Dereferencing NULL pointers in AIX
Andreas Lohr
NULL pointer? Consider the following example:
#include <stdio.h>
int main(void)
{
int *bad_pointer = NULL;
printf("%d\n", *bad_pointer);
return 0;
}
This program does _not_ dump core under AIX 3.2.5. I would prefer a nice
and gentle SIGSEGV in this case.
Andreas
Joe Halpin
I don't use AIX, but HP-UX has the same 'feature'. It provides a
compiler and linker switch (-z if I remember right) which doesn't
allow anything to be located at address 0, and will produce the
expected result for dereferencing null pointers.
Check your man pages for the compiler and linker, they may have such
an option.
joe
Fred L. Johnson
Look at the -qcheck option for the compiler. This allows you to
specify run-time checking for several different fault types.
If I remember correctly we had to go back in and change the AIX
kernel to make page zero readable so that all the existing
"correct" programs out there that referenced NULL pointers
would run. It seems that people didn't appreciate AIX dumping
core on a program that ran without faulting on another
platform. ;-)
--
/| Fred L. Johnson, P.E. joh...@austin.ibm.com |\
\| AIX Kernel Bringup phone: (512) 838-3676 |/
John Carr
Fred L. Johnson <joh...@austin.ibm.com> wrote:
>It seems that people didn't appreciate AIX dumping
>core on a program that ran without faulting on another
>platform.
NULL pointers have caused core dumps on SunOS, the volume leader
for UNIX workstations, for years.
--
John Carr (j...@mit.edu)
Jens-Uwe Mager
> Look at the -qcheck option for the compiler. This allows you to
> specify run-time checking for several different fault types.
>
> If I remember correctly we had to go back in and change the AIX
> kernel to make page zero readable so that all the existing
> "correct" programs out there that referenced NULL pointers
> would run. It seems that people didn't appreciate AIX dumping
> core on a program that ran without faulting on another
> platform. ;-)
Ugh. I do not think this was a good idea. Reliability of programs is one
of my primary concerns, and accessing NULL pointers is one of the easy
things to find with a guard page. Even Sun did always core dump on NULL
references. I am wondering what platform this might be? The RT?
If you really want to dereference NULL you could always add the following
to your program:
#include <sys/types.h>
#include <sys/mman.h>
#include <fcntl.h>
main()
{
int fd = open("/dev/zero", O_RDWR);
register char *addr;
if (fd == -1) {
perror("zero");
exit(1);
}
addr = mmap(0, getpagesize(), PROT_READ|PROT_WRITE|PROT_EXEC,
MAP_FIXED|MAP_PRIVATE, fd, 0);
if (addr == (char *)-1) {
perror("mmap");
exit(1);
}
}
No, I do not use the above in my programs, this was for a quick&dirty port
of a MS-DOS program to SunOS for a demo.
______________________________________________________________________________
Jens-Uwe Mager j...@anubis.han.de
30177 Hannover j...@helios.de
Brahmsstr. 3 Tel.: +49 511 660238
Michael Meissner
Mager) writes:
| Ugh. I do not think this was a good idea. Reliability of programs is one
| of my primary concerns, and accessing NULL pointers is one of the easy
| things to find with a guard page. Even Sun did always core dump on NULL
| references. I am wondering what platform this might be? The RT?
At one time, I remember third-hand that under some conditions, the IBM compiler
folks optimize expressions like:
if (!p && *p) {
}
into:
tmp = *p;
if (!p && tm) {
}
(ie, speculatively load the contents of a pointer while you check whether it
was null or not).
--
Michael Meissner, Cygnus Support (East Coast)
Suite 105, 48 Grove Street, Somerville, MA 02144, USA
meis...@cygnus.com, 617-629-3016 (office), 617-629-3010 (fax)