From owner-freebsd-current  Fri Aug  8 14:03:25 1997
Return-Path: <owner-freebsd-current>
Received: (from root@localhost)
          by hub.freebsd.org (8.8.5/8.8.5) id OAA13631
          for current-outgoing; Fri, 8 Aug 1997 14:03:25 -0700 (PDT)
Received: from critter.dk.tfs.com (critter.phk.freebsd.dk [195.8.133.1])
          by hub.freebsd.org (8.8.5/8.8.5) with ESMTP id OAA13588
          for <current@freebsd.org>; Fri, 8 Aug 1997 14:02:55 -0700 (PDT)
Received: from critter.dk.tfs.com (localhost [127.0.0.1])
	by critter.dk.tfs.com (8.8.6/8.8.5) with ESMTP id QAA26186;
	Fri, 8 Aug 1997 16:55:58 +0200 (CEST)
To: Bill Paul <wpaul@skynet.ctr.columbia.edu>
cc: andreas@klemm.gtn.com (Andreas Klemm), current@freebsd.org
From: Poul-Henning Kamp <phk@dk.tfs.com>
Subject: Re: httpd in free(): warning: modified (page-) pointer. 
In-reply-to: Your message of "Fri, 01 Aug 1997 02:24:07 EDT."
             <199708010624.CAA12780@skynet.ctr.columbia.edu> 
Date: Fri, 08 Aug 1997 16:55:58 +0200
Message-ID: <26184.871052158@critter.dk.tfs.com>
Sender: owner-freebsd-current@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

In message <199708010624.CAA12780@skynet.ctr.columbia.edu>, Bill Paul writes:
>
>	o Electric Fence works by using mmap() to allocate memory instead
>	  of brk()/sbrk(). To trap out of bounds references, it allocates
>	  an extra page of memory immediately after the memory requested
>	  with malloc()/calloc()/etc and uses mprotect() to disallow
>	  read and write access to it.

This is why a similar feature hasn't been implemented into phkmalloc
yet, it would only give page size granularity, ie, you have to overrun
by a LOT before you can figure it out, I tried it, and it didn't find
one single problem in the two months I ran with it so I ditched it.

(Electric Fence does much more than this though)

I have a proof-of-concept patch that makes the kernel and the
VM system do the "Purify" memory-coloring thing.  I basically 
keep a shadow process which has in its address space the color
of it's "mate" memory, byte for byte.

It's very hairy and ugly, but it seems to work pretty good, 
although it is horribly slow, in that 92% of the memory accesses 
outside the text segment triggers a page fault.  You can do the
same thing with ptrace all in user-land, but that is even slower
since you have the additional overhead of two context switches
per instruction...

There is probably 2 manmonths work in it, before it is any good  :-(

--
Poul-Henning Kamp           | phk@FreeBSD.ORG       FreeBSD Core-team.
http://www.freebsd.org/~phk | phk@login.dknet.dk    Private mailbox.
whois: [PHK]                | phk@tfs.com           TRW Financial Systems, Inc.
Power and ignorance is a disgusting cocktail.