From d9edde4ae2cd3e5350c3a981f6715de9f2457196 Mon Sep 17 00:00:00 2001 From: Igor Kudrin Date: Fri, 7 Oct 2016 08:48:28 +0000 Subject: [PATCH] Recommit r282692: [libc++abi] Use fallback_malloc to allocate __cxa_eh_globals in case of dynamic memory exhaustion. Throwing an exception for the first time may lead to call calloc to allocate memory for __cxa_eh_globals. If the memory pool is exhausted at that moment, it results in abnormal termination of the program. This patch addresses the issue by using fallback_malloc in that case. In this revision, some restrictions were added into the test to not run it in unsuitable environments. Differential Revision: https://reviews.llvm.org/D17815 llvm-svn: 283531 --- libcxxabi/src/CMakeLists.txt | 1 + libcxxabi/src/cxa_exception.cpp | 28 ++------ libcxxabi/src/cxa_exception_storage.cpp | 6 +- .../{fallback_malloc.ipp => fallback_malloc.cpp} | 74 ++++++++++++++++------ libcxxabi/src/fallback_malloc.h | 31 +++++++++ .../test/test_exception_storage_nodynmem.pass.cpp | 40 ++++++++++++ libcxxabi/test/test_fallback_malloc.pass.cpp | 2 +- 7 files changed, 138 insertions(+), 44 deletions(-) rename libcxxabi/src/{fallback_malloc.ipp => fallback_malloc.cpp} (82%) create mode 100644 libcxxabi/src/fallback_malloc.h create mode 100644 libcxxabi/test/test_exception_storage_nodynmem.pass.cpp diff --git a/libcxxabi/src/CMakeLists.txt b/libcxxabi/src/CMakeLists.txt index d951292..7cbfdf5 100644 --- a/libcxxabi/src/CMakeLists.txt +++ b/libcxxabi/src/CMakeLists.txt @@ -12,6 +12,7 @@ set(LIBCXXABI_SOURCES cxa_vector.cpp cxa_virtual.cpp exception.cpp + fallback_malloc.cpp private_typeinfo.cpp stdexcept.cpp typeinfo.cpp diff --git a/libcxxabi/src/cxa_exception.cpp b/libcxxabi/src/cxa_exception.cpp index 603f869..757b3d4 100644 --- a/libcxxabi/src/cxa_exception.cpp +++ b/libcxxabi/src/cxa_exception.cpp @@ -15,13 +15,10 @@ #include "cxxabi.h" #include // for std::terminate -#include // for malloc, free #include // for memset -#ifndef _LIBCXXABI_HAS_NO_THREADS -# include // for fallback_malloc.ipp's mutexes -#endif #include "cxa_exception.hpp" #include "cxa_handlers.hpp" +#include "fallback_malloc.h" // +---------------------------+-----------------------------+---------------+ // | __cxa_exception | _Unwind_Exception CLNGC++\0 | thrown object | @@ -104,20 +101,6 @@ static inline int decrementHandlerCount(__cxa_exception *exception) { return --exception->handlerCount; } -#include "fallback_malloc.ipp" - -// Allocate some memory from _somewhere_ -static void *do_malloc(size_t size) { - void *ptr = std::malloc(size); - if (NULL == ptr) // if malloc fails, fall back to emergency stash - ptr = fallback_malloc(size); - return ptr; -} - -static void do_free(void *ptr) { - is_fallback_ptr(ptr) ? fallback_free(ptr) : std::free(ptr); -} - /* If reason isn't _URC_FOREIGN_EXCEPTION_CAUGHT, then the terminateHandler stored in exc is called. Otherwise the exceptionDestructor stored in @@ -158,7 +141,8 @@ extern "C" { // user's exception object. _LIBCXXABI_FUNC_VIS void *__cxa_allocate_exception(size_t thrown_size) throw() { size_t actual_size = cxa_exception_size_from_exception_thrown_size(thrown_size); - __cxa_exception* exception_header = static_cast<__cxa_exception*>(do_malloc(actual_size)); + __cxa_exception *exception_header = + static_cast<__cxa_exception *>(__malloc_with_fallback(actual_size)); if (NULL == exception_header) std::terminate(); std::memset(exception_header, 0, actual_size); @@ -168,7 +152,7 @@ _LIBCXXABI_FUNC_VIS void *__cxa_allocate_exception(size_t thrown_size) throw() { // Free a __cxa_exception object allocated with __cxa_allocate_exception. _LIBCXXABI_FUNC_VIS void __cxa_free_exception(void *thrown_object) throw() { - do_free(cxa_exception_from_thrown_object(thrown_object)); + __free_with_fallback(cxa_exception_from_thrown_object(thrown_object)); } @@ -177,7 +161,7 @@ _LIBCXXABI_FUNC_VIS void __cxa_free_exception(void *thrown_object) throw() { // Otherwise, it will work like __cxa_allocate_exception. void * __cxa_allocate_dependent_exception () { size_t actual_size = sizeof(__cxa_dependent_exception); - void *ptr = do_malloc(actual_size); + void *ptr = __malloc_with_fallback(actual_size); if (NULL == ptr) std::terminate(); std::memset(ptr, 0, actual_size); @@ -188,7 +172,7 @@ void * __cxa_allocate_dependent_exception () { // This function shall free a dependent_exception. // It does not affect the reference count of the primary exception. void __cxa_free_dependent_exception (void * dependent_exception) { - do_free(dependent_exception); + __free_with_fallback(dependent_exception); } diff --git a/libcxxabi/src/cxa_exception_storage.cpp b/libcxxabi/src/cxa_exception_storage.cpp index 235b0cf..ec69094 100644 --- a/libcxxabi/src/cxa_exception_storage.cpp +++ b/libcxxabi/src/cxa_exception_storage.cpp @@ -45,8 +45,8 @@ extern "C" { #else #include -#include // for calloc, free #include "abort_message.h" +#include "fallback_malloc.h" // In general, we treat all pthread errors as fatal. // We cannot call std::terminate() because that will in turn @@ -58,7 +58,7 @@ namespace { pthread_once_t flag_ = PTHREAD_ONCE_INIT; void destruct_ (void *p) { - std::free ( p ); + __free_with_fallback ( p ); if ( 0 != ::pthread_setspecific ( key_, NULL ) ) abort_message("cannot zero out thread value for __cxa_get_globals()"); } @@ -77,7 +77,7 @@ extern "C" { // If this is the first time we've been asked for these globals, create them if ( NULL == retVal ) { retVal = static_cast<__cxa_eh_globals*> - (std::calloc (1, sizeof (__cxa_eh_globals))); + (__calloc_with_fallback (1, sizeof (__cxa_eh_globals))); if ( NULL == retVal ) abort_message("cannot allocate __cxa_eh_globals"); if ( 0 != pthread_setspecific ( key_, retVal ) ) diff --git a/libcxxabi/src/fallback_malloc.ipp b/libcxxabi/src/fallback_malloc.cpp similarity index 82% rename from libcxxabi/src/fallback_malloc.ipp rename to libcxxabi/src/fallback_malloc.cpp index 1d8f8a3..a436ed0 100644 --- a/libcxxabi/src/fallback_malloc.ipp +++ b/libcxxabi/src/fallback_malloc.cpp @@ -1,19 +1,24 @@ -//===------------------------ fallback_malloc.ipp -------------------------===// +//===------------------------ fallback_malloc.cpp -------------------------===// // // The LLVM Compiler Infrastructure // // This file is dual licensed under the MIT and the University of Illinois Open // Source Licenses. See LICENSE.TXT for details. // -// -// This file implements the "Exception Handling APIs" -// http://mentorembedded.github.io/cxx-abi/abi-eh.html -// //===----------------------------------------------------------------------===// +#include "fallback_malloc.h" + #include "config.h" -// A small, simple heap manager based (loosely) on +#include // for malloc, calloc, free +#include // for memset + +#ifndef _LIBCXXABI_HAS_NO_THREADS +#include // for mutexes +#endif + +// A small, simple heap manager based (loosely) on // the startup heap manager from FreeBSD, optimized for space. // // Manages a fixed-size memory pool, supports malloc and free only. @@ -49,9 +54,9 @@ private: #endif }; - -#define HEAP_SIZE 512 -char heap [ HEAP_SIZE ]; + +static const size_t HEAP_SIZE = 512; +char heap [ HEAP_SIZE ] __attribute__((aligned)); typedef unsigned short heap_offset; typedef unsigned short heap_size; @@ -69,13 +74,13 @@ heap_node *node_from_offset ( const heap_offset offset ) heap_offset offset_from_node ( const heap_node *ptr ) { return static_cast(static_cast(reinterpret_cast(ptr) - heap) / sizeof (heap_node)); } - + void init_heap () { freelist = (heap_node *) heap; freelist->next_node = offset_from_node ( list_end ); freelist->len = HEAP_SIZE / sizeof (heap_node); } - + // How big a chunk we allocate size_t alloc_size (size_t len) { return (len + sizeof(heap_node) - 1) / sizeof(heap_node) + 1; } @@ -87,12 +92,12 @@ void *fallback_malloc(size_t len) { heap_node *p, *prev; const size_t nelems = alloc_size ( len ); mutexor mtx ( &heap_mutex ); - + if ( NULL == freelist ) init_heap (); // Walk the free list, looking for a "big enough" chunk - for (p = freelist, prev = 0; + for (p = freelist, prev = 0; p && p != list_end; prev = p, p = node_from_offset ( p->next_node)) { if (p->len > nelems) { // chunk is larger, shorten, and return the tail @@ -104,7 +109,7 @@ void *fallback_malloc(size_t len) { q->len = static_cast(nelems); return (void *) (q + 1); } - + if (p->len == nelems) { // exact size match if (prev == 0) freelist = node_from_offset(p->next_node); @@ -130,7 +135,7 @@ void fallback_free (void *ptr) { std::cout << "Freeing item at " << offset_from_node ( cp ) << " of size " << cp->len << std::endl; #endif - for (p = freelist, prev = 0; + for (p = freelist, prev = 0; p && p != list_end; prev = p, p = node_from_offset (p->next_node)) { #ifdef DEBUG_FALLBACK_MALLOC std::cout << " p, cp, after (p), after(cp) " @@ -174,10 +179,10 @@ size_t print_free_list () { heap_size total_free = 0; if ( NULL == freelist ) init_heap (); - - for (p = freelist, prev = 0; + + for (p = freelist, prev = 0; p && p != list_end; prev = p, p = node_from_offset (p->next_node)) { - std::cout << ( prev == 0 ? "" : " ") << "Offset: " << offset_from_node ( p ) + std::cout << ( prev == 0 ? "" : " ") << "Offset: " << offset_from_node ( p ) << "\tsize: " << p->len << " Next: " << p->next_node << std::endl; total_free += p->len; } @@ -186,3 +191,36 @@ size_t print_free_list () { } #endif } // end unnamed namespace + +namespace __cxxabiv1 { + +#pragma GCC visibility push(hidden) + +void * __malloc_with_fallback(size_t size) { + void *ptr = std::malloc(size); + if (NULL == ptr) // if malloc fails, fall back to emergency stash + ptr = fallback_malloc(size); + return ptr; +} + +void * __calloc_with_fallback(size_t count, size_t size) { + void *ptr = std::calloc(count, size); + if (NULL != ptr) + return ptr; + // if calloc fails, fall back to emergency stash + ptr = fallback_malloc(size * count); + if (NULL != ptr) + std::memset(ptr, 0, size * count); + return ptr; +} + +void __free_with_fallback(void *ptr) { + if (is_fallback_ptr(ptr)) + fallback_free(ptr); + else + std::free(ptr); +} + +#pragma GCC visibility pop + +} // namespace __cxxabiv1 diff --git a/libcxxabi/src/fallback_malloc.h b/libcxxabi/src/fallback_malloc.h new file mode 100644 index 0000000..1078442 --- /dev/null +++ b/libcxxabi/src/fallback_malloc.h @@ -0,0 +1,31 @@ +//===------------------------- fallback_malloc.h --------------------------===// +// +// The LLVM Compiler Infrastructure +// +// This file is dual licensed under the MIT and the University of Illinois Open +// Source Licenses. See LICENSE.TXT for details. +// +//===----------------------------------------------------------------------===// + +#ifndef _FALLBACK_MALLOC_H +#define _FALLBACK_MALLOC_H + +#include // for size_t + +namespace __cxxabiv1 { + +#pragma GCC visibility push(hidden) + +// Allocate some memory from _somewhere_ +void * __malloc_with_fallback(size_t size); + +// Allocate and zero-initialize memory from _somewhere_ +void * __calloc_with_fallback(size_t count, size_t size); + +void __free_with_fallback(void *ptr); + +#pragma GCC visibility pop + +} // namespace __cxxabiv1 + +#endif diff --git a/libcxxabi/test/test_exception_storage_nodynmem.pass.cpp b/libcxxabi/test/test_exception_storage_nodynmem.pass.cpp new file mode 100644 index 0000000..0354c34 --- /dev/null +++ b/libcxxabi/test/test_exception_storage_nodynmem.pass.cpp @@ -0,0 +1,40 @@ +//===--------------- test_exception_storage_nodynmem.cpp ------------------===// +// +// The LLVM Compiler Infrastructure +// +// This file is dual licensed under the MIT and the University of Illinois Open +// Source Licenses. See LICENSE.TXT for details. +// +//===----------------------------------------------------------------------===// + +// UNSUPPORTED: libcxxabi-no-exceptions + +// cxa_exception_storage does not use dynamic memory in the single thread mode. +// UNSUPPORTED: libcpp-has-no-threads + +// Our overwritten calloc() is not compatible with these sanitizers. +// UNSUPPORTED: msan, tsan + +#include +#include + +static bool OverwrittenCallocCalled = false; + +// Override calloc to simulate exhaustion of dynamic memory +void *calloc(size_t, size_t) { + OverwrittenCallocCalled = true; + return 0; +} + +int main(int argc, char *argv[]) { + // Run the test a couple of times + // to ensure that fallback memory doesn't leak. + for (int I = 0; I < 1000; ++I) + try { + throw 42; + } catch (...) { + } + + assert(OverwrittenCallocCalled); + return 0; +} diff --git a/libcxxabi/test/test_fallback_malloc.pass.cpp b/libcxxabi/test/test_fallback_malloc.pass.cpp index 3eed3f4..474e0b3 100644 --- a/libcxxabi/test/test_fallback_malloc.pass.cpp +++ b/libcxxabi/test/test_fallback_malloc.pass.cpp @@ -16,7 +16,7 @@ typedef std::deque container; // #define DEBUG_FALLBACK_MALLOC #define INSTRUMENT_FALLBACK_MALLOC -#include "../src/fallback_malloc.ipp" +#include "../src/fallback_malloc.cpp" container alloc_series ( size_t sz ) { container ptrs; -- 2.7.4