From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail2-relais-roc.national.inria.fr (mail2-relais-roc.national.inria.fr [192.134.164.83]) by sympa.inria.fr (Postfix) with ESMTPS id A851C8240C for ; Wed, 2 May 2018 18:19:41 +0200 (CEST) Authentication-Results: mail2-smtp-roc.national.inria.fr; spf=None smtp.pra=fperriot@gmail.com; spf=Pass smtp.mailfrom=fperriot@gmail.com; spf=None smtp.helo=postmaster@mail-lf0-f49.google.com Received-SPF: None (mail2-smtp-roc.national.inria.fr: no sender authenticity information available from domain of fperriot@gmail.com) identity=pra; client-ip=209.85.215.49; receiver=mail2-smtp-roc.national.inria.fr; envelope-from="fperriot@gmail.com"; x-sender="fperriot@gmail.com"; x-conformance=sidf_compatible Received-SPF: Pass (mail2-smtp-roc.national.inria.fr: domain of fperriot@gmail.com designates 209.85.215.49 as permitted sender) identity=mailfrom; client-ip=209.85.215.49; receiver=mail2-smtp-roc.national.inria.fr; envelope-from="fperriot@gmail.com"; x-sender="fperriot@gmail.com"; x-conformance=sidf_compatible; x-record-type="v=spf1" Received-SPF: None (mail2-smtp-roc.national.inria.fr: no sender authenticity information available from domain of postmaster@mail-lf0-f49.google.com) identity=helo; client-ip=209.85.215.49; receiver=mail2-smtp-roc.national.inria.fr; envelope-from="fperriot@gmail.com"; x-sender="postmaster@mail-lf0-f49.google.com"; x-conformance=sidf_compatible IronPort-PHdr: =?us-ascii?q?9a23=3AXqr27xSNB2aSUZ224EbtSDxRRtpsv+yvbD5Q0YIu?= =?us-ascii?q?jvd0So/mwa68bRCN2/xhgRfzUJnB7Loc0qyK6/umATRIyK3CmUhKSIZLWR4BhJ?= =?us-ascii?q?detC0bK+nBN3fGKuX3ZTcxBsVIWQwt1Xi6NU9IBJS2PAWK8TW94jEIBxrwKxd+?= =?us-ascii?q?KPjrFY7OlcS30P2594HObwlSizexfb1/IA+qoQnNq8IbnZZsJqEtxxXTv3BGYf?= =?us-ascii?q?5WxWRmJVKSmxbz+MK994N9/ipTpvws6ddOXb31cKokQ7NYCi8mM30u683wqRbD?= =?us-ascii?q?VwqP6WACXWgQjxFFHhLK7BD+Xpf2ryv6qu9w0zSUMMHqUbw5Xymp4qF2QxHqlS?= =?us-ascii?q?gHLSY0/mHZhMJzkaxVvg6uqRNkzo7IeYGYLuZycr/Bcd4YQ2dKQ8ZfVzZGAoO5?= =?us-ascii?q?d4YBD/ABMvhFoIbjvVsOrAexDhS2Cuzx0D9InH723aom0+88FgzG0hQgEMwUsH?= =?us-ascii?q?TOrdX1M7sSXPu6zKnN1zrDbvdW1S3h54jPdxAsuPeBVq9zf8rJ0UQjCR/Jg1GK?= =?us-ascii?q?pYHmPz6ZzPoBv3Wb4uZ6Wu+ij2gqoBxrrDe13McjkIzJi5oVyl/a8SV5x544Jd?= =?us-ascii?q?iiR056Zd6oCZ9Qty+GO4dvTMMvTGVltDw1yr0Bvp67cywKx4o9yxHDbPyHdpCE?= =?us-ascii?q?4hPlVOmPPTd1nGxpdK67ihqo8kWtyvfwWtep3FtKtCZInd3BumgI1xPJ68iHTv?= =?us-ascii?q?V9/l2m2TaKzw3T5PlELl4ularBKp4hxaIwm4EcsUTGBCD2mUH2gLWKeUUj/+ik?= =?us-ascii?q?8/7nban+pp+AK490jRnzPbg0lcy6BeQ0KwwOX2mA+eSgz7Dj5k34QLBSjvIsiK?= =?us-ascii?q?XZsZbaJd4apqGjGQNV3JwjuF6DCGKt2dEc2H0GN05teRSdjoGvNUudDur/CKKR?= =?us-ascii?q?mVmgnS1qzLj+M6f7A5LRZizNiLr7Z7d692ZTzQMyyZZU4JcCWeJJG+76RkKk7I?= =?us-ascii?q?+QNRQ+KQHhm7+2WuU47ZsXXCe0OoHcNarTtVGS4ed2eruDYYYUvHD2LP13vqey?= =?us-ascii?q?3098okcUeOyS5bVScGqxR600LECQYH6qidAEQz9T41gOCdfygVjHagZ9Ina/W6?= =?us-ascii?q?Vmu2M+AYOiSIPNHsWj3O3H0yC8EZlbIGtBDwLUHA=3D=3D?= X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0B4BwB64+lafzHXVdFchBgBgTYoCoMkP?= =?us-ascii?q?4NtkQKDA4dai0CBeAsFh2UHGQcBBDIWAQIBAQEBAQEBAQETAQEJCwsIJiUMQg4?= =?us-ascii?q?BgWQigmQXHQEbHgMSAw0PAiYCJAERAQUBFoUVAQMVjSOMY4MdPIsFgX8FAReCc?= =?us-ascii?q?AWDRwoZJg1UV4I6AgYSd4cRgVQ/gQ+HOIESgjSCVAKYFAiOS4xYkDAPAx6BBCM?= =?us-ascii?q?FgX4zGggbFTsxghKFfIpUPTCDP4o4gjcBAQ?