Virtual Memory Reality !

[Rajesh_CB]

Hi Friends ,

I am having some doubts regarding the Memory Management Unit of Linux !

I would like to first explain my understanding of the MMU , please correct me if I am wrong somewhere.

Well I have a 1GB Ram on my Fedora 10 installed , Dual boot m/c , Now the actual available physical RAM is just 1GB , now this is further divided into the Kernel address space (FCOM + DAMR region ) & the User Address space everything other than the Kernel address space.

Say I have the following program written :
Sample.c
#include<stdio.h>
/* Declaring Global Variables*/
int giA = 10;
int guB;

int main() {

int liA = 20;
int luB;

printf("The Values of : \n Global Var \t giA = %d \tguB = %d \n",giA,guB);
printf("The Values of : \n Local Var \t liA = %d \t luB = %d \n",liA,luB);


return 0;
}

Now the size of the ELF executable is : 6892 bytes.
As per my understanding , the ELF is divided into the sections viz :

Data section
Code section
BSS section
Stack / Heap ....
and some more ...

I understand this by using the readelf bin utility !

Now .. slightly deviating from the User Application level onto the OS domain.
The Kernel divides the available 1 GB RAM into pages of size 4096 bytes each so totally ~ 1048576 pages.

If I run this program on the shell (./Sample.out).. 2 pages should be assigned to this process (8192 > 6892).. the indication/referance to this stored in the Translation Table of the MMU.

Apart from this .. if I have a malloc call in this Sample.c , say

char *ptr , *ptr1;
ptr = malloc(4294967296); // 4G
ptr1 = malloc(429496729; // 4G + 2;

Ideally as per theory , I feel this should not run , and should be giving a run time Segmentation Fault ! But I am surprised to see this code working perfectly.

Also the use of the Linux Command : System("free") done as a background process also is bit confusing.

Would be great if some one could help me out on this ... I know its bit lengthy to read the thread ..

Thanking you in advance for your time !

Best regards
CB

[Rubberman]

It depends on a number of factors as to whether this will work or not.

1. If you have an Intel processor with PAE support (Processor Address Extension) and enough swap space, this will not fail.
2. If you are running a 64-bit version of the OS and enough swap space, then it will not fail.

Also, ptr1 is being allocated 4GB + 2 bytes, and since this is an unsigned 32bit value, it will wrap around and you are actually allocating only 1 byte. 0xFFFFFFFF + 1 == 0, 0xFFFFFFFF + 2 == 1. Though I'm not certain with Linux, I think that malloc'd memory is not actually allocated until used since it is "virtual", so the allocation of 4GB to ptr won't fail until you try to access it, assuming that your system doesn't meet either conditions #1 or #2 above.

[rituraj.goswami]

welli think you got your answer Rajesh_CB.
Goodluck and God Speed.

[Rubberman]

It depends on a number of factors as to whether this will work or not.

1. If you have an Intel processor with PAE support (Processor Address Extension) and enough swap space, this will not fail.
2. If you are running a 64-bit version of the OS and enough swap space, then it will not fail.

Also, ptr1 is being allocated 4GB + 2 bytes, and since this is an unsigned 32bit value, it will wrap around and you are actually allocating only 1 byte. 0xFFFFFFFF + 1 == 0, 0xFFFFFFFF + 2 == 1. Though I'm not certain with Linux, I think that malloc'd memory is not actually allocated until used since it is "virtual", so the allocation of 4GB to ptr won't fail until you try to access it, assuming that your system doesn't meet either conditions #1 or #2 above.

Note that my comment about 'wrap-around' above is for 32-bit systems where size_t is a 32-bit value. In 64-bit Linux systems, size_t is an unsigned long long (64-bit) value.

[Rajesh_CB]

Thanks a lot Rubberman ! I had also tried declaring a unsigned long and still it worked . I basically work on embedded Systems and was involved in the POC for handling Memory Leakage issues [] About the specs yes I do use a 64 bit OS .. but I also tried this on a 32 bit m/c .. though there a lot of swap space available in both the test m/cs.

In the case of embedded systems where they run continuously for months... such a mem leak does occur , wherein swap space isint a luxury ...I wanted to simulate this on my Desktop here .. thats the reason I wrote that prog.

In case of windows yes it does give us a Out of Mem error when .. too many applications aer run simultaneously ... but that doesnt seem to happen here []
I am doing some more of a research on this .. will keep you posted on any developments .. and also thanks a lot once again for your helpful insights !

Best Regards
CB

[Rubberman]

Ah! Yes. This is a problem I have worked thru many times in my real-time embedded system past. A common culprit that appears to be a memory leak when using malloc/free or new/delete operations is memory fragmentation. Developing a good allocator(s) for an embedded system that utilizes an OS such as Linux is a critical component of a successful deployment. I have over 25 years experience with systems that have to run 24x365 and no down-time. Contact me via private message if you'd like to discuss your needs further.