Bug#796036: linux-image-3.16.0-4-amd64: concurrent msync triggers NULL pointer dereference
Package: src:linux
Version: 3.16.7-ckt11-1
Severity: important
Using Debian 3.16.7-ckt4-3 and a simple test case, we were able to reproduce a
kernel bug in msync system call.
The test case does the following:
1) create a 1MB file and mmap it
2) in a loop, select a 4k page in that file randomly, write with memset, then
run msync on that area in a thread
The problem was first seen in debian 3.12, and also reproduced with debian 3.16
and 4.1.0 kernels. Debian 3.2 was fine.
Vanilla kernels do not seem to be affected.
In fact the crash happens in vma_do_fput which comes with aufs4-mmap.patch
-- Package-specific info:
** Kernel log: boot messages should be attached
** Model information
sys_vendor: Dell Inc.
product_name: OptiPlex 3020
product_version: 01
chassis_vendor: Dell Inc.
chassis_version:
bios_vendor: Dell Inc.
bios_version: A02
board_vendor: Dell Inc.
board_name: 0VHWTR
board_version: A02
** PCI devices:
00:00.0 Host bridge [0600]: Intel Corporation 4th Gen Core Processor DRAM
Controller [8086:0c00] (rev 06)
Subsystem: Dell Device [1028:0612]
Control: I/O- Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr-
Stepping- SERR- FastB2B- DisINTx-
Status: Cap+ 66MHz- UDF- FastB2B+ ParErr- DEVSEL=fast >TAbort- <TAbort-
<MAbort+ >SERR- <PERR- INTx-
Latency: 0
Capabilities: <access denied>
Kernel driver in use: hsw_uncore
00:01.0 PCI bridge [0604]: Intel Corporation Xeon E3-1200 v3/4th Gen Core
Processor PCI Express x16 Controller [8086:0c01] (rev 06) (prog-if 00 [Normal
decode])
Control: I/O+ Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr-
Stepping- SERR- FastB2B- DisINTx+
Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- <TAbort-
<MAbort- >SERR- <PERR- INTx-
Latency: 0, Cache Line Size: 64 bytes
Bus: primary=00, secondary=01, subordinate=01, sec-latency=0
I/O behind bridge: 0000e000-0000efff
Memory behind bridge: f6000000-f70fffff
Prefetchable memory behind bridge: 00000000e8000000-00000000f1ffffff
Secondary status: 66MHz- FastB2B- ParErr- DEVSEL=fast >TAbort- <TAbort-
<MAbort+ <SERR- <PERR-
BridgeCtl: Parity- SERR- NoISA- VGA+ MAbort- >Reset- FastB2B-
PriDiscTmr- SecDiscTmr- DiscTmrStat- DiscTmrSERREn-
Capabilities: <access denied>
Kernel driver in use: pcieport
00:14.0 USB controller [0c03]: Intel Corporation 8 Series/C220 Series Chipset
Family USB xHCI [8086:8c31] (rev 04) (prog-if 30 [XHCI])
Subsystem: Dell Device [1028:0612]
Control: I/O- Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr-
Stepping- SERR- FastB2B- DisINTx+
Status: Cap+ 66MHz- UDF- FastB2B+ ParErr- DEVSEL=medium >TAbort-
<TAbort- <MAbort- >SERR- <PERR- INTx-
Latency: 0
Interrupt: pin A routed to IRQ 28
Region 0: Memory at f7200000 (64-bit, non-prefetchable) [size=64K]
Capabilities: <access denied>
Kernel driver in use: xhci_hcd
00:16.0 Communication controller [0780]: Intel Corporation 8 Series/C220 Series
Chipset Family MEI Controller #1 [8086:8c3a] (rev 04)
Subsystem: Dell Device [1028:0612]
Control: I/O- Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr-
Stepping- SERR- FastB2B- DisINTx+
Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- <TAbort-
<MAbort- >SERR- <PERR- INTx-
Latency: 0
Interrupt: pin A routed to IRQ 30
Region 0: Memory at f721a000 (64-bit, non-prefetchable) [size=16]
