Skip to content

Potential bug in dzmmap #244

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
javadamiri opened this issue Feb 17, 2021 · 1 comment
Closed

Potential bug in dzmmap #244

javadamiri opened this issue Feb 17, 2021 · 1 comment
Labels
A-heap Area: Heap (including Mmapper, VMMap) C-bug Category: Bug F-investigate Call For Participation: Investigate the issue and provide more detailed direction

Comments

@javadamiri
Copy link
Contributor

The use of MAP_FIXED flag in the dzmmap functions means we overwrite any previous mapping that may overlap with our current request:

mmtk-core/src/util/memory.rs

Line 15 in a4110d9

let flags = libc::MAP_ANON | libc::MAP_PRIVATE | libc::MAP_FIXED;

Although it is very unlikely to happen in 64-bits targets, it is still possible.
For example, we do not know how various malloc implementations use the address space, and we may overwrite their mappings.

An alternative is to remove the MAP_FIXED flag and compare the result of mmap with our requested starting address.
AFAIK, they will be the same if there is no overlaps.
@qinsoon qinsoon added A-heap Area: Heap (including Mmapper, VMMap) C-bug Category: Bug F-investigate Call For Participation: Investigate the issue and provide more detailed direction labels Apr 1, 2021
@qinsoon qinsoon mentioned this issue Apr 23, 2021
Merged
@qinsoon
Copy link
Member

qinsoon commented May 5, 2021

This is done in #296. All uses of MAP_FIXED in mmtk-core is replaced with MAP_FIXED_NOREPLACE.

@qinsoon qinsoon closed this as completed May 5, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
A-heap Area: Heap (including Mmapper, VMMap) C-bug Category: Bug F-investigate Call For Participation: Investigate the issue and provide more detailed direction
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@qinsoon @javadamiri