV_PMAP(pv);
 		if (!PMAP_TRYLOCK(pmap)) {