New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix mprotect failures by enabling cranelift-jit selinux-fix #5204
Conversation
See #4986 |
The sample program in cranelift/filetests/src/function_runner.rs would abort with an mprotect failure under certain circumstances, see bytecodealliance#4453 (comment) Root cause was that enabling PROT_EXEC on the main process heap may be prohibited, depending on Linux distro and version. This only shows up in the doc test sample program because the main clif-util is multi-threaded and therefore allocations will happen on glibc's per-thread heap, which is allocated via mmap, and not the main process heap. Work around the problem by enabling the "selinux-fix" feature of the cranelift-jit crate dependency in the filetests. Note that this didn't compile out of the box, so a separate fix is also required and provided as part of this PR. Going forward, it would be preferable to always use mmap to allocate the backing memory for JITted code.
3121ccc
to
fec18b5
Compare
Updated cfg checks to prevent breaking windows builds with selinux-fix. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This PR is equivalent to fixing #4986 by turning the selinux-fix
feature on for everybody. I think this is a good idea, but if we're going to do that, I think we should do two things:
- Benchmark the runtime performance impact of this change on Linux.
- Remove all the
cfg
attributes forselinux-fix
and just use that path unconditionally (except on Windows, I guess).
The intent of the PR is to turn on I agree that we should move to |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Oh, yeah, I mis-read this. Okay, looks good to me!
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I have also been bitten by this error in the past... thanks for fixing it!
The sample program in cranelift/filetests/src/function_runner.rs would abort with an mprotect failure under certain circumstances, see #4453 (comment)
Root cause was that enabling PROT_EXEC on the main process heap may be prohibited, depending on Linux distro and version.
This only shows up in the doc test sample program because the main clif-util is multi-threaded and therefore allocations will happen on glibc's per-thread heap, which is allocated via mmap, and not the main process heap.
Work around the problem by enabling the "selinux-fix" feature of the cranelift-jit crate dependency in the filetests. Note that this didn't compile out of the box, so a separate fix is also required and provided as part of this PR.
Going forward, it would be preferable to always use mmap to allocate the backing memory for JITted code.
CC @cfallin @afonso360