Jemalloc SEGV for 1MB chunk

Søren Schmidt sos at freebsd.org
Wed Jan 28 04:53:54 PST 2009 

On 28Jan, 2009, at 13:45 , Channa wrote:

> Hi,
> "This really does not belong on freebsd-current at ." by this you mean to
> say in FreeBSD current this problem is not seen.
>
> Are you referring to FreeBSD current jemalloc version which is  
> "1.183".
> Since i am using the same Version of jemalloc to test the code.
>
> Could you please elaborate more if my understanding on your statment  
> is correct?

You are using strlen() on a string that is not NULL terminated. That  
is a violation of how strlen() works, and the result is undefined.  
That means anything can happen including killing you dog, eating your  
first born child etc etc.

To be brutally honest with you, this is one of the most important  
things you (should) learn when using strings in 'C', that is why it  
doesn't belong here on the list.

-Søren

>
>
> Thanks in Advance,
> Channa
>
>
> On 28/01/2009, Christoph Mallon <christoph.mallon at gmx.de> wrote:
>> Channa schrieb:
>>
>>> Hi,
>>> Thanks for the reply.
>>>
>>> I understand , after terminating the string with NULL character no  
>>> SEGV is
>> seen.
>>>
>>> But if i change the request size to a value less than 1MB for eg:  
>>> 4096
>> Bytes,
>>>
>>> As in the below test code:
>>>
>>> #include <stdio.h>
>>> #include <stdlib.h>
>>> #include <string.h>
>>>
>>> int main()
>>> {
>>> int i;
>>> char *buf;
>>> size_t size = 4096  ;
>>>
>>>       buf = malloc(size);
>>> for (i = 0; i < size; i++)
>>>   buf[i] = 'a';
>>> printf("The length of buff is : %d\n",strlen(buf));
>>> free(buf);
>>> return 0;
>>> }
>>>
>>> I dont see any issues, without terminating the string with NULL
>>> character the test code works fine. The issue is seen only for size
>>> 1MB exactly.
>>>
>>> Can anyone explain this behaviour?
>>>
>>
>> Undefined behaviour and (bad) luck. You are reading random garbage  
>> from
>> memory. For a large allocation like 1MB you get page aligned memory  
>> and the
>> page after the allocation is very likely not mapped, so you get a  
>> segfault
>> when you try to access it.
>> This really does not belong on freebsd-current at .
>>
> _______________________________________________
> freebsd-current at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-current
> To unsubscribe, send any mail to "freebsd-current-unsubscribe at freebsd.org 
> "
>

-Søren

More information about the freebsd-current mailing list