代码之家  ›  专栏  ›  技术社区  ›  danblack

与成功的madvise(DONTDUMP)具有相同ptr/大小的madvise(DODUMP)在EINVAL中失败

system-calls memory linux c
  •  1
  • danblack  · 技术社区  · 6 年前

    测试mysqld的MariaDB异常(10.3分支)它在启动时做什么:

    内存分配返回 ptr=0x7fffe1a00000 对于 bytes=2097152

    在madvise syscall之前,/proc/{pid}/smap条目是: 

    7fffe1a00000-7fffe1c00000 rw-s 00000000 00:0f 18481215                   /SYSV00000000 (deleted)
Size:               2048 kB
KernelPageSize:     2048 kB
MMUPageSize:        2048 kB
Rss:                   0 kB
Pss:                   0 kB
Shared_Clean:          0 kB
Shared_Dirty:          0 kB
Private_Clean:         0 kB
Private_Dirty:         0 kB
Referenced:            0 kB
Anonymous:             0 kB
LazyFree:              0 kB
AnonHugePages:         0 kB
ShmemPmdMapped:        0 kB
Shared_Hugetlb:        0 kB
Private_Hugetlb:       0 kB
Swap:                  0 kB
SwapPss:               0 kB
Locked:                0 kB
VmFlags: rd wr sh mr mw me ms de ht sd

    通话后: 

    madvise(ptr, bytes, MADV_DONTDUMP)

    页面将拾取 dd “不转储”标志如预期: 

    7fffe1a00000-7fffe1c00000 rw-s 00000000 00:0f 18481215                   /SYSV00000000 (deleted)
Size:               2048 kB
KernelPageSize:     2048 kB
MMUPageSize:        2048 kB
Rss:                   0 kB
Pss:                   0 kB
Shared_Clean:          0 kB
Shared_Dirty:          0 kB
Private_Clean:         0 kB
Private_Dirty:         0 kB
Referenced:            0 kB
Anonymous:             0 kB
LazyFree:              0 kB
AnonHugePages:         0 kB
ShmemPmdMapped:        0 kB
Shared_Hugetlb:        0 kB
Private_Hugetlb:       0 kB
Swap:                  0 kB
SwapPss:               0 kB
Locked:                0 kB
VmFlags: rd wr sh mr mw me ms de ht dd sd

    madvise(ptr, m_size, MADV_DODUMP) 地图是一样的: 

    7fffe1a00000-7fffe1c00000 rw-s 00000000:0f 18481215/SYSV0000000(已删除)
大小:2048 kB
KernelPageSize:2048 kB
MMUPageSize:2048 kB
共享\u清除:0 kB
共享\u脏:0 kB
专用\u清除:0 kB
私有\u脏:0 kB
引用:0 kB
空闲:0 kB
ShmemPmdMapped:0 kB
共享的\u Hugetlb:0 kB
专用\u Hugetlb:0 kB
交换:0 kB
VmFlags:rd wr sh mr mw me ms de ht dd sd公司


    madvise(ptr, m_size, MADV_DODUMP)

    GDB显示使用相同的值: 

    (gdb) p size
$1 = 2097152
(gdb) p ptr
$2 = (void *) 0x7fffe1a00000

    madvise(ptr,size,MADV_DODUMP) errno=EINVAL ,页面映射保持不变。

    内核版本: 

    $ uname -a
Linux 4.18.9-300.fc29.x86_64 #1 SMP Thu Sep 20 02:32:53 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux

    为了完整性 strace -fe trace=%memory ... 从分配提取到 EINVAL 同一程序(不同的执行): 

