SlideShare a Scribd company logo

Process' Virtual Address Space in GNU/Linux

โ€ข
โ€ข
Varun Mahajan
Varun Mahajan
Education
1 of 21
Process' Virtual Address Space In GNU/Linux Author: Varun Mahajan <varunmahajan06@gmail.com>
Contents ๏ฌ Virtual Memory ๏ฌ Virtual Address Space: User/Kernel ๏ฌ Program Structure ๏ฌ Process' Virtual Address Space โ€“ brk, sbrk โ€“ mmap โ€“ malloc, free, mallopt, mallinfo โ€“ fork, vfork โ€“ execv The Content is specific to GNU/Linux System running on x86
Virtual Memory Virtual memory is a technique that allows the execution of processes that are not completely in Virtual Address Space of physical memory a Process The logical (or virtual) view โ— Programs can be larger than physical memory of how a process is stored in memory โ— Separates the logical memory (large) as viewed by the user from physical memory (small) โ— Makes the task of programming much easier, because the programmer no longer needs to worry about the amount of physical memory available โ— Libraries can be shared by several processes through mapping of the shared object into a virtual address space. Although each process considers the shared libraries to be a part of its virtual address space, the actual physical pages where the libraries reside in physical memory are shared by all the processes โ— Allows one process to create a region of memory that it can share with another process. Processes sharing this region consider it part of their virtual address space, yet the actual physical pages of memory are shared โ— Allows for more efficient process creation
Virtual Memory โ— Virtual Address: Address generated by CPU โ— Physical Address: Actual address of the physical memory (RAM) โ— MMU does the virtual to physical address translation โ— The physical memory available in a system may be less than the virtual memory โ— E.g. OMAP3430: โ— 32 bit virtual addresses โ— Total virtual address space: 4 GB โ— The Virtual address space is split into two parts: โ— User space, which potentially changes with each full context switch โ— Kernel space, which remains constant โ— The virtual memory is divided into pages (4 KB is typical). Backing each page of virtual memory is a page of physical memory or some secondary storage โ— In order for a process to access any part of a virtual page, the page must at that moment be backed by (โ€œconnected toโ€) a page in the physical memory. But because there is usually a lot more virtual memory than real memory, the pages must move back and forth between main memory and secondary storage regularly, coming into main memory when a process needs to access them and then retreating to backing store when not needed anymore. This movement is called paging. When a program attempts to access a page which is not at that moment backed by real memory, this is known as a page fault. When a page fault occurs, the kernel suspends the process, places the page into the physical memory (this is called โ€œpaging inโ€), then resumes the process so that from the processโ€™ point of view, the page was in physical memory all along
Virtual Address Space Example 0x0000 0000 ... ... ... ... ... User Space (3 GB ) ... ... ... ... ... ... TASK_SIZE PAGE_OFFSET 0xC000 0000 ... ... Kernel Space (1 GB) ... 0xFFFF FFFF
Program Structure (ELF Format) ELF Header Program Header Table Section Header Table .symtab TEXT Segment (Loadable): .strtab Contains read-only data and instructions etc .hash .dynsym .dynstr .rel.dyn .rel.plt .init .plt .text DATA Segment (Loadable): .fini Contains writable data and instructions .rodata etc .ctors .dtors .dynamic .got .got.plt .data .bss etc
Process' Virtual Address Space 0x0804 8000 TEXT SEGMENT 0x0804 8804 main() 0x0804 b000 0x0804 b1a0 gcArray [100000] DATA SEGMENT 0x0806 383f 0x09d1 4000 (brk) Available for: HEAP growth 2.71 GB and mmap 0xb7e1 a000 Shared Libraries 0xb7f7 5000 0xb7f8 b000 Shared Libraries 0xb7fa 8000 Available for STACK growth 0xbfd9 2000 Stack 0xbfda 4a9c lcArray [100] 0xbfda 4aff 0xbfd a 7000
brk(), sbrk(), malloc(), free() int brk (void *addr) void *sbrk (ptrdiff_t delta) These functions are used to resize the Data Segment System call: brk โ— brk() sets the high end of the calling process' Data Segment to addr โ— sbrk() is same as brk() except that the new end of the Data Segment is specified as an offset delta. sbrk(0) gives you the current end of the Data Segment void *malloc (size_t size) This function is used to allocate a new size bytes long block Uses: โ— sbrk() OR โ— mmap() (for large sized blocks). This has great advantage that these chunks are returned to the system immediately when they are freed. Therefore it cannot happen that a large chunk becomes 'locked' in between smaller ones and, even after calling free(), wastes memory void free (void *ptr) This function deallocates the the block of memory pointed at by ptr Occasionally, free() can actually return memory to the operating system and make the process smaller. Usually, all it can do is allow a later call to malloc() to reuse the space. In the meantime, the space remains in your program as part of a free-list used internally by malloc()
malloc (100000) 0x0804 8000 0x0804 8000 TEXT SEGMENT 0x0804 8804 main() TEXT SEGMENT 0x0804 8804 main() 0x0804 b000 0x0804 b000 0x0804 b1a0 0x0804 b1a0 gcArray [100000] gcArray [100000] DATA SEGMENT 0x0806 383f 0x0806 383f DATA SEGMENT 0x09d1 4000 (brk) 0x09d1 4008 Obtained by 0x09d2 c6a7 malloc(100000) 0x09d4 d000 (brk) Available for: malloc (100000) HEAP growth Available for: and HEAP growth mmap and mmap 0xb7e1 a000 0xb7e1 a000 Shared Libraries Shared Libraries 0xb7f7 5000 0xb7f7 5000 0xb7f8 b000 0xb7f8 b000 Shared Libraries Shared Libraries 0xb7fa 8000 0xb7fa 8000 Available for STACK growth Available for STACK growth 0xbfd9 2000 0xbfd9 2000 Stack 0xbfda 4a9c Stack 0xbfda 4a9c lcArray [100] lcArray [100] 0xbfda 4aff 0xbfda 4aff 0xbfd a 7000 0xbfd a 7000
mmap() void *mmap (void *address, size_t length, int protect, int flags, int filedes, off_t offset) This function creates a new mapping, connected to bytes (offset) to (offset + length-1) in the file open on filedes System call: mmap E.g. char *buf = mmap (NULL, 1MB, PROT_READ|PROT_WRITE, MAP_SHARED, fd, 0) โ— address: Preferred starting address for the mapping. NULL expresses no preference โ— protect: Access permissions โ— flags: โ— MAP_PRVATE: Specifies that the writes to region should never be written back to the attached file. Instead, a copy is made for the process โ— MAP_SHARED: This means that the writes to the region will be written back to the file. Changes will be shared with other processes mmaping the same file โ— MMAP_ANONYMOUS: Tells the system to create an anonymous mapping, not connected to a file. The region is initialized with zeros malloc() uses mmap() with MMAP_ANONYMOUS to allocate large sized blocks
