From: Rich Felker <dalias@libc.org>
To: musl@lists.openwall.com
Subject: Re: [PATCH 2/2] ldso, malloc: implement reclaim_gaps via __malloc_donate
Date: Tue, 17 Apr 2018 18:21:13 -0400 [thread overview]
Message-ID: <20180417222113.GF3094@brightrain.aerifal.cx> (raw)
In-Reply-To: <alpine.LNX.2.20.13.1804172258370.2813@monopod.intra.ispras.ru>
[-- Attachment #1: Type: text/plain, Size: 689 bytes --]
On Tue, Apr 17, 2018 at 11:52:59PM +0300, Alexander Monakov wrote:
> > I'm really tired of trying to work out all sorts of fragile subtleties
> > like that.
>
> .... and I regret pinging the patch :)
:)
Don't worry, the outcome is better than if you hadn't I think. It was
a prerequisite for other stuff people are requesting about
interposable malloc and sparked some other fixes I have pending now.
> I did not anticipate this to cause a sizeable distraction and hoped on
> balance it'd be a positive experience. Seems not.
>
> Is a roll back to a non-irritated state possible?
Yes. I'll attach what I have queued up for possible push. Let me know
if it looks okay with you.
Rich
[-- Attachment #2: 0001-ldso-malloc-implement-reclaim_gaps-via-__malloc_dona.patch --]
[-- Type: text/plain, Size: 4068 bytes --]
From 4c651a999f00f5be3a2882c2e8f37a0431fc4347 Mon Sep 17 00:00:00 2001
From: Alexander Monakov <amonakov@ispras.ru>
Date: Mon, 16 Apr 2018 20:54:36 +0300
Subject: [PATCH] ldso, malloc: implement reclaim_gaps via __malloc_donate
Split 'free' into unmap_chunk and bin_chunk, use the latter to introduce
__malloc_donate and use it in reclaim_gaps instead of calling 'free'.
---
ldso/dynlink.c | 16 ++++----------
src/malloc/malloc.c | 61 +++++++++++++++++++++++++++++++++++++----------------
2 files changed, 47 insertions(+), 30 deletions(-)
diff --git a/ldso/dynlink.c b/ldso/dynlink.c
index 9bf6924..b9ff41b 100644
--- a/ldso/dynlink.c
+++ b/ldso/dynlink.c
@@ -476,23 +476,15 @@ static void redo_lazy_relocs()
/* A huge hack: to make up for the wastefulness of shared libraries
* needing at least a page of dirty memory even if they have no global
* data, we reclaim the gaps at the beginning and end of writable maps
- * and "donate" them to the heap by setting up minimal malloc
- * structures and then freeing them. */
+ * and "donate" them to the heap. */
static void reclaim(struct dso *dso, size_t start, size_t end)
{
- size_t *a, *z;
+ void __malloc_donate(char *, char *);
if (start >= dso->relro_start && start < dso->relro_end) start = dso->relro_end;
if (end >= dso->relro_start && end < dso->relro_end) end = dso->relro_start;
- start = start + 6*sizeof(size_t)-1 & -4*sizeof(size_t);
- end = (end & -4*sizeof(size_t)) - 2*sizeof(size_t);
- if (start>end || end-start < 4*sizeof(size_t)) return;
- a = laddr(dso, start);
- z = laddr(dso, end);
- a[-2] = 1;
- a[-1] = z[0] = end-start + 2*sizeof(size_t) | 1;
- z[1] = 1;
- free(a);
+ if (start >= end) return;
+ __malloc_donate(laddr(dso, start), laddr(dso, end));
}
static void reclaim_gaps(struct dso *dso)
diff --git a/src/malloc/malloc.c b/src/malloc/malloc.c
index db19bc3..6605ec3 100644
--- a/src/malloc/malloc.c
+++ b/src/malloc/malloc.c
@@ -299,6 +299,8 @@ static int pretrim(struct chunk *self, size_t n, int i, int j)
return 1;
}
+static void bin_chunk(struct chunk *);
+
static void trim(struct chunk *self, size_t n)
{
size_t n1 = CHUNK_SIZE(self);
@@ -314,7 +316,7 @@ static void trim(struct chunk *self, size_t n)
next->psize = n1-n | C_INUSE;
self->csize = n | C_INUSE;
- free(CHUNK_TO_MEM(split));
+ bin_chunk(split);
}
void *malloc(size_t n)
@@ -465,29 +467,14 @@ copy_free_ret:
return new;
}
-void free(void *p)
+static void bin_chunk(struct chunk *self)
{
- struct chunk *self, *next;
+ struct chunk *next = NEXT_CHUNK(self);
size_t final_size, new_size, size;
int reclaim=0;
int i;
- if (!p) return;
-
- self = MEM_TO_CHUNK(p);
-
- if (IS_MMAPPED(self)) {
- size_t extra = self->psize;
- char *base = (char *)self - extra;
- size_t len = CHUNK_SIZE(self) + extra;
- /* Crash on double free */
- if (extra & 1) a_crash();
- __munmap(base, len);
- return;
- }
-
final_size = new_size = CHUNK_SIZE(self);
- next = NEXT_CHUNK(self);
/* Crash on corrupted footer (likely from buffer overflow) */
if (next->psize != self->csize) a_crash();
@@ -548,3 +535,41 @@ void free(void *p)
unlock_bin(i);
}
+
+static void unmap_chunk(struct chunk *self)
+{
+ size_t extra = self->psize;
+ char *base = (char *)self - extra;
+ size_t len = CHUNK_SIZE(self) + extra;
+ /* Crash on double free */
+ if (extra & 1) a_crash();
+ __munmap(base, len);
+}
+
+void free(void *p)
+{
+ if (!p) return;
+
+ struct chunk *self = MEM_TO_CHUNK(p);
+
+ if (IS_MMAPPED(self))
+ unmap_chunk(self);
+ else
+ bin_chunk(self);
+}
+
+void __malloc_donate(char *start, char *end)
+{
+ size_t align_start_up = (SIZE_ALIGN-1) & (-(uintptr_t)start - OVERHEAD);
+ size_t align_end_down = (SIZE_ALIGN-1) & (uintptr_t)end;
+
+ if (end - start <= OVERHEAD + align_start_up + align_end_down)
+ return;
+ start += align_start_up + OVERHEAD;
+ end -= align_end_down;
+
+ struct chunk *c = MEM_TO_CHUNK(start), *n = MEM_TO_CHUNK(end);
+ c->psize = n->csize = C_INUSE;
+ c->csize = n->psize = C_INUSE | (end-start);
+ bin_chunk(c);
+}
--
2.10.0
next prev parent reply other threads:[~2018-04-17 22:21 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-04-16 17:54 [PATCH 1/2] malloc: fix an over-allocation bug Alexander Monakov
2018-04-16 17:54 ` [PATCH 2/2] ldso, malloc: implement reclaim_gaps via __malloc_donate Alexander Monakov
2018-04-16 22:39 ` Rich Felker
2018-04-17 5:30 ` Alexander Monakov
2018-04-17 15:57 ` Rich Felker
2018-04-17 17:06 ` Rich Felker
2018-04-17 19:01 ` Rich Felker
2018-04-17 20:52 ` Alexander Monakov
2018-04-17 22:21 ` Rich Felker [this message]
2018-04-16 22:40 ` [PATCH 1/2] malloc: fix an over-allocation bug Rich Felker
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180417222113.GF3094@brightrain.aerifal.cx \
--to=dalias@libc.org \
--cc=musl@lists.openwall.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.vuxu.org/mirror/musl/
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).