1. Patchew
  2. linux
  3. View series

[PATCH v3] rust: allocator_test: use `posix_memalign`

Tamir Duberstein posted 1 patch 10 months, 1 week ago 
rust/kernel/alloc/allocator_test.rs | 27 +++++++++++++++++++++++----
1 file changed, 23 insertions(+), 4 deletions(-)
[PATCH v3] rust: allocator_test: use `posix_memalign`
Posted by Tamir Duberstein 10 months, 1 week ago 
The implementation added in commit dd09538fb409 ("rust: alloc: implement
`Cmalloc` in module allocator_test") used `aligned_malloc` which has
implementation-defined requirements of its `alignment` parameter.

The macOS implementation of `aligned_alloc` appears to be based on
`posix_memalign` and inherits the stricter requirements of that
function, causing test failures on macOS.

Replace `aligned_alloc` with `posix_memalign` and comply with its
requirements. This ensures uniform behavior across systems.

Fixes: dd09538fb409 ("rust: alloc: implement `Cmalloc` in module allocator_test")

Signed-off-by: Tamir Duberstein <tamird@gmail.com>
---
I've intentionally not picked up Danilo's Acked-by from v2 because the
approach has changed quite a bit.
---
Changes in v3:
- Replace `aligned_malloc` with `posix_memalign` for portability.
- Link to v2: https://lore.kernel.org/r/20250202-aligned-alloc-v2-1-5af0b5fdd46f@gmail.com

Changes in v2:
- Shorten some variable names. (Danilo Krummrich)
- Replace shadowing alignment variable with a second call to
  Layout::align. (Danilo Krummrich)
- Link to v1: https://lore.kernel.org/r/20250201-aligned-alloc-v1-1-c99a73f3cbd4@gmail.com
---
 rust/kernel/alloc/allocator_test.rs | 27 +++++++++++++++++++++++----
 1 file changed, 23 insertions(+), 4 deletions(-)

diff --git a/rust/kernel/alloc/allocator_test.rs b/rust/kernel/alloc/allocator_test.rs
index e3240d16040b..0aa68d955b39 100644
--- a/rust/kernel/alloc/allocator_test.rs
+++ b/rust/kernel/alloc/allocator_test.rs
@@ -23,8 +23,19 @@
 pub type KVmalloc = Kmalloc;
 
 extern "C" {
-    #[link_name = "aligned_alloc"]
-    fn libc_aligned_alloc(align: usize, size: usize) -> *mut crate::ffi::c_void;
+    // NB: `posix_memalign` is intentionally used instead of `aligned_malloc`.
+    //
+    // ISO C (ISO/IEC 9899:2011) defines `aligned_malloc`:
+    //
+    // > The value of alignment shall be a valid alignment supported by the implementation [...].
+    //
+    // POSIX.1-2001 (IEEE 1003.1-2001) defines `posix_memalign`:
+    //
+    // > The value of alignment shall be a power of two multiple of sizeof (void *).
+    //
+    // `posix_memalign` is more portable than (but otherwise identical to) `aligned_malloc`.
+    #[link_name = "posix_memalign"]
+    fn libc_posix_memalign(align: usize, size: usize) -> *mut crate::ffi::c_void;
 
     #[link_name = "free"]
     fn libc_free(ptr: *mut crate::ffi::c_void);
@@ -62,13 +73,21 @@ unsafe fn realloc(
             ));
         }
 
+        // Ensure we comply with the requirements of `posix_memalign`.
+        let min_align = core::mem::size_of::<*const crate::ffi::c_void>();
+        let (align, size) = if layout.align() < min_align {
+            (min_align, layout.size().div_ceil(min_align) * min_align)
+        } else {
+            (layout.align(), layout.size())
+        };
+
         // SAFETY: Returns either NULL or a pointer to a memory allocation that satisfies or
         // exceeds the given size and alignment requirements.
-        let dst = unsafe { libc_aligned_alloc(layout.align(), layout.size()) } as *mut u8;
+        let dst = unsafe { libc_posix_memalign(align, size) } as *mut u8;
         let dst = NonNull::new(dst).ok_or(AllocError)?;
 
         if flags.contains(__GFP_ZERO) {
-            // SAFETY: The preceding calls to `libc_aligned_alloc` and `NonNull::new`
+            // SAFETY: The preceding calls to `libc_posix_memalign` and `NonNull::new`
             // guarantee that `dst` points to memory of at least `layout.size()` bytes.
             unsafe { dst.as_ptr().write_bytes(0, layout.size()) };
         }

---
base-commit: dc58b514a628fc11ab459dccdd6a2f3a916e8f6a
change-id: 20250201-aligned-alloc-b52cb2353c82

