From owner-freebsd-current@freebsd.org  Fri Oct 23 16:14:40 2015
Return-Path: <owner-freebsd-current@freebsd.org>
Delivered-To: freebsd-current@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 77AEEA1C03D
 for <freebsd-current@mailman.ysv.freebsd.org>;
 Fri, 23 Oct 2015 16:14:40 +0000 (UTC)
 (envelope-from yaneurabeya@gmail.com)
Received: from mail-pa0-x231.google.com (mail-pa0-x231.google.com
 [IPv6:2607:f8b0:400e:c03::231])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (Client CN "smtp.gmail.com",
 Issuer "Google Internet Authority G2" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 41EEDE8D
 for <freebsd-current@freebsd.org>; Fri, 23 Oct 2015 16:14:40 +0000 (UTC)
 (envelope-from yaneurabeya@gmail.com)
Received: by pabrc13 with SMTP id rc13so121861702pab.0
 for <freebsd-current@freebsd.org>; Fri, 23 Oct 2015 09:14:39 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
 h=content-type:mime-version:subject:from:in-reply-to:date:cc
 :content-transfer-encoding:message-id:references:to;
 bh=3Dy0ij8a6K/ec3jahwyvuthsrFUTYIl3AvEafO+YcS4=;
 b=QKHuXVDep97S/gGPfeUKCHlAuPjaL97GXoC0Krghd9ZUbu1ct+pkIj7aUG2BPsykzK
 ImjWLkTUpJksQTiI7gJOMUQ9JsUYfz0BZagw9P7aVjkr5L0nNb6c0zQNaCGmsanOEtos
 ZGvLrjpmog1wU2ZhLNmfP5me5oiBwmXcB5XPvCICKO7HX7GxszT1FhRKpetdqoL4mVIp
 tgXuiyIDVuCvi5pzWqSDlxVwvtRpvUo31FJ72rLuDRgasikQ3NkAFTYjdTiAL+jhwxxD
 A+4Mb/wuMe83gjQ+VSx6OlbxhpzVONQ3w4PAUsfs1BUAzbS5frwFTsROYlyoqivy8Z8C
 8PbA==
X-Received: by 10.68.88.165 with SMTP id bh5mr6081955pbb.160.1445616879717;
 Fri, 23 Oct 2015 09:14:39 -0700 (PDT)
Received: from [192.168.20.11] (c-24-16-212-205.hsd1.wa.comcast.net.
 [24.16.212.205])
 by smtp.gmail.com with ESMTPSA id pn8sm19779976pbb.16.2015.10.23.09.14.38
 (version=TLSv1/SSLv3 cipher=OTHER);
 Fri, 23 Oct 2015 09:14:38 -0700 (PDT)
Content-Type: text/plain;
	charset=us-ascii
Mime-Version: 1.0 (1.0)
Subject: Re: dtc(1): reproducible segmentation fault
From: Garrett Cooper <yaneurabeya@gmail.com>
X-Mailer: iPhone Mail (13B143)
In-Reply-To: <562A3FE5.8020809@uniridge.com.au>
Date: Fri, 23 Oct 2015 09:14:38 -0700
Cc: freebsd-current@freebsd.org
Content-Transfer-Encoding: quoted-printable
Message-Id: <F6FF4D7B-C380-4410-8A4D-6E376DF76C7D@gmail.com>
References: <562A3FE5.8020809@uniridge.com.au>
To: George Abdelmalik <gabdelmalik@uniridge.com.au>
X-BeenThere: freebsd-current@freebsd.org
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: Discussions about the use of FreeBSD-current
 <freebsd-current.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-current>, 
 <mailto:freebsd-current-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-current/>
List-Post: <mailto:freebsd-current@freebsd.org>
List-Help: <mailto:freebsd-current-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-current>, 
 <mailto:freebsd-current-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 23 Oct 2015 16:14:40 -0000


> On Oct 23, 2015, at 07:10, George Abdelmalik <gabdelmalik@uniridge.com.au>=
 wrote:
>=20
> Hi,
>=20
> With recent amd64 11.0-current system (as of earlier this week) I can repr=
oduciblycw
> get a SIGSEGV when running a command such as
>=20
> $ dtc -o zb.dtb /usr/src/sys/boot/fdt/dts/arm/zedboard.dts
> Segmentation fault (core dumped)
>=20
> I've investigated the issue and found that the problem is at line
> 241 of the /usr/src/usr.bin/dtc/input_buffer.cc where the call to
> mmap(2) fails. Snippet below:
>=20
> 233 mmap_input_buffer::mmap_input_buffer(int fd) : input_buffer(0, 0)
> 234 {
> 235         struct stat sb;
> 236         if (fstat(fd, &sb))
> 237         {
> 238                 perror("Failed to stat file");
> 239         }
> 240         size =3D sb.st_size;
> 241         buffer =3D (const char*)mmap(0, size, PROT_READ,
> 242                 MAP_PREFAULT_READ, fd, 0);
> 243         if (buffer =3D=3D 0)
> 244         {
> 245                 perror("Failed to mmap file");
> 246         }
> 247 }
>=20
> The code incorrectly tests againts 0 instead of MAP_FAILED for failure
> which is why the the perror message isn't seen at the terminal, the SIGSEG=
V
> happens later when an attempt to access the buffer array is made.
>=20
> Also the final parts of truss output are:
>=20
> ..
> ..
> getrusage(0,{ u=3D0.000000,s=3D0.002578,in=3D2,out=3D0 }) =3D 0 (0x0)
> mmap(0x0,2097152,PROT_READ|PROT_WRITE,MAP_PRIVATE|MAP_ANON,-1,0x0) =3D 343=
84904192 (0x801800000)
> openat(AT_FDCWD,"xxx.dtb",O_WRONLY|O_CREAT|O_TRUNC,0666) =3D 3 (0x3)
> getrusage(0,{ u=3D0.000000,s=3D0.002697,in=3D2,out=3D0 }) =3D 0 (0x0)
> openat(AT_FDCWD,"/usr/src/sys/boot/fdt/dts/arm/zedboard.dts",O_RDONLY,00) =3D=
 4 (0x4)
> fstat(4,{ mode=3D-rw-r--r-- ,inode=3D73360,size=3D5360,blksize=3D5632 }) =3D=
 0 (0x0)
> fstat(4,{ mode=3D-rw-r--r-- ,inode=3D73360,size=3D5360,blksize=3D5632 }) =3D=
 0 (0x0)
> mmap(0x0,5360,PROT_READ,MAP_PREFAULT_READ,4,0x0) ERR#22 'Invalid argument'=

> close(4)                     =3D 0 (0x0)
> SIGNAL 11 (SIGSEGV)
> process killed, signal =3D 11 (core dumped)
>=20
> Any help debugging this futher would be much appreciated. I just can't und=
erstand why
> the mmap in question would fail, and what's invalid about its arguments?

Hi George,
    Could you please post the bug report (with your dts file) on bugs.freebs=
d.org and CC Ian Lepore and Warner Losh?
Thanks!
-NGie=