allocator_common.hpp overallocates 100x memory & invokes UB on dealloc #1254
Assignees
Labels
help wanted
Extra attention is needed
Comments
|
Thanks for bringing up this issue. After reading the documentation, I agree with both of your points. I'd be OK with removing this implementation entirely and just using the default rcl allocator for now instead. But pinging @ros2/team for other opinions. |
|
Yeah we can just remove it, I think it should be fixable, but I don't think anyone is really using it and we plan to move to the polymorphic allocator (we think) in the future anyways, so we can fix it then. |
|
Great, thanks for the feedback. @stevewolter if you are interested in working on this, we'll be happy to review. Thanks. |
|
Thanks Chris, I'll give it a shot and send a PR. |
|
Quick update: It will be some time - I'm on vacation for 2 weeks now, but I'll send a PR afterwards. |
|
@stevewolter Thanks for the heads up. |
stevewolter
added a commit
to stevewolter/rclcpp
that referenced
this issue
Sep 22, 2020
As explained in ros2#1254, there's conceptually no way to implement RCL allocators in terms of C++ allocators. Since allocator_common can't be fixed, delete it and inline calls to rcl_get_default_allocator at the call sites. Since this would introduce surprising behavior for custom allocator users (using system malloc when a custom allocator is requested), add compile-time assertions checking for non-default allocators. Since there's other blocking bugs for allocator use (ros2#1061), this shouldn't break existing users. Technically, we could roll back a lot of templating on allocator and explicitly use std::allocator<void> in all classes. I have refrained from doing so because you might have plans with this code, but if you concur, I'll be more than happy to de-template all these classes to simplify the code.
stevewolter
added a commit
to stevewolter/rclcpp
that referenced
this issue
Sep 22, 2020
As explained in ros2#1254, there's conceptually no way to implement RCL allocators in terms of C++ allocators. Since allocator_common can't be fixed, delete it and inline calls to rcl_get_default_allocator at the call sites. Since this would introduce surprising behavior for custom allocator users (using system malloc when a custom allocator is requested), add compile-time assertions checking for non-default allocators. Since there's other blocking bugs for allocator use (ros2#1061), this shouldn't break existing users. Technically, we could roll back a lot of templating on allocator and explicitly use std::allocator<void> in all classes. I have refrained from doing so because you might have plans with this code, but if you concur, I'll be more than happy to de-template all these classes to simplify the code.
stevewolter
added a commit
to stevewolter/rclcpp
that referenced
this issue
Sep 22, 2020
As explained in ros2#1254, there's conceptually no way to implement RCL allocators in terms of C++ allocators. Since allocator_common can't be fixed, delete it and inline calls to rcl_get_default_allocator at the call sites. Since this would introduce surprising behavior for custom allocator users (using system malloc when a custom allocator is requested), add compile-time assertions checking for non-default allocators. Since there's other blocking bugs for allocator use (ros2#1061), this shouldn't break existing users. Technically, we could roll back a lot of templating on allocator and explicitly use std::allocator<void> in all classes. I have refrained from doing so because you might have plans with this code, but if you concur, I'll be more than happy to de-template all these classes to simplify the code.
stevewolter
added a commit
to stevewolter/rclcpp
that referenced
this issue
Sep 22, 2020
As explained in ros2#1254, there's conceptually no way to implement RCL allocators in terms of C++ allocators. Since allocator_common can't be fixed, delete it and inline calls to rcl_get_default_allocator at the call sites. Since this would introduce surprising behavior for custom allocator users (using system malloc when a custom allocator is requested), add compile-time assertions checking for non-default allocators. Since there's other blocking bugs for allocator use (ros2#1061), this shouldn't break existing users. Technically, we could roll back a lot of templating on allocator and explicitly use std::allocator<void> in all classes. I have refrained from doing so because you might have plans with this code, but if you concur, I'll be more than happy to de-template all these classes to simplify the code.
stevewolter
added a commit
to stevewolter/rclcpp
that referenced
this issue
Sep 22, 2020
As explained in ros2#1254, there's conceptually no way to implement RCL allocators in terms of C++ allocators. Since allocator_common can't be fixed, delete it and inline calls to rcl_get_default_allocator at the call sites. Since this would introduce surprising behavior for custom allocator users (using system malloc when a custom allocator is requested), add compile-time assertions checking for non-default allocators. Since there's other blocking bugs for allocator use (ros2#1061), this shouldn't break existing users. Technically, we could roll back a lot of templating on allocator and explicitly use std::allocator<void> in all classes. I have refrained from doing so because you might have plans with this code, but if you concur, I'll be more than happy to de-template all these classes to simplify the code.
