Skip to content

(draft) jsonbuilder: better handling of memory allocation errors - v1#8847

Closed
jasonish wants to merge 3 commits into
OISF:masterfrom
jasonish:jsonbuilder-alloc/v1
Closed

(draft) jsonbuilder: better handling of memory allocation errors - v1#8847
jasonish wants to merge 3 commits into
OISF:masterfrom
jasonish:jsonbuilder-alloc/v1

Conversation

@jasonish
Copy link
Copy Markdown
Member

@jasonish jasonish commented May 9, 2023

Wrap (most) growth of the internal buffer in methods that first try to reserve
the required data and return a Result if unable to do so. The idea being we
return error on memory failures rather than panic/abort.

Ticket: https://redmine.openinfosecfoundation.org/issues/6057

jasonish added 3 commits May 9, 2023 10:13
@jasonish
jsonbuilder: rustfmt
4ec17c5 
Some very minor changes to formatting.
@jasonish
jsonbuilder: make "new" fallible
390ebf7 
Convert "new_object" and "new_array" functions that return a Result
and use "try_reserve" to allocate the amount of data requested. This
should allow memory allocation errors to be detected and handled in a
Rust-ful matter without resorting to catching a panic.

Ticket: OISF#6057
@jasonish
jsonbuilder: check allocation when growing buffer
9679a07 
Provide a wrapper around "push" and "push_str" on the internal buffer
that will "try_reserve" data before growing in an attempt to handle
memory allocation errors.

Ticket: OISF#6057
@jasonish jasonish requested a review from jufajardini as a code owner May 9, 2023 16:15
@jasonish
Copy link
Copy Markdown
Member Author

jasonish commented May 9, 2023

@catenacyber Still draft, but I'd appreciate your thoughts on this.

jasonish
jasonish commented May 9, 2023
View reviewed changes
Comment thread rust/src/jsonbuilder.rs
/// return an error if unable to.
pub fn push_str(&mut self, s: &str) -> Result<&mut Self, JsonError> {
if self.buf.capacity() < self.buf.len() + s.len() {
self.buf.try_reserve(INIT_SIZE)?;
Copy link
Copy Markdown
Member Author

@jasonish jasonish May 9, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't like the doubling that many allocators do, but this should at least check try_reserve the max of INIT_SIZE or s.len()...

Copy link
Copy Markdown
Contributor

@catenacyber catenacyber May 9, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There is no try_push, right ?

Copy link
Copy Markdown
Member Author

@jasonish jasonish May 9, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There is no try_push, right ?

No. But push, push_str won't allocated unless they need to, which they won't if we try_reserve first.

@suricata-qa
Copy link
Copy Markdown

suricata-qa commented May 9, 2023

WARNING:

field baseline test %
SURI_TLPW1_stats_chk
.tcp.rst 113274 145022 128.03%

Pipeline 13704

@catenacyber
Copy link
Copy Markdown
Contributor

catenacyber commented May 9, 2023

Still draft, but I'd appreciate your thoughts on this.

Looks cool.
How do you know if you are complete ?
And future-proof ? (that when I add a new jb_push_sha1 or whatever, I do not add allocations without checks)

@jasonish
Copy link
Copy Markdown
Member Author

jasonish commented May 9, 2023

And future-proof ? (that when I add a new jb_push_sha1 or whatever, I do not add allocations without checks)

You don't really. This is very much an active effort to opt-in to. The only thing I can think of is making the internal buffer harder to access, so you have to think twice about it. So open to ideas... I guess its a bit like return values in C.. Nothing forces you to, but its a good idea :)

@jasonish jasonish mentioned this pull request May 9, 2023
Closed
@jasonish
Copy link
Copy Markdown
Member Author

jasonish commented May 9, 2023

A more complete version is now up here: #8855

@jasonish jasonish closed this May 9, 2023
@jasonish jasonish deleted the jsonbuilder-alloc/v1 branch May 31, 2023 21:29
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@catenacyber catenacyber catenacyber left review comments

@jufajardini jufajardini Awaiting requested review from jufajardini

Assignees

No one assigned

Labels

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@jasonish @suricata-qa @catenacyber