oracular (2) mmap.2.gz

Provided by: manpages-dev_6.8-2_all bug

NAME

       mmap, munmap - map or unmap files or devices into memory

LIBRARY

       Standard C library (libc, -lc)

SYNOPSIS

       #include <sys/mman.h>

       void *mmap(void addr[.length], size_t length, int prot, int flags,
                  int fd, off_t offset);
       int munmap(void addr[.length], size_t length);

       See NOTES for information on feature test macro requirements.

DESCRIPTION

       mmap()  creates  a new mapping in the virtual address space of the calling process.  The starting address
       for the new mapping is specified in addr.  The length argument specifies the length of the mapping (which
       must be greater than 0).

       If  addr is NULL, then the kernel chooses the (page-aligned) address at which to create the mapping; this
       is the most portable method of creating a new mapping.  If addr is not NULL, then the kernel takes it  as
       a  hint  about  where  to  place  the mapping; on Linux, the kernel will pick a nearby page boundary (but
       always above or equal to the value specified by /proc/sys/vm/mmap_min_addr) and  attempt  to  create  the
       mapping  there.   If another mapping already exists there, the kernel picks a new address that may or may
       not depend on the hint.  The address of the new mapping is returned as the result of the call.

       The contents of a file mapping (as opposed  to  an  anonymous  mapping;  see  MAP_ANONYMOUS  below),  are
       initialized using length bytes starting at offset offset in the file (or other object) referred to by the
       file descriptor fd.  offset must be a multiple of the page size as returned by sysconf(_SC_PAGE_SIZE).

       After the mmap() call  has  returned,  the  file  descriptor,  fd,  can  be  closed  immediately  without
       invalidating the mapping.

       The  prot argument describes the desired memory protection of the mapping (and must not conflict with the
       open mode of the file).  It is either PROT_NONE or the bitwise OR of one or more of the following flags:

       PROT_EXEC  Pages may be executed.

       PROT_READ  Pages may be read.

       PROT_WRITE Pages may be written.

       PROT_NONE  Pages may not be accessed.

   The flags argument
       The flags argument determines whether updates to the mapping are visible to other processes  mapping  the
       same region, and whether updates are carried through to the underlying file.  This behavior is determined
       by including exactly one of the following values in flags:

       MAP_SHARED
              Share this mapping.  Updates to the mapping are  visible  to  other  processes  mapping  the  same
              region, and (in the case of file-backed mappings) are carried through to the underlying file.  (To
              precisely control when updates are carried through to the underlying  file  requires  the  use  of
              msync(2).)

       MAP_SHARED_VALIDATE (since Linux 4.15)
              This  flag provides the same behavior as MAP_SHARED except that MAP_SHARED mappings ignore unknown
              flags in flags.  By contrast, when  creating  a  mapping  using  MAP_SHARED_VALIDATE,  the  kernel
              verifies  all  passed  flags are known and fails the mapping with the error EOPNOTSUPP for unknown
              flags.  This mapping type is also required to be able to use some mapping flags (e.g., MAP_SYNC).

       MAP_PRIVATE
              Create a private copy-on-write mapping.  Updates to the mapping are not visible to other processes
              mapping  the  same  file,  and  are not carried through to the underlying file.  It is unspecified
              whether changes made to the file after the mmap() call are visible in the mapped region.

       Both MAP_SHARED and MAP_PRIVATE are described in POSIX.1-2001 and POSIX.1-2008.  MAP_SHARED_VALIDATE is a
       Linux extension.

       In addition, zero or more of the following values can be ORed in flags:

       MAP_32BIT (since Linux 2.4.20, 2.6)
              Put  the  mapping into the first 2 Gigabytes of the process address space.  This flag is supported
              only on x86-64, for 64-bit programs.  It  was  added  to  allow  thread  stacks  to  be  allocated
              somewhere  in  the first 2 GB of memory, so as to improve context-switch performance on some early
              64-bit processors.  Modern x86-64 processors no longer have this performance problem,  so  use  of
              this flag is not required on those systems.  The MAP_32BIT flag is ignored when MAP_FIXED is set.

       MAP_ANON
              Synonym for MAP_ANONYMOUS; provided for compatibility with other implementations.

