Copy-on-write during fork

Question

Here is my understanding of fork(): The fork() system call spins-off a child process from the parent process. The core-image(address-space) of the child process is an exact copy of that of the parent. The address space contains:

1. Stack.
2. Text segment (containing the program).
3. Data segment (containing the variables).

But the copy is not actually done, until one of the process (parent or child) begins writing into its address space. It is only then when the child is allocated a separate address space.

I wrote a program to test my understanding, and the results show I might be missing something:

#include <sys/types.h>
#include <stdio.h>
#include <unistd.h>

int main()
{
pid_t pid; 
pid=fork();
int a=5;

if(pid<0){/*error condition*/
printf("Error forking\n");
}

if(pid==0){/*child process*/
 printf("Child process here\n");
 a=a+5;
 printf("The value of a is %d\n",a);
 printf("The address of a is %p\n",&a);
 printf("Child terminated\n");
 exit(getpid());    /*child terminates*/
 }
else{/*parent process*/
 printf("Parent blocked\n");
 wait(NULL); /*waiting for child process to exit*/
 printf("Parent process here");
 printf("The value of a is %d\n",a);
 printf("The address of a is %p\n",&a);
 printf("parent terminated");
 }

}

Here is the output of the above program:

Parent blocked
Child process here
The value of a is 10
The address of a is 0x7ffe4c37b1a0
Child terminated
Parent process hereThe value of a is 5
The address of a is 0x7ffe4c37b1a0

Can someone explain to me why the addresses of both the a's are the same? Since the child process updated its variable, it should have been assigned a separate memory location.

Answer 1

Not so.

The addresses seen by both the child and the parent are relative to their own address spaces, not relative to the system as a whole.

The operating system maps the memory used by each process to a different location in physical (or virtual) memory. But that mapping is not visible to the processes.

Answer 2

But the copy is not actually done, until one of the process (parent or child) begins writing into its address space. It is only then when the child is allocated a separate address space.

That's how Linux does it but not all Eunuchs variants do it that way.

Can someone explain to me why the addresses of both the a's are the same?

In modern operating systems each process has its own logical address space with pages mapped to physical page frames. With the exception of addresses dedicated to the system and those that are explicitly shared, the same address in every process maps to a different physical address.

The parent's logical address 0x7ffe4c37b1a0 maps to a different physical address than the child's 0x7ffe4c37b1a0.