mmap (NULL, 1MB, PROT_READ|PROT_WRITE, MAP_SHARED, fd, 0) 0x0804 8000 0x0804 8000 TEXT SEGMENT 0x0804 8804 main() TEXT SEGMENT 0x0804 8804 main() 0x0804 b000 0x0804 b000 0x0804 b1a0 0x0804 b1a0 gcArray [100000] gcArray [100000] 0x0806 383f 0x0806 383f DATA SEGMENT DATA SEGMENT 0x09d1 4008 Obtained by 0x09d1 4008 Obtained by 0x09d2 c6a7 malloc(100000) 0x09d2 c6a7 malloc(100000) 0x09d4 d000 (brk) 0x09d4 d000 (brk) mmap (...,1MB,...) Available for: HEAP growth and mmap 0xb7d1 9000 Mapped initial data.txt 1 MB of 0xb7e1 8fff data.txt using mmap() 0xb7e1 a000 0xb7e1 a000 Shared Libraries Shared Libraries 0xb7f7 5000 0xb7f7 5000 0xb7f8 b000 0xb7f8 b000 Shared Libraries Shared Libraries 0xb7fa 8000 0xb7fa 8000 Available for STACK growth Available for STACK growth 0xbfd9 2000 0xbfd9 2000 Stack 0xbfda 4a9c Stack 0xbfda 4a9c lcArray [100] lcArray [100] 0xbfda 4aff 0xbfda 4aff 0xbfd a 7000 0xbfd a 7000
malloc (1MB) 0x0804 8000 0x0804 8000 TEXT SEGMENT 0x0804 8804 main() TEXT SEGMENT 0x0804 8804 main() 0x0804 b000 0x0804 b000 0x0804 b1a0 0x0804 b1a0 gcArray [100000] gcArray [100000] 0x0806 383f 0x0806 383f DATA SEGMENT DATA SEGMENT 0x09d1 4008 Obtained by 0x09d1 4008 Obtained by 0x09d2 c6a7 malloc(100000) 0x09d2 c6a7 malloc(100000) 0x09d4 d000 (brk) 0x09d4 d000 (brk) malloc (1MB) 0xb7c1 8008 Obtained by MMAP_ANONYMOUS malloc(1MB) 0xb7d1 8007 0xb7d1 9000 Mapped initial 0xb7d1 9000 Mapped initial data.txt 1 MB of data.txt 1 MB of 0xb7e1 8fff data.txt using 0xb7e1 8fff data.txt using mmap() mmap() 0xb7e1 a000 0xb7e1 a000 Shared Libraries Shared Libraries 0xb7f7 5000 0xb7f7 5000 0xb7f8 b000 0xb7f8 b000 Shared Libraries Shared Libraries 0xb7fa 8000 0xb7fa 8000 Available for STACK growth Available for STACK growth 0xbfd9 2000 0xbfd9 2000 Stack 0xbfda 4a9c Stack 0xbfda 4a9c lcArray [100] lcArray [100] 0xbfda 4aff 0xbfda 4aff 0xbfd a 7000 0xbfd a 7000
mallopt(), mallinfo() int mallopt (int param, int value) This function is used to adjust some parameters for dynamic memory allocation Parameters: โ— M_MMAP_THRESHOLD: All chunks larger than this value are allocated outside the normal heap, using mmap() โ— M_MMAP_MAX: The maximum number of chunks to allocate with mmap() โ— M_TOP_PAD: The amount of extra memory to obtain from the system when a call to sbrk() is required. It also specifies the number of bytes to retain when shrinking the heap by calling sbrk() with a negative argument. This provides the necessary hysteresis in in heap size such that excessive amounts of system calls can be avoided โ— M_TRIM_THRESHOLD: The minimum size (in bytes) of the top-most, releasable chunk that will call sbrk() to be called with a negative argument in order to return memory to the system struct mallinfo mallinfo (void) This function is used to get information about dynamic memory allocator struct mallinfo โ— arena: Total size of memory allocated with sbrk() by malloc(), in bytes โ— hblkhd: Total size of memory allocated with mmap() by malloc(), in bytes โ— fordblks: Total size of memory occupied by free (not in use) chunks, in bytes โ— etc
fork() pid_t fork(void) This function is used to create a new process System call: fork โ— Called by the parent โ— Called once, returns twice โ— Return value in child: 0 โ— Return value in parent: pid of the child โ— Creates a complete copy of the Virtual Address Space of the parent for the child โ— A technique known as Copy-On-Write is used โ— Initially the parent and the child share the same physical pages in their address spaces โ— These pages are marked as copy-on-write, meaning that if either process writes to the shared page, a copy of the shared page is created
P1 calls fork() P1 (parent) P2 (child) 0x0804 8000 0x0804 8000 TEXT SEGMENT 0x0804 8804 main() TEXT SEGMENT 0x0804 8804 main() 0x0804 b000 0x0804 b000 0x0804 b1a0 0x0804 b1a0 gcArray [100000] gcArray [100000] 0x0806 383f 0x0806 383f DATA SEGMENT DATA SEGMENT 0x09d1 4008 Obtained by 0x09d1 4008 Obtained by 0x09d2 c6a7 malloc(100000) 0x09d2 c6a7 malloc(100000) 0x09d4 d000 (brk) 0x09d4 d000 (brk) 0xb7c1 8008 Obtained by 0xb7c1 8008 Obtained by MMAP_ANONYMOUS malloc(1MB) MMAP_ANONYMOUS malloc(1MB) 0xb7d1 8007 0xb7d1 8007 0xb7d1 9000 Mapped initial 0xb7d1 9000 Mapped initial data.txt 1 MB of data.txt 1 MB of 0xb7e1 8fff data.txt using 0xb7e1 8fff data.txt using mmap() mmap() 0xb7e1 a000 0xb7e1 a000 Shared Libraries Shared Libraries 0xb7f7 5000 0xb7f7 5000 0xb7f8 b000 0xb7f8 b000 Shared Libraries Shared Libraries 0xb7fa 8000 0xb7fa 8000 Available for STACK growth Available for STACK growth 0xbfd9 2000 0xbfd9 2000 Stack 0xbfda 4a9c Stack 0xbfda 4a9c lcArray [100] lcArray [100] 0xbfda 4aff 0xbfda 4aff 0xbfd a 7000 0xbfd a 7000
Copy-On-Write Before Process 1 modifies page C After Process1 modifies page C Copy of page C
execv() int execv (const char *pathname, char *const argv[]) This function is used to execute a program System call: execve โ— Terminates the currently running program โ— Replaces the current process (Text, Data, Heap, Stack) with a new program from disk โ— The pages of the binary file are mapped into regions of Virtual Address Space of the process. Only when the program tries to access a given page will a page fault result in the loading of that page into physical memory using Demand Paging โ— Executes the new program in the context of the existing process
P2 calls execv() P2 (child) P2 (child) 0x0804 8000 0x0804 8000 TEXT SEGMENT 0x0804 8804 main() TEXT SEGMENT 0x0804 8554 main() 0x0804 b000 0x0804 a000 0x0804 b1a0 gcArray [100000] 0x0806 383f DATA SEGMENT DATA SEGMENT 0x09d1 4008 Obtained by 0x0937 4000 (brk) 0x09d2 c6a7 malloc(100000) 0x09d4 d000 (brk) execv() Available for: HEAP growth 0xb7c1 8008 Obtained by and MMAP_ANONYMOUS malloc(1MB) mmap 0xb7d1 8007 0xb7d1 9000 Mapped initial data.txt 1 MB of 0xb7e1 8fff data.txt using mmap() 0xb7e1 a000 0xb7e3 c000 Shared Libraries Shared Libraries 0xb7f7 5000 0xb7f9 7000 0xb7f8 b000 0xb7fa d000 Shared Libraries Shared Libraries 0xb7fa 8000 0xb7fc a000 Available for STACK growth Available for STACK growth 0xbfd9 2000 0xbfcb 5000 Stack 0xbfda 4a9c Stack lcArray [100] 0xbfda 4aff 0xbfd a 7000 0xbfcc a000
vfork() pid_t vfork(void) This function is used to create a new process when the purpose of the new process is to exec a new program System call: vfork โ— The child process shares the Virtual Address Space of the parent โ— The parent process is suspended till the child calls exec or exit โ— If the child process (before calling exec or exit) changes any pages of the parent's Address Space, the altered pages will be visible to the parent once it resumes
References โ— Operating System Principles, 7th ed, Silberschatz, Galvin, Gagne โ— Understanding the Linux Virtual Memory Manager, Mel Gorman โ— The GNU C Library Reference Manual 0.12 ed โ— Advanced Programming in the UNIX Environment, W. Richard Stevens โ— Tool Interface Standard (TIS) Executable and Linking Format (ELF) Specification Version 1.2 โ— OMAP3430 TRM โ— http://www.tenouk.com/Bufferoverflowc/Bufferoverflow1c.html โ— http://www.linuxjournal.com/article/6059 โ— http://www.cis.gvsu.edu/~wolffe/courses/cs656/projects/tutorial_UNIX.html
END...

Recommended

Os unit 3 , process management
Os unit 3 , process managementOs unit 3 , process management
Os unit 3 , process managementArnav Chowdhury
ย 
Process Address Space: The way to create virtual address (page table) of user...
Process Address Space: The way to create virtual address (page table) of user...Process Address Space: The way to create virtual address (page table) of user...
Process Address Space: The way to create virtual address (page table) of user...Adrian Huang
ย 
Physical Memory Models.pdf
Physical Memory Models.pdfPhysical Memory Models.pdf
Physical Memory Models.pdfAdrian Huang
ย 
Linux scheduler
Linux schedulerLinux scheduler
Linux schedulerLiran Ben Haim
ย 
Linux Initialization Process (2)
Linux Initialization Process (2)Linux Initialization Process (2)
Linux Initialization Process (2)shimosawa
ย 
Kernel. Operating System
Kernel. Operating SystemKernel. Operating System
Kernel. Operating Systempratikkadam78
ย 
System call (Fork +Exec)
System call (Fork +Exec)System call (Fork +Exec)
System call (Fork +Exec)Amit Ghosh
ย 
Linux Kernel Booting Process (1) - For NLKB
Linux Kernel Booting Process (1) - For NLKBLinux Kernel Booting Process (1) - For NLKB
Linux Kernel Booting Process (1) - For NLKBshimosawa
ย 

Recommended

Os unit 3 , process management
Os unit 3 , process managementOs unit 3 , process management
Os unit 3 , process managementArnav Chowdhury
ย 
Process Address Space: The way to create virtual address (page table) of user...
Process Address Space: The way to create virtual address (page table) of user...Process Address Space: The way to create virtual address (page table) of user...
Process Address Space: The way to create virtual address (page table) of user...Adrian Huang
ย 
Physical Memory Models.pdf
Physical Memory Models.pdfPhysical Memory Models.pdf
Physical Memory Models.pdfAdrian Huang
ย 
Linux scheduler
Linux schedulerLinux scheduler
Linux schedulerLiran Ben Haim
ย 
Linux Initialization Process (2)
Linux Initialization Process (2)Linux Initialization Process (2)
Linux Initialization Process (2)shimosawa
ย 
Kernel. Operating System
Kernel. Operating SystemKernel. Operating System
Kernel. Operating Systempratikkadam78
ย 
System call (Fork +Exec)
System call (Fork +Exec)System call (Fork +Exec)
System call (Fork +Exec)Amit Ghosh
ย 
Linux Kernel Booting Process (1) - For NLKB
Linux Kernel Booting Process (1) - For NLKBLinux Kernel Booting Process (1) - For NLKB
Linux Kernel Booting Process (1) - For NLKBshimosawa
ย 
Operating system - Process and its concepts
Operating system - Process and its conceptsOperating system - Process and its concepts
Operating system - Process and its conceptsKaran Thakkar
ย 
Reverse Mapping (rmap) in Linux Kernel
Reverse Mapping (rmap) in Linux KernelReverse Mapping (rmap) in Linux Kernel
Reverse Mapping (rmap) in Linux KernelAdrian Huang
ย 
Linux MMAP & Ioremap introduction
Linux MMAP & Ioremap introductionLinux MMAP & Ioremap introduction
Linux MMAP & Ioremap introductionGene Chang
ย 
Storage Management
Storage ManagementStorage Management
Storage ManagementSURBHI SAROHA
ย 
Operating systems system structures
Operating systems system structuresOperating systems system structures
Operating systems system structuresMukesh Chinta
ย 
Linux memory-management-kamal
Linux memory-management-kamalLinux memory-management-kamal
Linux memory-management-kamalKamal Maiti
ย 
Operating system concepts
Operating system conceptsOperating system concepts
Operating system conceptsArnav Chowdhury
ย 
System call
System callSystem call
System callSumant Diwakar
ย 
Memory management ppt
Memory management pptMemory management ppt
Memory management pptManishaJha43
ย 
Memory Management
Memory ManagementMemory Management
Memory ManagementSanthiNivas
ย 
Physical Memory Management.pdf
Physical Memory Management.pdfPhysical Memory Management.pdf
Physical Memory Management.pdfAdrian Huang
ย 
HKG15-107: ACPI Power Management on ARM64 Servers (v2)
HKG15-107: ACPI Power Management on ARM64 Servers (v2)HKG15-107: ACPI Power Management on ARM64 Servers (v2)
HKG15-107: ACPI Power Management on ARM64 Servers (v2)Linaro
ย 
Linux Memory Management
Linux Memory ManagementLinux Memory Management
Linux Memory ManagementNi Zo-Ma
ย 
Process management
Process managementProcess management
Process managementBirju Tank
ย 
Process management in operating system | process states | PCB | FORK() | Zomb...
Process management in operating system | process states | PCB | FORK() | Zomb...Process management in operating system | process states | PCB | FORK() | Zomb...
Process management in operating system | process states | PCB | FORK() | Zomb...Shivam Mitra
ย 
Page cache in Linux kernel
Page cache in Linux kernelPage cache in Linux kernel
Page cache in Linux kernelAdrian Huang
ย 
Vmlinux: anatomy of bzimage and how x86 64 processor is booted
Vmlinux: anatomy of bzimage and how x86 64 processor is bootedVmlinux: anatomy of bzimage and how x86 64 processor is booted
Vmlinux: anatomy of bzimage and how x86 64 processor is bootedAdrian Huang
ย 
Process scheduling (CPU Scheduling)
Process scheduling (CPU Scheduling)Process scheduling (CPU Scheduling)
Process scheduling (CPU Scheduling)Mukesh Chinta
ย 
Threads
ThreadsThreads
ThreadsShivam Singh
ย 
Os Threads
Os ThreadsOs Threads
Os ThreadsSalman Memon
ย 
Virtual memory 20070222-en
Virtual memory 20070222-enVirtual memory 20070222-en
Virtual memory 20070222-enTetsuyuki Kobayashi
ย 
Linux memory
Linux memoryLinux memory
Linux memoryericrain911
ย 

More Related Content

What's hot

Operating system - Process and its concepts
Operating system - Process and its conceptsOperating system - Process and its concepts
Operating system - Process and its conceptsKaran Thakkar
ย 
Reverse Mapping (rmap) in Linux Kernel
Reverse Mapping (rmap) in Linux KernelReverse Mapping (rmap) in Linux Kernel
Reverse Mapping (rmap) in Linux KernelAdrian Huang
ย 
Linux MMAP & Ioremap introduction
Linux MMAP & Ioremap introductionLinux MMAP & Ioremap introduction
Linux MMAP & Ioremap introductionGene Chang
ย 
Storage Management
Storage ManagementStorage Management
Storage ManagementSURBHI SAROHA
ย 
Operating systems system structures
Operating systems system structuresOperating systems system structures
Operating systems system structuresMukesh Chinta
ย 
Linux memory-management-kamal
Linux memory-management-kamalLinux memory-management-kamal
Linux memory-management-kamalKamal Maiti
ย 
Operating system concepts
Operating system conceptsOperating system concepts
Operating system conceptsArnav Chowdhury
ย 
Memory management ppt
Memory management pptMemory management ppt
Memory management pptManishaJha43
ย 
Memory Management
Memory ManagementMemory Management
Memory ManagementSanthiNivas
ย 
Physical Memory Management.pdf
Physical Memory Management.pdfPhysical Memory Management.pdf
Physical Memory Management.pdfAdrian Huang
ย 
HKG15-107: ACPI Power Management on ARM64 Servers (v2)
HKG15-107: ACPI Power Management on ARM64 Servers (v2)HKG15-107: ACPI Power Management on ARM64 Servers (v2)
HKG15-107: ACPI Power Management on ARM64 Servers (v2)Linaro
ย 
Linux Memory Management
Linux Memory ManagementLinux Memory Management
Linux Memory ManagementNi Zo-Ma
ย 
Process management
Process managementProcess management
Process managementBirju Tank
ย 
Process management in operating system | process states | PCB | FORK() | Zomb...
Process management in operating system | process states | PCB | FORK() | Zomb...Process management in operating system | process states | PCB | FORK() | Zomb...
Process management in operating system | process states | PCB | FORK() | Zomb...Shivam Mitra
ย 
Page cache in Linux kernel
Page cache in Linux kernelPage cache in Linux kernel
Page cache in Linux kernelAdrian Huang
ย 
Vmlinux: anatomy of bzimage and how x86 64 processor is booted
Vmlinux: anatomy of bzimage and how x86 64 processor is bootedVmlinux: anatomy of bzimage and how x86 64 processor is booted
Vmlinux: anatomy of bzimage and how x86 64 processor is bootedAdrian Huang
ย 
Process scheduling (CPU Scheduling)
Process scheduling (CPU Scheduling)Process scheduling (CPU Scheduling)
Process scheduling (CPU Scheduling)Mukesh Chinta
ย 
Os Threads
Os ThreadsOs Threads
Os ThreadsSalman Memon
ย 

What's hot (20)

Operating system - Process and its concepts
Operating system - Process and its conceptsOperating system - Process and its concepts
Operating system - Process and its concepts
ย 
Reverse Mapping (rmap) in Linux Kernel
Reverse Mapping (rmap) in Linux KernelReverse Mapping (rmap) in Linux Kernel
Reverse Mapping (rmap) in Linux Kernel
ย 
Linux MMAP & Ioremap introduction
Linux MMAP & Ioremap introductionLinux MMAP & Ioremap introduction
Linux MMAP & Ioremap introduction
ย 
Storage Management
Storage ManagementStorage Management
Storage Management
ย 
Operating systems system structures
Operating systems system structuresOperating systems system structures
Operating systems system structures
ย 
Linux memory-management-kamal
Linux memory-management-kamalLinux memory-management-kamal
Linux memory-management-kamal
ย 
Operating system concepts
Operating system conceptsOperating system concepts
Operating system concepts
ย 
System call
System callSystem call
System call
ย 
Memory management ppt
Memory management pptMemory management ppt
Memory management ppt
ย 
Memory Management
Memory ManagementMemory Management
Memory Management
ย 
Physical Memory Management.pdf
Physical Memory Management.pdfPhysical Memory Management.pdf
Physical Memory Management.pdf
ย 
HKG15-107: ACPI Power Management on ARM64 Servers (v2)
HKG15-107: ACPI Power Management on ARM64 Servers (v2)HKG15-107: ACPI Power Management on ARM64 Servers (v2)
HKG15-107: ACPI Power Management on ARM64 Servers (v2)
ย 
Linux Memory Management
Linux Memory ManagementLinux Memory Management
Linux Memory Management
ย 
Process management
Process managementProcess management
Process management
ย 
Process management in operating system | process states | PCB | FORK() | Zomb...
Process management in operating system | process states | PCB | FORK() | Zomb...Process management in operating system | process states | PCB | FORK() | Zomb...
Process management in operating system | process states | PCB | FORK() | Zomb...
ย 
Page cache in Linux kernel
Page cache in Linux kernelPage cache in Linux kernel
Page cache in Linux kernel
ย 
Vmlinux: anatomy of bzimage and how x86 64 processor is booted
Vmlinux: anatomy of bzimage and how x86 64 processor is bootedVmlinux: anatomy of bzimage and how x86 64 processor is booted
Vmlinux: anatomy of bzimage and how x86 64 processor is booted
ย 
Process scheduling (CPU Scheduling)
Process scheduling (CPU Scheduling)Process scheduling (CPU Scheduling)
Process scheduling (CPU Scheduling)
ย 
Threads
ThreadsThreads
Threads
ย 
Os Threads
Os ThreadsOs Threads
Os Threads
ย 

Similar to Process' Virtual Address Space in GNU/Linux

Virtual memory 20070222-en
Virtual memory 20070222-enVirtual memory 20070222-en
Virtual memory 20070222-enTetsuyuki Kobayashi
ย 
Linux memory
Linux memoryLinux memory
Linux memoryericrain911
ย 
Vmreport
VmreportVmreport
Vmreportmeru2ks
ย 
Driver development โ€“ memory management
Driver development โ€“ memory managementDriver development โ€“ memory management
Driver development โ€“ memory managementVandana Salve
ย 
Case leakage
Case leakageCase leakage
Case leakagetcbarrett
ย 
Linux Kernel Booting Process (2) - For NLKB
Linux Kernel Booting Process (2) - For NLKBLinux Kernel Booting Process (2) - For NLKB
Linux Kernel Booting Process (2) - For NLKBshimosawa
ย 
Linux memorymanagement
Linux memorymanagementLinux memorymanagement
Linux memorymanagementpradeepelinux
ย 
Operating system Memory management
Operating system Memory management Operating system Memory management
Operating system Memory management Shashank Asthana
ย 
virtual memory
virtual memoryvirtual memory
virtual memoryAbeer Naskar
ย 
Virtual Memory In Contemporary Microprocessors And 64-Bit Microprocessors Arc...
Virtual Memory In Contemporary Microprocessors And 64-Bit Microprocessors Arc...Virtual Memory In Contemporary Microprocessors And 64-Bit Microprocessors Arc...
Virtual Memory In Contemporary Microprocessors And 64-Bit Microprocessors Arc...Anurag Deb
ย 
Opetating System Memory management
Opetating System Memory managementOpetating System Memory management
Opetating System Memory managementJohan Granados Montero
ย 
Understanding the virtual memory - Ixia Connect #2
Understanding the virtual memory - Ixia Connect #2Understanding the virtual memory - Ixia Connect #2
Understanding the virtual memory - Ixia Connect #2IxiaRomania
ย 
Cache memory
Cache memoryCache memory
Cache memoryMohanChimanna
ย 
Linux Memory Management with CMA (Contiguous Memory Allocator)
Linux Memory Management with CMA (Contiguous Memory Allocator)Linux Memory Management with CMA (Contiguous Memory Allocator)
Linux Memory Management with CMA (Contiguous Memory Allocator)Pankaj Suryawanshi
ย 
Week-13-Memory Managementggvgjjjbbbb.ppt
Week-13-Memory Managementggvgjjjbbbb.pptWeek-13-Memory Managementggvgjjjbbbb.ppt
Week-13-Memory Managementggvgjjjbbbb.pptTanyaSharma662971
ย 

Similar to Process' Virtual Address Space in GNU/Linux (20)

