Hi,
while testing some changes to kern/sys_pipe.c, I found out the
loan-using code in there leaks memory under some circumstances. If
I run following program:

#include <sys/types.h>
#include <unistd.h>
#include <stdio.h>
#include <stdlib.h>
#include <poll.h>
#include <sched.h>

int
main()
{
	int pp[2];
	char *f = (char *) malloc(2 * 1024 * 1024);
	pipe(pp);
	write(pp[1], f, 2 * 1024 * 1024);
}

and ^C it, kernel with NEW_PIPE leaks the amount of memory used
for memory loan for the write(2) call to pipe (this is 1MB, or
PIPE_DIRECT_CHUNK of memory). The 1MB of memory also stays wired
(the wiring is done implicitly for LOAN_TOPAGE in uvm_loan()). I've
tested this with both TOPAGE and TOANON loans, and it happens for
both, though no wiring happens for TOANON case, of course.

If I add appropriate uvm_unloanFOO() call before uvm_km_free() of
the kva used for loaned memory in pipe_loan_free(), no memory leak
occurs.

Up to now, I though that uvm_km_free() of kva using the loaned
memory pages would implicitly 'unloan' up the loaned pages. Either this
is not done, or I still miss something.

Is this supposed to work this way, or is this a bug?

Jaromir
-- 
Jaromir Dolecek <jdolecek@NetBSD.org>      http://www.ics.muni.cz/~dolecek/
NetBSD - just plain best OS! -=*=- Got spare MCA cards or docs? Hand me them!