Florin Papa added the comment: > Is there a runtime cost or does the hardware run the bounds checks in > parallel with memory accesses? Are the bounds set when malloc() is called > or elsewhere? I read the provided links but can't say I fully understand how > it works exactly (which memory blocks are protected, where the bounds get > set, when the registers are loaded, etc).
There is a runtime cost associated with MPX instrumentation, which is kept to a minimum due to the use of hardware instructions and registers. When "fcheck-pointer-bounds -mmpx" compilation flags are set, instrumentation is enabled for _all_ memory acceses in the code. This means that when you perform a malloc, the pointer bounds will be set inside the malloc call, and then passed on to your variable. Alternatively, you can manually instrument only regions of interest in your code using GCC functions described here [1]. > Also, I'm curious about whether we have direct controls over the bounds. For > example, in a listobject.c or _collections.c object could the bounds be > tightened to only include the active data and excluded the unused part of the > overallocation? Please see __bnd_set_ptr_bounds here [1] for bound manipulation. In order to have a better understanding of what happens when using MPX, I suggest writing a simple C program and look at the assembly code generated (MPX instructions and registers begin with bnd). You can use the following steps: gcc -g -c test.c -O2 -fcheck-pointer-bounds -mmpx objdump -d -M intel -S test.o [1] https://gcc.gnu.org/wiki/Intel%20MPX%20support%20in%20the%20GCC%20compiler#Compiler_intrinsics_and_attributes ---------- _______________________________________ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue25300> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
