archive mirror
 help / color / mirror / Atom feed
* mmap and MAP_FIXED question
@ 2003-11-27  0:38 Lothar Werzinger
  0 siblings, 0 replies; only message in thread
From: Lothar Werzinger @ 2003-11-27  0:38 UTC (permalink / raw)
  To: linux-kernel; +Cc: Krishnakumar B

[-- Attachment #1: Type: text/plain, Size: 1626 bytes --]


I currently do not have subscribed to LKML, so please CC to my address when 
answering. I will browse the archive, but on a not so regular basis.

I came across a strange behavior of mmap using the ACE library. After some 
discussion on the ace-users mailing list 
( I'd like to post this 
question here in the hope that anyone knows more about this.

The problem basically is that a program doing a mmap call with the MAP_FIXED 
flag set crashes just by unmapping and mapping of an extended (larger) memory 
area. Note it crashes although it never touches (writes) to the memory it 

Attached is a C file that if compiled and run on a 2.4.x Kernel crashes with a 
segmentation fault.  If called with any argument it uses a (delta) value to 
increase the map size, so it crashes after 21 iterations on my computer.
My kernel version is:
$ cat /proc/version
Linux version 2.4.20-18.9.acpi.4 ( (gcc version 3.2.2 
20030222 (Red Hat Linux 3.2.2-5)) #1 Wed Jul 2 14:54:57 CEST 2003

If anyone knows why the program crashes instead of just failing with some 
error code, please let me know.

The attached program is a slightly modified version I got from an ACE 
> Here's my test program. It fails under all machines that I have tested.
> Maybe you can post it to Linux Kernel and ask what is broken and tell me if
> you get any answer. 

Lothar Werzinger Dipl.-Ing. Univ.
framework & platform architect
Xcerla Corporation
275 Tennant Avenue, Suite 202
Morgan Hill, Ca 95037
phone: +1-408-776-9018

[-- Attachment #2: mmaptest.c --]
[-- Type: text/x-csrc, Size: 2320 bytes --]

#include <sys/mman.h>
#include <stdio.h>
#include <stdlib.h>
#include <errno.h>
#include <unistd.h>
#include <time.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <fcntl.h>
#include <string.h>

int main(int argc, char ** argv)
  int fd = 0;
  int pagesize = 0;
  unsigned int delta = 0;
  int retval = 0;
  size_t count = 0;
  size_t size = 0;
  char* addr = 0;

  pagesize = getpagesize();

  delta = rand() % pagesize;
  if (argc > 1)
    delta = 0xf96;
  fprintf (stderr, "pagesize %d\n", pagesize);
  fprintf (stderr, "using delta %06d, %06x\n", delta, delta);

  fd = open ("/tmp/", O_RDWR|O_CREAT);
  if (fd == -1)
      fprintf (stderr, "Unable to create file: %s\n", strerror (errno));
      exit (1);
  if (unlink ("/tmp/") == -1)
      fprintf (stderr, "Unable to unlink file: %s\n", strerror (errno));
      exit (1);

  retval = ftruncate (fd, delta);
  if (retval == -1)
      fprintf (stderr, "Unable to resize file: %s\n", strerror (errno));
      exit (1);

  size = delta;
  addr = (char*) mmap (0, size, PROT_READ|PROT_WRITE, MAP_SHARED, fd, 0);
  if (addr == MAP_FAILED)
      fprintf (stderr, "Unable to map file: %s\n", strerror (errno));
      exit (1);

  fprintf (stderr, "%03d address: %p, size: %06d, %06x, new size: %06d, %06x\n",
           count, addr, size, size, size + delta, size + delta);
  while (count < 500)
      if (munmap(addr, size) == -1)
          fprintf (stderr, "Unable to unmap file: %s\n", strerror (errno));
          exit (1);

      size += delta;
      retval = ftruncate (fd, size);
      if (retval == -1)
          fprintf (stderr, "Unable to resize file: %s\n", strerror (errno));
          exit (1);
      addr = (char*) mmap (addr, size, PROT_READ|PROT_WRITE,
                           MAP_SHARED|MAP_FIXED, fd, 0);
      if (addr == MAP_FAILED)
          fprintf (stderr, "Unable to map file: %s\n", strerror (errno));
          exit (1);

      fprintf (stderr, "%03d address: %p, size: %06d, %06x, new size: %06d, %06x\n",
               count, addr, size, size, size + delta, size + delta);
  fprintf (stderr, "%03d exited loop\n", count);
  return 0;

^ permalink raw reply	[flat|nested] only message in thread

only message in thread, other threads:[~2003-11-27  0:38 UTC | newest]

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2003-11-27  0:38 mmap and MAP_FIXED question Lothar Werzinger

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).