QA: check for possible misalignment through placement new (-> #1204)

2019-10-11 20:26:02 +02:00 · 2019-10-11 20:26:02 +02:00 · bf283e8843
commit bf283e8843
parent f9d8f6eb55
15 changed files with 124 additions and 15 deletions
--- a/src/common/advice/advice.cpp
+++ b/src/common/advice/advice.cpp
@ -153,7 +153,7 @@ namespace advice {
        void*
        allocateBuffer(size_t siz)
          {
-            try { return new char[siz]; }
+            try { return new char[siz]; } /////////////////////////////////////////////////////////////////////TICKET #1204 potentially misaligned
            
            catch(std::bad_alloc&)
              {
--- a/src/lib/format-string.hpp
+++ b/src/lib/format-string.hpp
@ -95,6 +95,8 @@
 **          using a bit of type traits and boost lexical_cast, but no boost::format.
 ** @warning not suited for performance critical code. About 10 times slower than printf.
 ** 
+ ** TICKET #1204 : proper alignment verified 10/2019
+ ** 
 ** @see FormatString_test
 ** @see format-util.hpp
 ** @see format-obj.hpp
--- a/src/lib/meta/virtual-copy-support.hpp
+++ b/src/lib/meta/virtual-copy-support.hpp
@ -101,6 +101,7 @@
 **          copies. Additionally, if you \em really need multiple level deep inheritance,
 **          you need to mix in the copy implementations on \em every level \em again, and
 **          you need to provide custom copy operations on every level.
+ ** @warning please ensure the target storage for copy/clone is properly aligned. TICKET #1204
 ** 
 ** @see VirtualCopySupport_test
 ** @see lib::Variant usage example
--- a/src/lib/null-value.hpp
+++ b/src/lib/null-value.hpp
@ -65,8 +65,7 @@ namespace lib {
  /** 
   * Singleton holder for NIL or default value objects.
   * Implemented as a cluster of Meyer's singletons, maintaining
-   * a single value per type. As an extension point for specialisation,
-   * a function to emplace a "default" object is also provided.
+   * a single value per type. Specialisation is intended.
   */
  template<class TY>
  struct NullValue
@ -77,12 +76,6 @@ namespace lib {
          static TY nilValue;
          return nilValue;
        }
-      
-      static TY&
-      build (void* storage)
-        {
-          return *new(storage) TY{};
-        }
    };
  
  
--- a/src/lib/opaque-holder.hpp
+++ b/src/lib/opaque-holder.hpp
@ -57,6 +57,8 @@
 ** and you need to re-discover their concrete type, then maybe
 ** a visitor or variant record might be a better solution.
 ** 
+ ** TICKET #1204 : proper alignment verified 10/2019
+ ** 
 ** @see opaque-holder-test.cpp
 ** @see function-erasure.hpp usage example
 ** @see variant.hpp
--- a/src/lib/path-array.hpp
+++ b/src/lib/path-array.hpp
@ -122,7 +122,7 @@ namespace lib {
        template<typename...ELMS>
        explicit
        Extension (ELMS&& ...elms)
-          : storage_{new Literal[1 + sizeof...(ELMS)]}
+          : storage_{new Literal[1 + sizeof...(ELMS)]}                        // proper alignment maintained here (TICKET #1204)
          {
            size(storage_) = sizeof...(ELMS);
            new(storage_+1) Literal[sizeof...(ELMS)] {forward<ELMS>(elms)...};
--- a/src/lib/polymorphic-value.hpp
+++ b/src/lib/polymorphic-value.hpp
@ -377,6 +377,7 @@ namespace lib {
      enum{
        siz = storage + _Traits::ADMIN_OVERHEAD
      };
+      // WARNING: never add any member fields here                                /////////////////TICKET #1204
      