       MAP_ANONYMOUS
              The  mapping  is not backed by any file; its contents are initialized to zero.  The fd argument is
              ignored; however, some implementations require fd to be  -1  if  MAP_ANONYMOUS  (or  MAP_ANON)  is
              specified,  and  portable  applications  should  ensure this.  The offset argument should be zero.
              Support for MAP_ANONYMOUS in conjunction with MAP_SHARED was added in Linux 2.4.

       MAP_DENYWRITE
              This flag is ignored.  (Long ago—Linux 2.0 and earlier—it signaled that attempts to write  to  the
              underlying file should fail with ETXTBSY.  But this was a source of denial-of-service attacks.)

       MAP_EXECUTABLE
              This flag is ignored.

       MAP_FILE
              Compatibility flag.  Ignored.

       MAP_FIXED
              Don't  interpret addr as a hint: place the mapping at exactly that address.  addr must be suitably
              aligned: for most architectures  a  multiple  of  the  page  size  is  sufficient;  however,  some
              architectures  may  impose  additional  restrictions.   If the memory region specified by addr and
              length overlaps pages of any existing  mapping(s),  then  the  overlapped  part  of  the  existing
              mapping(s) will be discarded.  If the specified address cannot be used, mmap() will fail.

              Software that aspires to be portable should use the MAP_FIXED flag with care, keeping in mind that
              the exact layout of a process's memory mappings is allowed to change significantly  between  Linux
              versions,  C  library  versions,  and operating system releases.  Carefully read the discussion of
              this flag in NOTES!

       MAP_FIXED_NOREPLACE (since Linux 4.17)
              This flag provides behavior that is similar to MAP_FIXED with respect to the addr enforcement, but
              differs  in  that MAP_FIXED_NOREPLACE never clobbers a preexisting mapped range.  If the requested
              range would collide with an existing mapping, then this call fails with the  error  EEXIST.   This
              flag  can  therefore be used as a way to atomically (with respect to other threads) attempt to map
              an address range: one thread will succeed; all others will report failure.

              Note that older kernels which do not recognize the MAP_FIXED_NOREPLACE flag will  typically  (upon
              detecting a collision with a preexisting mapping) fall back to a “non-MAP_FIXED” type of behavior:
              they will return an address that is different from the requested  address.   Therefore,  backward-
              compatible software should check the returned address against the requested address.

       MAP_GROWSDOWN
              This  flag  is used for stacks.  It indicates to the kernel virtual memory system that the mapping
              should extend downward in memory.  The return address is one page lower than the memory area  that
              is  actually  created  in the process's virtual address space.  Touching an address in the "guard"
              page below the mapping will cause the mapping to grow by a page.   This  growth  can  be  repeated
              until the mapping grows to within a page of the high end of the next lower mapping, at which point
              touching the "guard" page will result in a SIGSEGV signal.

       MAP_HUGETLB (since Linux 2.6.32)
              Allocate   the   mapping   using   "huge"   pages.    See   the   Linux   kernel    source    file
              Documentation/admin-guide/mm/hugetlbpage.rst for further information, as well as NOTES, below.

       MAP_HUGE_2MB
       MAP_HUGE_1GB (since Linux 3.8)
              Used  in conjunction with MAP_HUGETLB to select alternative hugetlb page sizes (respectively, 2 MB
              and 1 GB) on systems that support multiple hugetlb page sizes.

              More generally, the desired huge page size can be configured by encoding the base-2  logarithm  of
              the  desired page size in the six bits at the offset MAP_HUGE_SHIFT.  (A value of zero in this bit
              field provides the default huge page size; the default huge page size can be  discovered  via  the
              Hugepagesize field exposed by /proc/meminfo.)  Thus, the above two constants are defined as:

                  #define MAP_HUGE_2MB    (21 << MAP_HUGE_SHIFT)
                  #define MAP_HUGE_1GB    (30 << MAP_HUGE_SHIFT)

              The  range  of  huge  page sizes that are supported by the system can be discovered by listing the
              subdirectories in /sys/kernel/mm/hugepages.

