This is an archive of the discontinued LLVM Phabricator instance.

Differential D47327

Check that memory allocation succeeds before use.
Needs ReviewPublic

Authored by trixirt on May 24 2018, 7:13 AM.

Details

Reviewers
pete
sanjoy
Summary

Check that memory allocation succeeds before use.
Rename variable DescInfo to DI for consistency.

Diff Detail

Repository
rL LLVM

Event Timeline

trixirt created this revision.May 24 2018, 7:13 AM
Herald added a subscriber: llvm-commits. · View Herald TranscriptMay 24 2018, 7:13 AM
labath added a subscriber: labath.May 24 2018, 7:47 AM

Isn't this just dead code? a non-nothrow new will never return null http://en.cppreference.com/w/cpp/memory/new/operator_new

trixirt added a comment.May 24 2018, 9:24 AM

I will change this to try-catch

sanjoy added a comment.May 24 2018, 10:11 AM
In D47327#1111214, @trixirt wrote:

I will change this to try-catch

We don't use exceptions in LLVM.

Can you elaborate on what the bigger picture is? LLVM is *not* robust against allocation failures, and fixing just this bit won't change anything.

trixirt updated this revision to Diff 148462.May 24 2018, 12:17 PM

use nothrow version of new

trixirt added a comment.May 24 2018, 1:12 PM

As llvm is mostly an api, i assumed that it would be robust and this was a one-off.
Anything big should be done automagically, so i am going to look at sic-ing clang-tidy and/or the static analyzer at this problem.

The lack of exception handling i can understand for performance reasons but it does put normal use of the std library in a bind if like this case the default uses exceptions.

It would be nice if there was project wide design on how to handle exceptions/errors.
If there is please point me at it.

sanjoy added a comment.May 24 2018, 1:39 PM
In D47327#1111520, @trixirt wrote:

As llvm is mostly an api, i assumed that it would be robust and this was a one-off.
Anything big should be done automagically, so i am going to look at sic-ing clang-tidy and/or the static analyzer at this problem.

Before spending time on this, I'd suggest asking on llvm-dev@ about whether we _should_ make LLVM robust against allocation failures. I believe (but you should still ask) the consensus will be that it isn't worth the engineering complexity to make LLVM as a library robust against allocation failures, and that if you do want this, the right fix is to fork out to LLVM as a separate process.

The lack of exception handling i can understand for performance reasons but it does put normal use of the std library in a bind if like this case the default uses exceptions.

It would be nice if there was project wide design on how to handle exceptions/errors.
If there is please point me at it.

https://llvm.org/docs/CodingStandards.html#do-not-use-rtti-or-exceptions

trixirt added a comment.May 24 2018, 4:07 PM

I agree on the consensus building.

However I can see the problem of default new not returning nullptr being a general problem.
So something automagic needs to be created if it doesn't exist already.

sanjoy resigned from this revision.Jan 29 2022, 5:30 PM

Revision Contents

PathSize
lib/
IR/
45 lines

Diff 148462

lib/IR/User.cpp

Show First 20 LinesShow All 115 Lines▼ Show 20 Linesvoid *User::allocateFixedOperandUser(size_t Size, unsigned Us,
static_assert(sizeof(DescriptorInfo) % sizeof(void *) == 0, "Required below"); static_assert(sizeof(DescriptorInfo) % sizeof(void *) == 0, "Required below");
unsigned DescBytesToAllocate = unsigned DescBytesToAllocate =
DescBytes == 0 ? 0 : (DescBytes + sizeof(DescriptorInfo)); DescBytes == 0 ? 0 : (DescBytes + sizeof(DescriptorInfo));
assert(DescBytesToAllocate % sizeof(void *) == 0 && assert(DescBytesToAllocate % sizeof(void *) == 0 &&
"We need this to satisfy alignment constraints for Uses"); "We need this to satisfy alignment constraints for Uses");
User *Obj = nullptr;
uint8_t *Storage = static_cast<uint8_t *>( uint8_t *Storage = static_cast<uint8_t *>(
::operator new(Size + sizeof(Use) * Us + DescBytesToAllocate)); ::operator new(Size + sizeof(Use) * Us + DescBytesToAllocate, std::nothrow));
if (Storage != nullptr) {
Use *Start = reinterpret_cast<Use *>(Storage + DescBytesToAllocate); Use *Start = reinterpret_cast<Use *>(Storage + DescBytesToAllocate);
Use *End = Start + Us; Use *End = Start + Us;
User *Obj = reinterpret_cast<User*>(End); Obj = reinterpret_cast<User*>(End);
Obj->NumUserOperands = Us; Obj->NumUserOperands = Us;
Obj->HasHungOffUses = false; Obj->HasHungOffUses = false;
Obj->HasDescriptor = DescBytes != 0; Obj->HasDescriptor = DescBytes != 0;
Use::initTags(Start, End); Use::initTags(Start, End);
if (DescBytes != 0) { if (DescBytes != 0) {
auto *DescInfo = reinterpret_cast<DescriptorInfo *>(Storage + DescBytes); auto *DI = reinterpret_cast<DescriptorInfo *>(Storage + DescBytes);
DescInfo->SizeInBytes = DescBytes; DI->SizeInBytes = DescBytes;
}
} }
return Obj; return Obj;
} }
void *User::operator new(size_t Size, unsigned Us) { void *User::operator new(size_t Size, unsigned Us) {
return allocateFixedOperandUser(Size, Us, 0); return allocateFixedOperandUser(Size, Us, 0);
} }
void *User::operator new(size_t Size, unsigned Us, unsigned DescBytes) { void *User::operator new(size_t Size, unsigned Us, unsigned DescBytes) {
return allocateFixedOperandUser(Size, Us, DescBytes); return allocateFixedOperandUser(Size, Us, DescBytes);
} }
void *User::operator new(size_t Size) { void *User::operator new(size_t Size) {
// Allocate space for a single Use* // Allocate space for a single Use*
void *Storage = ::operator new(Size + sizeof(Use *)); User *Obj = nullptr;
void *Storage = ::operator new(Size + sizeof(Use *), std::nothrow);
if (Storage != nullptr) {
Use **HungOffOperandList = static_cast<Use **>(Storage); Use **HungOffOperandList = static_cast<Use **>(Storage);
User *Obj = reinterpret_cast<User *>(HungOffOperandList + 1); Obj = reinterpret_cast<User *>(HungOffOperandList + 1);
Obj->NumUserOperands = 0; Obj->NumUserOperands = 0;
Obj->HasHungOffUses = true; Obj->HasHungOffUses = true;
Obj->HasDescriptor = false; Obj->HasDescriptor = false;
*HungOffOperandList = nullptr; *HungOffOperandList = nullptr;
}
return Obj; return Obj;
} }
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// User operator delete Implementation // User operator delete Implementation
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
void User::operator delete(void *Usr) { void User::operator delete(void *Usr) {
Show All 27 Lines