      
      /* === embedded object in buffer === */
--- a/src/lib/replaceable-item.hpp
+++ b/src/lib/replaceable-item.hpp
@ -147,7 +147,7 @@ namespace wrapper {
          new(&content_) X{forward<Z> (otherValue)};
        } 
        catch(...) {
-          NullValue<X>::build (&content_);
+          new(&content_) X{NullValue<X>::get()};
        }
      
      template<typename Z>
--- a/src/lib/scoped-collection.hpp
+++ b/src/lib/scoped-collection.hpp
@ -29,7 +29,8 @@
 ** The storage holding all those child objects is allocated in one chunk
 ** and never adjusted.
 ** 
- ** \par usage patterns
+ ** ## usage patterns
+ ** 
 ** The common ground for all usage of this container is to hold some elements
 ** with exclusive ownership; when the enclosing container goes out of scope,
 ** all the dtors of the embedded objects will be invoked. Frequently this
--- a/src/lib/scoped-holder-transfer.hpp
+++ b/src/lib/scoped-holder-transfer.hpp
@ -120,7 +120,7 @@ namespace lib {
      void 
      construct (pointer p, const TY& ref)
        {
-          new(p) TY();
+          new(p) TY();   /////////////////////TICKET #1204
          ASSERT (p);
          ASSERT (!(*p), "protocol violation: target already manages another object.");
          if (ref)
--- a/src/lib/simple-allocator.hpp
+++ b/src/lib/simple-allocator.hpp
@ -70,6 +70,9 @@ namespace lib {
  
  /**
   * Policy: use just plain heap allocations
+   * @waring whenever you define a specialisation,
+   *         _you_ are responsible for proper alignment
+   * @see TICKET #1204
   */
  template<typename TY>
  class CustomAllocator
--- a/src/lib/typed-allocation-manager.hpp
+++ b/src/lib/typed-allocation-manager.hpp
@ -55,6 +55,7 @@
 ** 
 ** @todo using a quick-n-dirty heap allocation implementation for now (8/09),
 **       but should write a custom allocator based on cehteh's mpool!
+ ** @warning this quick-n-dirty heap allocation might produce misaligned storage!!
 ** 
 ** @see CommandRegistry
 ** @see AllocationCluster (another custom allocation scheme, which could be united)
@ -214,7 +215,7 @@ namespace lib {
        {
          ////////////////////////////////////////////////TICKET #231 :redirect to the corresponding pool allocator
          TRACE (memory, "release «%s»", util::typeStr<XX>().c_str());
-          typedef char Storage[sizeof(XX)];
+          typedef char Storage[sizeof(XX)]; //////////////TICKET #1204 : WARNING this might produce misaligned storage when the array does not start on a "void* boundary"
          delete[] reinterpret_cast<Storage*> (entry);
          allocCnt_.dec<XX>();
        }
--- a/src/lib/variant.hpp
+++ b/src/lib/variant.hpp
@ -222,6 +222,8 @@ namespace lib {
  template<typename TYPES>
  class Variant
    {
+      // WARNING: never add any member field before the storage_ array    /////////////////////////TICKET #1204
+      
    public:
      enum { SIZ = meta::maxSize<typename TYPES::List>::value };
      
