illegal memory access with function pointers

[Roshni]

Hi,

I wanted to know how do function pointers sometime access illegal
memory access ? Could any one give me an example ?

Thanks,
Roshni

 

[Richard Heathfield]

Roshni said:

Hi,

I wanted to know how do function pointers sometime access illegal
memory access ? Could any one give me an example ?

Always glad to oblige.

int main(void)
{
typedef int (f)(void);
f *p = (f *)0x12345678UL;
(*p)();
return 0;
}

Example run:

$> ./foo
Segmentation fault (core dumped)

 

[Michael Mair]

Hi,

I wanted to know how do function pointers sometime access illegal
memory access ? Could any one give me an example ?

What do you mean?
1) function pointers not pointing to functions
2) accessing storage you do not "own" when using function
pointers
....

Your question is not exactly clear.

However, this may help you:
void qux (int foo, double bar)
{
....
}
.....

void (*example)(int, double) = NULL;
....
if (baz) {
example = qux;
}
....
(*example)(1, 42.0);

Leaving out the initialization of example leads
to a similar situation.


Cheers
Michael

 

[Michael Mair]

Roshni said:


Always glad to oblige.

Always? Impressive

<snip: nice example>

Cheers
Michael

 

[Malcolm]

What do you mean?
1) function pointers not pointing to functions
2) accessing storage you do not "own" when using function
pointers

The function pointer could point to non-executable code, causing the machine
to refuse to load it into an instruction pointer register.

The function pointer could point to non-existent memory, causing an error
when the machine tries to fetch an instruction from the non-existent place.

The function pointer could point to garbage, causing random data to be
interpreted as instructions and executed. This will almost certainly lead to
a crash.

The function pointer to point to a function with a human introduced error in
it, which cause the illegal memory access. (This is the same a regular
memory access error).

 

[reetdipti]

The function pointer could point to non-executable code, causing the machine
to refuse to load it into an instruction pointer register.

The function pointer could point to non-existent memory, causing an error
when the machine tries to fetch an instruction from the non-existent place.

The function pointer could point to garbage, causing random data to be
interpreted as instructions and executed. This will almost certainly lead to
a crash.

The function pointer to point to a function with a human introduced error in
it, which cause the illegal memory access. (This is the same a regular
memory access error).

Thank you for all your replies. I wanted the example where function
pointer could point to non-existent memory.

Thanks,
Roshni

 

[Richard Heathfield]

(e-mail address removed) said:

Thank you for all your replies. I wanted the example where function
pointer could point to non-existent memory.

Oh, you mean mine. Well, you are most welcome to it. Please return it when
you've finished with it, so that other people can benefit from the same
example afterwards.

 

[reetdipti]

Hi,
Thank you for your response.

void foo()
{
int a;
a=2;

}

int main(void)
{
void (*a)();
a = &foo;
a();
a = (&foo) - 20;
a();
return 0;
}

Is this a valid proram which tries to access illegal memory space ?

Thanks,
Rosh

 

[Nick Keighley]

Hi,
Thank you for your response.

void foo()
{
int a;
a=2;

}

int main(void)
{
void (*a)();
a = &foo;
a();
a = (&foo) - 20;
a();
return 0;
}

Is this a valid proram which tries to access illegal memory space ?

well, maybe. You aren't permitted to do pointer arithmetic on function
pointers. That is &foo - 20 is not defined by the standard. It exhibits

undefined behaviour. Your C implementation is permitted to do whatever
it pleases.

But there's a good chance it will crash. Think about it, do you really
expect 'a' to be pointing at a sensible piece of code after doing
*that*?

 

[Keith Thompson]

well, maybe. You aren't permitted to do pointer arithmetic on function
pointers. That is &foo - 20 is not defined by the standard. It exhibits
undefined behaviour. Your C implementation is permitted to do whatever
it pleases.

It's not just undefined behavior, it's a constraint violation,
requiring a diagnostic (see C99 6.5.6p3).

Once the diagnostic is issued, an implementation is free to compile
and run the program, which *then* produces undefined behavior. (One
of the infinitely many things the C implementation is permitted to do
is to document the behavior of arithmetic on function pointers.)