X-Authentication-Warning: delorie.com: mail set sender to djgpp-workers-bounces using -f
Message-ID: <41BA307B.B402D23C@yahoo.com>
Date: Fri, 10 Dec 2004 18:25:47 -0500
From: CBFalconer <cbfalconer AT yahoo DOT com>
Organization: Ched Research
X-Mailer: Mozilla 4.75 [en] (Win98; U)
X-Accept-Language: en
MIME-Version: 1.0
To: djgpp-workers AT delorie DOT com
Subject: Re: Bison 1.875 (release 2)
References: <5CDCE8E138ACB445B11E9F7B85FC782A1AAB8A AT radon DOT smr DOT intern> <01c4deae$Blat.v2.2.2$99d27980 AT zahav DOT net DOT il> <41B9977F DOT AE71420B AT yahoo DOT com> <01c4df08$Blat.v2.2.2$4ed91b00 AT zahav DOT net DOT il>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Reply-To: djgpp-workers AT delorie DOT com

Eli Zaretskii wrote:
> > From: CBFalconer <cbfalconer AT yahoo DOT com>
> >
> > How does it compare to the malldbg package that I built to your
> > specifications for nmalloc?
> 
> YAMD can catch more bugs, and what's more important, it can catch
> them earlier than any tool like malldbg.
> 
> What YAMD does is unmap from the address space memory that surrounds
> the buffer you get from malloc.  So if a program accesses that memory,
> e.g., reads or writes beyond the limits of the allocated buffer, it
> immediately gets hit with a GPF exception.  YAMD catches that
> exception and logs it with the traceback, so you can easily see what
> code was caught red-handed.
> 
> The only limitation of this technique, IIRC, is that you can only
> unmap page-aligned regions of memory.  This leaves the portion of
> memory between the end of the allocated buffer and the next page
> unprotected on the hardware level.  AFAIK, YAMD uses software
> protection for that part (it fills the unallocated memory with magic
> bytes), but that is less powerful than the hardware-assisted
> protection.

I can see how that is much more immediate at catching overwrites,
etc.  You are aware that nmalloc includes a SAVEMEMORY define that
removes guard words at the ends of allocations, which in turn
enables most overwrites to be detected early (at the cost of some
overhead).  My original design included the guards, but people were
worried about memory use in smaller systems, and I already had a
larger control area that 2.03 malloc.

In addition, with SAVEMEMORY defeated, there is no longer any need
to forbid a zero size allocation.  At present at least ALIGN bytes
are always allocated.  This provides space to keep track of free
blocks, unneeded in allocated blocks.

-- 
Chuck F (cbfalconer AT yahoo DOT com) (cbfalconer AT worldnet DOT att DOT net)
   Available for consulting/temporary embedded and systems.
   <http://cbfalconer.home.att.net>  USE worldnet address!