Skip site navigation (1)Skip section navigation (2) 
Date:      Sun, 29 Jul 2018 19:16:58 +0000
From:      bugzilla-noreply@freebsd.org
To:        bugs@FreeBSD.org
Subject:   [Bug 230162] mprotect(2): error converting size argument in 32-bit emulation
Message-ID:  <bug-230162-227@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help 
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D230162

            Bug ID: 230162
           Summary: mprotect(2): error converting size argument in 32-bit
                    emulation
           Product: Base System
           Version: CURRENT
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Only Me
          Priority: ---
         Component: kern
          Assignee: bugs@FreeBSD.org
          Reporter: asomers@FreeBSD.org

The lib/libc/sys/mprotect_test:mprotect_err test fails when run under 32-bit
emulation.  Examining the problem with dtrace, it looks like there's a cast=
ing
error; the 32-bit syscall's len argument winds up in the high half of
kern_mprotect's size argument.  I don't see that behavior when I dtrace msg=
snd,
another syscall with a size_t argument.

Here's an example of the problem.  Notice how len=3D0x1 in
syscall:freebsd32_mprotect, but 0x100000000 in fbt:kern_mprotect

$ sudo dtrace -i 'fbt:kernel:kern_mprotect:entry {printf("addr0=3D%#lx,
size=3D%#lx", args[1], args[2]);}'  -i
'syscall:freebsd32:freebsd32_mprotect:entry {printf("addr=3D%p len=3D%#lx",
args[0], args[1]);}' -i 'fbt:kernel:vm_map_protect:entry {printf("size ~=3D
%#lx", args[2] - args[1]);}'
dtrace: description 'fbt:kernel:kern_mprotect:entry ' matched 1 probe
dtrace: description 'syscall:freebsd32:freebsd32_mprotect:entry ' matched 1
probe
dtrace: description 'fbt:kernel:vm_map_protect:entry ' matched 1 probe
CPU     ID                    FUNCTION:NAME
  2  61769         freebsd32_mprotect:entry addr=3D0 len=3D0
  2  28572              kern_mprotect:entry addr0=3D0, size=3D0
  2  47917             vm_map_protect:entry size ~=3D 0
  3  61769         freebsd32_mprotect:entry addr=3Dffffffff len=3D0x1
  3  28572              kern_mprotect:entry addr0=3D0xfffff000, size=3D0x10=
0000000
  3  47917             vm_map_protect:entry size ~=3D 0x1000

And in another terminal, in a 32-bit chroot, run
# kyua debug mprotect_test:mprotect_err
mprotect_test:mprotect_err  ->  failed:
/usr/home/somers/freebsd/base/head/contrib/netbsd-tests/lib/libc/sys/t_mpro=
tect.c:158:
mprotect((char *)-1, 1, PROT_READ) !=3D 0 not met

--=20
You are receiving this mail because:
You are the assignee for the bug.=

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-230162-227>