stevewolter
added a commit
to stevewolter/rclcpp
that referenced
this issue
Sep 23, 2020
As explained in ros2#1254, there's conceptually no way to implement RCL allocators in terms of C++ allocators. Since allocator_common can't be fixed, delete it and rely on implementers to provide a suitable specialization. Since there's other blocking bugs for allocator use (ros2#1061), this shouldn't break existing users.
stevewolter
added a commit
to stevewolter/rclcpp
that referenced
this issue
Sep 23, 2020
As explained in ros2#1254, there's conceptually no way to implement RCL allocators in terms of C++ allocators. Since allocator_common can't be fixed, delete it and rely on implementers to provide a suitable specialization. Since there's other blocking bugs for allocator use (ros2#1061), this shouldn't break existing users.
stevewolter
added a commit
to stevewolter/rclcpp
that referenced
this issue
Sep 23, 2020
As explained in ros2#1254, there's conceptually no way to implement RCL allocators in terms of C++ allocators. Since allocator_common can't be fixed, delete it and rely on implementers to provide a suitable specialization. Since there's other blocking bugs for allocator use (ros2#1061), this shouldn't break existing users.
stevewolter
added a commit
to stevewolter/rclcpp
that referenced
this issue
Sep 23, 2020
As explained in ros2#1254, there's conceptually no way to implement RCL allocators in terms of C++ allocators. Since allocator_common can't be fixed, delete it and rely on implementers to provide a suitable specialization. Since there's other blocking bugs for allocator use (ros2#1061), this shouldn't break existing users.
stevewolter
added a commit
to stevewolter/realtime_support
that referenced
this issue
Sep 23, 2020
This removes one more user of the broken generic version of get_rcl_allocator, which is causing ros2/rclcpp#1254.
stevewolter
added a commit
to stevewolter/realtime_support
that referenced
this issue
Sep 23, 2020
This removes one more user of the broken generic version of get_rcl_allocator, which is causing ros2/rclcpp#1254.
stevewolter
added a commit
to stevewolter/realtime_support
that referenced
this issue
Sep 23, 2020
This removes one more user of the broken generic version of get_rcl_allocator, which is causing ros2/rclcpp#1254.
stevewolter
added a commit
to stevewolter/realtime_support
that referenced
this issue
Sep 23, 2020
This removes one more user of the broken generic version of get_rcl_allocator, which is causing ros2/rclcpp#1254.
stevewolter
added a commit
to stevewolter/realtime_support
that referenced
this issue
Sep 23, 2020
This removes one more user of the broken generic version of get_rcl_allocator, which is causing ros2/rclcpp#1254.
|
OK, this will take 4 commits to sort out. I'll first make get_rcl_allocator into a family of freestanding functions instead of a function template with explicit instantiation, so that current users of allocators (tlsf_cpp, demo_node) can add overrides for their custom allocators. Then I'll add these overrides, and finally delete the generic allocator implementation that causes the UB. |
stevewolter
added a commit
to stevewolter/rclcpp
that referenced
this issue
Sep 23, 2020
As explained in ros2#1254, there's conceptually no way to implement RCL allocators in terms of C++ allocators. Since allocator_common can't be fixed, delete it and rely on implementers to provide a suitable specialization. Since there's other blocking bugs for allocator use (ros2#1061), this shouldn't break existing users.
