[RFC PATCH] malloc_usable_size.3: Warn about _FORTIFY_SOURCE interaction
Wilco Dijkstra
Wilco.Dijkstra@arm.com
Wed Apr 5 13:55:53 GMT 2023
Hi Alejandro,
> and the header where we define a wrapper macro, which contains several
> comments about assumptions made about different libc implementations:
>
> <https://github.com/nginx/unit/blob/c54331fa3d9597ba6bc85e7b7242981f00ed25c2/src/nxt_malloc.h#L35>
>
> I hope that tells you something. It doesn't tell me anything, but I'm
> not used to fiddling with allocators. :)
This looks rather worrying - it seems to deliberately use a malloc size that is too
small in the hope that the particular malloc implementation allocates a bit more
and then use that extra space. So every malloc call now needs extra checks to
adjust the size and another call to malloc_usable_size which then needs to be
checked to be larger than the original requested size...
So basically they are trying to save 32 bytes in blocks larger than 128KB
(a whopping 0.024%!!!) by adding ~64 bytes of extra code per malloc call plus
lots of extra executed instructions...
This kind of stupidity convinces me even more that we need to obsolete
malloc_usable_size - people clearly cannot use it properly or avoid
hardcoding internal implementation details which could change at any time.
Cheers,
Wilco
More information about the Libc-alpha
mailing list