Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 28 Nov 2017 10:46:34 -0500
From: Rich Felker <dalias@...c.org>
To: musl@...ts.openwall.com
Subject: Re: [PATCH] Wasm support patch 1 (support systems without
 mmap)

On Tue, Nov 28, 2017 at 11:50:08AM +0000, Nicholas Wilson wrote:
> I'm hoping the first patch is uncontroversial.
> 
> WebAssembly has a linear/flat memory model, whereby it's simply
> impossible for the addressable memory to contain "holes". Therefore,
> mmap can't really be emulated, and all memory has to be allocated
> via brk.

This is not supported or supportable in musl's malloc. The heap that
can be serviced by brk is only usable for allocation sizes less than
~128k. 

> I've done this by allowing malloc to fall back to brk (even for
> allocations above MMAP_THRESHOLD) if mmap returns ENOSYS.
> 
> It's one line of code that will do harm in "normal" systems, and
> allows platforms that are emulating syscalls to choose not to
> support mmap, and still get a working malloc if brk is working.

The patch as written almost surely corrupts the heap structures or at
least produces new heap expansion (no possibility of reuse) each time
an allocation larger than ~128k is requested. This is because
bin_index[_up] is not defined for n > MMAP_THRESHOLD.

There are other places in musl that also depend on mmap working, like
the TLS init code. brk on the other hand is only used as an
optimization. I think what you should do, if it's hard to support both
brk and mmap, is omit brk instead (have it return -ENOSYS), then have
mmap always allocate lowest-available-page and keep some data
structure (even just a bit array) representing which pages are free.
This way you still keep everything in a contiguous range (possibly
with some reusable gaps due to munmap) like you want.

Rich



> diff --git a/src/malloc/malloc.c b/src/malloc/malloc.c
> index 9e05e1d6..572232e1 100644
> --- a/src/malloc/malloc.c
> +++ b/src/malloc/malloc.c
> @@ -328,13 +328,17 @@ void *malloc(size_t n)
>                 size_t len = n + OVERHEAD + PAGE_SIZE - 1 & -PAGE_SIZE;
>                 char *base = __mmap(0, len, PROT_READ|PROT_WRITE,
>                         MAP_PRIVATE|MAP_ANONYMOUS, -1, 0);
> -               if (base == (void *)-1) return 0;
> +               if (base == MAP_FAILED) {
> +                       if (errno == ENOSYS) goto nommap;
> +                       return 0;
> +               }
>                 c = (void *)(base + SIZE_ALIGN - OVERHEAD);
>                 c->csize = len - (SIZE_ALIGN - OVERHEAD);
>                 c->psize = SIZE_ALIGN - OVERHEAD;
>                 return CHUNK_TO_MEM(c);
>         }
>  
> +nommap:
>         i = bin_index_up(n);
>         for (;;) {
>                 uint64_t mask = mal.binmap & -(1ULL<<i);
> @@ -405,7 +409,7 @@ void *realloc(void *p, size_t n)
>                 newlen = (newlen + PAGE_SIZE-1) & -PAGE_SIZE;
>                 if (oldlen == newlen) return p;
>                 base = __mremap(base, oldlen, newlen, MREMAP_MAYMOVE);
> -               if (base == (void *)-1)
> +               if (base == MAP_FAILED)
>                         goto copy_realloc;
>                 self = (void *)(base + extra);
>                 self->csize = newlen - extra;

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.