From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 46408C369DC for ; Thu, 1 May 2025 16:43:54 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id C76366B009C; Thu, 1 May 2025 12:43:52 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id C23896B009D; Thu, 1 May 2025 12:43:52 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id AE9BC6B009E; Thu, 1 May 2025 12:43:52 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0013.hostedemail.com [216.40.44.13]) by kanga.kvack.org (Postfix) with ESMTP id 9053F6B009C for ; Thu, 1 May 2025 12:43:52 -0400 (EDT) Received: from smtpin04.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay09.hostedemail.com (Postfix) with ESMTP id 35B8C8133A for ; Thu, 1 May 2025 16:43:53 +0000 (UTC) X-FDA: 83394910746.04.40D05BA Received: from dfw.source.kernel.org (dfw.source.kernel.org [139.178.84.217]) by imf04.hostedemail.com (Postfix) with ESMTP id 8C2F04000F for ; Thu, 1 May 2025 16:43:51 +0000 (UTC) Authentication-Results: imf04.hostedemail.com; dkim=pass header.d=kernel.org header.s=k20201202 header.b=KjgHU3kH; dmarc=pass (policy=quarantine) header.from=kernel.org; spf=pass (imf04.hostedemail.com: domain of alx@kernel.org designates 139.178.84.217 as permitted sender) smtp.mailfrom=alx@kernel.org ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1746117831; a=rsa-sha256; cv=none; b=kePN8Cr3jVAxPNdMTx17pklDww0XzZDc9Ta9arnAGDqUsG/h3b+JzlHO5l1YIbHHugnwpx qU+KBl7W9DQYCHBTghsTHC0d5K3/XR2H9E9o3YjvAU1xTU3GUNZPZYHz6Q69iHPuAfINhc OP3zwrZRVvtOtYURcWxK65ynQdMPF4I= ARC-Authentication-Results: i=1; imf04.hostedemail.com; dkim=pass header.d=kernel.org header.s=k20201202 header.b=KjgHU3kH; dmarc=pass (policy=quarantine) header.from=kernel.org; spf=pass (imf04.hostedemail.com: domain of alx@kernel.org designates 139.178.84.217 as permitted sender) smtp.mailfrom=alx@kernel.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1746117831; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=D6wLN2QkC08jsEDP0nFxcH6hJlby5Tv2JvcFddkY+jA=; b=3UjLroXoAPayMJY4TUZpCp6SYTPNPcr3kQ7vL/DoZN39ZbedN7cG5TOgPRsttum0qXQlYn gGPsgnUmT2mbu95LM6rHyxqXiEuJyyOC00yAi6g4AAAgxjcsBIkt+wKeagzMJDI1pU/k5j zLOPKSSNJ3bjb1wBr7eVRC8x2J/G2SQ= Received: from smtp.kernel.org (transwarp.subspace.kernel.org [100.75.92.58]) by dfw.source.kernel.org (Postfix) with ESMTP id 497EA5C596F; Thu, 1 May 2025 16:41:33 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 6D532C4CEE3; Thu, 1 May 2025 16:43:48 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1746117830; bh=fTnFvqoD19QWjp5YRJ7LenC5xq+P2K+xsVJpZXtnJko=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=KjgHU3kHFFY0eDf5B19bKtcw/jeLitnCzguYPeAQS2kro4oEHoOIA+cW7sJhEYnQi QyavkBlWZ5yXcWKdfxO8wRS4Z8ULlgSlWUg6FHPViSQfBak70MIUOO8r09KbtbljC7 ssnWSsOGGIYHZ7QMJGIzxN9us0thsZWMvWdM+rpa3htI1HTqhhhckw2g1HnL7mOCdL /p9r0qLhGH+vi1k8madlMYnpVlLbLggGnHHvKyF6sREwF7KuQ3Rf2XFQWVoyrP24vj RVRdBy4P7Tgj0yhefG4CKOU+rkLhhahYsbnou7+58EcgDZ+ZjHTYVKwq1hZbLJnr3x