Capabilities: <access denied>
Kernel driver in use: mei_me
00:1a.0 USB controller [0c03]: Intel Corporation 8 Series/C220 Series Chipset
Family USB EHCI #2 [8086:8c2d] (rev 04) (prog-if 20 [EHCI])
Subsystem: Dell Device [1028:0612]
Control: I/O- Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr-
Stepping- SERR- FastB2B- DisINTx-
Status: Cap+ 66MHz- UDF- FastB2B+ ParErr- DEVSEL=medium >TAbort-
<TAbort- <MAbort- >SERR- <PERR- INTx-
Latency: 0
Interrupt: pin A routed to IRQ 16
Region 0: Memory at f7218000 (32-bit, non-prefetchable) [size=1K]
Capabilities: <access denied>
Kernel driver in use: ehci-pci
00:1b.0 Audio device [0403]: Intel Corporation 8 Series/C220 Series Chipset
High Definition Audio Controller [8086:8c20] (rev 04)
Subsystem: Dell Device [1028:0612]
Control: I/O- Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr-
Stepping- SERR- FastB2B- DisINTx+
Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- <TAbort-
<MAbort- >SERR- <PERR- INTx-
Latency: 0, Cache Line Size: 64 bytes
Interrupt: pin A routed to IRQ 31
Region 0: Memory at f7210000 (64-bit, non-prefetchable) [size=16K]
Capabilities: <access denied>
Kernel driver in use: snd_hda_intel
00:1c.0 PCI bridge [0604]: Intel Corporation 8 Series/C220 Series Chipset
Family PCI Express Root Port #1 [8086:8c10] (rev d4) (prog-if 00 [Normal
decode])
Control: I/O+ Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr-
Stepping- SERR- FastB2B- DisINTx+
Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- <TAbort-
<MAbort- >SERR- <PERR- INTx-
Latency: 0, Cache Line Size: 64 bytes
Bus: primary=00, secondary=02, subordinate=02, sec-latency=0
I/O behind bridge: 00002000-00002fff
Memory behind bridge: e0000000-e01fffff
Prefetchable memory behind bridge: 00000000e0200000-00000000e03fffff
Secondary status: 66MHz- FastB2B- ParErr- DEVSEL=fast >TAbort- <TAbort-
<MAbort+ <SERR- <PERR-
BridgeCtl: Parity- SERR- NoISA- VGA- MAbort- >Reset- FastB2B-
PriDiscTmr- SecDiscTmr- DiscTmrStat- DiscTmrSERREn-
Capabilities: <access denied>
Kernel driver in use: pcieport
00:1c.3 PCI bridge [0604]: Intel Corporation 8 Series/C220 Series Chipset
Family PCI Express Root Port #4 [8086:8c16] (rev d4) (prog-if 00 [Normal
decode])
Control: I/O+ Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr-
Stepping- SERR- FastB2B- DisINTx+
Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- <TAbort-
<MAbort- >SERR- <PERR- INTx-
Latency: 0, Cache Line Size: 64 bytes
Bus: primary=00, secondary=03, subordinate=03, sec-latency=0
I/O behind bridge: 0000d000-0000dfff
Memory behind bridge: f7100000-f71fffff
Prefetchable memory behind bridge: 00000000f2100000-00000000f21fffff
Secondary status: 66MHz- FastB2B- ParErr- DEVSEL=fast >TAbort- <TAbort-
<MAbort+ <SERR- <PERR-
BridgeCtl: Parity- SERR- NoISA- VGA- MAbort- >Reset- FastB2B-
PriDiscTmr- SecDiscTmr- DiscTmrStat- DiscTmrSERREn-
Capabilities: <access denied>
Kernel driver in use: pcieport
00:1d.0 USB controller [0c03]: Intel Corporation 8 Series/C220 Series Chipset
Family USB EHCI #1 [8086:8c26] (rev 04) (prog-if 20 [EHCI])
Subsystem: Dell Device [1028:0612]
Control: I/O- Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr-
Stepping- SERR- FastB2B- DisINTx-
Status: Cap+ 66MHz- UDF- FastB2B+ ParErr- DEVSEL=medium >TAbort-
<TAbort- <MAbort- >SERR- <PERR- INTx-
Latency: 0
