NetBSD-Bugs archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

kern/52384: write(2) from a nonreadable memory region returns EACCES

>Number:         52384
>Category:       kern
>Synopsis:       write(2) from a nonreadable memory region returns EACCES
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    kern-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Sun Jul 09 14:40:01 +0000 2017
>Originator:     Kamil Rytarowski
>Release:        NetBSD 8.99.1 amd64
NetBSD chieftec 8.99.1 NetBSD 8.99.1 (GENERIC) #5: Sat Jul  1 17:48:34 CEST 2017  root@chieftec:/public/netbsd-root/sys/arch/amd64/compile/GENERIC amd64
When using write(2) to write to a file descriptor (pipe(2)) from a memory region that is not readable, the system call returns EACCES.

This differs from Darwin, Linux, OpenBSD, FreeBSD - they return EFAULT.

This behavior breaks part of LLVM sanitizers functionality. There are failing tests that use IsAccessibleMemoryRange() from
#include <unistd.h>
#include <sys/mman.h>
#include <stdio.h>
#include <errno.h>

#define SIZE 100

main(int argc, char **argv)
  int sock_pair[2];
  if (pipe(sock_pair))
    return -1;   
  void *map = mmap(NULL, SIZE, PROT_NONE, MAP_ANON | MAP_PRIVATE, -1, 0);  
  long bytes_written = write(sock_pair[1], map, SIZE); 
  printf("map=%p bytes_written=%d errno=%d\n", map, bytes_written, errno);

  return 0;     
Adjust the system call to return EFAULT.

Home | Main Index | Thread Index | Old Index