Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!utgpu!water!watnot!watmath!clyde!cbatt!ihnp4!inuxc!pur-ee!uiucdcs!uxc.cso.uiuc.edu!ccvaxa!aglew
From: aglew@ccvaxa.UUCP
Newsgroups: comp.arch
Subject: Re: catering to bad code
Message-ID: <28200014@ccvaxa>
Date: Thu, 12-Mar-87 17:15:00 EST
Article-I.D.: ccvaxa.28200014
Posted: Thu Mar 12 17:15:00 1987
Date-Received: Sat, 14-Mar-87 08:49:05 EST
References: <304@its63b.ed.ac.uk>
Lines: 46
Nf-ID: #R:its63b.ed.ac.uk:304:ccvaxa:28200014:000:2190
Nf-From: ccvaxa.UUCP!aglew    Mar 12 16:15:00 1987


...> Phil Ngai wondering if he should make low memory dereferencing
...> fault, or tolerate BSD VAX style code.

Well, I wrote a first response to this last week, and then promptly
got bitten by it.

Gould traps read protection violations, but a kernel flag can be set
to ignore, log (to user and console), or send SIGSEGV or SIGSTACK
to the faulting process. The administrative program to do this is
called "prot".

Anyway, like any development shop, we always run with "prot abort".
Except that last week somebody had to run a cross-assembler that
had been written on VAX BSD. It died. But they *really* *had* to
run it, so they turned "prot ignore" on.

Now, "prot ignore" applies system wide. I was coding that night, and
made some silly errors, and was surprised to come back the next morning,
with "prot abort" turned back on, and find out that 'formerly working'
code from the night before had mysteriously broken.

Come the weekend and some free time, half an hour of code, an hour of
compiling, two hours of documentation and three hours of testing...
"prot" can now be turned on per-process. When or if this will make it into
a product I don't know, but it made me feel better.

Tidbits that may be useful: put the per-process flag into the proc, not the
u. The syscall that sets or reads it should take a pid as an argument,
mainly so that a utility program can perform

    	prot_syscall( getppid(), PROT_IGNORE )

applied to your shell session, if you are about to use a lot of VAXish code,
and don't want to bother prot'ing each of them. Make it inherited.

Something that I didn't do, but which might be useful: it might be nice to
attach this flag to executable files, so that buggy vax code can be
executed without clogging your system logs. Also, it would be nice to
be able to distinguish system programs, like csh and as, for which it
would be nice to keep a log of protection violations, from user programs
whose errors have no role getting into a system log. Distinguishing
on the basis of uid is easy, but insufficient.

Andy "Krazy" Glew. Gould CSD-Urbana.    USEnet:  ihnp4!uiucdcs!ccvaxa!aglew
1101 E. University, Urbana, IL 61801    ARPAnet: aglew@gswd-vms.arpa