1 / 21

Mapping PL Objects to the Machine – managing the address space

Mapping PL Objects to the Machine – managing the address space. David E. Culler CS61CL Feb 9, 2009 Lecture 3. Big Ideas. Review: Computers manipulate finite representations of things. A bunch of bits can represent anything, it is all a matter of what you do with it.

latif
Download Presentation

Mapping PL Objects to the Machine – managing the address space

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Mapping PL Objects to the Machine – managing the address space David E. Culler CS61CL Feb 9, 2009 Lecture 3 UCB CS61CL F09 Lec 3

  2. Big Ideas • Review: • Computers manipulate finite representations of things. • A bunch of bits can represent anything, it is all a matter of what you do with it. • Finite representations have limitations. • Today • Type constructors to compose complex type • Mapping of program objects to machine storage • An object, its value, its location, its reference • Pointers are THE most subtle concept in C • Very powerful • Easy to misuse • Completely hidden in Java UCB CS61CL F09 Lec 3

  3. C Types - the big picture char unsigned int float double • Basic Types • “understood” by the machine • Array • sequence of indexed objects of homogeneous type • Struct • collection of named objects of heterogeneous types • Pointer • reference to an object of specified type • Union • an object of one of a specific collection of types UCB CS61CL F09 Lec 3

  4. Composing Complex Types in C • Complex types are really tools for composing new types • Strings – sequences of characters • Vectors – sequences of numbers • Matrixes – 2D collections of numbers • Records – finite sets of strings and numbers • Lists, Tables • Sounds, Images, Graphs • … • Think induction • Pointers are fundamentally “understood” by the machine as well • address UCB CS61CL F09 Lec 3

  5. Where do Objects live and work? 000..0: 00..1AA0: 0F..FAC0: n: °°° Memory FFF..F: Processor load store register operate word UCB CS61CL F09 Lec 3

  6. Where do complex objects reside? 000..0: A: °°° FFF..F: • Arrays are stored in memory • The variable (i.e., name) is associated with the location (i.e., address) of the collection • Just like variables of basic type • Elements are stored consecutively • Can locate each of the elements • Can operate on the indexed object just like an object of that type • A[2] = x + Y[i] – 3; UCB CS61CL F09 Lec 3

  7. Where do complex objects reside? 000..0: S: °°° FFF..F: • Struct are stored in memory • The variable (i.e., name) is associated with the location (i.e., address) of the collection • Just like variables of any type • Elements are stored at fixed offsets • Can locate each of the elements • Can operate on the named member object just like an object of that type • S.row = x + S.col – 3; UCB CS61CL F09 Lec 3

  8. All objects have a size #include <stdio.h> int main() { char c = 'a'; int x = 34; int y[4]; printf("sizeof(c)=%d\n", sizeof(c) ); printf("sizeof(char)=%d\n",sizeof(char)); printf("sizeof(x)=%d\n", sizeof(x) ); printf("sizeof(int)=%d\n", sizeof(int) ); printf("sizeof(y)=%d\n", sizeof(y) ); printf("sizeof(7)=%d\n", sizeof(7) ); } The size of their representation The size of static objects is given by sizeof operator UCB CS61CL F09 Lec 3

  9. What can be done with a complex object? • Access its elements • A[i], S.row • Pass it around • Sort(A) • x = max(A, n) • Copy it • T = S • z = munge(S, 3) • Note the name of an array behaves as a reference to the object • The name of a struct behaves as the object UCB CS61CL F09 Lec 3

  10. Administration • HW3 due at start of next week’s lab • Try to have it give practice in test tools • Lab changers and waitlisters must give target TA your prioritized lab request list this week • Readings are shifting for K&R to P&H • Project 1 goes out on Tuesday, Due Friday 10/1 UCB CS61CL F09 Lec 3

  11. An object and its value… 000..0: x: 3 °°° °°° FFF..F: The value of variable X 000..0: The storage that holds the value X x: 4 FFF..F: X = X + 1; UCB CS61CL F09 Lec 3

  12. Every object in memory has an address 000..0: S: °°° FFF..F: That address is a pointer to the object. It is a fixed size object itself Just like basic type UCB CS61CL F09 Lec 3

  13. What can be done with a reference? • Dereference it • Obtain the object that it refers (points) to • X = *P; Y = S->row; z = A[0]; z = A[i]; • Pass it around, copy it, store it • Q = P; • clearfields(S); • Do type-based arithmetic on it • P-1 • Q++ • Do both • S->next = P; • A[i] = 3; • Cast it to an uint and mess with it (!!!) UCB CS61CL F09 Lec 3

  14. Array variables are also a reference for the object 000..0: int main() { char *c = "abc"; char ac[4] = "def"; printf("c[1]=%c\n",c[1] ); printf("ac[1]=%c\n",ac[1] ); } c: * °°° ac: ‘a’ ‘f’ ‘e’ ‘d’ ‘b’ ‘c’ \0 \0 • Array name is essentially the address of (pointer to) the zeroth object in the array • There are a few subtle differences • Can change what crefers to, but not what ac refers to UCB CS61CL F09 Lec 3

  15. What kinds of variables (storage)? int ave(int A, int B) { int C = (A + B)/2; return C; } int count = 0; … int fib(int n) { count++; if (n <= 2) return 1; return fib(n-1)+fib(n-2); } • Visibility vs Lifetime • Variables declared within a function • Arguments and Local Variables • Visible in remainder of function • Lifetime = Function Call • Each call obtains a new set of variables • Recursive calls too • C “internals” • Variables declared outside any function • Visible in remainder of file (!!!) • include .h file • extern vs static • Lifetime = Whole Program • C “externals” • Malloc’d objects UCB CS61CL F09 Lec 3

  16. Where does the program itself reside? 000..0: n: 0020FAC0: 00401B20: main: °°° FFF..F: Instruction Fetch Execute PC • In memory, just like the data • Processor contains a special register – PC • Program counter • Address of the instruction to execute (i.e. ptr) • Instruction Execution Cycle • Instruction fetch • Decode • Operand fetch • Execute • Result Store • Update PC UCB CS61CL F09 Lec 3

  17. What’s a Process Address Space + a thread of control UCB CS61CL F09 Lec 3

  18. Logical Structure of an Executing Program code printf: main: nextword: regs static data PC stack heap UCB CS61CL F09 Lec 3

  19. Address Space 0000000: reserved 0040000: code <= instructions 1000000: static data <= externs 1008000: heap PC regs <= malloc gp sp <= Local variables stack 7FFFFFFF: <= OS, etc. unused FFFFFFFF: UCB CS61CL F09 Lec 3

  20. Breaking the Abstraction… 0000000: reserved 0040000: code <= instructions 1000000: static data <= externs 1008000: heap <= malloc RA <= Local variables stack 7FFFFFFF: unused <= OS, etc. FFFFFFFF: • Attack • Cause the OS (or service or application) to do things it should not. • Pass unterminated strings, bad length paramters, bad ptrs • Corrupting system data may cause it to do other harm • “Smashing the stack” • Send bad mesg causing system code to overwrite parts of its stack • Local vars and rtn address • Bad return • OS or app starts executing out of stack as if it were instructions • Message contains jump instructions to send it off to attacker code UCB CS61CL F09 Lec 3

  21. Summary • Arrays, Structs, and Pointers allow you define sophisticated data structures • Compiler protects you by enforcing type system • Avoid dropping beneath the abstraction and munging the bits • All map into untyped storage, ints, and addresses • Executing program has a specific structure • Code, Static Data, Stack, and Heap • Mapped into address space • “Holes” allow stack and heap to grow • Compiler defines what the bits mean by enforcing type • Chooses which operations to perform • Poor coding practices, bugs, and architecture limitations lead to vulnerabilities UCB CS61CL F09 Lec 3

More Related