Interrupt: pin A routed to IRQ 23
Region 0: Memory at f7217000 (32-bit, non-prefetchable) [size=1K]
Capabilities: <access denied>
Kernel driver in use: ehci-pci
00:1f.0 ISA bridge [0601]: Intel Corporation C220 Series Chipset Family H81
Express LPC Controller [8086:8c5c] (rev 04)
Subsystem: Dell Device [1028:0612]
Control: I/O+ Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr-
Stepping- SERR- FastB2B- DisINTx-
Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=medium >TAbort-
<TAbort- <MAbort- >SERR- <PERR- INTx-
Latency: 0
Capabilities: <access denied>
Kernel driver in use: lpc_ich
00:1f.2 SATA controller [0106]: Intel Corporation 8 Series/C220 Series Chipset
Family 6-port SATA Controller 1 [AHCI mode] [8086:8c02] (rev 04) (prog-if 01
[AHCI 1.0])
Subsystem: Dell Device [1028:0612]
Control: I/O+ Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr-
Stepping- SERR- FastB2B- DisINTx+
Status: Cap+ 66MHz+ UDF- FastB2B+ ParErr- DEVSEL=medium >TAbort-
<TAbort- <MAbort- >SERR- <PERR- INTx-
Latency: 0
Interrupt: pin C routed to IRQ 29
Region 0: I/O ports at f070 [size=8]
Region 1: I/O ports at f060 [size=4]
Region 2: I/O ports at f050 [size=8]
Region 3: I/O ports at f040 [size=4]
Region 4: I/O ports at f020 [size=32]
Region 5: Memory at f7216000 (32-bit, non-prefetchable) [size=2K]
Capabilities: <access denied>
Kernel driver in use: ahci
00:1f.3 SMBus [0c05]: Intel Corporation 8 Series/C220 Series Chipset Family
SMBus Controller [8086:8c22] (rev 04)
Subsystem: Dell Device [1028:0612]
Control: I/O+ Mem+ BusMaster- SpecCycle- MemWINV- VGASnoop- ParErr-
Stepping- SERR- FastB2B- DisINTx-
Status: Cap- 66MHz- UDF- FastB2B+ ParErr- DEVSEL=medium >TAbort-
<TAbort- <MAbort- >SERR- <PERR- INTx-
Interrupt: pin C routed to IRQ 18
Region 0: Memory at f7215000 (64-bit, non-prefetchable) [size=256]
Region 4: I/O ports at f000 [size=32]
01:00.0 VGA compatible controller [0300]: NVIDIA Corporation GF119 [GeForce GT
610] [10de:104a] (rev a1) (prog-if 00 [VGA controller])
Subsystem: Micro-Star International Co., Ltd. [MSI] Device [1462:809f]
Control: I/O+ Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr-
Stepping- SERR- FastB2B- DisINTx+
Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- <TAbort-
<MAbort- >SERR- <PERR- INTx-
Latency: 0, Cache Line Size: 64 bytes
Interrupt: pin A routed to IRQ 32
Region 0: Memory at f6000000 (32-bit, non-prefetchable) [size=16M]
Region 1: Memory at e8000000 (64-bit, prefetchable) [size=128M]
Region 3: Memory at f0000000 (64-bit, prefetchable) [size=32M]
Region 5: I/O ports at e000 [size=128]
Expansion ROM at f7000000 [disabled] [size=512K]
Capabilities: <access denied>
Kernel driver in use: nouveau
01:00.1 Audio device [0403]: NVIDIA Corporation GF108 High Definition Audio
Controller [10de:0bea] (rev a1)
Subsystem: Micro-Star International Co., Ltd. [MSI] Device [1462:809f]
Control: I/O- Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr-
Stepping- SERR- FastB2B- DisINTx-
Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- <TAbort-
<MAbort- >SERR- <PERR- INTx-
Latency: 0, Cache Line Size: 64 bytes
Interrupt: pin B routed to IRQ 17
Region 0: Memory at f7080000 (32-bit, non-prefetchable) [size=16K]
Capabilities: <access denied>
Kernel driver in use: snd_hda_intel
03:00.0 Ethernet controller [0200]: Realtek Semiconductor Co., Ltd.