= X-IPAS-Result: =?us-ascii?q?A0B4BwB64+lafzHXVdFchBgBgTYoCoMkP4NtkQKDA4dai0C?= =?us-ascii?q?BeAsFh2UHGQcBBDIWAQIBAQEBAQEBAQETAQEJCwsIJiUMQg4BgWQigmQXHQEbH?= =?us-ascii?q?gMSAw0PAiYCJAERAQUBFoUVAQMVjSOMY4MdPIsFgX8FAReCcAWDRwoZJg1UV4I?= =?us-ascii?q?6AgYSd4cRgVQ/gQ+HOIESgjSCVAKYFAiOS4xYkDAPAx6BBCMFgX4zGggbFTsxg?= =?us-ascii?q?hKFfIpUPTCDP4o4gjcBAQ?= X-IronPort-AV: E=Sophos;i="5.49,354,1520895600"; d="scan'208";a="325477693" Received: from mail-lf0-f49.google.com ([209.85.215.49]) by mail2-smtp-roc.national.inria.fr with ESMTP/TLS/AES128-GCM-SHA256; 02 May 2018 18:19:40 +0200 Received: by mail-lf0-f49.google.com with SMTP id h197-v6so21672683lfg.11 for ; Wed, 02 May 2018 09:19:41 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to :content-transfer-encoding; bh=zc03jczSASDsZMFm0k6whI/jFNIqo8VMj89ZHDCISpc=; b=BD4C/q5afo1xvX6Q06UDton5Cdq6SD+AaPJAtjGaZy49MsNG4g8hPtkOlwyRMwZkaG PUTUP6kH0G3xsypVG0SX/pvX74x05w2nup2JZTPosb5leRcDYfM95hucPMrtOynikBMv vdDNmVzTyyP8SUna4alOLD+Xpi4A6C91ipiyefv5FdGJ1mTgYL1XVBSZ+HdvZmrpoHU2 7zWnMe17RexxCFGMcW2b9NEQZ4hXqkKcddRR1j2UHgg1bthWygPDt8GfJWgWYQDlz3Zk YR5lF+zoMiSOxk5vygFcHtNNQ9qd/E1Jew3o7jc2QyvsIaMxgcf8LBNvRXdOHOxoWYlo KRzg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to :content-transfer-encoding; bh=zc03jczSASDsZMFm0k6whI/jFNIqo8VMj89ZHDCISpc=; b=MLt0SuKU3HAzNvjn0TbLJaVEFR+cI8x9w/0uvQbARNjwNj/2bc56Z0VLHaOXBSrxBK D/4t9/Jza+yYGL+kOx8B2NlHdWk9TwWSE4qR/COWcMI6hyfq72Q1jRBotBKkqvpd6N0l PRwE6nK8gsrt07MLgFFPe0ECK3DN71Ntg769Dx4qtLEbVSfC9s1wQt+W26BPlbOTkhvI /1DVXdpCTkJSJSfDZhnG/UKNPCnuybIbdWmX1AL86zSIzoCt2yC9oY2bRO5lrJPa7gMQ toCrqO5cSusR9ouW6qmkQPWzkb9cKxYixKoW2bZcPmOop6ojAiWgGECDE/r+tGJE77Nh k/9A== X-Gm-Message-State: ALQs6tD7E5Ix+pwFREbWiT0wfO6w0H6EAMkDV39OjQIFDVy9+TGepRtj OqjAc1vAJU2TwpGzfFZB88RPVAEwdUXCs7fBvkNeBg== X-Google-Smtp-Source: AB8JxZqVQj7bav2gNvVLKhhUsmyMDOWxKnNy6caN9YSXLY4KkWGXY8COerFFe3gsRdNE4f8BUlfSZ3icCh84jvjlH2s= X-Received: by 2002:a2e:9816:: with SMTP id a22-v6mr13333982ljj.27.1525277980398; Wed, 02 May 2018 09:19:40 -0700 (PDT) MIME-Version: 1.0 Received: by 10.46.85.200 with HTTP; Wed, 2 May 2018 09:19:39 -0700 (PDT) From: Frederic Perriot Date: Wed, 2 May 2018 18:19:39 +0200 Message-ID: To: caml-list@inria.fr Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Subject: [Caml-list] a bad value detector Hello caml-list, I'd like to propose a detector to help in the detection of incorrect C bindings that do not follow the GC rules. The idea is rather simple: 1. after a minor collection, mprotect the pages of the minor heap to disallow reads and writes 2. install a SEGV handler to catch the ensuing faults 3. if the faulting address is above caml_young_ptr - Max_young_whsize, unprotect the page and carry on 4. otherwise, the program has no business accessing a value in the unallocated part of the minor heap, so let it crash I've hacked up a prototype that protects a single page at caml_young_start, and it catches the bug I mention in my other message entitled "an implicit GC rule". Such a change surely degrades performance, but maybe it would be useful as a runtime option available through CAMLRUNPARAM, to detect misbehaved C bindings. Does it sound like a viable technique? I'm curious to hear what you think. thanks, Fr=C3=A9d=C3=A9ric Perriot