[prev in list] [next in list] [prev in thread] [next in thread]
List: sbcl-devel
Subject: Re: [Sbcl-devel] Memory corruption on foreign thread callbacks win33
From: Charles Zhang via Sbcl-devel <sbcl-devel () lists ! sourceforge ! net>
Date: 2022-04-09 0:26:50
Message-ID: 1169924416.383353.1649464010027 () mail ! yahoo ! com
[Download RAW message or body]
[Attachment #2 (multipart/alternative)]
I see. The diagram above alloc_thread_struct helps a lot, which I couldn't find \
because the comment above the exclusion zone references 'create_thread_struct' \
instead. (Which there are many more instances of. I guess I could've found that it \
was renamed by going down the git blame rabbit hole). Maybe we should also explain \
why exclude_to is wrong on Windows. th->control_stack_start is obviously the right \
thing everywhere to exclude from if we want to skip pointers into the stack, \
exclude_to not so much.
On Fri, Apr 8, 2022 at 17:17, Douglas Katzman<dougk@google.com> wrote:
On Fri, Apr 8, 2022 at 8:09 PM Charles Zhang <charleszhang99@yahoo.com> wrote:
That looks good. But on Unix, how do we ensure that
th + dynamic_values_bytes is not higher than than dynamic space where heap pointers \
are? As in, for win32 we have &th = 0x1f00...dynamic_space 0x1000...stacks at \
0xf00... how are we making sure that the exclusion zone doesnt include heap pointers \
on Unix? This doesn't seem like an arch dependent thing here.
dynamic_values_bytes has nothing to do with dynamic space, I think you might be \
confused by the name. The exclusion range is supposed to be the stack and nothing \
but the stack.So th+dynamic_values_bytes computes the upper bound of the holistic \
view of the thread structure pictured above alloc_thread_struct.Pointers within the \
stack to the same stack are uninteresting. They're frame pointers and stack pointers \
that can't possibly affect anything preserved on the heap.If we don't have correct \
values for win32 for the exclusion range, it doesn't matter, but the optimization is \
a bonus otherwise.
[Attachment #5 (text/html)]
<div id="ymail_android_signature">I see. The diagram above alloc_thread_struct helps \
a lot, which I couldn't find because the comment above the exclusion zone references \
'create_thread_struct' instead. (Which there are many more instances of. I guess I \
could've found that it was renamed by going down the git blame rabbit hole). Maybe we \
should also explain why exclude_to is wrong on Windows. th->control_stack_start is \
obviously the right thing everywhere to exclude from if we want to skip pointers into \
the stack, exclude_to not so much.</div> <br> <blockquote style="margin: 0 0 20px \
0;"> <div style="font-family:Roboto, sans-serif; color:#6D00F6;"> <div>On Fri, Apr 8, \
2022 at 17:17, Douglas Katzman</div><div><dougk@google.com> wrote:</div> </div> \
<div style="padding: 10px 0 0 20px; margin: 10px 0 0 0; border-left: 1px solid \
#6D00F6;"> <div id="yiv1365111693"><div><div dir="ltr"><div dir="ltr"><br \
clear="none"></div><br clear="none"><div class="yiv1365111693gmail_quote"><div \
dir="ltr" class="yiv1365111693gmail_attr">On Fri, Apr 8, 2022 at 8:09 PM Charles \
Zhang <<a rel="nofollow noopener noreferrer" shape="rect" \
ymailto="mailto:charleszhang99@yahoo.com" target="_blank" \
href="mailto:charleszhang99@yahoo.com">charleszhang99@yahoo.com</a>> wrote:<br \
clear="none"></div><blockquote style="margin:0px 0px 0px 0.8ex;border-left:1px solid \
rgb(204,204,204);padding-left:1ex;" class="yiv1365111693gmail_quote"><div \
id="yiv1365111693gmail-m_-853386761567816074ymail_android_signature">That looks good. \
But on Unix, how do we ensure that </div><div \
id="yiv1365111693gmail-m_-853386761567816074ymail_android_signature"><br \
clear="none"></div><div \
id="yiv1365111693gmail-m_-853386761567816074ymail_android_signature">th + \
dynamic_values_bytes is not higher than than dynamic space where heap pointers are? \
As in, for win32 we have</div><div \
id="yiv1365111693gmail-m_-853386761567816074ymail_android_signature"><br \
clear="none"></div><div \
id="yiv1365111693gmail-m_-853386761567816074ymail_android_signature">&th = \
0x1f00...</div><div id="yiv1365111693gmail-m_-853386761567816074ymail_android_signature">dynamic_space \
0x1000...</div><div id="yiv1365111693gmail-m_-853386761567816074ymail_android_signature">stacks \
at 0xf00...</div><div \
id="yiv1365111693gmail-m_-853386761567816074ymail_android_signature"><br \
clear="none"></div><div \
id="yiv1365111693gmail-m_-853386761567816074ymail_android_signature">how are we \
making sure that the exclusion zone doesnt include heap pointers on Unix? This \
doesn't seem like an arch dependent thing here.</div></blockquote><div><br \
clear="none"></div><div>dynamic_values_bytes has nothing to do with dynamic space, I \
think you might be confused by the name.<br clear="none"></div><div>The exclusion \
range is supposed to be the stack and nothing but the stack.</div><div \
dir="ltr">So <font face="monospace">th+dynamic_values_bytes</font> computes the upper \
bound of the holistic view of the thread structure pictured above \
alloc_thread_struct.</div><div dir="ltr">Pointers within the stack to the same stack \
are uninteresting. They're frame pointers and stack pointers that can't possibly \
affect anything preserved on the heap.</div><div dir="ltr">If we don't have correct \
values for win32 for the exclusion range, it doesn't matter, but the optimization is \
a bonus otherwise.<div id="yiv1365111693yqtfd98094" \
class="yiv1365111693yqt2188496696"><br clear="none"><div><br \
clear="none"></div></div></div><div id="yiv1365111693yqtfd51415" \
class="yiv1365111693yqt2188496696"><div> </div></div></div></div><div \
id="yiv1365111693yqtfd46569" class="yiv1365111693yqt2188496696"> </div></div></div> \
</div> </blockquote>
_______________________________________________
Sbcl-devel mailing list
Sbcl-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/sbcl-devel
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic