tags:

views:

41

answers:

3
+1  Q: 

How the kernel gives seg. fault for a scenario like this?

I have a doubt in accessing some invalid data. How can the OS cause a segmentation fault for a scenario like this:

Suppose a chunk of data is 100 bytes long, aligned at the beginning of a 4K page. If we access the valid data within the first 100 bytes of the page, this will load the page into memory, and put the page table entry is in TLB. If we now try to access some invalid data between the 100 and 4K, since the entry is there in page table already, will we be allowed to access the invalid data?

+1  A: 

The entire page belongs to your program, so no segmentation fault or access violation will be generated. For this reason memory debugging tools such as Electric Fence optionally respond to allocation requests with a block of memory at the very end of a page instead of the beginning, so that out of bounds bugs cause a segmentation fault.

Ben Voigt  2010-05-12 00:43:14
+4  A: 

That's correct. But typically you're not allocating memory directly from the operating. You usually allocate it via some library function (new or malloc, etc). The library function will take the 4KB (usually it allocates more than 4KB in one chunk, too) and splits it up into the actual chunks that you ask for. So usually when you ask for 100 bytes of memory, that 100 bytes will be "wedged" in between two other allocation requests that you've made.

This is why it's "undefined behaviour" when you access data off the end of an array: you might get a segmentation fault, you might trash some other variable that happens to be stored there, or you might be OK and it actually works (for a while at least).

Dean Harding  2010-05-12 00:43:42
+2  A: 

You may, in fact, be able to access the invalid data between bytes 100 and 4K of the page even when the page isn't loaded. The kernel only knows about accesses that are made to a page that's doesn't exist (or to a page where you don't have read/write permission). The exact locations of specific chunks of data on pages is determined by the C library, not by the kernel.

If you want an invalid memory access to fail instantly for debugging purposes, you should use a tool like valgrind, which checks all memory accesses. That's still no guarantee that you'll have an error reported. You might find you're actually accessing a piece of memory that's been allocated for some other purpose, and in this situation valgrind has no way of knowing that it's wrong.

Ken Bloom  2010-05-12 00:50:41

related questions

grep a file, but show several surrounding lines?
VMWare Server Under Linux Secondary NIC connection
Should I move from C++ to Python? ... Or another language?
Globus Toolkit virtual machine
How to avoid redefining VERSION, PACKAGE, etc.
How do I setup Public-Key Authentication?
showing a message box from a bash script in linux
Best Linux Distro for Computer Repair
Mapping my custom keys in Debian
Any IcedTea war stories?
How do you find the age of a long-running Linux process?
Personal Linux web server
Programmatically talking to a Serial Port in OS X or Linux
what's in your .bashrc ?
Linux - files and scripts that execute on boot
Text Editor For Linux (Besides Vi)?
Lightweight IDE for Linux
Shell scripting input redirection oddities
XML Editing/Viewing Software
What should a longtime Windows user know when starting to use Linux?
Gtk SSH client for Linux?
Getting root permissions on a file inside of vi?
Is it possible to drag windows between workspaces when using Compiz?
GTK implementation of MessageBox
Is gettimeofday() guaranteed to be of microsecond resolution?