Next, the program sets the pointer ip to a million locations past that of i. Since i is a stack variable, this is going to be an address that is too high. Dereferencing it will result in a segmentation violation.
However, it is not dereferenced yet. First, write() is called again, this time with a legal file descriptor. The operating system again gets control and saves the registers. Before it attempts to perform the write(), it checks its second address to see if it is a legal user address, and it is not, so it will return -1 to the user and set errno() to EFAULT.
The user's code once again gets control and tries to dereference ip. This will cause a segmentation violation, which is a hardware interrupt. The operating system will get contol and identify the interrupt. At this point, it will terminate the user's process. The sprintf() and subsequent write() statements will not be executed.
In a real Unix implementation, it will check to see if the user desires to handle the interrupt with a previous signal() call, and if so, it passes control to that call. If not, it dumps core by writing the memory of the program to a file called core and then terminates the process.