X-Authentication-Warning: delorie.com: mail set sender to djgpp-workers-bounces using -f
Date: Sat, 11 Dec 2004 00:32:42 +0200
From: "Eli Zaretskii" <eliz AT gnu DOT org>
Sender: halo1 AT zahav DOT net DOT il
To: djgpp-workers AT delorie DOT com
Message-ID: <01c4df08$Blat.v2.2.2$4ed91b00@zahav.net.il>
Content-Transfer-Encoding: 7BIT
Content-Type: text/plain; charset=ISO-8859-1
X-Mailer: emacs 21.3.50 (via feedmail 8 I) and Blat ver 2.2.2
In-reply-to: <41B9977F.AE71420B@yahoo.com> (message from CBFalconer on Fri, 10
	Dec 2004 07:33:03 -0500)
Subject: Re: Bison 1.875 (release 2)
References: <5CDCE8E138ACB445B11E9F7B85FC782A1AAB8A AT radon DOT smr DOT intern> <01c4deae$Blat.v2.2.2$99d27980 AT zahav DOT net DOT il> <41B9977F DOT AE71420B AT yahoo DOT com>
Reply-To: djgpp-workers AT delorie DOT com
Errors-To: nobody AT delorie DOT com
X-Mailing-List: djgpp-workers AT delorie DOT com
X-Unsubscribes-To: listserv AT delorie DOT com
Precedence: bulk

> Date: Fri, 10 Dec 2004 07:33:03 -0500
> From: CBFalconer <cbfalconer AT yahoo DOT com>
> 
> How does it compare to the malldbg package that I built to your
> specifications for nmalloc?

YAMD can catch more bugs, and what's more important, it can catch
them earlier than any tool like malldbg.

What YAMD does is unmap from the address space memory that surrounds
the buffer you get from malloc.  So if a program accesses that memory,
e.g., reads or writes beyond the limits of the allocated buffer, it
immediately gets hit with a GPF exception.  YAMD catches that
exception and logs it with the traceback, so you can easily see what
code was caught red-handed.

The only limitation of this technique, IIRC, is that you can only
unmap page-aligned regions of memory.  This leaves the portion of
memory between the end of the allocated buffer and the next page
unprotected on the hardware level.  AFAIK, YAMD uses software
protection for that part (it fills the unallocated memory with magic
bytes), but that is less powerful than the hardware-assisted
protection.