Re: [PATCH 2/3] Fix memory leak of never putback pages in mbind()

From: KOSAKI Motohiro
Date: Fri Oct 09 2009 - 04:48:15 EST

> Signed-off-by: KOSAKI Motohiro <kosaki.motohiro@xxxxxxxxxxxxxx>
> ---
> mm/mempolicy.c | 2 ++
> 1 files changed, 2 insertions(+), 0 deletions(-)
>
> diff --git a/mm/mempolicy.c b/mm/mempolicy.c
> index 473f888..824abf3 100644
> --- a/mm/mempolicy.c
> +++ b/mm/mempolicy.c
> @@ -1061,6 +1061,8 @@ static long do_mbind(unsigned long start, unsigned long len,
>
> if (!err && nr_failed && (flags & MPOL_MF_STRICT))
> err = -EIO;
> + } else {
> + putback_lru_pages(&pagelist);
> }
>
> up_write(&mm->mmap_sem);


Oops, I forgot to remove unnecessary brace.
updated patch is here.

================================================================
Subject: [PATCH] Fix memory leak of never putback pages in mbind()

if mbind() receive invalid address, do_mbind makes leaked page.
following test program detect its leak.

This patch fixes it.

migrate_efault.c
=======================================
#include <numaif.h>
#include <numa.h>
#include <sys/mman.h>
#include <stdio.h>
#include <unistd.h>
#include <stdlib.h>
#include <string.h>

static unsigned long pagesize;

static void* make_hole_mapping(void)
{

void* addr;

addr = mmap(NULL, pagesize*3, PROT_READ|PROT_WRITE,
MAP_ANON|MAP_PRIVATE, 0, 0);
if (addr == MAP_FAILED)
return NULL;

/* make page populate */
memset(addr, 0, pagesize*3);

/* make memory hole */
munmap(addr+pagesize, pagesize);

return addr;
}

int main(int argc, char** argv)
{
void* addr;
int ch;
int node;
struct bitmask *nmask = numa_allocate_nodemask();
int err;
int node_set = 0;

while ((ch = getopt(argc, argv, "n:")) != -1){
switch (ch){
case 'n':
node = strtol(optarg, NULL, 0);
numa_bitmask_setbit(nmask, node);
node_set = 1;
break;
default:
;
}
}
argc -= optind;
argv += optind;

if (!node_set)
numa_bitmask_setbit(nmask, 0);

pagesize = getpagesize();

addr = make_hole_mapping();

err = mbind(addr, pagesize*3, MPOL_BIND, nmask->maskp, nmask->size, MPOL_MF_MOVE_ALL);
if (err)
perror("mbind ");

return 0;
}
=======================================


Signed-off-by: KOSAKI Motohiro <kosaki.motohiro@xxxxxxxxxxxxxx>
---
mm/mempolicy.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)

Index: b/mm/mempolicy.c
===================================================================
--- a/mm/mempolicy.c
+++ b/mm/mempolicy.c
@@ -1061,7 +1061,8 @@ static long do_mbind(unsigned long start

if (!err && nr_failed && (flags & MPOL_MF_STRICT))
err = -EIO;
- }
+ } else
+ putback_lru_pages(&pagelist);

up_write(&mm->mmap_sem);
mpol_put(new);



--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/