mmap(2) segaults with certain len values and MAP_ANON|MAP_FIXED
Nate Eldredge
nate at thatsmathematics.com
Wed Oct 21 02:38:26 UTC 2009
On Wed, 21 Oct 2009, Alexander Best wrote:
> hi there,
This is on a 32-bit platform I take it?
> just a little mmap(2) related question. running the following code causes a
> segfault:
>
> mmap( (void*)0x1000, 0x80047000, PROT_NONE, MAP_ANON|MAP_FIXED, -1, 0 );
I don't doubt it. You mapped over a big chunk of your address space with
memory that's inaccessible (PROT_NONE). This probably includes your
program's code. So when the mmap call returns from the kernel and tries
to execute the next instruction of your program, it finds that the
instruction pointer is pointing to inaccessible memory. Result: segfault.
This is quite normal.
What are you actually trying to accomplish with this?
> while the following doesn't:
>
> mmap( (void*)0x1000, 0xffffffff, PROT_NONE, MAP_ANON|MAP_FIXED, -1, 0 );
Did you check whether the mmap actually succeeded? I bet it didn't. You
have a length that isn't a multiple of the page size and wraps around 32
bits. I bet you got an EINVAL, and the mmap call didn't actually do
anything.
> is this a known problem? seems reproducible on all branches.
Not a problem at all, I suspect.
--
Nate Eldredge
nate at thatsmathematics.com
More information about the freebsd-hackers
mailing list