From owner-freebsd-current@FreeBSD.ORG Wed Jan 28 12:30:09 2009 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id A575510659F7 for ; Wed, 28 Jan 2009 12:30:09 +0000 (UTC) (envelope-from christoph.mallon@gmx.de) Received: from mail.gmx.net (mail.gmx.net [213.165.64.20]) by mx1.freebsd.org (Postfix) with SMTP id E66178FC08 for ; Wed, 28 Jan 2009 12:30:08 +0000 (UTC) (envelope-from christoph.mallon@gmx.de) Received: (qmail invoked by alias); 28 Jan 2009 12:30:07 -0000 Received: from p54A3E68D.dip.t-dialin.net (EHLO tron.homeunix.org) [84.163.230.141] by mail.gmx.net (mp037) with SMTP; 28 Jan 2009 13:30:07 +0100 X-Authenticated: #1673122 X-Provags-ID: V01U2FsdGVkX19r9dFQOplrUe1Pp4GpYbuWCvJG6JAO9JvsWG7OWy De8oewkCbBcew5 Message-ID: <49804FCE.7090405@gmx.de> Date: Wed, 28 Jan 2009 13:30:06 +0100 From: Christoph Mallon User-Agent: Thunderbird 2.0.0.19 (X11/20090103) MIME-Version: 1.0 To: Channa References: <515c64960901280339m17fa9309v2e1bc3f55454ab@mail.gmail.com> <49804597.6040303@gmx.de> <515c64960901280401w1e1d08bfx29adc124bc749c4a@mail.gmail.com> <515c64960901280425y642a190ka31409cfc2a2fd8f@mail.gmail.com> In-Reply-To: <515c64960901280425y642a190ka31409cfc2a2fd8f@mail.gmail.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Y-GMX-Trusted: 0 X-FuHaFi: 0.58 Cc: freebsd-current@freebsd.org Subject: Re: Jemalloc SEGV for 1MB chunk X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 28 Jan 2009 12:30:10 -0000 Channa schrieb: > Hi, > Thanks for the reply. > > I understand , after terminating the string with NULL character no SEGV is seen. > > But if i change the request size to a value less than 1MB for eg: 4096 Bytes, > > As in the below test code: > > #include > #include > #include > > int main() > { > int i; > char *buf; > size_t size = 4096 ; > > buf = malloc(size); > for (i = 0; i < size; i++) > buf[i] = 'a'; > printf("The length of buff is : %d\n",strlen(buf)); > free(buf); > return 0; > } > > I dont see any issues, without terminating the string with NULL > character the test code works fine. The issue is seen only for size > 1MB exactly. > > Can anyone explain this behaviour? Undefined behaviour and (bad) luck. You are reading random garbage from memory. For a large allocation like 1MB you get page aligned memory and the page after the allocation is very likely not mapped, so you get a segfault when you try to access it. This really does not belong on freebsd-current@.