Re: New daily reports - nothing

[Solar Designer <solar@openwall.com>]

Luka, Rich -

On Wed, Aug 10, 2011 at 03:34:24AM +0200, Luka Mar??eti?? wrote:
> Nothing to report for today, I'm afraid.

Thank you for posting a report anyway.  It helps.

> Not much time left either. I hoped you'd suggest what to do,

Rich - please suggest which of the remaining tasks Luka should focus on.
Maybe you already did on IRC or elsewhere, but I haven't seen that on
the list.

> but I had 
> to spend time fixing stuff anyway. And since I still do, my priorities are:
> 
> - Fix and commit buf.c *
> - Fix other tests that are still broken (setuid, alloc)
> - Complete the started ones (pthread_eintr)
> 
> * I don't know what's up with this: http://codepad.org/Ysn2roYC.

I took a look.  You're trying to mmap() and mprotect() other than a
multiple of page size.  This can't possibly work as your code expects it
to.  You need to round up your allocation size to the page size, and map
two entire unreadable pages (not size_t quantities) before and after it.
This might not satisfy your needs, though - I don't know what the
purpose of this malloc_bounded() was exactly.

The segfault occurs because your first mprotect() call makes the entire
page starting at stp inaccessible.  Not just a size_t quantity, because
it can't possibly do that.  The second mprotect() call is invoked on a
base address that is not page-aligned, so it fails with EINVAL (at least
on my system).  This is easily seen with strace (you could see it too),
and it'd be a good idea to check the return values in your code.

I hope this helps.

Thanks,

Alexander

P.S. Your use of "Re:" on ever-changing Subjects remains completely
ridiculous.  As explained before, this has nothing to do with threading,
but it breaks the convention of "Re:" being followed by the previous
message's Subject (that you're replying to).  For your use, it's best
not to include "Re:".