|
From: Nicholas N. <nj...@ca...> - 2004-07-15 22:20:17
|
Hi,
I'm looking at how new shadow memory pages are allocated when necessary.
It's weird, there seem to be two mechanisms for this.
First, every tool that uses shadow memory (memcheck, addrcheck, helgrind)
is very careful to call their respective ENSURE_MAPPABLE macros before
accessing shadow memory, which checks if there is a shadow page for the
address and allocates a new one if not.
That would seem to be enough. But in vg_signals.c, there's a bit in the
SEGV handler with this comment:
/* If there's a fault within the shadow memory range, and it
is a permissions fault, then it means that the client is
using some memory which had not previously been used.
This catches those faults, makes the memory accessible,
and calls the tool to initialize that page.
*/
This calls VG_(init_shadow_range)(), which calls the init_shadow_page
trackable event, telling the tool to make itself a shadow page. But none
of the tools actually provide the necessary init_shadow_page callback.
This 2nd mechanism is simply not being used; I tried removing it and the
entire regression test suite ran fine.
So I see two options:
1. Just rely on the currently used ENSURE_MAPPABLE macros in the tools.
This would allow a couple of functions to be removed or simplified, saving
50 lines of code.
2. Just rely on the SEGV handling bit. This would require adding the
init_shadow_page callback to each of the tools. The advantage with this
option is that it might make things a bit faster, since we wouldn't have
to do ENSURE_MAPPABLE (which is a comparison like "x == y[z >> 16]") for
every shadow memory access. (But it might make no discernible difference,
since this is just arithmetic which might be swamped by the associated
memory accesses. In which case option (1) is clearly better.)
Any opinions? Jeremy, do you know why both these mechanisms are present?
Thanks.
N
|