RTL8111/8168/8411 PCI Express Gigabit Ethernet Controller [10ec:8168] (rev 0c)
Subsystem: Dell Device [1028:0612]
Control: I/O+ Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr-
Stepping- SERR- FastB2B- DisINTx+
Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- <TAbort-
<MAbort- >SERR- <PERR- INTx-
Latency: 0, Cache Line Size: 64 bytes
Interrupt: pin A routed to IRQ 27
Region 0: I/O ports at d000 [size=256]
Region 2: Memory at f7100000 (64-bit, non-prefetchable) [size=4K]
Region 4: Memory at f2100000 (64-bit, prefetchable) [size=16K]
Capabilities: <access denied>
Kernel driver in use: r8169
** USB devices:
Bus 002 Device 002: ID 8087:8000 Intel Corp.
Bus 002 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
Bus 001 Device 002: ID 8087:8008 Intel Corp.
Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
Bus 004 Device 001: ID 1d6b:0003 Linux Foundation 3.0 root hub
Bus 003 Device 003: ID 413c:3012 Dell Computer Corp. Optical Wheel Mouse
Bus 003 Device 002: ID 413c:2003 Dell Computer Corp. Keyboard
Bus 003 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
-- System Information:
Debian Release: stretch/sid
APT prefers testing
APT policy: (900, 'testing'), (300, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 4.1.6 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages linux-image-3.16.0-4-amd64 depends on:
ii debconf [debconf-2.0] 1.5.57
ii initramfs-tools [linux-initramfs-tool] 0.120
ii kmod 21-1
ii linux-base 4.0
ii module-init-tools 21-1
Versions of packages linux-image-3.16.0-4-amd64 recommends:
ii firmware-linux-free 3.3
ii irqbalance 1.0.6-3
Versions of packages linux-image-3.16.0-4-amd64 suggests:
pn debian-kernel-handbook <none>
ii grub-pc 2.02~beta2-26
pn linux-doc-3.16 <none>
Versions of packages linux-image-3.16.0-4-amd64 is related to:
pn firmware-atheros <none>
pn firmware-bnx2 <none>
pn firmware-bnx2x <none>
pn firmware-brcm80211 <none>
pn firmware-intelwimax <none>
pn firmware-ipw2x00 <none>
pn firmware-ivtv <none>
pn firmware-iwlwifi <none>
pn firmware-libertas <none>
pn firmware-linux <none>
ii firmware-linux-nonfree 0.44
pn firmware-myricom <none>
pn firmware-netxen <none>
pn firmware-qlogic <none>
pn firmware-ralink <none>
ii firmware-realtek 0.44
pn xen-hypervisor <none>
-- debconf information excluded
*** /tmp/crash
Mar 3 07:51:46 xps-m1530 kernel: [ 160.395696] BUG: unable to handle kernel NULL pointer dereference at 0000000000000038
Mar 3 07:51:46 xps-m1530 kernel: [ 160.395729] IP: [<ffffffff811a9359>] fput+0x9/0x90
Mar 3 07:51:46 xps-m1530 kernel: [ 160.395743] PGD 9d9a9067 PUD 9d9ab067 PMD 0
Mar 3 07:51:46 xps-m1530 kernel: [ 160.395753] Oops: 0002 [#1] SMP