stevewolter
added a commit
to stevewolter/rclcpp
that referenced
this issue
Sep 23, 2020
As explained in ros2#1254, there's conceptually no way to implement RCL allocators in terms of C++ allocators. Since allocator_common can't be fixed, delete it and rely on implementers to provide a suitable specialization. Since there's other blocking bugs for allocator use (ros2#1061), this shouldn't break existing users. Signed-off-by: Steve Wolter <[email protected]>
stevewolter
added a commit
to stevewolter/rclcpp
that referenced
this issue
Sep 23, 2020
As explained in ros2#1254, there's conceptually no way to implement RCL allocators in terms of C++ allocators. In order to fix this behavior, we have to delete the generic version of get_rcl_allocator. Since some ROS code depends on this, we need to allow users to write their own version of get_rcl_allocator for allocators that support the C-style interface (most do). So this CL changes get_rcl_allocator from a template function into a family of (potentially templated) functions, which allows users to add their own overloads and rely on the "most specialized" mechanism for function specialization to select the right one. See http://www.gotw.ca/publications/mill17.htm for details. This also allows us to return get_rcl_default_allocator for all specializations of std::allocator (previously, only for std::allocator), which will already fix ros2#1254 for pretty much all clients. I'll continue to work on deleting the generic version, though, to make sure that nobody is accidentally bitten by it. I've tried to test this by doing a full ROS compilation following the Dockerfile of the source Docker image, and all packages compile. Signed-off-by: Steve Wolter <[email protected]>
|
First PR #1324 is ready for review. Chris, could you PTAL? |
stevewolter
added a commit
to stevewolter/rclcpp
that referenced
this issue
Sep 24, 2020
As explained in ros2#1254, there's conceptually no way to implement RCL allocators in terms of C++ allocators. In order to fix this behavior, we have to delete the generic version of get_rcl_allocator. Since some ROS code depends on this, we need to allow users to write their own version of get_rcl_allocator for allocators that support the C-style interface (most do). So this CL changes get_rcl_allocator from a template function into a family of (potentially templated) functions, which allows users to add their own overloads and rely on the "most specialized" mechanism for function specialization to select the right one. See http://www.gotw.ca/publications/mill17.htm for details. This also allows us to return get_rcl_default_allocator for all specializations of std::allocator (previously, only for std::allocator), which will already fix ros2#1254 for pretty much all clients. I'll continue to work on deleting the generic version, though, to make sure that nobody is accidentally bitten by it. I've tried to test this by doing a full ROS compilation following the Dockerfile of the source Docker image, and all packages compile. Signed-off-by: Steve Wolter <[email protected]>
stevewolter
added a commit
to stevewolter/realtime_support
that referenced
this issue
Sep 29, 2020
This removes one more user of the broken generic version of get_rcl_allocator, which is causing ros2/rclcpp#1254. Signed-off-by: Steve Wolter <[email protected]>
stevewolter
added a commit
to stevewolter/realtime_support
that referenced
this issue
Sep 29, 2020
This removes one more user of the broken generic version of get_rcl_allocator, which is causing ros2/rclcpp#1254. Signed-off-by: Steve Wolter <[email protected]>
stevewolter
added a commit
to stevewolter/realtime_support
that referenced
this issue
Sep 29, 2020
This removes one more user of the broken generic version of get_rcl_allocator, which is causing ros2/rclcpp#1254. Signed-off-by: Steve Wolter <[email protected]>
stevewolter
added a commit
to stevewolter/rclcpp
that referenced
this issue
Oct 1, 2020
As explained in ros2#1254, there's conceptually no way to implement RCL allocators in terms of C++ allocators. In order to fix this behavior, we have to delete the generic version of get_rcl_allocator. Since some ROS code depends on this, we need to allow users to write their own version of get_rcl_allocator for allocators that support the C-style interface (most do). So this CL changes get_rcl_allocator from a template function into a family of (potentially templated) functions, which allows users to add their own overloads and rely on the "most specialized" mechanism for function specialization to select the right one. See http://www.gotw.ca/publications/mill17.htm for details. This also allows us to return get_rcl_default_allocator for all specializations of std::allocator (previously, only for std::allocator), which will already fix ros2#1254 for pretty much all clients. I'll continue to work on deleting the generic version, though, to make sure that nobody is accidentally bitten by it. I've tried to test this by doing a full ROS compilation following the Dockerfile of the source Docker image, and all packages compile. Signed-off-by: Steve Wolter <[email protected]>
stevewolter
added a commit
to stevewolter/rclcpp
that referenced
this issue
Oct 2, 2020
