Mailing List Archive

Support open source code!


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: tlug: gcc question





"Stephen J. Turnbull" wrote:
> 
> >>>>> "Fredric" == Fredric Fredricson <Fredric.Fredriksson@example.com> writes:
> 
>     Fredric> I doubt this will happen because the malloc() call will
>     Fredric> request a full page from the kernel so you will get no
>     Fredric> SIGSEGV until you reach the end of that page.
> 
> Well, actually, who knows?  Under the old GNU malloc, you'd get blocks
> that were powers of 2, so with "malloc(80)" you'd get 128 bytes, which
> could just happen to be at the end of allocated memory.  28 extra
> characters to SIGSEGV.
> 
It is not malloc(3) but sbrk(2) that malloc(3) use to request new
pages from the kernel that matters. If you allocate, say, 80 bytes
using malloc and start to use the returned pointer to write to 
memory outside these 80 bytes you will probably corrupt malloc(3)s 
data structures before you try to access data outside the allocated
memory for the process and get a SIGSEGV.
That is: your process is more or less doomed the moment you destroy 
malloc(3)s data structures, but you get no SIGSEGV until later. 
These are interesting bugs to try to track down. Almost as 
interesting as trying to figure out who corrupted the stack frames....

/Fredric
begin:vcard 
n:Fredricson;Fredric
tel;fax:+46 8 475 55 01
tel;work:+46 8 475 55 21
x-mozilla-html:FALSE
url:www.mydata.se
org:MYDATA automation AB;Development
adr:;;Adolfsbergsvägen 11;BROMMA;Stockholm;SE-168 66;Sweden
version:2.1
email;internet:fredric@example.com
title:Manager System Software R&D
fn:Fredric Fredricson
end:vcard

Home | Main Index | Thread Index

Home Page Mailing List Linux and Japan TLUG Members Links