Virtual memory 20070222-en
Virtual memory 20070222-enVirtual memory 20070222-en
Virtual memory 20070222-en
ย 
Linux memory
Linux memoryLinux memory
Linux memory
ย 
Vmreport
VmreportVmreport
Vmreport
ย 
Driver development โ€“ memory management
Driver development โ€“ memory managementDriver development โ€“ memory management
Driver development โ€“ memory management
ย 
Case leakage
Case leakageCase leakage
Case leakage
ย 
virtual memory - Computer operating system
virtual memory - Computer operating systemvirtual memory - Computer operating system
virtual memory - Computer operating system
ย 
Vmfs
VmfsVmfs
Vmfs
ย 
Linux Kernel Booting Process (2) - For NLKB
Linux Kernel Booting Process (2) - For NLKBLinux Kernel Booting Process (2) - For NLKB
Linux Kernel Booting Process (2) - For NLKB
ย 
Linux memorymanagement
Linux memorymanagementLinux memorymanagement
Linux memorymanagement
ย 
Operating system Memory management
Operating system Memory management Operating system Memory management
Operating system Memory management
ย 
memory_mapping.ppt
memory_mapping.pptmemory_mapping.ppt
memory_mapping.ppt
ย 
Linux%20 memory%20management
Linux%20 memory%20managementLinux%20 memory%20management
Linux%20 memory%20management
ย 
virtual memory
virtual memoryvirtual memory
virtual memory
ย 
Virtual Memory In Contemporary Microprocessors And 64-Bit Microprocessors Arc...
Virtual Memory In Contemporary Microprocessors And 64-Bit Microprocessors Arc...Virtual Memory In Contemporary Microprocessors And 64-Bit Microprocessors Arc...
Virtual Memory In Contemporary Microprocessors And 64-Bit Microprocessors Arc...
ย 
Opetating System Memory management
Opetating System Memory managementOpetating System Memory management
Opetating System Memory management
ย 
Understanding the virtual memory - Ixia Connect #2
Understanding the virtual memory - Ixia Connect #2Understanding the virtual memory - Ixia Connect #2
Understanding the virtual memory - Ixia Connect #2
ย 
Cache memory
Cache memoryCache memory
Cache memory
ย 
Memory
MemoryMemory
Memory
ย 
Linux Memory Management with CMA (Contiguous Memory Allocator)
Linux Memory Management with CMA (Contiguous Memory Allocator)Linux Memory Management with CMA (Contiguous Memory Allocator)
Linux Memory Management with CMA (Contiguous Memory Allocator)
ย 
Week-13-Memory Managementggvgjjjbbbb.ppt
Week-13-Memory Managementggvgjjjbbbb.pptWeek-13-Memory Managementggvgjjjbbbb.ppt
Week-13-Memory Managementggvgjjjbbbb.ppt
ย 

More from Varun Mahajan

Red Black Trees
Red Black TreesRed Black Trees
Red Black TreesVarun Mahajan
ย 
I2C Bus (Inter-Integrated Circuit)
I2C Bus (Inter-Integrated Circuit)I2C Bus (Inter-Integrated Circuit)
I2C Bus (Inter-Integrated Circuit)Varun Mahajan
ย 
I2C Subsystem In Linux-2.6.24
I2C Subsystem In Linux-2.6.24I2C Subsystem In Linux-2.6.24
I2C Subsystem In Linux-2.6.24Varun Mahajan
ย 
Hibernation in Linux 2.6.29
Hibernation in Linux 2.6.29Hibernation in Linux 2.6.29
Hibernation in Linux 2.6.29Varun Mahajan
ย 
Program Structure in GNU/Linux (ELF Format)
Program Structure in GNU/Linux (ELF Format)Program Structure in GNU/Linux (ELF Format)
Program Structure in GNU/Linux (ELF Format)Varun Mahajan
ย 
Introduction to GNU/Linux, Free Software, Open Source Software, FSF, FSM, OSI
Introduction to GNU/Linux, Free Software, Open Source Software, FSF, FSM, OSIIntroduction to GNU/Linux, Free Software, Open Source Software, FSF, FSM, OSI
Introduction to GNU/Linux, Free Software, Open Source Software, FSF, FSM, OSIVarun Mahajan
ย 

More from Varun Mahajan (6)

Red Black Trees
Red Black TreesRed Black Trees
Red Black Trees
ย 
I2C Bus (Inter-Integrated Circuit)
I2C Bus (Inter-Integrated Circuit)I2C Bus (Inter-Integrated Circuit)
I2C Bus (Inter-Integrated Circuit)
ย 
I2C Subsystem In Linux-2.6.24
I2C Subsystem In Linux-2.6.24I2C Subsystem In Linux-2.6.24
I2C Subsystem In Linux-2.6.24
ย 
Hibernation in Linux 2.6.29
Hibernation in Linux 2.6.29Hibernation in Linux 2.6.29
Hibernation in Linux 2.6.29
ย 
Program Structure in GNU/Linux (ELF Format)
Program Structure in GNU/Linux (ELF Format)Program Structure in GNU/Linux (ELF Format)
Program Structure in GNU/Linux (ELF Format)
ย 
Introduction to GNU/Linux, Free Software, Open Source Software, FSF, FSM, OSI
Introduction to GNU/Linux, Free Software, Open Source Software, FSF, FSM, OSIIntroduction to GNU/Linux, Free Software, Open Source Software, FSF, FSM, OSI
Introduction to GNU/Linux, Free Software, Open Source Software, FSF, FSM, OSI
ย 

Recently uploaded

USPSยฎ Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...
USPSยฎ Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...USPSยฎ Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...
USPSยฎ Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...Postal Advocate Inc.
ย 
Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17Celine George
ย 
FILIPINO PSYCHology sikolohiyang pilipino
FILIPINO PSYCHology sikolohiyang pilipinoFILIPINO PSYCHology sikolohiyang pilipino
FILIPINO PSYCHology sikolohiyang pilipinojohnmickonozaleda
ย 
Student Profile Sample - We help schools to connect the data they have, with ...
Student Profile Sample - We help schools to connect the data they have, with ...Student Profile Sample - We help schools to connect the data they have, with ...
Student Profile Sample - We help schools to connect the data they have, with ...Seรกn Kennedy
ย 
Visit to a blind student's school๐Ÿง‘โ€๐Ÿฆฏ๐Ÿง‘โ€๐Ÿฆฏ(community medicine)
Visit to a blind student's school๐Ÿง‘โ€๐Ÿฆฏ๐Ÿง‘โ€๐Ÿฆฏ(community medicine)Visit to a blind student's school๐Ÿง‘โ€๐Ÿฆฏ๐Ÿง‘โ€๐Ÿฆฏ(community medicine)
Visit to a blind student's school๐Ÿง‘โ€๐Ÿฆฏ๐Ÿง‘โ€๐Ÿฆฏ(community medicine)lakshayb543
ย 
What is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERPWhat is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERPCeline George
ย 
ANG SEKTOR NG agrikultura.pptx QUARTER 4
ANG SEKTOR NG agrikultura.pptx QUARTER 4ANG SEKTOR NG agrikultura.pptx QUARTER 4
ANG SEKTOR NG agrikultura.pptx QUARTER 4MiaBumagat1
ย 
Influencing policy (training slides from Fast Track Impact)
Influencing policy (training slides from Fast Track Impact)Influencing policy (training slides from Fast Track Impact)
Influencing policy (training slides from Fast Track Impact)Mark Reed
ย 
ISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITY
ISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITYISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITY
ISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITYKayeClaireEstoconing
ย 
Science 7 Quarter 4 Module 2: Natural Resources.pptx
Science 7 Quarter 4 Module 2: Natural Resources.pptxScience 7 Quarter 4 Module 2: Natural Resources.pptx
Science 7 Quarter 4 Module 2: Natural Resources.pptxMaryGraceBautista27
ย 
Earth Day Presentation wow hello nice great
Earth Day Presentation wow hello nice greatEarth Day Presentation wow hello nice great
Earth Day Presentation wow hello nice greatYousafMalik24
ย 
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptx
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptxMULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptx
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptxAnupkumar Sharma
ย 
4.18.24 Movement Legacies, Reflection, and Review.pptx
4.18.24 Movement Legacies, Reflection, and Review.pptx4.18.24 Movement Legacies, Reflection, and Review.pptx
4.18.24 Movement Legacies, Reflection, and Review.pptxmary850239
ย 
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...JhezDiaz1
ย 
Barangay Council for the Protection of Children (BCPC) Orientation.pptx
Barangay Council for the Protection of Children (BCPC) Orientation.pptxBarangay Council for the Protection of Children (BCPC) Orientation.pptx
Barangay Council for the Protection of Children (BCPC) Orientation.pptxCarlos105
ย 
Global Lehigh Strategic Initiatives (without descriptions)
Global Lehigh Strategic Initiatives (without descriptions)Global Lehigh Strategic Initiatives (without descriptions)
Global Lehigh Strategic Initiatives (without descriptions)cama23
ย 
Virtual-Orientation-on-the-Administration-of-NATG12-NATG6-and-ELLNA.pdf
Virtual-Orientation-on-the-Administration-of-NATG12-NATG6-and-ELLNA.pdfVirtual-Orientation-on-the-Administration-of-NATG12-NATG6-and-ELLNA.pdf
Virtual-Orientation-on-the-Administration-of-NATG12-NATG6-and-ELLNA.pdfErwinPantujan2
ย 
4.16.24 21st Century Movements for Black Lives.pptx
4.16.24 21st Century Movements for Black Lives.pptx4.16.24 21st Century Movements for Black Lives.pptx
4.16.24 21st Century Movements for Black Lives.pptxmary850239
ย 

