Re: Virtual memory leaking through IA32 emulation layer for mmap and munmap

From: Peter Chubb <peter_at_chubb.wattle.id.au>
Date: 2004-03-09 11:11:04
>>>>> "Shaun" == Shaun  <delius@progsoc.uts.edu.au> writes:

Shaun> Hi,

Shaun> Given that getpagesize() is hardcoded in glibc it returns 4096,
Shaun> the mmap succeeds and the compatibility layers actually
Shaun> allocate a full page (the kernel in question has PAGE_SHIFT set
Shaun> to 14 for a page size of 16K).  However the munmap hits the
Shaun> following bit of code in sys_ia32.c:

Shaun> asmlinkage long sys32_munmap (unsigned int start, unsigned int
Shaun> len) { unsigned int end = start + len; long ret; ...  start =
Shaun> PAGE_ALIGN(start); end = PAGE_START(end);

Shaun>    if (start >= end) return 0;

 I think thius may be a bug.  From the man page for munmap:

   The  address  start must be a multiple of the page size. All pages con-
   taining a part of the indicated range are unmapped, and subsequent ref-
   erences to these pages will generate SIGSEGV. It is not an error if the
   indicated range does not contain any mapped pages.

This follows the SUS, which means that end should be rounded up not
down.

--
Dr Peter Chubb  http://www.gelato.unsw.edu.au  peterc AT gelato.unsw.edu.au
The technical we do immediately,  the political takes *forever*


-
To unsubscribe from this list: send the line "unsubscribe linux-ia64" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Received on Mon Mar 8 19:13:17 2004

This archive was generated by hypermail 2.1.8 : 2005-08-02 09:20:24 EST