Re: malloc crash - Corinna Vinschen

public inbox for cygwin-developers@cygwin.com
 help / color / mirror / Atom feed

From: Corinna Vinschen <corinna-cygwin@cygwin.com>
To: cygwin-developers@cygwin.com
Subject: Re: malloc crash
Date: Tue, 26 Oct 2021 18:03:28 +0200	[thread overview]
Message-ID: <YXgm0DOdOIabnmiy@calimero.vinschen.de> (raw)
In-Reply-To: <a0722985-6deb-5edd-09f9-06c1267ce0a2@cornell.edu>

On Oct 26 10:32, Ken Brown wrote:
> On 10/26/2021 5:24 AM, Corinna Vinschen wrote:
> > On Oct 25 18:02, Ken Brown wrote:
> > > Or does the fifo_reader thread call a malloc function before the main thread
> > > has called malloc_init()?  This would presumably cause __malloc_lock() to
> > > fail, but there's no error check.
> > 
> > That sounds more likely.  In theory this shouldn't have much influence,
> > though.  First of all, all fixup calls are running in a single thread,
> > so there's no serialization required(*), and the malloc_init call
> > doesn't set up the malloc arena, it just initializes the muto and checks
> > for user space provided malloc calls, which is not a problem in this
> > scenario.
> > 
> > (*) unless multiple threads are started during fixup and some of these
> >      threads mallocate memory again...
> > 
> > Ken, is there a chance to tweak the fifo code to stop creating
> > threads from inside fixup, and to defer the thread start to the first
> > call in the process actually relying on the thread being started?
> 
> I can't think of any way to do that.  The thread is listening for various
> events that cause it to take action, so it has to always be running.  But I
> can probably tweak the code so that the thread doesn't have to call malloc
> early on.
> 
> It might take a while to get this right, and the bug has existed ever since
> I overhauled the fifo code.  So I don't think you have to hold up releasing
> 3.3.0 while I work on this.

Try the below patch instead, per Takashi's testing and subsequent discussion.

From 9e53881e81bc6d2d072a0d625a9eac8ffc7cc698 Mon Sep 17 00:00:00 2001
From: Corinna Vinschen <corinna@vinschen.de>
Date: Tue, 26 Oct 2021 17:53:08 +0200
Subject: [PATCH] Cygwin: split malloc_init

Per https://cygwin.com/pipermail/cygwin-developers/2021-October/012429.html,
we may encounter a crash when starting multiple threads during process
startup (here: fhandler_fifo::fixup_after_{fork,exec}) which in turn
allocate memory via malloc.

The problem is concurrent usage of malloc before the malloc muto has
been initialized.

To fix this issue, split malloc_init into malloc_init_0, called from
dll_crt0_0, and malloc_init_1, called from dll_crt_0_1.  malloc_init_0
just initializes the muto, malloc_init_1 checks for user space provided
malloc.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
---
 winsup/cygwin/dcrt0.cc          | 4 +++-
 winsup/cygwin/heap.cc           | 1 -
 winsup/cygwin/heap.h            | 3 ++-
 winsup/cygwin/malloc_wrapper.cc | 6 +++++-
 4 files changed, 10 insertions(+), 4 deletions(-)

diff --git a/winsup/cygwin/dcrt0.cc b/winsup/cygwin/dcrt0.cc
index 6f4723bb059d..7c460274fb86 100644
--- a/winsup/cygwin/dcrt0.cc
+++ b/winsup/cygwin/dcrt0.cc
@@ -769,6 +769,8 @@ dll_crt0_0 ()
   NtOpenProcessToken (NtCurrentProcess (), MAXIMUM_ALLOWED, &hProcToken);
   set_cygwin_privileges (hProcToken);
 