Best regards,
-- 
Tamir Duberstein <tamird@gmail.com>
Re: [PATCH v3] rust: allocator_test: use `posix_memalign`
Posted by Danilo Krummrich 10 months, 1 week ago 
On Thu, Feb 06, 2025 at 03:49:00PM -0500, Tamir Duberstein wrote:
> The implementation added in commit dd09538fb409 ("rust: alloc: implement
> `Cmalloc` in module allocator_test") used `aligned_malloc` which has
> implementation-defined requirements of its `alignment` parameter.
> 
> The macOS implementation of `aligned_alloc` appears to be based on
> `posix_memalign` and inherits the stricter requirements of that
> function, causing test failures on macOS.
> 
> Replace `aligned_alloc` with `posix_memalign` and comply with its
> requirements. This ensures uniform behavior across systems.
> 
> Fixes: dd09538fb409 ("rust: alloc: implement `Cmalloc` in module allocator_test")
> 
> Signed-off-by: Tamir Duberstein <tamird@gmail.com>

Let's wait for clarification before moving on. :)

> ---
> I've intentionally not picked up Danilo's Acked-by from v2 because the
> approach has changed quite a bit.
> ---
> Changes in v3:
> - Replace `aligned_malloc` with `posix_memalign` for portability.
> - Link to v2: https://lore.kernel.org/r/20250202-aligned-alloc-v2-1-5af0b5fdd46f@gmail.com
> 
> Changes in v2:
> - Shorten some variable names. (Danilo Krummrich)
> - Replace shadowing alignment variable with a second call to
>   Layout::align. (Danilo Krummrich)
> - Link to v1: https://lore.kernel.org/r/20250201-aligned-alloc-v1-1-c99a73f3cbd4@gmail.com
> ---
>  rust/kernel/alloc/allocator_test.rs | 27 +++++++++++++++++++++++----
>  1 file changed, 23 insertions(+), 4 deletions(-)
> 
> diff --git a/rust/kernel/alloc/allocator_test.rs b/rust/kernel/alloc/allocator_test.rs
> index e3240d16040b..0aa68d955b39 100644
> --- a/rust/kernel/alloc/allocator_test.rs
> +++ b/rust/kernel/alloc/allocator_test.rs
> @@ -23,8 +23,19 @@
>  pub type KVmalloc = Kmalloc;
>  
>  extern "C" {
> -    #[link_name = "aligned_alloc"]
> -    fn libc_aligned_alloc(align: usize, size: usize) -> *mut crate::ffi::c_void;
> +    // NB: `posix_memalign` is intentionally used instead of `aligned_malloc`.
> +    //
> +    // ISO C (ISO/IEC 9899:2011) defines `aligned_malloc`:
> +    //
> +    // > The value of alignment shall be a valid alignment supported by the implementation [...].
> +    //
> +    // POSIX.1-2001 (IEEE 1003.1-2001) defines `posix_memalign`:
> +    //
> +    // > The value of alignment shall be a power of two multiple of sizeof (void *).
> +    //
> +    // `posix_memalign` is more portable than (but otherwise identical to) `aligned_malloc`.
> +    #[link_name = "posix_memalign"]
> +    fn libc_posix_memalign(align: usize, size: usize) -> *mut crate::ffi::c_void;

I don't think this can work. posix_memalign() is defined as follows.

int posix_memalign(void **memptr, size_t alignment, size_t size)

Besides that, I don't think switching to posix_memalign() is desirable, it only
seems to make the code more complicated.
Re: [PATCH v3] rust: allocator_test: use `posix_memalign`
Posted by Tamir Duberstein 10 months, 1 week ago 
On Thu, Feb 6, 2025 at 4:56 PM Danilo Krummrich <dakr@kernel.org> wrote:
>
> On Thu, Feb 06, 2025 at 03:49:00PM -0500, Tamir Duberstein wrote:
> > The implementation added in commit dd09538fb409 ("rust: alloc: implement
> > `Cmalloc` in module allocator_test") used `aligned_malloc` which has
> > implementation-defined requirements of its `alignment` parameter.
> >
> > The macOS implementation of `aligned_alloc` appears to be based on
> > `posix_memalign` and inherits the stricter requirements of that
> > function, causing test failures on macOS.
> >
> > Replace `aligned_alloc` with `posix_memalign` and comply with its
> > requirements. This ensures uniform behavior across systems.
> >
> > Fixes: dd09538fb409 ("rust: alloc: implement `Cmalloc` in module allocator_test")
> >
> > Signed-off-by: Tamir Duberstein <tamird@gmail.com>
>
> Let's wait for clarification before moving on. :)
>
> > ---
> > I've intentionally not picked up Danilo's Acked-by from v2 because the
> > approach has changed quite a bit.
> > ---
> > Changes in v3:
> > - Replace `aligned_malloc` with `posix_memalign` for portability.
> > - Link to v2: https://lore.kernel.org/r/20250202-aligned-alloc-v2-1-5af0b5fdd46f@gmail.com
> >
> > Changes in v2:
> > - Shorten some variable names. (Danilo Krummrich)
> > - Replace shadowing alignment variable with a second call to
> >   Layout::align. (Danilo Krummrich)
> > - Link to v1: https://lore.kernel.org/r/20250201-aligned-alloc-v1-1-c99a73f3cbd4@gmail.com
> > ---
> >  rust/kernel/alloc/allocator_test.rs | 27 +++++++++++++++++++++++----
> >  1 file changed, 23 insertions(+), 4 deletions(-)
> >
> > diff --git a/rust/kernel/alloc/allocator_test.rs b/rust/kernel/alloc/allocator_test.rs
> > index e3240d16040b..0aa68d955b39 100644
> > --- a/rust/kernel/alloc/allocator_test.rs
> > +++ b/rust/kernel/alloc/allocator_test.rs
> > @@ -23,8 +23,19 @@
> >  pub type KVmalloc = Kmalloc;
> >
> >  extern "C" {
> > -    #[link_name = "aligned_alloc"]
> > -    fn libc_aligned_alloc(align: usize, size: usize) -> *mut crate::ffi::c_void;
> > +    // NB: `posix_memalign` is intentionally used instead of `aligned_malloc`.
> > +    //
> > +    // ISO C (ISO/IEC 9899:2011) defines `aligned_malloc`:
> > +    //
> > +    // > The value of alignment shall be a valid alignment supported by the implementation [...].
> > +    //
> > +    // POSIX.1-2001 (IEEE 1003.1-2001) defines `posix_memalign`:
> > +    //
> > +    // > The value of alignment shall be a power of two multiple of sizeof (void *).
> > +    //
> > +    // `posix_memalign` is more portable than (but otherwise identical to) `aligned_malloc`.
> > +    #[link_name = "posix_memalign"]
> > +    fn libc_posix_memalign(align: usize, size: usize) -> *mut crate::ffi::c_void;
>
> I don't think this can work. posix_memalign() is defined as follows.
>
> int posix_memalign(void **memptr, size_t alignment, size_t size)

That's embarrassing! You're right of course, and yet somehow it worked
when I tested.

> Besides that, I don't think switching to posix_memalign() is desirable, it only
> seems to make the code more complicated.

It does make the code more complicated but prevents "works on my
machine" problems cropping up in the future.

I'm happy to wait for clarification, I'm just not sure whose court the
ball is in.
Re: [PATCH v3] rust: allocator_test: use `posix_memalign`
Posted by Miguel Ojeda 10 months, 1 week ago 
On Fri, Feb 7, 2025 at 12:43 PM Tamir Duberstein <tamird@gmail.com> wrote:
>
> I'm happy to wait for clarification, I'm just not sure whose court the
> ball is in.

Ideally Alejandro would clarify, who I Cc'd in the previous thread (he
was not Cc'd here, by the way).

Anyway, I agree with Danilo that we shouldn't overcomplicate just for
this. Using the previous patch, but being clear about that we are
using stricter requirements so that it works on macOS too, should be
fine I think. But I trust Danilo to decide which approach is best for
maintaining this.

Cheers,
Miguel
Re: [PATCH v3] rust: allocator_test: use `posix_memalign`
Posted by Tamir Duberstein 10 months, 1 week ago 
On Fri, Feb 7, 2025 at 7:19 AM Miguel Ojeda
<miguel.ojeda.sandonis@gmail.com> wrote:
>
> On Fri, Feb 7, 2025 at 12:43 PM Tamir Duberstein <tamird@gmail.com> wrote:
> >
> > I'm happy to wait for clarification, I'm just not sure whose court the
> > ball is in.
>
> Ideally Alejandro would clarify, who I Cc'd in the previous thread (he
> was not Cc'd here, by the way).

Sorry about that.

> Anyway, I agree with Danilo that we shouldn't overcomplicate just for
> this. Using the previous patch, but being clear about that we are
> using stricter requirements so that it works on macOS too, should be
> fine I think. But I trust Danilo to decide which approach is best for
> maintaining this.
>
> Cheers,
> Miguel

Seems there's consensus on the previous patch. I've reworded it and
will send it in v4 next week to allow Alejandro some time to weigh in.

Thanks.
Tamir

Patchew 2.1-devel-b67e4c2

© 2016 - 2025 Red Hat, Inc.