Recently uploaded (20)

USPSยฎ Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...
USPSยฎ Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...USPSยฎ Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...
USPSยฎ Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...
ย 
Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17
ย 
FILIPINO PSYCHology sikolohiyang pilipino
FILIPINO PSYCHology sikolohiyang pilipinoFILIPINO PSYCHology sikolohiyang pilipino
FILIPINO PSYCHology sikolohiyang pilipino
ย 
Student Profile Sample - We help schools to connect the data they have, with ...
Student Profile Sample - We help schools to connect the data they have, with ...Student Profile Sample - We help schools to connect the data they have, with ...
Student Profile Sample - We help schools to connect the data they have, with ...
ย 
Visit to a blind student's school๐Ÿง‘โ€๐Ÿฆฏ๐Ÿง‘โ€๐Ÿฆฏ(community medicine)
Visit to a blind student's school๐Ÿง‘โ€๐Ÿฆฏ๐Ÿง‘โ€๐Ÿฆฏ(community medicine)Visit to a blind student's school๐Ÿง‘โ€๐Ÿฆฏ๐Ÿง‘โ€๐Ÿฆฏ(community medicine)
Visit to a blind student's school๐Ÿง‘โ€๐Ÿฆฏ๐Ÿง‘โ€๐Ÿฆฏ(community medicine)
ย 
What is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERPWhat is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERP
ย 
ANG SEKTOR NG agrikultura.pptx QUARTER 4
ANG SEKTOR NG agrikultura.pptx QUARTER 4ANG SEKTOR NG agrikultura.pptx QUARTER 4
ANG SEKTOR NG agrikultura.pptx QUARTER 4
ย 
Influencing policy (training slides from Fast Track Impact)
Influencing policy (training slides from Fast Track Impact)Influencing policy (training slides from Fast Track Impact)
Influencing policy (training slides from Fast Track Impact)
ย 
ISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITY
ISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITYISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITY
ISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITY
ย 
Science 7 Quarter 4 Module 2: Natural Resources.pptx
Science 7 Quarter 4 Module 2: Natural Resources.pptxScience 7 Quarter 4 Module 2: Natural Resources.pptx
Science 7 Quarter 4 Module 2: Natural Resources.pptx
ย 
Earth Day Presentation wow hello nice great
Earth Day Presentation wow hello nice greatEarth Day Presentation wow hello nice great
Earth Day Presentation wow hello nice great
ย 
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptx
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptxMULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptx
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptx
ย 
FINALS_OF_LEFT_ON_C'N_EL_DORADO_2024.pptx
FINALS_OF_LEFT_ON_C'N_EL_DORADO_2024.pptxFINALS_OF_LEFT_ON_C'N_EL_DORADO_2024.pptx
FINALS_OF_LEFT_ON_C'N_EL_DORADO_2024.pptx
ย 
YOUVE GOT EMAIL_FINALS_EL_DORADO_2024.pptx
YOUVE GOT EMAIL_FINALS_EL_DORADO_2024.pptxYOUVE GOT EMAIL_FINALS_EL_DORADO_2024.pptx
YOUVE GOT EMAIL_FINALS_EL_DORADO_2024.pptx
ย 
4.18.24 Movement Legacies, Reflection, and Review.pptx
4.18.24 Movement Legacies, Reflection, and Review.pptx4.18.24 Movement Legacies, Reflection, and Review.pptx
4.18.24 Movement Legacies, Reflection, and Review.pptx
ย 
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...
ย 
Barangay Council for the Protection of Children (BCPC) Orientation.pptx
Barangay Council for the Protection of Children (BCPC) Orientation.pptxBarangay Council for the Protection of Children (BCPC) Orientation.pptx
Barangay Council for the Protection of Children (BCPC) Orientation.pptx
ย 
Global Lehigh Strategic Initiatives (without descriptions)
Global Lehigh Strategic Initiatives (without descriptions)Global Lehigh Strategic Initiatives (without descriptions)
Global Lehigh Strategic Initiatives (without descriptions)
ย 
Virtual-Orientation-on-the-Administration-of-NATG12-NATG6-and-ELLNA.pdf
Virtual-Orientation-on-the-Administration-of-NATG12-NATG6-and-ELLNA.pdfVirtual-Orientation-on-the-Administration-of-NATG12-NATG6-and-ELLNA.pdf
Virtual-Orientation-on-the-Administration-of-NATG12-NATG6-and-ELLNA.pdf
ย 
4.16.24 21st Century Movements for Black Lives.pptx
4.16.24 21st Century Movements for Black Lives.pptx4.16.24 21st Century Movements for Black Lives.pptx
4.16.24 21st Century Movements for Black Lives.pptx
ย 