       MAP_LOCKED (since Linux 2.5.37)
              Mark the mapped region to be locked in the same way as mlock(2).  This implementation will try  to
              populate  (prefault)  the  whole range but the mmap() call doesn't fail with ENOMEM if this fails.
              Therefore major faults might happen later on.  So the semantic is not as strong as mlock(2).   One
              should  use  mmap() plus mlock(2) when major faults are not acceptable after the initialization of
              the mapping.  The MAP_LOCKED flag is ignored in older kernels.

       MAP_NONBLOCK (since Linux 2.5.46)
              This flag is meaningful only in conjunction with MAP_POPULATE.  Don't perform  read-ahead:  create
              page tables entries only for pages that are already present in RAM.  Since Linux 2.6.23, this flag
              causes MAP_POPULATE to do nothing.  One day, the combination of MAP_POPULATE and MAP_NONBLOCK  may
              be reimplemented.

       MAP_NORESERVE
              Do  not  reserve  swap space for this mapping.  When swap space is reserved, one has the guarantee
              that it is possible to modify the mapping.  When swap space is not reserved one might get  SIGSEGV
              upon  a  write  if  no  physical  memory  is  available.   See  also  the  discussion  of the file
              /proc/sys/vm/overcommit_memory in proc(5).  Before Linux  2.6,  this  flag  had  effect  only  for
              private writable mappings.

       MAP_POPULATE (since Linux 2.5.46)
              Populate  (prefault) page tables for a mapping.  For a file mapping, this causes read-ahead on the
              file.  This will help to reduce blocking on page faults later.  The mmap() call  doesn't  fail  if
              the  mapping  cannot  be  populated  (for example, due to limitations on the number of mapped huge
              pages when using MAP_HUGETLB).  Support for MAP_POPULATE in conjunction with private mappings  was
              added in Linux 2.6.23.

       MAP_STACK (since Linux 2.6.27)
              Allocate the mapping at an address suitable for a process or thread stack.

              This flag is currently a no-op on Linux.  However, by employing this flag, applications can ensure
              that they transparently obtain support if the flag is implemented in the future.  Thus, it is used
              in  the  glibc  threading implementation to allow for the fact that some architectures may (later)
              require special treatment for stack  allocations.   A  further  reason  to  employ  this  flag  is
              portability: MAP_STACK exists (and has an effect) on some other systems (e.g., some of the BSDs).

       MAP_SYNC (since Linux 4.15)
              This flag is available only with the MAP_SHARED_VALIDATE mapping type; mappings of type MAP_SHARED
              will silently ignore this flag.  This flag is supported only  for  files  supporting  DAX  (direct
              mapping  of  persistent memory).  For other files, creating a mapping with this flag results in an
              EOPNOTSUPP error.

              Shared file mappings with this flag provide  the  guarantee  that  while  some  memory  is  mapped
              writable  in  the  address  space  of the process, it will be visible in the same file at the same
              offset even after the system crashes or is rebooted.  In conjunction with the use  of  appropriate
              CPU  instructions,  this  provides users of such mappings with a more efficient way of making data
              modifications persistent.

       MAP_UNINITIALIZED (since Linux 2.6.33)
              Don't clear anonymous pages.  This flag is intended to improve performance  on  embedded  devices.
              This  flag  is  honored only if the kernel was configured with the CONFIG_MMAP_ALLOW_UNINITIALIZED
              option.  Because of the security implications, that option is normally enabled  only  on  embedded
              devices (i.e., devices where one has complete control of the contents of user memory).

       Of  the above flags, only MAP_FIXED is specified in POSIX.1-2001 and POSIX.1-2008.  However, most systems
       also support MAP_ANONYMOUS (or its synonym MAP_ANON).

   munmap()
       The munmap() system call deletes the mappings  for  the  specified  address  range,  and  causes  further
       references  to  addresses  within  the  range  to generate invalid memory references.  The region is also
       automatically unmapped when the process is terminated.  On the other hand, closing  the  file  descriptor
       does not unmap the region.

       The  address  addr  must be a multiple of the page size (but length need not be).  All pages containing a
       part of the indicated range are unmapped, and subsequent references to these pages will generate SIGSEGV.
       It is not an error if the indicated range does not contain any mapped pages.