PBQOfLK2U0Y3A== Date: Thu, 1 May 2025 18:43:45 +0200 From: Alejandro Colomar To: Jann Horn Cc: linux-man@vger.kernel.org, Andrew Morton , "Liam R . Howlett" , Lorenzo Stoakes , Vlastimil Babka , linux-mm@kvack.org, Jakub Wilk Subject: Re: [PATCH man v2] mmap.2: Document danger of mappings larger than PTRDIFF_MAX Message-ID: References: <20250429164359.2699330-1-jannh@google.com> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="iyt3lqyd4gg7mybc" Content-Disposition: inline In-Reply-To: <20250429164359.2699330-1-jannh@google.com> X-Rspam-User: X-Rspamd-Server: rspam02 X-Rspamd-Queue-Id: 8C2F04000F X-Stat-Signature: p13jsi86zdyaeh6jaub7kmou3576n5hu X-HE-Tag: 1746117831-597534 X-HE-Meta: U2FsdGVkX1+h24MIss+iddxDovdbBrsOfbv3SQ2EOkGAhoa1lE6BVWMZacqaj2omkMJB308hYXcgmj043qwkqoh3PW3iRAL7hitmJq35sE7YHPZSItv199WQEIWtROetpcJFkSUc1sFCS5G3vRHK4tNv5F9hs+bVfgTkSrVZvbGf5sJ3UUd/KTMMFXwQAnWKoECN5ET6kcKb4fFGfNbPZowSeKJhdyFPXx66zWyBjZwG2ED+sJjC+3WLgbKw71duAM33WPoV3+JA4kIjkh7MEOhIP8n5XQN0QPyw76q67Pwm2AQvLrgPkzIXknJe+c64SUUPJNHqQZM77fGbxxCI1DVtFhT0hbKWXOD90ErMSawJ5OQFkHc9ep0S1bLfjli8H6Qeb1Ce+XnLOhPoN17L7MuARYXZ4sxtsDcoSGsaQoNcPTGFW+ACX+HNL90c78i/G8dxfYzTJ5gUe2wdU6zRW4thiF3u26SCeTZ5Lp550U5F6iBEhrSwTXx0nDNNx8KaSdbmXLFgNrzyFYZ0f8i9AR0gpqp3xfgLDCr/tNXbnwNFOU3PJuZp6sJiI+B/hGQqT4CxWJ21kdNt5Pgqhp5QTquhtYvSaaDnG2wV4zp/s1HTksNtCLOI2OcgzfCkZGNkb/ASgN7UdmXavtguC5gXtHaek5zYzfreqXqmkx+8n+zAZmqcirlprJiiQiYIscM1xcyzmrkUazTgJAsU+23nUE8kWwqQURl2ksJE0XmNowXquAkd/Y6AB8QP7uDRAPP3qhdB9tev6Gtq+EEjZ64moP4ctx5CS4VVpL3r8nLyEkze8y0arRoAaNrD2RjsTTXH/e/3TB7x7ZX6FXIHoY4QNGtJ9Kc872C4GAaj/WKryVjf3VfT2b5NBw0wXpmKaClYrOoVB6CWXm6UkKsLqU+NXB1VLkEs1xkFI3dDyxJzstbavatclmF3XnDPAwAXETSOx3LtekNZHzKbcS38yDF i1cYomj7 /fuRg+ENap8Q85Dj87eGFO2XVotCzx0ZAktn2tJ8qKJFSMND8cBmht+v/oH4OJMLPPKZZ47qZby3Os/XafSCcWi7H8khnPa43lOyOujg7g8Yi2Gs2fcLL7n0xaJeogp6OEpRl+slDSDR7R8eq3GoQ/pxb5xfZv/9buCNiWYa1y3LghrrTeFq0iWd7dUwLjmIr9NH5jYgbC3Ivram1hKTni9qUp2fGTckZqdNXO3VJ6ZM4VWQha5hoS14WKFoyTOkov3SNQ+eg9NCK2XJVaXOJtOwBdTO7eUMNhaydmCn+kb7UnW+YZvdCTRHW1DV4xTBkcaXlyE75sTul1idFslQhWMLNweLbhs39gGA2N0mA3HeoqQtjYJG1+mTsW1tIzifvz/GDuutbpyhyZzwo7+ngmsmc/ihLLkHHCXIwmVxoShyaTmBkpIvUO3d6W1DujgXsaDNoaqdsPvFVGPjwPrfVeAprFGQnks7iK2RgbNT8rFFMH4QVRuplD2/sKbbXQyUc9b9jAUEivVdyg/beBGEREUBJ0nJcxlG+kIbNMoNWLd4shEVinneux0AFIeOJpIwneM78Cj+21OEedCI1Kl1aiLGGAqdAOIEhTe0/d10Mt678jwt1pp2c/PLv0g== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: --iyt3lqyd4gg7mybc Content-Type: text/plain; protected-headers=v1; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable From: Alejandro Colomar To: Jann Horn Cc: linux-man@vger.kernel.org, Andrew Morton , "Liam R . Howlett" , Lorenzo Stoakes , Vlastimil Babka , linux-mm@kvack.org, Jakub Wilk Subject: Re: [PATCH man v2] mmap.2: Document danger of mappings larger than PTRDIFF_MAX References: <20250429164359.2699330-1-jannh@google.com> MIME-Version: 1.0 In-Reply-To: <20250429164359.2699330-1-jannh@google.com> Hi Jann, On Tue, Apr 29, 2025 at 06:43:59PM +0200, Jann Horn wrote: > References: > - C99 draft: https://www.open-std.org/jtc1/sc22/wg14/www/docs/n1124.pdf > section "6.5.6 Additive operators", paragraph 9 > - object size restriction in GCC: > https://gcc.gnu.org/legacy-ml/gcc/2011-08/msg00221.html > - glibc malloc restricts object size to <=3DPTRDIFF_MAX in > checked_request2size() since glibc v2.30 (released in 2019, as pointed > out by Jakub Wilk): > https://sourceware.org/cgit/glibc/commit/?id=3D9bf8e29ca136094f Thanks! I've applied the patch. See some comments below. Have a lovely day! Alex > --- > man/man2/mmap.2 | 19 +++++++++++++++++++ > 1 file changed, 19 insertions(+) >=20 > diff --git a/man/man2/mmap.2 b/man/man2/mmap.2 > index caf822103..4bb15699d 100644 > --- a/man/man2/mmap.2 > +++ b/man/man2/mmap.2 > @@ -785,6 +785,25 @@ correspond to added or removed regions of the file i= s unspecified. > An application can determine which pages of a mapping are > currently resident in the buffer/page cache using > .BR mincore (2). > +.P I've moved the paragraph to a new CAVEATS section. > +Unlike typical > +.BR malloc (3) > +implementations, > +.BR mmap () > +does not prevent creating objects larger than > +.BR PTRDIFF_MAX . > +Objects that are larger than > +.B PTRDIFF_MAX > +only work in limited ways in standard C I've removed 'standard', since in any C it is problematic. Is it okay to you? (We're still in time to amend if you prefer something else.) > +(in particular, pointer subtraction results in undefined behavior if the > +result would be bigger than > +.BR PTRDIFF_MAX ). > +On top of that, GCC also assumes that no object is bigger than > +.BR PTRDIFF_MAX . > +.B PTRDIFF_MAX > +is usually half of the address space size; > +so for 32-bit processes, > +it is usually 0x7fffffff (almost 2 GiB). > .\" > .SS Using MAP_FIXED safely > The only safe use for >=20 > base-commit: 4c4d9f0f5148caf1271394018d0f7381c1b8b400 > --=20 > 2.49.0.901.g37484f566f-goog >=20 --=20 --iyt3lqyd4gg7mybc Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEES7Jt9u9GbmlWADAi64mZXMKQwqkFAmgTpMEACgkQ64mZXMKQ wql1cBAAnpqS+pbdh64DlFg230JWHQKSu+jiEJiaZxwXSfcDR2flK9+yCvYtlNlh QHszbZG6YiGA/tcrzT+1plR8ihF/Oh+LRK6AgmA3Jq4pve9hncnlxOEZpymeetKO 0g1qhsqKm8AM+baErc2/K7prN6LSvpmx/u7bOlw6zio8fmiXHiw8/oL14dhC3ejv JR3y39sZ+fqjX/74y2CB3Jmqsu4TlfXStZiWvAtqKpAfBw83bGEBN9vOheDkXGNv 5lPzoNEk07Z8oWN1boxFChoVJH6a5BO8P2jIhWT8QJU9ZkJybiV4S9qUgqFZKRlT nX3Y59PyVeUya8OaB9Pjq55KSuWIQMX6qyYm0u4UcY/1YboCkjg7dZUwPdtOsC72 iOI4tnzXszWghlia19Mlb9PZpH+oHoQnFTs/8fwliaZIrOBh22svLeBsqBWNsz5o veXx+UBgQEvqj6RzlkBBFNGarLJfg0ysd9S2vdvuNX3POuSqVOndfoXLobxNWWBM 1e/BOLCRjZFIhNIdt9t4qpNGX9GSOOEiBUUPQpVNoTpp5GqBp4CeZIolS+ssdTSi 6cc+YX5uyC0G9o56yjMCfZdoqAM8E3bkOjplgaotdeRE2imAcKpQZKbuLCcHX7nz PYz27b3m3ndw4zaZnsw/vJtBQuyiYUPMFyEGnUFA3l52qih22mE= =fHlc -----END PGP SIGNATURE----- --iyt3lqyd4gg7mybc--