On Thu, Sep 10, 2009 at 06:37:47PM +0400, Maxim Uvarov wrote:
>>> TLB exception handler incorrecly handles situation
>>> with wrong vmalloc'ed addresses. This patch adds
>>> verifications for vmalloc'ed addresses (similar to
>>> x86_64 implementation). So the code now traps inside
>>> do_page_fault() on access to the wrong area.
>>>
>>> Signed-off-by: Maxim Uvarov <muvarov@xxxxxxxxxxxxx>
>>>
>>> Test case:
>>>
>>> #include <linux/module.h>
>>> #include <linux/init.h>
>>> #include <linux/kernel.h>
>>> #include <linux/kthread.h>
>>> #include <linux/delay.h>
>>>
>>> static struct task_struct *ts;
>>> static int example_thread(void *dummy)
>>> {
>>> void *ptr;
>>> ptr = vmalloc(16*1024*1024);
>>> for(;;)
>>> {
>>> msleep(100);
>>> }
>>> }
>>
>> So your test case allocates vmalloc memory but never touches it.
>
> Yes, it is so. Bug occurs on rmmod this module. (Module does not free memory
> allocated with vmalloc().
Nor does it stop the thread on exit or avoid unloading. So panicing is
expected.
Ralf