RETURN VALUE

       On  success,  mmap()  returns  a  pointer  to  the mapped area.  On error, the value MAP_FAILED (that is,
       (void *) -1) is returned, and errno is set to indicate the error.

       On success, munmap() returns 0.  On failure, it returns -1, and  errno  is  set  to  indicate  the  error
       (probably to EINVAL).

ERRORS

       EACCES A  file  descriptor  refers to a non-regular file.  Or a file mapping was requested, but fd is not
              open for reading.  Or MAP_SHARED was requested and PROT_WRITE is  set,  but  fd  is  not  open  in
              read/write (O_RDWR) mode.  Or PROT_WRITE is set, but the file is append-only.

       EAGAIN The file has been locked, or too much memory has been locked (see setrlimit(2)).

       EBADF  fd is not a valid file descriptor (and MAP_ANONYMOUS was not set).

       EEXIST MAP_FIXED_NOREPLACE  was specified in flags, and the range covered by addr and length clashes with
              an existing mapping.

       EINVAL We don't like addr, length, or offset (e.g., they  are  too  large,  or  not  aligned  on  a  page
              boundary).

       EINVAL (since Linux 2.6.12) length was 0.

       EINVAL flags contained none of MAP_PRIVATE, MAP_SHARED, or MAP_SHARED_VALIDATE.

       ENFILE The system-wide limit on the total number of open files has been reached.

       ENODEV The underlying filesystem of the specified file does not support memory mapping.

       ENOMEM No memory is available.

       ENOMEM The  process's maximum number of mappings would have been exceeded.  This error can also occur for
              munmap(), when unmapping a region in the middle of an existing mapping, since this results in  two
              smaller mappings on either side of the region being unmapped.

       ENOMEM (since  Linux  4.7)  The  process's  RLIMIT_DATA limit, described in getrlimit(2), would have been
              exceeded.

       ENOMEM We don't like addr, because it exceeds the virtual address space of the CPU.

       EOVERFLOW
              On 32-bit architecture together with the large file extension  (i.e.,  using  64-bit  off_t):  the
              number  of pages used for length plus number of pages used for offset would overflow unsigned long
              (32 bits).

       EPERM  The prot argument asks for PROT_EXEC but the mapped area belongs to a file on  a  filesystem  that
              was mounted no-exec.

       EPERM  The operation was prevented by a file seal; see fcntl(2).

       EPERM  The  MAP_HUGETLB  flag  was  specified,  but  the  caller  was  not  privileged  (did not have the
              CAP_IPC_LOCK capability) and is not a  member  of  the  sysctl_hugetlb_shm_group  group;  see  the
              description of /proc/sys/vm/sysctl_hugetlb_shm_group in proc_sys(5).

       ETXTBSY
              MAP_DENYWRITE was set but the object specified by fd is open for writing.

       Use of a mapped region can result in these signals:

       SIGSEGV
              Attempted write into a region mapped as read-only.

       SIGBUS Attempted  access  to  a  page  of the buffer that lies beyond the end of the mapped file.  For an
              explanation of the treatment of the bytes in the page that corresponds to the end of a mapped file
              that is not a multiple of the page size, see NOTES.

ATTRIBUTES

       For an explanation of the terms used in this section, see attributes(7).

       ┌──────────────────────────────────────────────────────────────────────────────┬───────────────┬─────────┐
       │InterfaceAttributeValue   │
       ├──────────────────────────────────────────────────────────────────────────────┼───────────────┼─────────┤
       │mmap(), munmap()                                                              │ Thread safety │ MT-Safe │
       └──────────────────────────────────────────────────────────────────────────────┴───────────────┴─────────┘

VERSIONS

       On  some hardware architectures (e.g., i386), PROT_WRITE implies PROT_READ.  It is architecture dependent
       whether PROT_READ implies PROT_EXEC or not.  Portable programs should always set PROT_EXEC if they intend
       to execute code in the new mapping.

       The  portable  way to create a mapping is to specify addr as 0 (NULL), and omit MAP_FIXED from flags.  In
       this case, the system chooses the address for the mapping; the address is chosen so as  not  to  conflict
       with  any existing mapping, and will not be 0.  If the MAP_FIXED flag is specified, and addr is 0 (NULL),
       then the mapped address will be 0 (NULL).

       Certain flags constants are defined only if  suitable  feature  test  macros  are  defined  (possibly  by
       default):  _DEFAULT_SOURCE  with  glibc  2.19  or later; or _BSD_SOURCE or _SVID_SOURCE in glibc 2.19 and
       earlier.  (Employing _GNU_SOURCE also suffices, and requiring that macro  specifically  would  have  been
       more   logical,  since  these  flags  are  all  Linux-specific.)   The  relevant  flags  are:  MAP_32BIT,
       MAP_ANONYMOUS  (and  the  synonym  MAP_ANON),  MAP_DENYWRITE,  MAP_EXECUTABLE,  MAP_FILE,  MAP_GROWSDOWN,
       MAP_HUGETLB, MAP_LOCKED, MAP_NONBLOCK, MAP_NORESERVE, MAP_POPULATE, and MAP_STACK.

   C library/kernel differences
       This  page  describes  the  interface  provided  by  the glibc mmap() wrapper function.  Originally, this
       function invoked a system call of the same name.  Since Linux 2.4, that system call has  been  superseded
       by  mmap2(2),  and  nowadays  the glibc mmap() wrapper function invokes mmap2(2) with a suitably adjusted
       value for offset.

STANDARDS

       POSIX.1-2008.

HISTORY

       POSIX.1-2001, SVr4, 4.4BSD.

       On POSIX systems on which mmap(), msync(2), and munmap() are available, _POSIX_MAPPED_FILES is defined in
       <unistd.h> to a value greater than 0.  (See also sysconf(3).)

NOTES

       Memory mapped by mmap() is preserved across fork(2), with the same attributes.

       A  file is mapped in multiples of the page size.  For a file that is not a multiple of the page size, the
       remaining bytes in the partial page at the end of the mapping are zeroed when mapped,  and  modifications
       to  that  region are not written out to the file.  The effect of changing the size of the underlying file
       of a mapping on the pages that correspond to added or removed regions of the file is unspecified.

       An application can determine which pages of a mapping are currently resident  in  the  buffer/page  cache
       using mincore(2).

   Using MAP_FIXED safely
       The  only  safe  use for MAP_FIXED is where the address range specified by addr and length was previously
       reserved using another mapping; otherwise, the use of MAP_FIXED is hazardous because it forcibly  removes
       preexisting mappings, making it easy for a multithreaded process to corrupt its own address space.

       For  example,  suppose  that  thread  A looks through /proc/pid/maps in order to locate an unused address
       range that it can map using MAP_FIXED, while thread B simultaneously acquires part or all  of  that  same
       address  range.   When  thread  A  subsequently  employs mmap(MAP_FIXED), it will effectively clobber the
       mapping that thread B created.  In this scenario, thread B need not create  a  mapping  directly;  simply
       making  a  library call that, internally, uses dlopen(3) to load some other shared library, will suffice.
       The dlopen(3) call will map the library into  the  process's  address  space.   Furthermore,  almost  any
       library call may be implemented in a way that adds memory mappings to the address space, either with this
       technique, or by simply allocating memory.  Examples include brk(2),  malloc(3),  pthread_create(3),  and
       the PAM libraries ⟨http://www.linux-pam.org⟩.

       Since  Linux  4.17,  a  multithreaded  program  can  use the MAP_FIXED_NOREPLACE flag to avoid the hazard
       described above when attempting to create a mapping at a fixed address that has not been  reserved  by  a
       preexisting mapping.

   Timestamps changes for file-backed mappings
       For  file-backed  mappings, the st_atime field for the mapped file may be updated at any time between the
       mmap() and the corresponding unmapping; the first reference to a mapped page will update the field if  it
       has not been already.

       The  st_ctime and st_mtime field for a file mapped with PROT_WRITE and MAP_SHARED will be updated after a
       write to the mapped region, and before a subsequent msync(2) with the MS_SYNC or MS_ASYNC  flag,  if  one
       occurs.

   Huge page (Huge TLB) mappings
       For  mappings  that  employ  huge pages, the requirements for the arguments of mmap() and munmap() differ
       somewhat from the requirements for mappings that use the native system page size.

       For mmap(), offset must be a multiple of the underlying huge page size.  The system automatically  aligns
       length to be a multiple of the underlying huge page size.

       For munmap(), addr, and length must both be a multiple of the underlying huge page size.

BUGS

       On  Linux,  there  are  no  guarantees  like  those suggested above under MAP_NORESERVE.  By default, any
       process can be killed at any moment when the system runs out of memory.

       Before Linux 2.6.7, the MAP_POPULATE flag has effect only if prot is specified as PROT_NONE.

       SUSv3 specifies that mmap() should fail if length is 0.  However, before Linux 2.6.12,  mmap()  succeeded
       in  this  case: no mapping was created and the call returned addr.  Since Linux 2.6.12, mmap() fails with
       the error EINVAL for this case.

       POSIX specifies that the system shall always zero fill any partial page at the end of the object and that
       system  will never write any modification of the object beyond its end.  On Linux, when you write data to
       such partial page after the end of the object, the data stays in the page cache even after  the  file  is
       closed and unmapped and even though the data is never written to the file itself, subsequent mappings may
       see the modified content.  In some cases, this could be fixed by calling msync(2) before the unmap  takes
       place;  however, this doesn't work on tmpfs(5) (for example, when using the POSIX shared memory interface
       documented in shm_overview(7)).

EXAMPLES

       The following program prints part of the file specified in its first command-line  argument  to  standard
       output.   The  range  of  bytes to be printed is specified via offset and length values in the second and
       third command-line arguments.  The program creates a memory mapping of the required pages of the file and
       then uses write(2) to output the desired bytes.

   Program source
       #include <fcntl.h>
       #include <stdio.h>
       #include <stdlib.h>
       #include <sys/mman.h>
       #include <sys/stat.h>
       #include <sys/types.h>
       #include <unistd.h>

       #define handle_error(msg) \
           do { perror(msg); exit(EXIT_FAILURE); } while (0)

       int
       main(int argc, char *argv[])
       {
           int          fd;
           char         *addr;
           off_t        offset, pa_offset;
           size_t       length;
           ssize_t      s;
           struct stat  sb;

           if (argc < 3 || argc > 4) {
               fprintf(stderr, "%s file offset [length]\n", argv[0]);
               exit(EXIT_FAILURE);
           }

           fd = open(argv[1], O_RDONLY);
           if (fd == -1)
               handle_error("open");

           if (fstat(fd, &sb) == -1)           /* To obtain file size */
               handle_error("fstat");

           offset = atoi(argv[2]);
           pa_offset = offset & ~(sysconf(_SC_PAGE_SIZE) - 1);
               /* offset for mmap() must be page aligned */

           if (offset >= sb.st_size) {
               fprintf(stderr, "offset is past end of file\n");
               exit(EXIT_FAILURE);
           }

           if (argc == 4) {
               length = atoi(argv[3]);
               if (offset + length > sb.st_size)
                   length = sb.st_size - offset;
                       /* Can't display bytes past end of file */

           } else {    /* No length arg ==> display to end of file */
               length = sb.st_size - offset;
           }

           addr = mmap(NULL, length + offset - pa_offset, PROT_READ,
                       MAP_PRIVATE, fd, pa_offset);
           if (addr == MAP_FAILED)
               handle_error("mmap");

           s = write(STDOUT_FILENO, addr + offset - pa_offset, length);
           if (s != length) {
               if (s == -1)
                   handle_error("write");

               fprintf(stderr, "partial write");
               exit(EXIT_FAILURE);
           }

           munmap(addr, length + offset - pa_offset);
           close(fd);

           exit(EXIT_SUCCESS);
       }

SEE ALSO

       ftruncate(2),  getpagesize(2),  memfd_create(2),  mincore(2), mlock(2), mmap2(2), mprotect(2), mremap(2),
       msync(2), remap_file_pages(2), setrlimit(2), shmat(2), userfaultfd(2), shm_open(3), shm_overview(7)

       The  descriptions  of  the  following  files  in  proc(5):   /proc/pid/maps,   /proc/pid/map_files,   and
       /proc/pid/smaps.

       B.O. Gallmeister, POSIX.4, O'Reilly, pp. 128–129 and 389–391.