--- a/src/steam/engine/buffhandle.hpp
+++ b/src/steam/engine/buffhandle.hpp
@ -40,6 +40,12 @@
 ** to an actual buffer provided and managed behind the scenes. There is no automatic
 ** resource management; clients are responsible to invoke BuffHandle#release when done.
 ** 
+ ** @warning buffer management via BuffHandle and BufferDescriptor does _not automatically
+ **          maintain proper alignment._ Rather, it relies on the storage allocator to provide
+ **          a buffer suitably aligned for the target type to hold. In most cases, this target
+ **          location will actually be storage maintained on heap through some STL collection;
+ **          this topic is a possible subtle pitfall non the less.
+ ** 
 ** @see BufferProvider
 ** @see BufferProviderProtocol_test usage demonstration
 ** @see OutputSlot
--- a/wiki/thinkPad.ichthyo.mm
+++ b/wiki/thinkPad.ichthyo.mm
@ -50316,7 +50316,7 @@
 </node>
 <node CREATED="1447567187010" ID="ID_1008538054" MODIFIED="1557498707243" TEXT="sp&#xe4;ter...">
 <icon BUILTIN="bell"/>
-<node CREATED="1447567193361" ID="ID_661445245" MODIFIED="1557498707243" TEXT="preliminary optimization">
+<node CREATED="1447567193361" ID="ID_661445245" MODIFIED="1570817462086" TEXT="premature optimization">
 <icon BUILTIN="ksmiletris"/>
 <node CREATED="1447566743461" ID="ID_1971297499" LINK="http://issues.lumiera.org/ticket/973" MODIFIED="1557498707243">
 <richcontent TYPE="NODE"><html>
@ -50346,6 +50346,99 @@
 </node>
 </node>
 </node>
+<node CREATED="1570812024592" ID="ID_1371102521" MODIFIED="1570812029189" TEXT="immerwieder...">
+<icon BUILTIN="bell"/>
+<node BACKGROUND_COLOR="#eee5c3" COLOR="#990000" CREATED="1570815474222" ID="ID_678448874" MODIFIED="1570815485479" TEXT="#1204 Alignment issues">
+<node BACKGROUND_COLOR="#eee5c3" COLOR="#990000" CREATED="1570817474883" ID="ID_1779912405" MODIFIED="1570817537392" TEXT="#1205 Advice data possibly misaligned">
+<linktarget COLOR="#cd4467" DESTINATION="ID_1779912405" ENDARROW="Default" ENDINCLINATION="296;20;" ID="Arrow_ID_1125835000" SOURCE="ID_711013238" STARTARROW="None" STARTINCLINATION="462;0;"/>
+<icon BUILTIN="flag-yellow"/>
+<node CREATED="1570817544291" ID="ID_1212317534" MODIFIED="1570817544291" TEXT="try { return new char[siz]; }"/>
+<node CREATED="1570817565257" ID="ID_872374381" MODIFIED="1570817571504" TEXT="auf x86 harmlos"/>
+<node CREATED="1570817572097" ID="ID_942342414" MODIFIED="1570817577917" TEXT="aber nicht portabel"/>
+</node>
+</node>
+<node CREATED="1570812031118" ID="ID_1018321072" MODIFIED="1570812037369" TEXT="Alignment bei placement-new">
+<node BACKGROUND_COLOR="#fdfdcf" COLOR="#ff0000" CREATED="1570812038974" ID="ID_716754107" MODIFIED="1570812068335" TEXT="der Buffer mu&#xdf; passendes Alignment f&#xfc;r das Target aufweisen">
+<icon BUILTIN="messagebox_warning"/>
+<node CREATED="1570812070369" ID="ID_490799733" MODIFIED="1570812089910" TEXT="der Compiler kann das (meist/immer) nicht verifizieren">
+<icon BUILTIN="clanbomber"/>
+</node>
+<node CREATED="1570812097734" ID="ID_649573793" MODIFIED="1570812117119" TEXT="da man die Storage oft weit durchreicht, ist das eine potentielle Falle"/>
+</node>
+<node CREATED="1570812123998" ID="ID_1852853548" MODIFIED="1570812393065" TEXT="2019-10 Codebasis durchgepr&#xfc;ft">
+<node CREATED="1570812138224" ID="ID_499341259" MODIFIED="1570812146355" TEXT="alle Placement-New-Aufrufe"/>
+<node CREATED="1570812148917" ID="ID_1136640650" MODIFIED="1570812152826" TEXT="einzeln abgekl&#xe4;rt"/>
+<node CREATED="1570812156154" ID="ID_1286349242" MODIFIED="1570812160201" TEXT="potentiell gef&#xe4;hrlich">
+<node CREATED="1570812168060" ID="ID_572329221" MODIFIED="1570812347609" TEXT="buffhandle.hpp">
+<linktarget COLOR="#6997ce" DESTINATION="ID_572329221" ENDARROW="Default" ENDINCLINATION="-312;0;" ID="Arrow_ID_558667540" SOURCE="ID_587624101" STARTARROW="None" STARTINCLINATION="241;-25;"/>
