From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail2-relais-roc.national.inria.fr (mail2-relais-roc.national.inria.fr [192.134.164.83]) by c5ff346549e7 (Postfix) with ESMTPS id ACE525D5 for ; Fri, 4 May 2018 20:48:45 +0000 (UTC) X-IronPort-AV: E=Sophos;i="5.49,363,1520895600"; d="scan'208";a="325830416" Received: from sympa.inria.fr ([193.51.193.213]) by mail2-relais-roc.national.inria.fr with ESMTP; 04 May 2018 22:48:27 +0200 Received: by sympa.inria.fr (Postfix, from userid 20132) id 6D1118244E; Fri, 4 May 2018 22:48:27 +0200 (CEST) Received: from mail3-relais-sop.national.inria.fr (mail3-relais-sop.national.inria.fr [192.134.164.104]) by sympa.inria.fr (Postfix) with ESMTPS id F11238240C for ; Fri, 4 May 2018 22:48:19 +0200 (CEST) Authentication-Results: mail3-smtp-sop.national.inria.fr; spf=None smtp.pra=perry@piermont.com; spf=Pass smtp.mailfrom=perry@piermont.com; spf=None smtp.helo=postmaster@hacklheber.piermont.com IronPort-PHdr: =?us-ascii?q?9a23=3AVljAyxOjbBYhHRUVuwUl6mtUPXoX/o7sNwtQ0KIM?= =?us-ascii?q?zox0LfnzrarrMEGX3/hxlliBBdydt6ofzbKO+4nbGkU4qa6bt34DdJEeHzQksu?= =?us-ascii?q?4x2zIaPcieFEfgJ+TrZSFpVO5LVVti4m3peRMNQJW2aFLduGC94iAPERvjKwV1?= =?us-ascii?q?Ov71GonPhMiryuy+4ZLebxlGiTanfb9+MAi9oBnMuMURnYZsMLs6xAHTontPde?= =?us-ascii?q?RWxGdoKkyWkh3h+Mq+/4Nt/jpJtf45+MFOTav1f6IjTbxFFzsmKHw65NfqtRbY?= =?us-ascii?q?UwSC4GYXX3gMnRpJBwjF6wz6Xov0vyDnuOdxxDWWMMvrRr0vRz+s87lkRwPpiC?= =?us-ascii?q?cfNj427mfXitBrjKlGpB6tvgFzz5LIbI2QMvd1Y6HTcs4ARWdZUMhfVzJPDJ6/?= =?us-ascii?q?YYQNAeoOMvpXoYbmqlsStBuzHxWgCP/zxjJKgHL9wK000/4mEQHDxAEsEcgAv2?= =?us-ascii?q?rOrNXvNKYZTO+7wLPVxjvEcfxWxTb86IfWfRA7r/2HQLV9cdLPxkk1DQPEjk6d?= =?us-ascii?q?qZTkPzyLzOQNtm+b7+x8Ve61l2EnrARxryGpy8wxiYfJnpoYxk3F+Ch42oo4Jt?= =?us-ascii?q?K1RFR5bNK+DZdduCeXPJZsTMw4WWFnoiM6x6UGuZGleCgKz4wqxx7FZPObcIiI?= =?us-ascii?q?5hLjW/iKLjhmnnJpYqq/hxes/ki6z+38Uc+00EpQoiVZldnMs2gB1x3V6seZVv?= =?us-ascii?q?tw5lqt1DeO2gzJ6exJLlo4mKjBJ5I8zbM8jp8Tvl7CHi/ylkX2lqiWdkA89+iw?= =?us-ascii?q?9evneK/mp5+HOo9siwHxLL4umsm4AeQ+LggCRXSU+eO51LH75032XK1KjuEqkq?= =?us-ascii?q?neqJ3VOd4Upqu9AwNM1oYj6g2/Dyu93dQDnXgHKUpFdwidg4joPVHOOvH4Au2l?= =?us-ascii?q?j1Siijc4j8zBa5P7D5nANHnI2I/sZ6x87FIUnAQrwMpF5pVIIr4EKfP3HET2sY?= =?us-ascii?q?qLIAU+Nln+++v9EsQ1+8VWfG+TEKCUKuma5UeF/Pg+C/GNaZUQvzDhbfMi4qi9?= =?us-ascii?q?3jcChVYBcPzxjtMsY3eiE6Ejeh3BOCu+spI6CW4P+zEGYqnvgVyGXyRUYi/uDb?= =?us-ascii?q?o96ys+D4S6S4zEQ9L02eDT7GKABpRTI1t+JBWUC36xK9ecWvoWbSWUPolqlTlW?= =?us-ascii?q?DeH8Gb9k7gmnsUrB85QiLufQ/XdF55Lq39tx5+DZmAt07T15FcGa1X3LRGZxzD?= =?us-ascii?q?sF?= X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0DmBQCUxuxa/w4HVKZcHAEBAQQBAQoBA?= =?us-ascii?q?YMYLIFbKIMuP4hgjBWBeBF+hnaMJYF4C4RsAoI4GQcBBDIWAQIBAQEBAQEBAQF?= =?us-ascii?q?rKII1JAGCTgEBAQECAQwXVhAJAg4KAgIFIQICDxI2BhOEfAMNCAWNN5tBghyHD?= =?us-ascii?q?Q2BK4JCgQmHHBGCAoEPgwuCT4Feg0aCVAKXcSwIAog0gxmCcoxligqGPIElIws?= =?us-ascii?q?mgVJwFTuCQ4MxAQGNNyMwjUCCNwEB?= X-IPAS-Result: =?us-ascii?q?A0DmBQCUxuxa/w4HVKZcHAEBAQQBAQoBAYMYLIFbKIMuP4h?= =?us-ascii?q?gjBWBeBF+hnaMJYF4C4RsAoI4GQcBBDIWAQIBAQEBAQEBAQFrKII1JAGCTgEBA?= =?us-ascii?q?QECAQwXVhAJAg4KAgIFIQICDxI2BhOEfAMNCAWNN5tBghyHDQ2BK4JCgQmHHBG?= =?us-ascii?q?CAoEPgwuCT4Feg0aCVAKXcSwIAog0gxmCcoxligqGPIElIwsmgVJwFTuCQ4MxA?= =?us-ascii?q?QGNNyMwjUCCNwEB?