On Mon, Jun 10, 2019 at 09:00:34AM -0400, Shawn Webb wrote: > On Mon, Jun 10, 2019 at 03:07:11AM +0000, Doug Moore wrote: > > Author: dougm > > Date: Mon Jun 10 03:07:10 2019 > > New Revision: 348843 > > URL: https://svnweb.freebsd.org/changeset/base/348843 > > > > Log: > > There are times when a len==0 parameter to mmap is okay. But on a > > 32-bit machine, a len parameter just a few bytes short of 4G, rounded > > up to a page boundary and hitting zero then, is not okay. Return > > failure in that case. > > > > Reported by: pho > > Reviewed by: alc, kib (mentor) > > Tested by: pho > > Differential Revision: https://reviews.freebsd.org/D20580 > > > > Modified: > > head/sys/vm/vm_mmap.c > > > > Modified: head/sys/vm/vm_mmap.c > > ============================================================================== > > --- head/sys/vm/vm_mmap.c Sun Jun 9 22:55:21 2019 (r348842) > > +++ head/sys/vm/vm_mmap.c Mon Jun 10 03:07:10 2019 (r348843) > > @@ -257,7 +257,10 @@ kern_mmap(struct thread *td, uintptr_t addr0, size_t s > > > > /* Adjust size for rounding (on both ends). */ > > size += pageoff; /* low end... */ > > - size = (vm_size_t) round_page(size); /* hi end */ > > + /* Check for rounding up to zero. */ > > + if (round_page(size) < size) > > + return (EINVAL); > > The mmap(2) manpage says that len==0 results in EINVAL, so the manpage > needs updating.
The manpage is correct for ABIs people are actually writing code for (ELF). I suppose it could document the exception for a.out (see the conditional containing SV_CURPROC_FLAG(SV_AOUT) in kern_mmap()), but it should be in BUGS, HISTORY, or some such. -- Brooks
signature.asc
Description: PGP signature