+  malloc_init_0 ();
+
   device::init ();
   do_global_ctors (&__CTOR_LIST__, 1);
   cygthread::init ();
@@ -857,7 +859,7 @@ dll_crt0_1 (void *)
      on a functioning malloc and it's possible that the user's program may
      have overridden malloc.  We only know about that at this stage,
      unfortunately. */
-  malloc_init ();
+  malloc_init_1 ();
   user_shared->initialize ();
 
 #ifdef CYGHEAP_DEBUG
diff --git a/winsup/cygwin/heap.cc b/winsup/cygwin/heap.cc
index b839c8cd48ee..f27f81bc4b59 100644
--- a/winsup/cygwin/heap.cc
+++ b/winsup/cygwin/heap.cc
@@ -230,7 +230,6 @@ user_heap_info::init ()
   debug_printf ("heap base %p, heap top %p, heap size %ly (%lu)",
 		base, top, chunk, chunk);
   page_const--;
-  // malloc_init ();
 }
 
 #define pround(n) (((size_t)(n) + page_const) & ~page_const)
diff --git a/winsup/cygwin/heap.h b/winsup/cygwin/heap.h
index 565758e4872c..42099051f619 100644
--- a/winsup/cygwin/heap.h
+++ b/winsup/cygwin/heap.h
@@ -10,7 +10,8 @@ details. */
 
 /* Heap management. */
 void heap_init ();
-void malloc_init ();
+void malloc_init_0 ();
+void malloc_init_1 ();
 
 #define inheap(s) \
   (cygheap->user_heap.ptr && s \
diff --git a/winsup/cygwin/malloc_wrapper.cc b/winsup/cygwin/malloc_wrapper.cc
index 3b245800abec..85c411a3e258 100644
--- a/winsup/cygwin/malloc_wrapper.cc
+++ b/winsup/cygwin/malloc_wrapper.cc
@@ -272,10 +272,14 @@ strdup (const char *s)
 muto NO_COPY mallock;
 
 void
-malloc_init ()
+malloc_init_0 ()
 {
   mallock.init ("mallock");
+}
 
+void
+malloc_init_1 ()
+{
   /* Check if malloc is provided by application. If so, redirect all
      calls to malloc/free/realloc to application provided. This may
      happen if some other dll calls cygwin's malloc, but main code provides
-- 
2.31.1

next prev parent reply	other threads:[~2021-10-26 16:03 UTC|newest]

Thread overview: 27+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-10-24 21:46 Ken Brown
2021-10-25  8:56 ` Takashi Yano
2021-10-25 13:37   ` Ken Brown
2021-10-25  8:59 ` Corinna Vinschen
2021-10-25 12:35   ` Ken Brown
2021-10-25 15:39     ` Corinna Vinschen
2021-10-25 21:29       ` Mark Geisert
2021-10-25 22:02         ` Ken Brown
2021-10-25 23:36           ` Mark Geisert
2021-10-26  0:18             ` Takashi Yano
2021-10-26  0:54               ` Mark Geisert
2021-10-26  8:30                 ` Mark Geisert
2021-10-26  8:52                   ` Takashi Yano
2021-10-26  8:59                     ` Mark Geisert
2021-10-26  9:26                       ` Takashi Yano
2021-10-26  9:31                         ` Corinna Vinschen
2021-10-26  9:28                       ` Corinna Vinschen
2021-10-26  9:27                 ` Corinna Vinschen
2021-10-26  9:24           ` Corinna Vinschen
2021-10-26 14:32             ` Ken Brown
2021-10-26 16:03               ` Corinna Vinschen [this message]
2021-10-26 16:36                 ` Ken Brown
2021-10-26 16:49                   ` Corinna Vinschen
2021-10-26 17:10                     ` Ken Brown
2021-10-27  0:44                     ` Takashi Yano
2021-10-27  9:01                       ` Corinna Vinschen
2021-10-26 16:44                 ` Takashi Yano

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=YXgm0DOdOIabnmiy@calimero.vinschen.de \
    --to=corinna-cygwin@cygwin.com \
    --cc=cygwin-developers@cygwin.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).