kern/52384: write(2) from a nonreadable memory region returns EACCES

[n54%gmx.com@localhost]

>Number:         52384
>Category:       kern
>Synopsis:       write(2) from a nonreadable memory region returns EACCES
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    kern-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Sun Jul 09 14:40:01 +0000 2017
>Originator:     Kamil Rytarowski
>Release:        NetBSD 8.99.1 amd64
>Organization:
TNF
>Environment:
NetBSD chieftec 8.99.1 NetBSD 8.99.1 (GENERIC) #5: Sat Jul  1 17:48:34 CEST 2017  root@chieftec:/public/netbsd-root/sys/arch/amd64/compile/GENERIC amd64
>Description:
When using write(2) to write to a file descriptor (pipe(2)) from a memory region that is not readable, the system call returns EACCES.

This differs from Darwin, Linux, OpenBSD, FreeBSD - they return EFAULT.

This behavior breaks part of LLVM sanitizers functionality. There are failing tests that use IsAccessibleMemoryRange() from sanitizer_posix_libcdep.cc.
>How-To-Repeat:
#include <unistd.h>
#include <sys/mman.h>
#include <stdio.h>
#include <errno.h>

#define SIZE 100

int
main(int argc, char **argv)
{
  int sock_pair[2];
  if (pipe(sock_pair))
    return -1;   
  void *map = mmap(NULL, SIZE, PROT_NONE, MAP_ANON | MAP_PRIVATE, -1, 0);  
  long bytes_written = write(sock_pair[1], map, SIZE); 
   
  printf("map=%p bytes_written=%d errno=%d\n", map, bytes_written, errno);

  close(sock_pair[0]);         
  close(sock_pair[1]);         
  return 0;     
}
>Fix:
Adjust the system call to return EFAULT.