
Memory Layout of a Program in C - jbquark
http://web.eecs.utk.edu/~huangj/cs360/360/notes/Memory/lecture.html
======
monocasa
So this is a whole lot more complicated these days. There's not one stack but
many for the different threads, regions have guard pages typically, and all
these regions are setup with mmap (so there's no sbrk syscall anymore) just
for starters.

~~~
megous

        strace ls
        execve("/usr/bin/ls", ["ls"], 0x7ffd86646d90 /* 61 vars */) = 0
        brk(NULL)                               = 0x5581b6542000
    

I see brk(), that's glibc.

~~~
aidenn0
brk() is undefined behavior if mmap is ever called.

~~~
emilfihlman
Can you post a definite source supporting this?

~~~
luke0016
There isn't one, because it's wrong.

Source: run strace on almost any useful Linux command (e.g. ls, sort, which,
...), you'll see it makes calls to both brk() and mmap().

~~~
toast0
The OP admitted it was wrong, but just because everyone does it doesn't mean
it's not undefined behavior.

------
ChrisSD
> As I have said previously, memory is like a huge array with (say) 0xffffffff
> elements. A pointer in C is an index to this array. Thus when a C pointer is
> 0xefffe034, it points to the 0xefffe035th element in the memory array
> (memory being indexed starting with zero).

I'm not sure how true this is outside of a particular platform/compiler. As
far as I'm aware, C doesn't actually define how pointers are represented, only
that they are a reference to memory (although null is a special case).
Pointers in C are very abstract which allows for much more aggressive
optimisations.

And all this is before we get into how memory actually works in practice, such
as CPU cache lines.

~~~
d1zzy
Indeed and it was really fun to work with pointers for programs targeting 16
bit (real mode) MS DOS.

~~~
userbinator
If you thought segmented memory was weird, then try something like an 8051
(3-byte "generic" pointers, stored in semi-big-endian order) or other Harvard-
architecture microcontroller.

------
rixed
> Unfortunately, you cannot access all elements of memory

That's rather fortunate, instead. Programming (esp. in C) under an operating
system/hardware architecture that does not provide this protection is a real
pain. Memory protection is a feature that is meant primarily to help
developers (to say nothing about security).

------
adito
A noob question here.

 _As it turns out, the first 8 pages on our hydra machines are void. This
means that trying to read to or write from any address from 0 to 0xffff will
result in a segmentation violation._

I have similar issue. I was following "A Whirlwind Tutorial on Creating Really
Teensy ELF Executables for Linux"[0]. And decided to put the start of .text
section at virtual address 0x0:

    
    
        ; tiny.asm
        BITS 32
    
        org     0x0
        
        ;
        ; (the same as the one in the teensy elf tutorial)
        ;
    

It results in segmentation fault when ran as normal user. But fine when ran as
super user. Changing the code to use address 0x10000 fix the problem.

My question: Is my issue because I create an elf that has .text section inside
that void region? Is this void region documented somewhere? What purpose does
it serve?

[0]:
[https://www.muppetlabs.com/~breadbox/software/tiny/teensy.ht...](https://www.muppetlabs.com/~breadbox/software/tiny/teensy.html)

~~~
comex
You may be running afoul of mmap_min_addr:

[https://wiki.debian.org/mmap_min_addr](https://wiki.debian.org/mmap_min_addr)

It's a security feature meant to protect the kernel from null pointer attacks.

~~~
adito
Thanks. It's been bugging me for a while.

------
floor_
Fun trick you can do, at least on windows, it to append your data to the
program's file with the offset as the very last thing you write so that it's
easy for it to find. I've run various programs like this through virus
scanners and the only type to false flag it were the "neural network ai"
scanners. So that shouldn't be a problem.

~~~
mschuster91
Works in bash, too ([https://makeself.io/](https://makeself.io/)), as well as
in PHP ([https://www.php.net/manual/de/function.halt-
compiler.php](https://www.php.net/manual/de/function.halt-compiler.php)).