Process' Virtual Address Space in GNU/Linux

  • 1. Process' Virtual Address Space In GNU/Linux Author: Varun Mahajan <varunmahajan06@gmail.com>
  • 2. Contents ๏ฌ Virtual Memory ๏ฌ Virtual Address Space: User/Kernel ๏ฌ Program Structure ๏ฌ Process' Virtual Address Space โ€“ brk, sbrk โ€“ mmap โ€“ malloc, free, mallopt, mallinfo โ€“ fork, vfork โ€“ execv The Content is specific to GNU/Linux System running on x86
  • 3. Virtual Memory Virtual memory is a technique that allows the execution of processes that are not completely in Virtual Address Space of physical memory a Process The logical (or virtual) view โ— Programs can be larger than physical memory of how a process is stored in memory โ— Separates the logical memory (large) as viewed by the user from physical memory (small) โ— Makes the task of programming much easier, because the programmer no longer needs to worry about the amount of physical memory available โ— Libraries can be shared by several processes through mapping of the shared object into a virtual address space. Although each process considers the shared libraries to be a part of its virtual address space, the actual physical pages where the libraries reside in physical memory are shared by all the processes โ— Allows one process to create a region of memory that it can share with another process. Processes sharing this region consider it part of their virtual address space, yet the actual physical pages of memory are shared โ— Allows for more efficient process creation
  • 4. Virtual Memory โ— Virtual Address: Address generated by CPU โ— Physical Address: Actual address of the physical memory (RAM) โ— MMU does the virtual to physical address translation โ— The physical memory available in a system may be less than the virtual memory โ— E.g. OMAP3430: โ— 32 bit virtual addresses โ— Total virtual address space: 4 GB โ— The Virtual address space is split into two parts: โ— User space, which potentially changes with each full context switch โ— Kernel space, which remains constant โ— The virtual memory is divided into pages (4 KB is typical). Backing each page of virtual memory is a page of physical memory or some secondary storage โ— In order for a process to access any part of a virtual page, the page must at that moment be backed by (โ€œconnected toโ€) a page in the physical memory. But because there is usually a lot more virtual memory than real memory, the pages must move back and forth between main memory and secondary storage regularly, coming into main memory when a process needs to access them and then retreating to backing store when not needed anymore. This movement is called paging. When a program attempts to access a page which is not at that moment backed by real memory, this is known as a page fault. When a page fault occurs, the kernel suspends the process, places the page into the physical memory (this is called โ€œpaging inโ€), then resumes the process so that from the processโ€™ point of view, the page was in physical memory all along
  • 5. Virtual Address Space Example 0x0000 0000 ... ... ... ... ... User Space (3 GB ) ... ... ... ... ... ... TASK_SIZE PAGE_OFFSET 0xC000 0000 ... ... Kernel Space (1 GB) ... 0xFFFF FFFF
  • 6. Program Structure (ELF Format) ELF Header Program Header Table Section Header Table .symtab TEXT Segment (Loadable): .strtab Contains read-only data and instructions etc .hash .dynsym .dynstr .rel.dyn .rel.plt .init .plt .text DATA Segment (Loadable): .fini Contains writable data and instructions .rodata etc .ctors .dtors .dynamic .got .got.plt .data .bss etc
  • 7. Process' Virtual Address Space 0x0804 8000 TEXT SEGMENT 0x0804 8804 main() 0x0804 b000 0x0804 b1a0 gcArray [100000] DATA SEGMENT 0x0806 383f 0x09d1 4000 (brk) Available for: HEAP growth 2.71 GB and mmap 0xb7e1 a000 Shared Libraries 0xb7f7 5000 0xb7f8 b000 Shared Libraries 0xb7fa 8000 Available for STACK growth 0xbfd9 2000 Stack 0xbfda 4a9c lcArray [100] 0xbfda 4aff 0xbfd a 7000
  • 8. brk(), sbrk(), malloc(), free() int brk (void *addr) void *sbrk (ptrdiff_t delta) These functions are used to resize the Data Segment System call: brk โ— brk() sets the high end of the calling process' Data Segment to addr โ— sbrk() is same as brk() except that the new end of the Data Segment is specified as an offset delta. sbrk(0) gives you the current end of the Data Segment void *malloc (size_t size) This function is used to allocate a new size bytes long block Uses: โ— sbrk() OR โ— mmap() (for large sized blocks). This has great advantage that these chunks are returned to the system immediately when they are freed. Therefore it cannot happen that a large chunk becomes 'locked' in between smaller ones and, even after calling free(), wastes memory void free (void *ptr) This function deallocates the the block of memory pointed at by ptr Occasionally, free() can actually return memory to the operating system and make the process smaller. Usually, all it can do is allow a later call to malloc() to reuse the space. In the meantime, the space remains in your program as part of a free-list used internally by malloc()
  • 9. malloc (100000) 0x0804 8000 0x0804 8000 TEXT SEGMENT 0x0804 8804 main() TEXT SEGMENT 0x0804 8804 main() 0x0804 b000 0x0804 b000 0x0804 b1a0 0x0804 b1a0 gcArray [100000] gcArray [100000] DATA SEGMENT 0x0806 383f 0x0806 383f DATA SEGMENT 0x09d1 4000 (brk) 0x09d1 4008 Obtained by 0x09d2 c6a7 malloc(100000) 0x09d4 d000 (brk) Available for: malloc (100000) HEAP growth Available for: and HEAP growth mmap and mmap 0xb7e1 a000 0xb7e1 a000 Shared Libraries Shared Libraries 0xb7f7 5000 0xb7f7 5000 0xb7f8 b000 0xb7f8 b000 Shared Libraries Shared Libraries 0xb7fa 8000 0xb7fa 8000 Available for STACK growth Available for STACK growth 0xbfd9 2000 0xbfd9 2000 Stack 0xbfda 4a9c Stack 0xbfda 4a9c lcArray [100] lcArray [100] 0xbfda 4aff 0xbfda 4aff 0xbfd a 7000 0xbfd a 7000
  • 10. mmap() void *mmap (void *address, size_t length, int protect, int flags, int filedes, off_t offset) This function creates a new mapping, connected to bytes (offset) to (offset + length-1) in the file open on filedes System call: mmap E.g. char *buf = mmap (NULL, 1MB, PROT_READ|PROT_WRITE, MAP_SHARED, fd, 0) โ— address: Preferred starting address for the mapping. NULL expresses no preference โ— protect: Access permissions โ— flags: โ— MAP_PRVATE: Specifies that the writes to region should never be written back to the attached file. Instead, a copy is made for the process โ— MAP_SHARED: This means that the writes to the region will be written back to the file. Changes will be shared with other processes mmaping the same file โ— MMAP_ANONYMOUS: Tells the system to create an anonymous mapping, not connected to a file. The region is initialized with zeros malloc() uses mmap() with MMAP_ANONYMOUS to allocate large sized blocks