+<icon BUILTIN="bell"/>
+<node CREATED="1570812177483" ID="ID_684960114" MODIFIED="1570812180566" TEXT="im Moment sauber">
+<node BACKGROUND_COLOR="#fdfdcf" COLOR="#ff0000" CREATED="1570812266492" ID="ID_156871602" MODIFIED="1570812291142">
+<richcontent TYPE="NODE"><html>
+  <head>
+    
+  </head>
+  <body>
+    <p>
+      Aber Vorsicht: es <b>wird noch gar nicht verwendet</b>
+    </p>
+  </body>
+</html></richcontent>
+<icon BUILTIN="bell"/>
+</node>
+</node>
+<node CREATED="1570812221861" ID="ID_1839888193" MODIFIED="1570812227638" TEXT="siehe: usages of BufferProvider::buildHandle">
+<node CREATED="1570812246800" ID="ID_447651236" MODIFIED="1570812246800" TEXT="TrackingHeapBlockProvider::provideLockedBuffer(HashVal typeID)">
+<node CREATED="1570812260534" ID="ID_101354449" MODIFIED="1570812260534" TEXT="diagn::Block&amp; newBlock = blocks.createBlock()"/>
+</node>
+</node>
+</node>
+<node CREATED="1570812625135" ID="ID_688046161" MODIFIED="1570815492913" TEXT="typed-allocation-manager.hpp">
+<linktarget COLOR="#ec5b9a" DESTINATION="ID_688046161" ENDARROW="Default" ENDINCLINATION="-281;28;" ID="Arrow_ID_789772576" SOURCE="ID_126301727" STARTARROW="None" STARTINCLINATION="117;-5;"/>
+<icon BUILTIN="broken-line"/>
+<node CREATED="1570812637077" ID="ID_1674717962" MODIFIED="1570812642972" TEXT="nicht fertig implementiert"/>
+<node CREATED="1570812643428" ID="ID_1631975143" MODIFIED="1570812899021" TEXT="die gegenw&#xe4;rtige dummy-Implementierung ist nicht korrekt">
+<richcontent TYPE="NOTE"><html>
+  <head>
+    
+  </head>
+  <body>
+    <p>
+      typed-allocation-manager.hpp 217
+    </p>
+    <p>
+      dumme Heap-Allokation eines char[]
+    </p>
+    <p>
+      !!!!!11!!
+    </p>
+  </body>
+</html>
+</richcontent>
+<icon BUILTIN="messagebox_warning"/>
+</node>
+</node>
+</node>
+</node>
+</node>
+</node>
+<node CREATED="1570812308345" ID="ID_595212266" MODIFIED="1570812311915" TEXT="Review">
+<icon BUILTIN="bell"/>
+<node CREATED="1570812319615" ID="ID_587624101" MODIFIED="1570812352560" TEXT="buffhandle.hpp">
+<arrowlink COLOR="#6997ce" DESTINATION="ID_572329221" ENDARROW="Default" ENDINCLINATION="-312;0;" ID="Arrow_ID_558667540" STARTARROW="None" STARTINCLINATION="241;-25;"/>
+<node CREATED="1570812358786" ID="ID_1531404447" MODIFIED="1570812369421" TEXT="2019-10">
+<node CREATED="1570812369993" ID="ID_1647231897" MODIFIED="1570812373524" TEXT="noch nicht verwendet"/>
+<node CREATED="1570812373920" ID="ID_1210803090" MODIFIED="1570812385603" TEXT="Testcode (TrackingHeapBlockProvider) sauber"/>
+</node>
+</node>
+<node CREATED="1570812625135" ID="ID_126301727" MODIFIED="1570815492913" TEXT="typed-allocation-manager.hpp">
+<arrowlink COLOR="#ec5b9a" DESTINATION="ID_688046161" ENDARROW="Default" ENDINCLINATION="-281;28;" ID="Arrow_ID_789772576" STARTARROW="None" STARTINCLINATION="117;-5;"/>
+<icon BUILTIN="broken-line"/>
+<node CREATED="1570812925966" ID="ID_1900314792" MODIFIED="1570812931345" TEXT="2019-10">
+<node CREATED="1570812637077" ID="ID_971741566" MODIFIED="1570812642972" TEXT="nicht fertig implementiert"/>
+</node>
+</node>
+</node>
 <node BACKGROUND_COLOR="#fdfdcf" COLOR="#990000" CREATED="1446356368070" ID="ID_768449868" MODIFIED="1557498707243" TEXT="Au Au">
 <icon BUILTIN="broken-line"/>
 <node CREATED="1521963965164" ID="ID_1027875371" MODIFIED="1557498707243" TEXT="multithreaded-Test scheitert">
@ -50695,6 +50788,10 @@
 <icon BUILTIN="button_ok"/>
 </node>
 </node>
+<node BACKGROUND_COLOR="#eee5c3" COLOR="#990000" CREATED="1570817474883" ID="ID_711013238" MODIFIED="1570817537392" TEXT="#1205 Advice data possibly misaligned">
+<arrowlink COLOR="#cd4467" DESTINATION="ID_1779912405" ENDARROW="Default" ENDINCLINATION="296;20;" ID="Arrow_ID_1125835000" STARTARROW="None" STARTINCLINATION="462;0;"/>
+<icon BUILTIN="flag-yellow"/>
+</node>
 </node>
 </node>
 </node>