Linux mmap() error

Question

I have a memory mapped file, from which I wish to parse the contents of the buffer. The mmap() returns success, and I can print out the buffer contents to a file using fprintf successfully. However, when I try to access the buffer as an array in my program directly, I get a segmentation fault. Why is this happening? Here is the code:

  #define PTT_DUMP "/home/dhruv/somefile"     
  .
  .
  .

  int fd_ptt_dump = open(PTT_DUMP, O_RDONLY);
  struct stat struct_ptt_dump;
  fstat(fd_ptt_dump, &struct_ptt_dump);
  printf("\n\n\t\t\t --- The size of the dump is = %d -----\n\n",    struct_ptt_dump.st_size);
  char *membuffer;
  char pid_num[100];
  char cycles[100], instr[100], cpi[100] ;
  int pid_index =0;
  int cycles_index = 0;
  int instr_index = 0;
  int cpi_index = 0 ;
  int len = (int)struct_ptt_dump.st_size;
  int newline_count = 0;
  int n = 0;
  if( (membuffer = mmap(0, struct_ptt_dump.st_size, PROT_READ, MAP_FILE | MAP_PRIVATE, fd_ptt_dump, 0)) == (caddr_t) -1)
   err_sys("mmap error");

  /* If the following is uncommented, it prints fine */

  /*
  for ( n =0; n < struct_ptt_dump.st_size ; n++)      
  fprintf(fp_logfile,"%c", membuffer[n]);
  */

  /* But, I really want to access the buffer as an array for speed if possible */
  /* Here is where everything goes haywire */

  while (newline_count != 5)
   if ( membuffer[n++] == '\n' )
    newline_count++ ;

  /* printf returns OK, and I am able to skip newlines */

  printf("\n\n newlines = %d\n\n 10 buffer characters", newline_count);

  int k =0;


  /* All code from here gives segmentation fault */

  while ( membuffer[n++] != ' ' )
pid_num[pid_index++] = membuffer[n] ;

  /* Even if I comment out everything from here on, the above assignment itself results in a segmentation fault */


  pid_num[pid_index] = '\0';

  printf("\n\n pid = %s", pid_num);



  while ( membuffer[len--] != ' ' )
if ( membuffer[len] != '\n' )
  cpi[cpi_index++] = membuffer[len];

  cpi[cpi_index] = '\0';

  for( ; membuffer[len] == ' ' ; len-- )
;

  for(n=0; membuffer[len-n] != ' '; n++)
instr[instr_index++] = membuffer[len-n] ;

  instr[instr_index] = '\0' ;
  n++;

  for( ; membuffer[len-n] != ' ' ; n++)
cycles[cycles_index++] = membuffer[len-n];

  cycles[cycles_index] = '\0';

  printf("\n\n\t\t\t\t ********** buffer values *************\n\n");
  printf("\t\t\t\tdominant pid = %s\t cycles = %s\t instructions = %s\t cpi = %s \n\n", pid_num, cycles, instr, cpi);



  fflush(STDOUT_FILENO);

Answer 1

How big is pid_index getting? Are you perhaps reading more than 100 characters without finding a space?

By the way, this

while ( membuffer[n++] != ' ' )
    pid_num[pid_index++] = membuffer[n] ;

should probably be this

while ( membuffer[n] != ' ' )
    pid_num[pid_index++] = membuffer[n++] ;

No?

Answer 2

• You aren't checking that n stays < struct_ptt_dump.st_size
• You aren't checking that pid_index stays < 100