  • 11. mmap (NULL, 1MB, PROT_READ|PROT_WRITE, MAP_SHARED, fd, 0) 0x0804 8000 0x0804 8000 TEXT SEGMENT 0x0804 8804 main() TEXT SEGMENT 0x0804 8804 main() 0x0804 b000 0x0804 b000 0x0804 b1a0 0x0804 b1a0 gcArray [100000] gcArray [100000] 0x0806 383f 0x0806 383f DATA SEGMENT DATA SEGMENT 0x09d1 4008 Obtained by 0x09d1 4008 Obtained by 0x09d2 c6a7 malloc(100000) 0x09d2 c6a7 malloc(100000) 0x09d4 d000 (brk) 0x09d4 d000 (brk) mmap (...,1MB,...) Available for: HEAP growth and mmap 0xb7d1 9000 Mapped initial data.txt 1 MB of 0xb7e1 8fff data.txt using mmap() 0xb7e1 a000 0xb7e1 a000 Shared Libraries Shared Libraries 0xb7f7 5000 0xb7f7 5000 0xb7f8 b000 0xb7f8 b000 Shared Libraries Shared Libraries 0xb7fa 8000 0xb7fa 8000 Available for STACK growth Available for STACK growth 0xbfd9 2000 0xbfd9 2000 Stack 0xbfda 4a9c Stack 0xbfda 4a9c lcArray [100] lcArray [100] 0xbfda 4aff 0xbfda 4aff 0xbfd a 7000 0xbfd a 7000
  • 12. malloc (1MB) 0x0804 8000 0x0804 8000 TEXT SEGMENT 0x0804 8804 main() TEXT SEGMENT 0x0804 8804 main() 0x0804 b000 0x0804 b000 0x0804 b1a0 0x0804 b1a0 gcArray [100000] gcArray [100000] 0x0806 383f 0x0806 383f DATA SEGMENT DATA SEGMENT 0x09d1 4008 Obtained by 0x09d1 4008 Obtained by 0x09d2 c6a7 malloc(100000) 0x09d2 c6a7 malloc(100000) 0x09d4 d000 (brk) 0x09d4 d000 (brk) malloc (1MB) 0xb7c1 8008 Obtained by MMAP_ANONYMOUS malloc(1MB) 0xb7d1 8007 0xb7d1 9000 Mapped initial 0xb7d1 9000 Mapped initial data.txt 1 MB of data.txt 1 MB of 0xb7e1 8fff data.txt using 0xb7e1 8fff data.txt using mmap() mmap() 0xb7e1 a000 0xb7e1 a000 Shared Libraries Shared Libraries 0xb7f7 5000 0xb7f7 5000 0xb7f8 b000 0xb7f8 b000 Shared Libraries Shared Libraries 0xb7fa 8000 0xb7fa 8000 Available for STACK growth Available for STACK growth 0xbfd9 2000 0xbfd9 2000 Stack 0xbfda 4a9c Stack 0xbfda 4a9c lcArray [100] lcArray [100] 0xbfda 4aff 0xbfda 4aff 0xbfd a 7000 0xbfd a 7000
  • 13. mallopt(), mallinfo() int mallopt (int param, int value) This function is used to adjust some parameters for dynamic memory allocation Parameters: โ— M_MMAP_THRESHOLD: All chunks larger than this value are allocated outside the normal heap, using mmap() โ— M_MMAP_MAX: The maximum number of chunks to allocate with mmap() โ— M_TOP_PAD: The amount of extra memory to obtain from the system when a call to sbrk() is required. It also specifies the number of bytes to retain when shrinking the heap by calling sbrk() with a negative argument. This provides the necessary hysteresis in in heap size such that excessive amounts of system calls can be avoided โ— M_TRIM_THRESHOLD: The minimum size (in bytes) of the top-most, releasable chunk that will call sbrk() to be called with a negative argument in order to return memory to the system struct mallinfo mallinfo (void) This function is used to get information about dynamic memory allocator struct mallinfo โ— arena: Total size of memory allocated with sbrk() by malloc(), in bytes โ— hblkhd: Total size of memory allocated with mmap() by malloc(), in bytes โ— fordblks: Total size of memory occupied by free (not in use) chunks, in bytes โ— etc
  • 14. fork() pid_t fork(void) This function is used to create a new process System call: fork โ— Called by the parent โ— Called once, returns twice โ— Return value in child: 0 โ— Return value in parent: pid of the child โ— Creates a complete copy of the Virtual Address Space of the parent for the child โ— A technique known as Copy-On-Write is used โ— Initially the parent and the child share the same physical pages in their address spaces โ— These pages are marked as copy-on-write, meaning that if either process writes to the shared page, a copy of the shared page is created
  • 15. P1 calls fork() P1 (parent) P2 (child) 0x0804 8000 0x0804 8000 TEXT SEGMENT 0x0804 8804 main() TEXT SEGMENT 0x0804 8804 main() 0x0804 b000 0x0804 b000 0x0804 b1a0 0x0804 b1a0 gcArray [100000] gcArray [100000] 0x0806 383f 0x0806 383f DATA SEGMENT DATA SEGMENT 0x09d1 4008 Obtained by 0x09d1 4008 Obtained by 0x09d2 c6a7 malloc(100000) 0x09d2 c6a7 malloc(100000) 0x09d4 d000 (brk) 0x09d4 d000 (brk) 0xb7c1 8008 Obtained by 0xb7c1 8008 Obtained by MMAP_ANONYMOUS malloc(1MB) MMAP_ANONYMOUS malloc(1MB) 0xb7d1 8007 0xb7d1 8007 0xb7d1 9000 Mapped initial 0xb7d1 9000 Mapped initial data.txt 1 MB of data.txt 1 MB of 0xb7e1 8fff data.txt using 0xb7e1 8fff data.txt using mmap() mmap() 0xb7e1 a000 0xb7e1 a000 Shared Libraries Shared Libraries 0xb7f7 5000 0xb7f7 5000 0xb7f8 b000 0xb7f8 b000 Shared Libraries Shared Libraries 0xb7fa 8000 0xb7fa 8000 Available for STACK growth Available for STACK growth 0xbfd9 2000 0xbfd9 2000 Stack 0xbfda 4a9c Stack 0xbfda 4a9c lcArray [100] lcArray [100] 0xbfda 4aff 0xbfda 4aff 0xbfd a 7000 0xbfd a 7000
  • 16. Copy-On-Write Before Process 1 modifies page C After Process1 modifies page C Copy of page C
  • 17. execv() int execv (const char *pathname, char *const argv[]) This function is used to execute a program System call: execve โ— Terminates the currently running program โ— Replaces the current process (Text, Data, Heap, Stack) with a new program from disk โ— The pages of the binary file are mapped into regions of Virtual Address Space of the process. Only when the program tries to access a given page will a page fault result in the loading of that page into physical memory using Demand Paging โ— Executes the new program in the context of the existing process
  • 18. P2 calls execv() P2 (child) P2 (child) 0x0804 8000 0x0804 8000 TEXT SEGMENT 0x0804 8804 main() TEXT SEGMENT 0x0804 8554 main() 0x0804 b000 0x0804 a000 0x0804 b1a0 gcArray [100000] 0x0806 383f DATA SEGMENT DATA SEGMENT 0x09d1 4008 Obtained by 0x0937 4000 (brk) 0x09d2 c6a7 malloc(100000) 0x09d4 d000 (brk) execv() Available for: HEAP growth 0xb7c1 8008 Obtained by and MMAP_ANONYMOUS malloc(1MB) mmap 0xb7d1 8007 0xb7d1 9000 Mapped initial data.txt 1 MB of 0xb7e1 8fff data.txt using mmap() 0xb7e1 a000 0xb7e3 c000 Shared Libraries Shared Libraries 0xb7f7 5000 0xb7f9 7000 0xb7f8 b000 0xb7fa d000 Shared Libraries Shared Libraries 0xb7fa 8000 0xb7fc a000 Available for STACK growth Available for STACK growth 0xbfd9 2000 0xbfcb 5000 Stack 0xbfda 4a9c Stack lcArray [100] 0xbfda 4aff 0xbfd a 7000 0xbfcc a000
  • 19. vfork() pid_t vfork(void) This function is used to create a new process when the purpose of the new process is to exec a new program System call: vfork โ— The child process shares the Virtual Address Space of the parent โ— The parent process is suspended till the child calls exec or exit โ— If the child process (before calling exec or exit) changes any pages of the parent's Address Space, the altered pages will be visible to the parent once it resumes
  • 20. References โ— Operating System Principles, 7th ed, Silberschatz, Galvin, Gagne โ— Understanding the Linux Virtual Memory Manager, Mel Gorman โ— The GNU C Library Reference Manual 0.12 ed โ— Advanced Programming in the UNIX Environment, W. Richard Stevens โ— Tool Interface Standard (TIS) Executable and Linking Format (ELF) Specification Version 1.2 โ— OMAP3430 TRM โ— http://www.tenouk.com/Bufferoverflowc/Bufferoverflow1c.html โ— http://www.linuxjournal.com/article/6059 โ— http://www.cis.gvsu.edu/~wolffe/courses/cs656/projects/tutorial_UNIX.html