Differential D22756

Have builtins use ck* malloc functions.
AbandonedPublic
Actions

Authored by bdrewery on Dec 10 2019, 10:01 PM.

Details

Reviewers

jilles

Summary

This will ensure interrupts are disabled and out-of-space is
handled gracefully.

Diff Detail

Lint

Lint Passed

Unit

No Test Coverage

Build Status

Buildable 28069
Build 26214: arc lint + arc unit

Event Timeline

bdrewery created this revision.Dec 10 2019, 10:01 PM

Harbormaster completed remote builds in B28069: Diff 65478.Dec 10 2019, 10:01 PM

Adding INTOFF/INTON around malloc/free prevents unsafety due to interrupting the allocator, but does not prevent memory leaks or double frees due to the administration getting out of sync with the allocator (for example, if the INTON in ckmalloc() notices an interrupt, the allocated memory will leak). It would make more sense if ckmalloc/ckrealloc/ckfree merely asserted that INTON is in effect. I experimented with that earlier but did not follow through.

Also, the exception thrown by ckmalloc and ckrealloc if they fail is unlikely to be handled properly by code not specially designed for it.

What I have done in usr.bin/printf is to use normal strdup and check its return value, and to add INTOFF/INTON around most of the program under #ifdef SHELL. (This has negative effects if writing to standard output blocks.)

This revision now requires changes to proceed.Dec 11 2019, 7:40 PM

Thanks for looking.

jilles mentioned this in D24599: sh: Assert INTOFF rather than applying it in ck*.Apr 27 2020, 9:59 PM

jilles mentioned this in rS360452: sh: Assert INTOFF rather than applying it in ck*.Apr 28 2020, 8:34 PM