Why is a segmentation fault not recoverable?

by

When exactly does segmentation fault happen (=when is SIGSEGV sent)?

When you attempt to access memory you don’t have access to, such as accessing an array out of bounds or dereferencing an invalid pointer. The signal SIGSEGV is standardized but different OS might implement it differently. “Segmentation fault” is mainly a term used in *nix systems, Windows calls it “access violation”.

Why is the process in undefined behavior state after that point?

Because one or several of the variables in the program didn’t behave as expected. Let’s say you have some array that is supposed to store a number of values, but you didn’t allocate enough room for all them. So only those you allocated room for get written correctly, and the rest written out of bounds of the array can hold any values. How exactly is the OS to know how critical those out of bounds values are for your application to function? It knows nothing of their purpose.

Furthermore, writing outside allowed memory can often corrupt other unrelated variables, which is obviously dangerous and can cause any random behavior. Such bugs are often hard to track down. Stack overflows for example are such segmentation faults prone to overwrite adjacent variables, unless the error was caught by protection mechanisms.

If we look at the behavior of “bare metal” microcontroller systems without any OS and no virtual memory features, just raw physical memory – they will just silently do exactly as told – for example, overwriting unrelated variables and keep on going. Which in turn could cause disastrous behavior in case the application is mission-critical.

Why is it not recoverable?

Because the OS doesn’t know what your program is supposed to be doing.

Though in the “bare metal” scenario above, the system might be smart enough to place itself in a safe mode and keep going. Critical applications such as automotive and med-tech aren’t allowed to just stop or reset, as that in itself might be dangerous. They will rather try to “limp home” with limited functionality.

Why does this solution avoid that unrecoverable state? Does it even?

That solution is just ignoring the error and keeps on going. It doesn’t fix the problem that caused it. It’s a very dirty patch and setjmp/longjmp in general are very dangerous functions that should be avoided for any purpose.

We have to realize that a segmentation fault is a symptom of a bug, not the cause.

More Related Contents:

  1. Reading garbage instead of segfault for non-existant memory locations
  2. Exception Handling with pointer [closed]
  3. segmentation fault in an sorted linked list program for Homework [closed]
  4. Possibilities to quit a function
  5. Segmentation fault on large array sizes
  6. Definitive List of Common Reasons for Segmentation Faults
  7. When should I really use noexcept?
  8. Why don’t I get a segmentation fault when I write beyond the end of an array?
  9. cudaMemcpy segmentation fault
  10. Object destruction in C++
  11. How can I propagate exceptions between threads?
  12. How to know the exact line of code where an exception has been caused?
  13. C++ catching all exceptions
  14. What can cause segmentation faults in C++? [closed]
  15. When and how should I use exception handling?
  16. Why catch an exception as reference-to-const?
  17. c++ exception : throwing std::string
  18. In what ways do C++ exceptions slow down code when there are no exceptions thown?
  19. Catching exceptions from a constructor’s initializer list
  20. What should I know about Structured Exceptions (SEH) in C++?
  21. Exception Error c0000005 in VC++
  22. How is the C++ exception handling runtime implemented?
  23. boost thread throwing exception “thread_resource_error: resource temporarily unavailable”
  24. Why destructor is not called on exception?
  25. Reset Cuda Context after exception
  26. Determining exception type after the exception is caught?
  27. C++ : handle resources if constructors may throw exceptions (Reference to FAQ 17.4]
  28. How to throw std::exceptions with variable messages?
  29. Why vector access operators are not specified as noexcept?
  30. New (std::nothrow) vs. New within a try/catch block

Leave a Comment