Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Mon, 19 Sep 2022 09:46:59 -0400
From: Rich Felker <dalias@...c.org>
To: Florian Weimer <fweimer@...hat.com>
Cc: baiyang <baiyang@...il.com>, musl <musl@...ts.openwall.com>
Subject: Re: The heap memory performance (malloc/free/realloc) is
 significantly degraded in musl 1.2 (compared to 1.1)

On Mon, Sep 19, 2022 at 02:36:41PM +0200, Florian Weimer wrote:
> * Szabolcs Nagy:
> 
> > unlike musl those implementations don't return exact size nor have the
> > same security and memory fragmentation guarantees, so bad comparision.
> >
> > tcmalloc:
> >   // Returns the actual number N of bytes reserved by tcmalloc for the pointer
> >   // p.  This number may be equal to or greater than the number of bytes
> >   // requested when p was allocated.
> >   //
> >   // This function is just useful for statistics collection.  The client must
> >   // *not* read or write from the extra bytes that are indicated by this call.
> >
> > jemalloc:
> >       <para>The <function>malloc_usable_size()</function> function
> >       returns the usable size of the allocation pointed to by
> >       <parameter>ptr</parameter>.  The return value may be larger than the size
> >       that was requested during allocation.  The
> >       <function>malloc_usable_size()</function> function is not a
> >       mechanism for in-place <function>realloc()</function>; rather
> >       it is provided solely as a tool for introspection purposes.  Any
> >       discrepancy between the requested allocation size and the size reported
> >       by <function>malloc_usable_size()</function> should not be
> >       depended on, since such behavior is entirely implementation-dependent.
> 
> These implementations are buggy or at least mis-documented.  The
> interface contract is clearly that for that particular object, the extra
> bytes in the allocation are available for reading and writing.  It is
> not guaranteed that the allocator will always provide the same number of
> extra bytes for the same requested size, but they must be there for the
> allocation being examined.  It's even in the name of the function!

I'm not sure I understand what you're saying, but the core problem
that really can't be solved is potential discrepancy between the
malloc implementation's idea of usable and the compiler's. For
example:

	char *p = malloc(1);
	if (malloc_usable_size(p)>1) p[1] = 42;

will cause a compiler that's actively detecting UB to abort the
program when malloc_usable_size returns a value larger than 1.

Rich

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.