[LTP] [PATCH] mmap04: Make sure the scanf address format is at least 8 hex chars

Mark Wielaard mark@klomp.org
Mon Sep 22 10:24:52 CEST 2025 

Hi Cyril,

On Mon, Sep 22, 2025 at 09:48:56AM +0200, Cyril Hrubis wrote:
> > The addresses in /proc/self/maps are at least 8 hex chars. Zeros are
> > added to the front of the address when shorted (both on 32bit and
> > 64bit systems.
> > 
> > Under valgrind the mmaps used in kernel/syscalls/mmap/mmap04.c come
> > out very low in the address space and might be shorter than 8 hex
> > chars. This causes the scanf to fail:
> > mmap04.c:62: TBROK: Expected 1 conversions got 0 FILE '/proc/self/maps'
> 
> I guess I do not understand the problem here. The PRIxPTR translates to
> "x", "lx", or "llx" depending on architecture and as far as I can tell
> the %x modifier handles leading zeroes just fine.

The problem is that we want to match (scanf) an absolute address
(addr2) at the start of the line. It is this absolute/literal address
that doesn't match (because it might not have leading zeros).

e.g. We might want to match the address 403a000 and want to match
against: 0403a000-04048000 rw-p

When creating the fmt which we want to use for scanf we currently
generate: "403a000-%*x %s" Which doesn't match because it is missing
the leading zero (the "-%*x %s" would match the rest, except that the
start of the line doesn't). So with the "%08" fix we would generate:
"0403a000-%*x %s" which does match because it has the same number of
leading zeros.

> > Fix this by using "%08" PRIxPTR when creating the fmt used.
> 
> Unfortunately this is not universally true. For example the vsyscall
> page is mapped at very high address on x86_64:
> 
> ffffffffff600000-ffffffffff601000 --xp 00000000 00:00 0                  [vsyscall]

Assuming we want to match the starting address ffffffffff600000 this
will work fine. "%08" PRIxPTR will generate that exact address without
extra leading zeros because it is already > 8 hex chars.

Hope that explains what is going on. The confusion might be because we
first use a patterns with sprintf to generate the pattern that we are
then going to use with scanf to parse both an actual/literal address
(plus hex address and perm string).

Cheers,

Mark

> > Signed-off-by: Mark Wielaard <mark@klomp.org>
> > ---
> >  testcases/kernel/syscalls/mmap/mmap04.c | 3 ++-
> >  1 file changed, 2 insertions(+), 1 deletion(-)
> > 
> > diff --git a/testcases/kernel/syscalls/mmap/mmap04.c b/testcases/kernel/syscalls/mmap/mmap04.c
> > index 4a050b7b50da..5b28180df29b 100644
> > --- a/testcases/kernel/syscalls/mmap/mmap04.c
> > +++ b/testcases/kernel/syscalls/mmap/mmap04.c
> > @@ -58,7 +58,8 @@ static void run(unsigned int i)
> >  
> >  	addr2 = SAFE_MMAP(addr1 + pagesize, pagesize, tc->prot, tc->flags | MAP_FIXED, -1, 0);
> >  
> > -	sprintf(fmt, "%" PRIxPTR "-%%*x %%s", (uintptr_t)addr2);
> > +	/* A /proc/self/maps address is at least 8 hex (left zero padded) */
> > +	sprintf(fmt, "%08" PRIxPTR "-%%*x %%s", (uintptr_t)addr2);
> >  	SAFE_FILE_LINES_SCANF("/proc/self/maps", fmt, perms);
> >  
> >  	if (!strcmp(perms, tc->exp_perms)) {
> > -- 
> > 2.51.0
> > 
> > 
> > -- 
> > Mailing list info: https://lists.linux.it/listinfo/ltp
> 
> -- 
> Cyril Hrubis
> chrubis@suse.cz

More information about the ltp mailing list