    [pid  6036] shmat(18874431, NULL, 0)    = 0x7f6ebda00000
[pid  6036] madvise(0x7f6ebda00000, 2097152, MADV_DONTDUMP) = 0
[pid  6036] mmap(NULL, 2215936, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6ebd7e3000
[pid  6036] brk(NULL)                   = 0x55caa0d76000
[pid  6036] brk(0x55caa0de7000)         = 0x55caa0de7000
[pid  6036] brk(NULL)                   = 0x55caa0de7000
[pid  6036] brk(0x55caa0e38000)         = 0x55caa0e38000
[pid  6036] brk(NULL)                   = 0x55caa0e38000
[pid  6036] brk(0x55caa0e8a000)         = 0x55caa0e8a000
[pid  6036] mmap(NULL, 8392704, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6ebcfe2000
[pid  6036] mprotect(0x7f6ebcfe3000, 8388608, PROT_READ|PROT_WRITE) = 0
strace: Process 6039 attached
[pid  6036] mmap(NULL, 8392704, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6ebc7e1000
[pid  6036] mprotect(0x7f6ebc7e2000, 8388608, PROT_READ|PROT_WRITE) = 0
strace: Process 6040 attached
[pid  6036] mmap(NULL, 8392704, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6ead3ff000
[pid  6036] mprotect(0x7f6ead400000, 8388608, PROT_READ|PROT_WRITE) = 0
strace: Process 6041 attached
[pid  6036] mmap(NULL, 8392704, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6eacbfe000
[pid  6036] mprotect(0x7f6eacbff000, 8388608, PROT_READ|PROT_WRITE) = 0
strace: Process 6042 attached
[pid  6036] mmap(NULL, 8392704, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6eac3fd000
[pid  6036] mprotect(0x7f6eac3fe000, 8388608, PROT_READ|PROT_WRITE) = 0
strace: Process 6043 attached
[pid  6036] mmap(NULL, 8392704, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6eabbfc000
[pid  6036] mprotect(0x7f6eabbfd000, 8388608, PROT_READ|PROT_WRITE) = 0
strace: Process 6044 attached
[pid  6036] mmap(NULL, 8392704, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6eab3fb000
[pid  6036] mprotect(0x7f6eab3fc000, 8388608, PROT_READ|PROT_WRITE) = 0
strace: Process 6045 attached
[pid  6036] mmap(NULL, 8392704, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6eaabfa000
[pid  6036] mprotect(0x7f6eaabfb000, 8388608, PROT_READ|PROT_WRITE) = 0
strace: Process 6046 attached
[pid  6036] mmap(NULL, 8392704, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6eaa3f9000
[pid  6036] mprotect(0x7f6eaa3fa000, 8388608, PROT_READ|PROT_WRITE) = 0
strace: Process 6047 attached
[pid  6036] mmap(NULL, 8392704, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6ea9bf8000
[pid  6036] mprotect(0x7f6ea9bf9000, 8388608, PROT_READ|PROT_WRITE) = 0
strace: Process 6048 attached
[pid  6036] mmap(NULL, 8392704, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f6ea93f7000
[pid  6036] mprotect(0x7f6ea93f8000, 8388608, PROT_READ|PROT_WRITE) = 0
strace: Process 6049 attached
[pid  6049] mmap(NULL, 134217728, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_NORESERVE, -1, 0) = 0x7f6ea13f7000
[pid  6049] munmap(0x7f6ea13f7000, 46174208) = 0
[pid  6049] munmap(0x7f6ea8000000, 20934656) = 0
[pid  6049] mprotect(0x7f6ea4000000, 135168, PROT_READ|PROT_WRITE) = 0
[pid  6036] brk(NULL)                   = 0x55caa0e8a000
[pid  6036] brk(0x55caa0eab000)         = 0x55caa0eab000
[pid  6036] mmap(NULL, 2117632, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6ebc5dc000
[pid  6036] munmap(0x7f6ebd7e3000, 2215936) = 0
[pid  6036] brk(NULL)                   = 0x55caa0eab000
[pid  6036] brk(0x55caa10d5000)         = 0x55caa10d5000
[pid  6036] brk(NULL)                   = 0x55caa10d5000
[pid  6036] brk(0x55caa1118000)         = 0x55caa1118000
[pid  6036] brk(NULL)                   = 0x55caa1118000
[pid  6036] brk(0x55caa115c000)         = 0x55caa115c000
[pid  6036] madvise(0x7f6ebda00000, 2097152, MADV_DODUMP) = -1 EINVAL (Invalid argument)

    有什么线索可以解释为什么埃因瓦尔会被送回美国吗 madvise(MADV_DODUMP) ?

    1 回复  |  直到 6 年前
        1
  •  1
  •   Florian Weimer    6 年前

    de VM_DONTEXPAND ,内核显式拒绝该标志 MADV_DODUMP 

    #define VM_SPECIAL (VM_IO | VM_DONTEXPAND | VM_PFNMAP | VM_MIXEDMAP)
…
    case MADV_DODUMP:
            if (new_flags & VM_SPECIAL) {
                    error = -EINVAL;
                    goto out;
            }
            new_flags &= ~VM_DONTDUMP;
            break;

    自提交0103bd16fb90bc741c7a03fd1ea4e8a505abad23(mm:prepare)以来,此检查一直存在 VM_DONTDUMP 用于2012年。

    这个映射可能来自hugetlbfs( hugetlbfs_file_mmap 在里面 fs/hugetlbfs/inode.c )因为 ht 也设置了位。

    推荐文章
    Aidan  ·  为什么在将最后一个索引分配给空终止符(\0)后,我无法释放char缓冲区
    6 月前
    Chris  ·  用目的地捕捉信号
    6 月前
    MaPo  ·  Linux,设置锁定ICMP_过滤器选项
    6 月前
    KevInSol  ·  在FreeBSD的配置阶段,从源代码构建PHP时找不到libjpeg
    6 月前
    Doohyeon Won  ·  内联函数上的奇怪现象?[关闭]
    6 月前
    MaSc. H.  ·  大小与阵列大小
    6 月前
    Fulmineo  ·  我的C代码运行良好,但在结束前崩溃(0xC0000374)
    6 月前
    Mehan Alavi  ·  TCP Socket-打印字符串中所有不在C中的字符不起作用
    6 月前
    Bobby  ·  复合字面值总是左值吗?
    7 月前
    9-Pin  ·  C: 嵌套结构的堆栈内存分配
    7 月前
    关于   移动版
    代码之家 - 一站式码农服务社区
    沪ICP备11025650号