liballocs

liballocs copied to clipboard

allocscompilerwrapper.py puts defsyms too late when wrapping in-exe malloc

2

The malloc-in-exe test case hacks around this with its own LDFLAGS in mk.inc. But without these, the `__wrap___real_malloc` and friends are being defined (in `liballocs_nonshared.a`) too early on the command...

stephenrkell

Temporal safety feature: mirroring mmaps

4

In a hypothetical dynamically safe C, we want to implement a temporally safe ```malloc``` using virtual address rotation techniques. Basically, each heap arena is mapped N times (say 64). In...

stephenrkell

Some heaps, like gcc's RTL heap, always allocate objects of the same (super)type so only a bitmap is really needed. This 'easy win' was already mooted in 2015's Onward! paper...

stephenrkell

Dummyweaks library should go away

15

The no-op `liballocs_dummyweaks.so` library is no longer necessary, for at least the following reasons. - The BFD linker provides `-z dynamic-undefined-weak`. So we can just make the symbols weak, if...

stephenrkell

Split private-malloc into O(nbigallocs) and O(mem) cases

3

As of commit ab4d7b07, we have a new `__private_malloc()` implementation which never does `mmap()`, thanks to a 'large-enough' (1GB) up-front MAP_NORESERVE area created at the same time as the pageindex....

stephenrkell

Better high-level overview via a more up-to-date research paper?

24

The whole codebase really needs me to do a brain dump in each .c file, explaining what goes on in each. A lot of non-obvious things 'obvious to me' are...

stephenrkell

Do binary instrumentation of allocation functions

5

Rather than doing a lot of hairy link-time stuff (see tools/allocscompilerwrapper.py) to interpose on allocation functions, it would be better to do it at run time. This should be less...

stephenrkell

sizeofness analysis isn't sufficiently general

4

Currently, we do an intraprocedural analysis of the flow of 'sizeofness', so that e.g. in the following example we can infer that `p` points to a `struct Foo`. ``` size_t...

stephenrkell

Incorrect calculation of bit index in bitmap_delete?

1

In [generic_malloc.c](https://github.com/stephenrkell/liballocs/blob/master/src/allocators/generic_malloc.c#L510): `bitmap_clear_l(bitmap, ((uintptr_t) userptr - (uintptr_t) info->bitmap_base_addr) / (MALLOC_ALIGN * BITMAP_WORD_NBITS))` ...wouldn't dividing by `BITMAP_WORD_NBITS` not give us the intended bit index but instead the bitmap index within `bitmap_word_t...

muffpy

make_precise should instead be allocator-level operations

24

Each uniqtype can have a `make_precise` function. This is a hack designed to handle a variety of cases such as unions, variable-length arrays, `sockaddr`-style byte buffers, etc., and any case...

stephenrkell