Re: [PATCH] hugetlb: fix resv_map leak in error path

From: Dave Hansen
Date: Tue May 22 2012 - 17:01:12 EST


On 05/22/2012 01:45 PM, Andrew Morton wrote:
> On Mon, 21 May 2012 13:28:14 -0700
> Dave Hansen <dave@xxxxxxxxxxxxxxxxxx> wrote:
>
>> When called for anonymous (non-shared) mappings,
>> hugetlb_reserve_pages() does a resv_map_alloc(). It depends on
>> code in hugetlbfs's vm_ops->close() to release that allocation.
>>
>> However, in the mmap() failure path, we do a plain unmap_region()
>> without the remove_vma() which actually calls vm_ops->close().
>>
>> This is a decent fix. This leak could get reintroduced if
>> new code (say, after hugetlb_reserve_pages() in
>> hugetlbfs_file_mmap()) decides to return an error. But, I think
>> it would have to unroll the reservation anyway.
>
> How far back does this bug go? The patch applies to 3.4 but gets
> rejects in 3.3 and earlier.

commit 17c9d12e126cb0de8d535dc1908c4819d712bc68
Date: Wed Feb 11 16:34:16 2009 +0000

So, ~2.6.30.

I don't think it existed before that. The code was there, but the
ordering made it OK.

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/