rbpf icon indicating copy to clipboard operation
rbpf copied to clipboard
verified publisher icon qmonnet

jit: Enable JIT without "std" feature, but with global alloc

Open nathanjsweet opened this issue 5 months ago • 6 comments

Add a new "alloc" feature that indicates that the crate importing rbpf has an implementation of the GlobalAlloc trait. Memory protection is ignored in the "no_std" environment.

nathanjsweet avatar Jun 30 '25 19:06 nathanjsweet

Hi Nate, nice to hear from you :slightly_smiling_face: and thanks a lot for this work!

I haven't looked at the details yet, but have you looked at the work from https://github.com/qmonnet/rbpf/pull/125? The JIT should be available in no_std now (I see the README.md is outdated in that regard). Is your PR adding something else, or are you trying to achieve the same?

qmonnet avatar Jul 02 '25 20:07 qmonnet

Yes I saw #125, but passing the library a pointer of bytes creates problems for my use case. Now I have to track those bytes when I don't want to. I would much rather implement GlobalAlloc. Core library crates that have strong use cases for running without "std" use the "alloc" feature coupled with a use of the core::alloc. Both the crossbeam-queue, and the futures-util implement no-std support thus. Definitely some documentation changes are in order regardless of the change. Thanks for taking the time :pray: !

nathanjsweet avatar Jul 03 '25 15:07 nathanjsweet

In this case, the rbpf library cannot ensure that the memory has executable permissions. Developers need to ensure that the memory allocated by GlobalAlloc has executable permissions, which seems unreasonable and dangerous.

Godones avatar Jul 11 '25 12:07 Godones

I cleaned up the commit which had some whitespace issues.

@Godones

In this case, the rbpf library cannot ensure that the memory has executable permissions. Developers need to ensure that the memory allocated by GlobalAlloc has executable permissions, which seems unreasonable and dangerous.

Only if they turn on the alloc feature, which is almost always in a kernel or/and embedded environment (which can't offer executable protection). This commit is specifically for this scenario.

nathanjsweet avatar Jul 11 '25 15:07 nathanjsweet

We also need to adjust the CI runs, where we build with --all-features. Is there a way to make --all-features do all-features-but-actually-not-mutually-exclusive-ones in Rust/Cargo?

qmonnet avatar Jul 31 '25 21:07 qmonnet

@qmonnet

Sorry for the late reply.

We also need to adjust the CI runs, where we build with --all-features. Is there a way to make --all-features do all-features-but-actually-not-mutually-exclusive-ones in Rust/Cargo?

I've broken this down so that the exclusivity is accounted for in the tests. I've added a warning to the README that informs developers that they will have to update the matrix in order to gain test coverage.

I've also added some basic build coverage for the alloc feature.

nathanjsweet avatar Nov 24 '25 17:11 nathanjsweet