= X-IronPort-AV: E=Sophos;i="5.49,363,1520895600"; d="scan'208";a="264387606" Received: from hacklheber.piermont.com ([166.84.7.14]) by mail3-smtp-sop.national.inria.fr with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 04 May 2018 22:48:18 +0200 Received: from snark.cb.piermont.com (localhost [127.0.0.1]) by hacklheber.piermont.com (Postfix) with ESMTP id 0DF1A25F; Fri, 4 May 2018 16:48:16 -0400 (EDT) Received: from jabberwock.cb.piermont.com (jabberwock.cb.piermont.com [10.160.2.107]) by snark.cb.piermont.com (Postfix) with ESMTP id A35152DE0E0; Fri, 4 May 2018 16:48:16 -0400 (EDT) Date: Fri, 4 May 2018 16:48:16 -0400 From: "Perry E. Metzger" To: Frederic Perriot Cc: caml-list@inria.fr Message-ID: <20180504164816.61724b3b@jabberwock.cb.piermont.com> In-Reply-To: References: MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Subject: Re: [Caml-list] a bad value detector Reply-To: "Perry E. Metzger" X-Loop: caml-list@inria.fr X-Sequence: 16871 Errors-to: caml-list-owner@inria.fr Precedence: list Precedence: bulk Sender: caml-list-request@inria.fr X-no-archive: yes List-Id: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: On Wed, 2 May 2018 18:19:39 +0200 Frederic Perriot wrote: > Hello caml-list, >=20 > I'd like to propose a detector to help in the detection of > incorrect C bindings that do not follow the GC rules. Once, I built a precise garbage collector for a language I'd implemented in C. It was a simple Cheney collector with two semispaces. I munmapped the unused semispace after each gc. In order to debug C code that didn't properly register or protect GC roots, I ran tests during every code change where I forced a collection after every alloc -- this caused an almost immediate segfault in any C code that was still pointing at the wrong semispace after the collection because it would try to touch unmapped pages. Generally I think tricks like this are a good idea. They allow one to rapidly find code that doesn't correctly follow the rules at a fairly low price. The only thing is you can only run such things while testing because otherwise the performance hit is too high. Perry >=20 > The idea is rather simple: >=20 > 1. after a minor collection, mprotect the pages of the minor heap to > disallow reads and writes > 2. install a SEGV handler to catch the ensuing faults > 3. if the faulting address is above caml_young_ptr - > Max_young_whsize, unprotect the page and carry on > 4. otherwise, the program has no business accessing a value in the > unallocated part of the minor heap, so let it crash >=20 > I've hacked up a prototype that protects a single page at > caml_young_start, and it catches the bug I mention in my other > message entitled "an implicit GC rule". >=20 > Such a change surely degrades performance, but maybe it would be > useful as a runtime option available through CAMLRUNPARAM, to detect > misbehaved C bindings. >=20 > Does it sound like a viable technique? >=20 > I'm curious to hear what you think. >=20 > thanks, > Fr=C3=A9d=C3=A9ric Perriot >=20 --=20 Perry E. Metzger perry@piermont.com --=20 Caml-list mailing list. Subscription management and archives: https://sympa.inria.fr/sympa/arc/caml-list Beginner's list: http://groups.yahoo.com/group/ocaml_beginners Bug reports: http://caml.inria.fr/bin/caml-bugs=