Date: Wed, 18 Apr 2018 16:35:56 -0400 From: Rich Felker <dalias@...c.org> To: musl@...ts.openwall.com Subject: Re: tcmalloc compatibility On Mon, Apr 16, 2018 at 12:40:06AM -0400, Rich Felker wrote: > On Mon, Apr 16, 2018 at 06:19:24AM +0200, Markus Wichmann wrote: > > On Sun, Apr 15, 2018 at 01:52:10PM +0200, ardi wrote: > > [...] > > > > So long as you refrain from using dynamic linking (because of the memory > > donation) > > This is only a small part of the reason you can't use dynamic linking. > The other big part is that references in libc.so are bound at libc.so > link time, so functions like getline, open_memstream, strdup, etc. > will return pointers that won't be valid for you to free. > > > and calloc() and memalign() (and posix_memalign()) are unused > > or overloaded, you should be fine. Both of these functions use the > > internal bookkeeping of musl's malloc. calloc() uses it to figure out if > > a chunk was mmapped (in which case no initialization is necessary), and > > memalign() uses it to construct a second chunk header to cause the > > returned pointer to be aligned. > > Yes, but this rule always applies for interposing, with any > implementation. It's not musl-specific. > > > Most of the questioning here arose from that first part. Those are the > > two big problems, actually, we need an interface to donate memory to the > > malloc implementation, > > This isn't needed. It's fine for donation to donate to the internal > (unused) implementation if malloc is interposed, or for donation not > to happen at all. I don't think it's a good idea to create a public > interposable API for donation. > > The big thing that does need to happen is getting rid of the call to > free() to do the donation, which is unsafe/incorrect if it's > interposed. Alexander Monakov's patch (which looks ok to commit with > minor changes described in the thread) should fix that. > > > and the malloc implementation needs to provide > > all of the hairier functions like memalign(). And we currently have no > > way of enforcing either of these. > > A way to enforce this was discussed earlier in the thread, so it looks > doable. Today I pushed changes which should make malloc replacement/interposition work reliably as long as you only use AS-safe functions. If you try this, please let us know how it turns out and if you run into any unexpected problems. Rich
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.