Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!uunet!mcsun!cernvax!chx400!chx400!bernina!neptune!inf.ethz.ch!brandis
From: brandis@inf.ethz.ch (Marc Brandis)
Newsgroups: comp.unix.aix
Subject: Re: Invalid pointer traps (S/6000)
Keywords: Traps, NIL, NULL, invalid pointers
Message-ID: <24591@neptune.inf.ethz.ch>
Date: 12 Feb 91 12:53:52 GMT
References: <24518@neptune.inf.ethz.ch> <1991Feb12.033513.27494@athena.mit.edu>
Sender: news@neptune.inf.ethz.ch
Reply-To: brandis@inf.ethz.ch (Marc Brandis)
Organization: Departement Informatik, ETH, Zurich
Lines: 45

In article <1991Feb12.033513.27494@athena.mit.edu> jfc@athena.mit.edu (John F Carr) writes:
>The problem is, page zero is mapped and readable.  The MMU detects no
>exception.
>
>Speculation: IBM found too many things broke when they made NULL pointer
>dereferences trap.  The documentation even says that *(int *)0 == 0.  AIX
>1.1 made NULL pointer reads trap, and IBM changed this for AIX 1.2 to allow
>reads from location 0.  I don't know if the AIX 1 developers talk to the AIX
>3 developers or not.

It is not just that page zero is mapped. Programs that are compiled and linked
without any special options get the start of the text segment at address 
0x10000000 and the start of the data segment at 0x20000000. The stack seems to
grow downwards from 0x2ffffffc. I wrote a small C program that tries to read
from each page starting at 0. It did not stop until it reached the page at
address 0x20044000, which is just above the end of the data segment.

Looking at this, it seems that the OS maps just everything below the data 
segment as readable as well as an area suitable for the stack (which was 
0x2df80000 up to 0x2ffffffc for my test program). 

These pages cannot all be mapped when the program starts, as this would mean
that several hundred megabytes of memory would have to be mapped. Since the
inverted page table architecture of the S/6000 does not easily allow sharing
of pages, this would result in an awful lot of real memory used up for this
purpose. Considering the high amount of paging activity when I am running my
test program, it seems that the pages become allocated when accessed.

From all this together, I would guess that the MMU detects the access to an
unmapped page, causes an exception and that the trap handler in turn allocates
a new page if its address is below the data segment limit. I really do not
understand what this should be good for. But anyway, even if this may have a
use somewhere, if should be possible to turn it off. 

So, once again, does anybody know a way to turn it off, or does at least 
somebody have an explanation why this has been implemented like that and
whether we can expect this to change in future releases of AIX?

Any help or pointers appreciated. Thanks.


Marc-Michael Brandis
Computer Systems Laboratory, ETH-Zentrum (Swiss Federal Institute of Technology)
CH-8092 Zurich, Switzerland
email: brandis@inf.ethz.ch