kern/118510: munmap(2) doesn't remove all mappings
Tijl Coosemans
tijl at ulyssis.org
Sun Dec 9 08:10:01 PST 2007
>Number: 118510
>Category: kern
>Synopsis: munmap(2) doesn't remove all mappings
>Confidential: no
>Severity: non-critical
>Priority: medium
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Sun Dec 09 16:10:00 UTC 2007
>Closed-Date:
>Last-Modified:
>Originator: Tijl Coosemans
>Release: FreeBSD 7.0-BETA3 i386
>Organization:
>Environment:
System: FreeBSD kalimero.kotnet.org 7.0-BETA3 FreeBSD 7.0-BETA3 #1: Sat Nov 17 19:01:40 CET 2007
>Description:
When a memory region has been partially munmap()ed, subsequent
calls to munmap() on this region have no effect.
>How-To-Repeat:
The following program should segfault, but doesn't.
It mmap()s 2 pages and munmap()s them again but the second page
is still accessible.
--- test.c begins here ---
#include <sys/mman.h>
#include <stdio.h>
#include <unistd.h>
int main( int argc, char **argv ) {
unsigned int const page_size = getpagesize();
void *map;
char volatile *cmap;
map = mmap( NULL, 2 * page_size, PROT_READ | PROT_WRITE, MAP_PRIVATE | MAP_ANON, -1, 0 );
munmap( map, page_size );
munmap( map, 2 * page_size );
cmap = map;
cmap[ page_size ] = 'a';
printf( "%c\n", cmap[ page_size ] );
return 0;
}
--- test.c ends here ---
>Fix:
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-bugs
mailing list