What if res is NULL? If I didn't read carefully, I'd think I could pass NULL as the last argument if I didn't care about the new entry result.

Consider dropping insert1 and just have insert take an extra argument that can be a NULL when the new entry is unwanted.

if ((new_prot & ~gmax_prot) != 0 ||

is an alternative.

It's a small thing, but everywhere else in the code, I see GAP_DN before GAP_UP.

Why not use insert1 here to get new_entry?

I don't see any callers outside vm_map.c, so why is this externally visible?

vm_map_insert() is quite popular KPI, used a lot outside of vm/. I decided that it is too much churn to change it.

I caller does not need the entry, it can use vm_map_insert(). vm_map_insert1() does not accept NULL res, which avoids NULL checks.

This change is dropped in the latest version of the patch. For new gap entry code, I prefer to use literally the same text as for regular map entries.

There is a strange code in sys/security/mac/mac_process.c mac_proc_vm_revoke_recurse().

if (!CONTAINS_SET(max_prot, new_prot) || !CONTAINS_SET(max_prot, new_maxprot))

#define CONTAINS_BITS(set, bits) ((~(set) & (bits)) == 0)

if (CONTAINS_BITS(flags, VM_MAP_PROTECT_SET_ROOT | VM_MAP_PROTECT_SET_MAXROOT) && !CONTAINS_BITS(new_maxprot, new_prot))

CONTAINS_BITS(new_prot, VM_PROT_WRITE | VM_PROT_EXECUTE)

if ((flags & VM_MAP_PROTECT_SET_PROT) == 0)
new_prot = entry->protection;
else if (!CONTAINS_BITS(entry->max_protection, new_prot) {

vm_map_unlock(map);
return (KERN_PROTECTION_FAILURE);

}

else if (!CONTAINS_BITS(entry->max_protection, new_maxprot)) {
unlock; return;
}

I think you don't have to do this if VM_MAP_PROTECT_SET_PROT and VM_MAP_PROTECT_SET_MAXPROT are set in flags; if they are set, then new_prot and new_maxprot haven't changed since the last iteration, when you checked them already.

if (CONTAINS_BITS(prev_entry->eflags, MAP_ENTRY_GUARD | MAP_ENTRY_STACK_GAP_DN)

CONTAINS_SET(prev_entry->eflags, MAP_ENTRY_GUARD | MAP_ENTRY_STACK_GAP_DN)

I did both of chunk in the spirit of your suggestion, but differently. There is no need to recalculate new_maxprot and new_prot if the checks are local.

prev_entry might be out of the range specified for this call to vm_map_protect(), this is why I have to check prev_entry for perms.

if (!CONTAINS_BITS(max_prot, new_prot | new_maxprot))

old_prot = 0;
if ((flags & VM_MAP_PROTECT_SET_PROT) != 0)

old_prot |= new_prot;

if ((flags & VM_MAP_PROTECT_SET_MAXPROT) != 0)

old_prot |= new_maxprot;

if (!CONTAINS_BITS(entry->max_protection, old_prot)) {

 vm_map_unlock(map);
return (KERN_PROTECTION_FAILURE);

}

I meant that you could compute old_prot before the for loop, since it will have the same value in every iteration.

I think you can drop "_phase3" from the name.

There is an extra space.

Add a comment explaining this next bit.

old_prot isn't the right name for this value. Maybe check_prot?

max_prot = (entry->eflags & MAP_ENTRY_GUARD) != 0 ?
    PROT_MAX_EXTRACT(entry->offset) : entry->max_protection;
if (!CONTAINS_BITS(max_prot, check_prot)) {
    ...
}

would be clearer to me.

Does vm_map_mergeable_neighbors() need an update to handle this overloading?

Yes. The MAP_ENTRY_NOMERGE_MASK was updated to include gaps. See the corresponding commit in the list.

In fact, only a part of the object may be mapped. This is an old error.

A suggested comment rewrite, to include something about the return value:

Compare two consecutive map entries. If they can be merged, expand the range of the second to cover the range of the first and delete the first. Return the surviving map entry that covers the start of the combined range.

The map must be locked.

After verbal feedback from another reviewer, another try:

Consider two map entries that represent consecutive ranges. If the entries can be merged, expand the range of the second to cover the range of the first and delete the first. Then return the map entry that includes the first range.

The last sentence in this paragraph is also not relevant, I removed it.

I changed the first word from 'consider' to 'compare'. Is it fine?

Yes, it's fine.