How to fix WSL ubuntu dart memory map snapshot issue?

Question

So I am trying to run flutter github repository through wsl on windows 10 along with dart. But I keep getting this error

    ../../runtime/bin/snapshot_utils.cc: 143: error: Failed to memory map snapshot: /usr/lib/dart/bin/snapshots/dartdev.dart.snapshot

version=2.15.1 (stable) (Unknown timestamp) on "linux_x64"
pid=2051, thread=2054, isolate_group=(nil)((nil)), isolate=(nil)((nil))
isolate_instructions=0, vm_instructions=7fed37fef680
  pc 0x00007fed3824efcc fp 0x00007fed3575fb90 dart::Profiler::DumpStackTrace(void*)+0x7c
  pc 0x00007fed37fef834 fp 0x00007fed3575fc70 dart::Assert::Fail(char const*, ...) const+0x84
  pc 0x00007fed37fc7a0d fp 0x00007fed3575fd10 dart::bin::Snapshot::TryReadAppSnapshot(char const*, bool, bool)+0x28d
  pc 0x00007fed37fcb296 fp 0x00007fed3575fdb0 dart+0x1dcf296
  pc 0x00007fed37fc8cc2 fp 0x00007fed3575fe30 dart::bin::DartDevIsolate::DartDevRunner::RunCallback(unsigned long)+0x62
  pc 0x00007fed3810ca82 fp 0x00007fed3575fe70 dart+0x1f10a82
-- End of DumpStackTrace
Aborted (core dumped)

I have added everything to path as it had mentioned on dart and flutter docs, and followed the exact steps 1 by 1.

Answer 1

Alright, I put some effort into this problem, and found a solution that may not worth it.

As dart-lang#46749 pointed out, this is actually caused by a bug of mmap() in WSL, and it was triggered by this commit, or specifically, changes in this file. As the commit message suggested, this change is an optimization for branch prediction, therefore, it should be safe to revert it. The regular way is to rebuild the dart SDK with the line hint = reinterpret_cast<void*>(&Dart_Initialize); in runtime/bin/file_linux.cc removed (unverified). Surely that's not something people willing to do, and me neither. Instead, I tried to patch the binary of dart-sdk/bin/dart to remove the instruction doing that assignment.

The effective operation is quite simple: change a mov in a specific location into a nop. As the exact address of that instruction may change in different builds, one may have to follow these steps to find that address:

With the command

readelf -sC --wide dart-sdk/bin/dart | grep File::Map

you will get something similar to

11681: 000000000221cee0   138 FUNC    GLOBAL DEFAULT   14 dart::bin::File::Map(dart::bin::File::MapType, long, long, void*)

where 000000000221cee0 is the address of the problematic function.

You may examine the assembly of that function with

objdump -dC --show-raw-insn --disassemble="dart::bin::File::Map(dart::bin::File::MapType, long, long, void*)" dart-sdk/bin/dart

and the instruction to be removed is

48 8b 04 c8             mov    (%rax,%rcx,8),%rax

after a lea to 280df80. Or you may skip viewing the assembly, as it's irrelevant to the actual patching.

Finally we come to the key operation, but also the hardest one: edit the binary to remove that instruction. It's more complicated than one may think and I don't know a good way to do it. With little-endian byte order, the hex sequence is twisted when the elf is viewed by a hex editor, so it's difficult to modify the binary by hand. I found the tool radare2 to do this.

First, launch radare2 in write mode:

radare2 -w dart-sdk/bin/dart 

Then an interactive prompt will pop up. Enter aaaa and wait the analysis to finish.

After that, enter s 0x221cee0 to jump to the problematic function, where 0x221cee0 is the address found by readelf previously.

Enter Vpc and the assembly of that function will show up. Move the cursor with arrow keys to the mov instruction after lea rax, [0x0280df80]. In my case, it's at 0x0221cf02.

Press key w o a and you will be prompted to type an instruction to replace the original mov instruction. Enter nop, so that this instruction is skipped.

Press Esc and enter q to exit. All done.

As this operation modifies the binary, you should have the original one backed up beforehand.

This method surely looks overly complicated, but the major difficulty is only in the step replacing that instruction. Perhaps all the magic in radare2 can be done in a single command, but now I have no energy to find it after discovering this solution.