[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Bug in do_munmap (fwd)

To: Rik van Riel <H.H.vanRiel@phys.uu.nl>
Subject: Re: Bug in do_munmap (fwd)
From: "Benjamin C.R. LaHaise" <blah@kvack.org>
Date: Wed, 3 Jun 1998 17:01:03 -0400 (8UU)
cc: Perry Harrington <pedward@sun4.apsoft.com>, Linux MM <linux-mm@kvack.org>
In-Reply-To: <Pine.LNX.3.95.980603195556.3900B-100000@localhost>
Sender: owner-linux-mm@kvack.org

> I think I found the problem.  In zap_page_range:
...
> As you can see, dir is never freed.  If you look at zap_pmd_range, dir
> is used as a lookup point.  dir is what's being left around after the
> mmap.  The reason that this isn't a system wide memory leak is because
> the pages are freed when the process is reaped. Does this sound right?

Even if this particular aspect of it is fixed, the user can still bring
down the system by doing an anon mmap of 1 page at each 4MB boundry...
The correct fix is to have some sort of ulimit on the size of page tables,
or to make page tables swappable (uh-oh, that's a toughie fraught with
races).

		-ben

References:
- Bug in do_munmap (fwd)
  - From: Rik van Riel <H.H.vanRiel@phys.uu.nl>

Prev by Date: Bug in do_munmap (fwd)
Next by Date: Re: Q: Swap Locking Reinstatement
Prev by thread: Bug in do_munmap (fwd)
Next by thread: Re: Q: Swap Locking Reinstatement
Index(es):
- Date
- Thread