Mar 3 07:51:46 xps-m1530 kernel: [ 160.395763] Modules linked in: nfsv3 rpcsec_gss_krb5 nfsv4 dns_resolver tun ctr ccm binfmt_misc bnep nfsd auth_rpcgss oid_registry nfs_acl nfs lockd fscache sunrpc dm_crypt xts gf128mul algif_skcipher af_alg ecb btusb bluetooth 6lowpan_iphc hid_generic usbhid hid joydev sr_mod cdrom coretemp dell_wmi snd_hda_codec_idt kvm sparse_keymap iTCO_wdt iTCO_vendor_support dell_laptop pcspkr snd_hda_codec_generic evdev psmouse serio_raw dcdbas arc4 nouveau snd_hda_intel i2c_i801 snd_hda_controller ata_generic mxm_wmi iwl3945 iwlegacy snd_hda_codec mac80211 ttm snd_hwdep drm_kms_helper uhci_hcd ehci_pci snd_pcm snd_timer ehci_hcd drm i2c_algo_bit i2c_core sg cfg80211 rfkill ata_piix lpc_ich r852 usbcore snd sm_common mfd_core nand nand_ecc nand_bch bch nand_ids r592 mtd memstick sdhci_pci sdhci mmc_core sky2 firewire_ohci firewire_core crc_itu_t wmi soundcore button shpchp usb_common battery video ac acpi_cpufreq processor loop fuse parport_pc ppdev lp parp
ort autofs4 ext4 crc16 mbcache jbd2 dm_mod sd_mod crc_t10dif crct10dif_generic crct10dif_common ahci libahci libata scsi_mod thermal thermal_sys
Mar 3 07:51:46 xps-m1530 kernel: [ 160.396010] CPU: 0 PID: 2234 Comm: mprotect Not tainted 3.16.0-4-amd64 #1 Debian 3.16.7-ckt4-3
Mar 3 07:51:46 xps-m1530 kernel: [ 160.396010] Hardware name: Dell Inc. XPS M1530 / , BIOS A12 11/19/2008
Mar 3 07:51:46 xps-m1530 kernel: [ 160.396010] task: ffff88009d8af5f0 ti: ffff88008a178000 task.ti: ffff88008a178000
Mar 3 07:51:46 xps-m1530 kernel: [ 160.396010] RIP: 0010:[<ffffffff811a9359>] [<ffffffff811a9359>] fput+0x9/0x90
Mar 3 07:51:46 xps-m1530 kernel: [ 160.396010] RSP: 0000:ffff88008a17bf00 EFLAGS: 00010296
Mar 3 07:51:46 xps-m1530 kernel: [ 160.396010] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 000000000000003e
Mar 3 07:51:46 xps-m1530 kernel: [ 160.396010] RDX: 000000000000005d RSI: ffffffff81621c38 RDI: 0000000000000000
Mar 3 07:51:46 xps-m1530 kernel: [ 160.396010] RBP: 0000000000000000 R08: 0000000000000004 R09: 0000000000000000
Mar 3 07:51:46 xps-m1530 kernel: [ 160.396010] R10: 00007fff69b3afc8 R11: 00007f596569f570 R12: 00007f6a2560f000
Mar 3 07:51:46 xps-m1530 kernel: [ 160.396010] R13: 00007f6a2550f000 R14: 00007f6a255a3000 R15: ffff8800a1b7d800
Mar 3 07:51:46 xps-m1530 kernel: [ 160.396010] FS: 00007f6a24a49700(0000) GS:ffff88011fc00000(0000) knlGS:0000000000000000
Mar 3 07:51:46 xps-m1530 kernel: [ 160.396010] CS: 0010 DS: 0000 ES: 0000 CR0: 000000008005003b
Mar 3 07:51:46 xps-m1530 kernel: [ 160.396010] CR2: 0000000000000038 CR3: 000000008a1b3000 CR4: 00000000000007f0
Mar 3 07:51:46 xps-m1530 kernel: [ 160.396010] Stack:
Mar 3 07:51:46 xps-m1530 kernel: [ 160.396010] 0000000000000000 ffffffff81162c1d ffff88009dafdc18 0000000000000000
Mar 3 07:51:46 xps-m1530 kernel: [ 160.396010] ffffffff81172667 0000000000013280 ffff8800a1b7d860 ffff880000000000
Mar 3 07:51:46 xps-m1530 kernel: [ 160.396010] 0000000000000004 0000000400000000 00007fffc6336d40 00007f6a24a483e0
Mar 3 07:51:46 xps-m1530 kernel: [ 160.396010] Call Trace:
Mar 3 07:51:46 xps-m1530 kernel: [ 160.396010] [<ffffffff81162c1d>] ? vma_do_fput+0x1d/0x40
Mar 3 07:51:46 xps-m1530 kernel: [ 160.396010] [<ffffffff81172667>] ? SyS_msync+0x1b7/0x280
Mar 3 07:51:46 xps-m1530 kernel: [ 160.396010] [<ffffffff8150f76d>] ? system_call_fast_compare_end+0x10/0x15
Mar 3 07:51:46 xps-m1530 kernel: [ 160.396010] Code: 00 5b e9 5b 33 fe ff 0f 1f 00 e8 33 37 ee ff 48 89 de 48 8b 3d f9 d3 73 00 5b e9 43 33 fe ff 0f 1f 00 66 66 66 66 90 53 48 89 fb <f0> 48 ff 4f 38 74 08 5b c3 66 0f 1f 44 00 00 65 48 8b 3c 25 80
Mar 3 07:51:46 xps-m1530 kernel: [ 160.396010] RIP [<ffffffff811a9359>] fput+0x9/0x90
Mar 3 07:51:46 xps-m1530 kernel: [ 160.396010] RSP <ffff88008a17bf00>
Mar 3 07:51:46 xps-m1530 kernel: [ 160.396010] CR2: 0000000000000038
Mar 3 07:51:46 xps-m1530 kernel: [ 160.399690] ---[ end trace 14d024261fb5deb4 ]---
#include <pthread.h>
#include <string.h>
#include <unistd.h>
#include <signal.h>
#include <stdio.h>
#include <malloc.h>
#include <stdlib.h>
#include <errno.h>
#include <fcntl.h>
#include <linux/limits.h>
#include <sys/mman.h>
#include <sys/types.h>
#include <sys/wait.h>
#define handle_error_en(en, msg) \
do { errno = en; perror(msg); exit(EXIT_FAILURE); } while (0)
#define handle_error(msg) \
do { perror(msg); exit(EXIT_FAILURE); } while (0)
static char *open_map(int no, int size)
{
int fd = -1;
int flags = MAP_SHARED;
char *addr;
char path[PATH_MAX];
#if 1
snprintf(path, sizeof(path), "/data/tst_%d.map", no);
fd = open(path, O_CREAT|O_RDWR, 0600);
if (fd < 0) {
handle_error("open");
}
if (ftruncate(fd, size) < 0) {
handle_error("ftruncate");
}
#else
flags |= MAP_ANONYMOUS;
#endif
/* Allocate a buffer aligned on a page boundary;
initial protection is PROT_READ | PROT_WRITE */
addr = mmap(NULL, size, PROT_READ | PROT_WRITE, flags, fd, 0);
if (addr == MAP_FAILED) {
handle_error("mmap");
}
close(fd);
return addr;
}
int len = 1 << 12;
static void *thread_msync(void *arg)
{
char *p = arg;
if (msync(p, len, MS_SYNC) < 0) {
handle_error("msync");
}
return NULL;
}
#define NB_THREADS 10000
int main(int argc, char *argv[])
{
char *addr;
pthread_t threads[NB_THREADS];
addr = open_map(0, 256 << 12);
printf("Start of region: 0x%lx\n", (long)addr);
for (int i = 0; i < NB_THREADS; i++) {
int s;
int page = rand() % 256;
char *p = addr + (page << 12);
if (mprotect(p, len, PROT_READ | PROT_WRITE) == -1) {
handle_error("mprotect");
}
memset(p, 'a', len / 2);
memset(p + len / 2, 'b', len / 2);
if (mprotect(p, len, PROT_READ) == -1) {
handle_error("mprotect");
}
s = pthread_create(&threads[i], NULL, &thread_msync, p);
if (s) {
handle_error_en(s, "pthread_create");
}
}
for (int i = 0; i < NB_THREADS; i++) {
pthread_join(threads[i], NULL);
}
if (munmap(addr, 256 << 12) == -1) {
handle_error("munmap");
}
printf("Closed region: 0x%lx\n", (long)addr);
exit(EXIT_SUCCESS);
}
Reply to: