Re: [PATCH v2] rust: alloc: satisfy `aligned_alloc` requirements

From: Tamir Duberstein
Date: Thu Feb 06 2025 - 13:11:28 EST

Next message: Stefan Hajnoczi: "Re: [PATCH v6 01/26] fuse: Fix dax truncate/punch_hole fault path"
Previous message: Andrey Konovalov: "Re: [PATCH 00/15] kasan: x86: arm64: risc-v: KASAN tag-based mode for x86"
In reply to: Danilo Krummrich: "Re: [PATCH v2] rust: alloc: satisfy `aligned_alloc` requirements"
Next in thread: Miguel Ojeda: "Re: [PATCH v2] rust: alloc: satisfy `aligned_alloc` requirements"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Feb 6, 2025 at 1:04 PM Danilo Krummrich <dakr@xxxxxxxxxx> wrote:
>
> On Thu, Feb 06, 2025 at 06:56:38PM +0100, Miguel Ojeda wrote:
> > On Sun, Feb 2, 2025 at 12:27 PM Tamir Duberstein <tamird@xxxxxxxxx> wrote:
> > >
> > > requirements of `aligned_alloc`. These requirements may not be enforced
> > > on all systems, but they are on macOS. Ensure that alignment is at least
> >
> > Which requirements? `aligned_alloc` comes from ISO C, and POSIX says
> > it is aligned with it; i.e. the change to make it work in macOS seems
> > fine, but please see below.
> >
> > > + // According to `man aligned_alloc`:
> > > + //
> > > + // aligned_alloc() returns a NULL pointer and sets errno to EINVAL if size is not an
> > > + // integral multiple of alignment, or if alignment is not a power of 2 at least as large as
> > > + // sizeof(void *).
> >
> > These requirements seem to come from the macOS man pages, not the
> > actual specification. The C one seems required to fail on invalid
> > alignments, but is the set of those the ones that macOS mentions? (It
> > seems the history of the requirements of that function is convoluted
> > and involves at least a DR, and glibc is very lax, more than
> > apparently its docs say)
>
> I previously checked man posix_memalign(3) and it says:
>
> ERRORS
> EINVAL The alignment argument was not a power of two, or was not a
> multiple of sizeof(void *).

Right. The best description seems to be on
https://en.cppreference.com/w/c/memory/aligned_alloc. ISO C says:

> If the value of alignment is not a valid alignment supported by the implementation, a null pointer shall be returned.

Meanwhile POSIX says of posix_memalign:

> The posix_memalign() function shall fail if:
>
> [EINVAL]
> The value of the alignment parameter is not a power of two multiple of sizeof(void *).

The note on cppreference addresses this:

> As an example of the "supported by the implementation" requirement, POSIX
> function posix_memalign accepts any alignment that is a power of two and a
> multiple of sizeof(void *), and POSIX-based implementations of aligned_alloc
> inherit this requirements.

I could rework this patch to use posix_memalign which seems to be more
completely defined, or I can try to capture all this detail in a code
comment and the commit message. What do you folks prefer?

Next message: Stefan Hajnoczi: "Re: [PATCH v6 01/26] fuse: Fix dax truncate/punch_hole fault path"
Previous message: Andrey Konovalov: "Re: [PATCH 00/15] kasan: x86: arm64: risc-v: KASAN tag-based mode for x86"
In reply to: Danilo Krummrich: "Re: [PATCH v2] rust: alloc: satisfy `aligned_alloc` requirements"
Next in thread: Miguel Ojeda: "Re: [PATCH v2] rust: alloc: satisfy `aligned_alloc` requirements"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]