mmap/munmap/mremamp shims #2520
Conversation
saethlin
added
the
S-waiting-on-author
saethlin
force-pushed
the
mmap-shim
branch
2 times, most recently
from
19c0419 to
a0a1679
Compare
|
☔ The latest upstream changes (presumably #2322) made this pull request unmergeable. Please resolve the merge conflicts. |
There was a problem hiding this comment.
Thanks! I left some comments. I think my main concern is that this duplicates book-keeping between the intptrcast module and these new 'mappings', and that seems error-prone. I'd prefer to have only on source of information for mapping between integers and AllocId.
|
I'm picking this up again. I saw someone looking for this kind of support so I'm probably going to scope this down a bit to avoid some of the annoying questions it raises. |
saethlin
force-pushed
the
mmap-shim
branch
2 times, most recently
from
b585884 to
c6f389f
Compare
saethlin
force-pushed
the
mmap-shim
branch
3 times, most recently
from
d0d5d53 to
0e5835c
Compare
|
I think the only real thing left to do here is to figure out how to raise an error instead of reporting UB when a user tries to |
src/shims/unix/mem.rs
Outdated
| // FIXME: The man page says this returns MAP_FAILED but that is type void*, and this | ||
| // function returns int. |
There was a problem hiding this comment.
I assume it's (int)MAP_FAILED then?
There was a problem hiding this comment.
🤷 I just re-read the Linux man page for this and it specifies not only that munmap returns -1 on error, but in the docs for mmap:
the value MAP_FAILED (that is, (void *) -1)
What exactly is it that needs to be accessed/checked here? I'm seeing a FIXME near a |
|
That sounds like a ton of restrictions that basically make mmap be the same as a |
This is enough to run the test suite for dlmalloc, unmodified. I'm a bit surprised too.
The commits I just pushed addresses this |
|
@rustbot ready |
rustbot
added
S-waiting-on-review
|
|
||
| pub(crate) fn round_up_to_multiple_of_page_size(&self, length: u64) -> Option<u64> { | ||
| #[allow(clippy::integer_arithmetic)] // page size is nonzero | ||
| (length.checked_add(self.page_size - 1)? / self.page_size).checked_mul(self.page_size) |
There was a problem hiding this comment.
The standard library should really have a method for rounding integers up and down...
saethlin
force-pushed
the
mmap-shim
branch
3 times, most recently
from
29165b9 to
a2f99ce
Compare
|
That was weird. I think the windows job timed out or something. It was cancelled, so I restarted it, and it passed this time. |
saethlin
added
S-waiting-on-review
|
I'm still trying to understand what exactly you want to achieve for munmap. Clearly this is not a full implementation of mmap. It says in the comments that it only supports the part that behaves like malloc/realloc/free. Why can't we just say that this applies to munmap as well, and that we require the given range to exactly match a previous mmap? |
|
🤦 Yeah I can do that. I previously hadn't figured out how to use the prioroda access to the AllocMap to pull out the information I need to do that. |
|
You don't even have to do that. Just call dealloc with the right MemoryKind and it should check everything.
|
|
But then we will get a false-positive UB report for a |
saethlin
removed
the
S-waiting-on-review
|
Yeah isn't that fine if we say we only support allocator-style logic? Or are you saying we should try our hardest to throw "unsupported" instead of UB? |
|
Yes, I think we should try our hardest to not say that a program is UB when it's just using something we don't support. I think it's important that people can trust that when Miri says it has encountered Undefined Behavior that there is a problem in the program. |
|
Looking good. :) Please squash the history a bit, then r=me. |
|
@bors r=RalfJung |
|
☀️ Test successful - checks-actions |
This adds basic support for
mmap/mremap/munmap, with the specific goal of testing allocators targeting Linux under Miri.This supports
mmapwithMAP_PRIVATE|MAP_ANONYMOUS, andPROT_READ|PROT_WRITE, and explicitly does not supportMAP_SHARED(because that's asking for MMIO) as well as any kind of file mapping (because it seems like nobody doesMAP_PRIVATEon files even though that would be very sensible). And (officially) we don't supportMAP_FIXED, so we always ignore theaddrargument.This supports
mremaponly when the implementation is allowed to move the mapping (so noMREMAP_FIXED, noMREMAP_DONTUNMAP, and requiredMREMAP_MAYMOVE), and also when the entirety of a region previously mapped bymmapis being remapped.This supports
munmapbut only when the entirety of a region previously mapped bymmapis unmapped.