-
Notifications
You must be signed in to change notification settings - Fork 694
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Out of memory due to mlock #108
Comments
Looks unlock might not be enough. mlock is controlled by RLIMIT_MEMLOCK (ulimit -l). Ubuntu is setting this to 64 KB (even for root). If the total locked memory exceeds this mlock will fail. Increasing the limit will avoid this problem. However, this may not be feasible in all situations. Also, the FreeBSD documentation above says that use of mlock can be restricted to super-user only. This relates to this OpenVPN bug, https://community.openvpn.net/openvpn/ticket/293 also discussed at https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=406895 |
Test case https://gist.github.com/user-none/6c627e97f65a31c5bc1e . keeps calling s2n_config_new until an out of memory error occurs. As stated n the gist valgrind showed 34,977 bytes allocated. Commenting out the mlock if statement in utils/s2n_mem.c the test passes. |
Is it that the limit may not even be raised for/by root? On my system I can raise the limit arbitrarily, but I'm also running a custom kernel and am not certain what parts are custom. |
Root can raise the limit. On Ubuntu by default only root can raise the Think of s2n being used in s client application like a we browser. Any one Not everyone may be able to raise the limit. A university computer lab for On Friday, July 3, 2015, Colm MacCárthaigh notifications@github.com wrote:
|
@BigBoneDaddy root can change the limit permanently for users but it still Also, don't forget that this prevents the applications memory from being On Friday, July 3, 2015, BigBoneDaddy notifications@github.com wrote:
|
s2n_realloc call mlock. s2n_free does not call munlock. This can lead to an out of memory condition.
According to https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_MRG/1.3/html/Realtime_Reference_Guide/sect-Realtime_Reference_Guide-Memory_allocation-Using_mlock_to_avoid_memory_faults.html munlock is necessary when freeing the locked memory.
According to http://www.freebsd.org/cgi/man.cgi?query=mlock "Unlocking is performed explicitly by munlock() or implicitly by a call to munmap()"
Testing on Ubuntu 14.04.2 LTS continued use of mlock without a corresponding munlock after (can also be done before but I don't think it should) free will not allow the memory to be reused.
The text was updated successfully, but these errors were encountered: