Path: utzoo!mnetor!uunet!husc6!mailrus!ames!oliveb!sun!gorodish!guy From: guy@gorodish.Sun.COM (Guy Harris) Newsgroups: comp.arch Subject: Re: Is the Intel memory model safe from NO-ONE ?!? Message-ID: <52404@sun.uucp> Date: 8 May 88 00:24:28 GMT References: <1806@obiwan.mips.COM> <2904@omepd> <353@cf-cm.UUCP> <22830abd:a11@snark.UUCP> Sender: news@sun.uucp Lines: 39 The point that you need not have a segmented architecture to protect against null-pointer dereferencing is 100% valid; there are many machine/OS pairs that do this on non-segmented architectures (the UNIX port to the CCI Power 5/20, SunOS on all Sun machines, VAX/VMS). However, the definitions of "segmented architecture" are bogus: > Waaaait a second, here. It sounds to me like two very different issues are > being confused. Let's have some definitions: > > Segmented architecture -- one in which the register width is not > sufficient to address all of memory, so that full addresses must > be base/offset or segment-descriptor/address pairs. Wrong. One could imagine a segmented machine with *no* registers (did the Burroughs machines have any registers that were visible to anyone or anything generating machine code?). One could have a machine where the registers were big enough to hold a segment-number/offset pair. (Zilog Z8001; a register pair could hold 32-bit quantities, the machine had a reasonably full set of 32-bit instructions - including 32-bit multiply and divide - and a segmented address was 8 bits of segment number, 8 bits of zero, and 16 bits of byte offset within the segment.) A segmented architecture could better be defined as one where an address consists of a segment number and an offset within the segment (although there may very well be cases that this doesn't describe). > These are very different concepts. To trap NULL pointers you want memory > protection. Segmentation implies a crude form of memory protection, with > fixed-sized regions defined by the address span of an offset. But the two > should not be confused. No, segmentation doesn't imply memory protection. You could imagine a system with segments that permits you to read and write from any address in the segment, whether valid or not (i.e., one that doesn't even do bounds checking).