similar crash in mmap for 1.5.3-1

[John Joganic]

Previous posts described a bug in mmap called via malloc. I am seeing a 
bug in mmap itself.  The following test does not map large amounts of 
memory, nor does it leak.  It crashes however, after 4193 (0x1061) 
iterations every time.  Like the malloc crash, the call stack references 
strdup, and in this case calloc as well.  On a Linux box, this program 
runs to completion without a hitch.

Thanks!

-John

fail.c:

#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <fcntl.h>
#include <sys/mman.h>

int main(int argc, char **argv)
{
        int i, fd;
        void *p;
        char buf[1024] = { 0 };

        fd = open("test.dat",O_CREAT|O_RDWR,0666);
        if (fd < 0) { perror("failed to open"); exit(1); }
        write(fd,buf,1024);

        for (i=0; i<10000; ++i)
        {
                fprintf(stderr,"%d ",i);
                p = mmap(NULL,1024,PROT_READ|PROT_WRITE,MAP_SHARED,fd,0);
                if (!p) { perror("failed mmap"); exit(1); }
                fprintf(stderr,"=> %p\n",p);
                munmap(p,1024);
        }

        printf("success\n");
        close(fd);
        return 0;
}

The result is:

...
4186 => 0x3f0000
4187 => 0x3f0000
4188 => 0x3f0000
4189 => 0x3f0000
4190 => 0x3f0000
4191 => 0x3f0000
4192 => 0x3f0000
4193       4 [main] fail 3024 cmalloc: cmalloc returned NULL

Program received signal SIGSEGV, Segmentation fault.
0x6103f1d9 in strdup () from /usr/bin/cygwin1.dll
(gdb) bt
#0  0x6103f1d9 in strdup () from /usr/bin/cygwin1.dll
#1  0x6103fcc2 in mmap64 () from /usr/bin/cygwin1.dll
#2  0x004011d6 in main ()
(gdb)



--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/