As explained in ros2#1254, there's conceptually no way to implement RCL allocators in terms of C++ allocators. In order to fix this behavior, we have to delete the generic version of get_rcl_allocator. Since some ROS code depends on this, we need to allow users to write their own version of get_rcl_allocator for allocators that support the C-style interface (most do). So this CL changes get_rcl_allocator from a template function into a family of (potentially templated) functions, which allows users to add their own overloads and rely on the "most specialized" mechanism for function specialization to select the right one. See http://www.gotw.ca/publications/mill17.htm for details. This also allows us to return get_rcl_default_allocator for all specializations of std::allocator (previously, only for std::allocator), which will already fix ros2#1254 for pretty much all clients. I'll continue to work on deleting the generic version, though, to make sure that nobody is accidentally bitten by it. I've tried to test this by doing a full ROS compilation following the Dockerfile of the source Docker image, and all packages compile. Signed-off-by: Steve Wolter <[email protected]>
stevewolter
added a commit
to stevewolter/realtime_support
that referenced
this issue
Oct 6, 2020
This removes one more user of the broken generic version of get_rcl_allocator, which is causing ros2/rclcpp#1254. Signed-off-by: Steve Wolter <[email protected]>
stevewolter
added a commit
to stevewolter/realtime_support
that referenced
this issue
Oct 6, 2020
This removes one more user of the broken generic version of get_rcl_allocator, which is causing ros2/rclcpp#1254. Signed-off-by: Steve Wolter <[email protected]>
clalancette
pushed a commit
that referenced
this issue
Apr 26, 2021
As explained in #1254, there's conceptually no way to implement RCL allocators in terms of C++ allocators. In order to fix this behavior, we have to delete the generic version of get_rcl_allocator. Since some ROS code depends on this, we need to allow users to write their own version of get_rcl_allocator for allocators that support the C-style interface (most do). So this CL changes get_rcl_allocator from a template function into a family of (potentially templated) functions, which allows users to add their own overloads and rely on the "most specialized" mechanism for function specialization to select the right one. See http://www.gotw.ca/publications/mill17.htm for details. This also allows us to return get_rcl_default_allocator for all specializations of std::allocator (previously, only for std::allocator), which will already fix #1254 for pretty much all clients. I'll continue to work on deleting the generic version, though, to make sure that nobody is accidentally bitten by it. I've tried to test this by doing a full ROS compilation following the Dockerfile of the source Docker image, and all packages compile. Signed-off-by: Steve Wolter <[email protected]>
tylerjw
pushed a commit
to tylerjw/rclcpp
that referenced
this issue
Nov 12, 2022
As explained in ros2#1254, there's conceptually no way to implement RCL allocators in terms of C++ allocators. In order to fix this behavior, we have to delete the generic version of get_rcl_allocator. Since some ROS code depends on this, we need to allow users to write their own version of get_rcl_allocator for allocators that support the C-style interface (most do). So this CL changes get_rcl_allocator from a template function into a family of (potentially templated) functions, which allows users to add their own overloads and rely on the "most specialized" mechanism for function specialization to select the right one. See http://www.gotw.ca/publications/mill17.htm for details. This also allows us to return get_rcl_default_allocator for all specializations of std::allocator (previously, only for std::allocator), which will already fix ros2#1254 for pretty much all clients. I'll continue to work on deleting the generic version, though, to make sure that nobody is accidentally bitten by it. I've tried to test this by doing a full ROS compilation following the Dockerfile of the source Docker image, and all packages compile. Signed-off-by: Steve Wolter <[email protected]> Addressed code style test failures. Signed-off-by: Steve Wolter <[email protected]> Update comments. Incidentally, this also reruns the flaky test suite, which seems to be using the real DDS middleware and to be prone to cross-talk. Signed-off-by: Steve Wolter <[email protected]> Also update recently added tests. Signed-off-by: Steve Wolter <[email protected]> Added reference to bug number. Signed-off-by: Steve Wolter <[email protected]> Extend allocator lifetime in options. Signed-off-by: Steve Wolter <[email protected]> Drop the generic version of get_rcl_allocator. This allows us to simplify a bunch of code as well. Signed-off-by: Steve Wolter <[email protected]> Update rclcpp/include/rclcpp/allocator/allocator_common.hpp Co-authored-by: William Woodall <[email protected]> Signed-off-by: Steve Wolter <[email protected]> Revert accidental deletion of allocator creation. Signed-off-by: Steve Wolter <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
rclcpp/include/rclcpp/allocator/allocator_common.hpp has two severe correctness issues in memory allocation:
I realize that both of these issues are not easily fixable. Since allocators are not supported yet anyway (#1061), I'd suggest to disable support for custom allocators entirely and depend on the default RCL allocator. If you concur, I'd be happy to help in implementation.
The text was updated successfully, but these errors were encountered: