From owner-freebsd-hackers@FreeBSD.ORG  Wed Oct 21 02:38:26 2009
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
Delivered-To: freebsd-hackers@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 4C32A10656C5
	for <freebsd-hackers@freebsd.org>; Wed, 21 Oct 2009 02:38:26 +0000 (UTC)
	(envelope-from nate@thatsmathematics.com)
Received: from euclid.ucsd.edu (euclid.ucsd.edu [132.239.145.52])
	by mx1.freebsd.org (Postfix) with ESMTP id 2DAD68FC22
	for <freebsd-hackers@freebsd.org>; Wed, 21 Oct 2009 02:38:25 +0000 (UTC)
Received: from zeno.ucsd.edu (zeno.ucsd.edu [132.239.145.22])
	by euclid.ucsd.edu (8.11.7p3+Sun/8.11.7) with ESMTP id n9L2cPo26716;
	Tue, 20 Oct 2009 19:38:25 -0700 (PDT)
Received: from localhost (neldredg@localhost)
	by zeno.ucsd.edu (8.11.7p3+Sun/8.11.7) with ESMTP id n9L2cPq19058;
	Tue, 20 Oct 2009 19:38:25 -0700 (PDT)
X-Authentication-Warning: zeno.ucsd.edu: neldredg owned process doing -bs
Date: Tue, 20 Oct 2009 19:38:24 -0700 (PDT)
From: Nate Eldredge <nate@thatsmathematics.com>
X-X-Sender: neldredg@zeno.ucsd.edu
To: Alexander Best <alexbestms@math.uni-muenster.de>
In-Reply-To: <permail-2009102101411480e26a0b00003712-a_best01@message-id.uni-muenster.de>
Message-ID: <Pine.GSO.4.64.0910201931560.5432@zeno.ucsd.edu>
References: <permail-2009102101411480e26a0b00003712-a_best01@message-id.uni-muenster.de>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
Cc: freebsd-hackers@freebsd.org
Subject: Re: mmap(2) segaults with certain len values and MAP_ANON|MAP_FIXED
X-BeenThere: freebsd-hackers@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Technical Discussions relating to FreeBSD
	<freebsd-hackers.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>, 
	<mailto:freebsd-hackers-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-hackers>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Help: <mailto:freebsd-hackers-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
	<mailto:freebsd-hackers-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 21 Oct 2009 02:38:26 -0000

On Wed, 21 Oct 2009, Alexander Best wrote:

> hi there,

This is on a 32-bit platform I take it?

> just a little mmap(2) related question. running the following code causes a
> segfault:
>
> mmap( (void*)0x1000, 0x80047000, PROT_NONE, MAP_ANON|MAP_FIXED, -1, 0 );

I don't doubt it.  You mapped over a big chunk of your address space with 
memory that's inaccessible (PROT_NONE).  This probably includes your 
program's code.  So when the mmap call returns from the kernel and tries 
to execute the next instruction of your program, it finds that the 
instruction pointer is pointing to inaccessible memory.  Result: segfault. 
This is quite normal.

What are you actually trying to accomplish with this?

> while the following doesn't:
>
> mmap( (void*)0x1000, 0xffffffff, PROT_NONE, MAP_ANON|MAP_FIXED, -1, 0 );

Did you check whether the mmap actually succeeded?  I bet it didn't.  You 
have a length that isn't a multiple of the page size and wraps around 32 
bits.  I bet you got an EINVAL, and the mmap call didn't actually do 
anything.

> is this a known problem? seems reproducible on all branches.

Not a problem at all, I suspect.

-- 

Nate Eldredge
nate@thatsmathematics.com