From 079138201da75a40c5d06a7d5f7ce7a46512f42a Mon Sep 17 00:00:00 2001 From: Ivan Grokhotkov Date: Thu, 5 Jan 2017 00:25:55 +0800 Subject: [PATCH] cxx: implement static initialization guards --- components/cxx/component.mk | 3 + components/cxx/cxx_guards.cpp | 216 +++++++++++++++++++++++++++++++ components/cxx/test/component.mk | 1 + components/cxx/test/test_cxx.cpp | 203 +++++++++++++++++++++++++++++ 4 files changed, 423 insertions(+) create mode 100644 components/cxx/component.mk create mode 100644 components/cxx/cxx_guards.cpp create mode 100644 components/cxx/test/component.mk create mode 100644 components/cxx/test/test_cxx.cpp diff --git a/components/cxx/component.mk b/components/cxx/component.mk new file mode 100644 index 0000000000..3ce43fc328 --- /dev/null +++ b/components/cxx/component.mk @@ -0,0 +1,3 @@ +# Mark __cxa_guard_dummy as undefined so that implementation of static guards +# is taken from cxx_guards.o instead of libstdc++.a +COMPONENT_ADD_LDFLAGS := -l$(COMPONENT_NAME) -u __cxa_guard_dummy diff --git a/components/cxx/cxx_guards.cpp b/components/cxx/cxx_guards.cpp new file mode 100644 index 0000000000..288ff3ea03 --- /dev/null +++ b/components/cxx/cxx_guards.cpp @@ -0,0 +1,216 @@ +// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +#include +#include +#include +#include +#include +#include +#include +#include "freertos/FreeRTOS.h" +#include "freertos/semphr.h" +#include "freertos/task.h" + +using __cxxabiv1::__guard; + +static SemaphoreHandle_t s_static_init_mutex = NULL; //!< lock used for the critical section +static SemaphoreHandle_t s_static_init_wait_sem = NULL; //!< counting semaphore used by the waiting tasks +static portMUX_TYPE s_init_spinlock = portMUX_INITIALIZER_UNLOCKED; //!< spinlock used to guard initialization of the above two primitives +static size_t s_static_init_waiting_count = 0; //!< number of tasks which are waiting for static init guards +#ifndef _NDEBUG +static size_t s_static_init_max_waiting_count = 0; //!< maximum ever value of the above; can be inspected using GDB for debugging purposes +#endif + + +/** + * Layout of the guard object (defined by the ABI). + * + * Compiler will check lower byte before calling guard functions. + */ +typedef struct { + uint8_t ready; //!< nonzero if initialization is done + uint8_t pending; //!< nonzero if initialization is in progress +} guard_t; + +static void static_init_prepare() +{ + portENTER_CRITICAL(&s_init_spinlock); + if (s_static_init_mutex == NULL) { + s_static_init_mutex = xSemaphoreCreateMutex(); + s_static_init_wait_sem = xSemaphoreCreateCounting(INT_MAX, 0); + if (s_static_init_mutex == NULL || s_static_init_wait_sem == NULL) { + // no way to bail out of static initialization without these + abort(); + } + } + portEXIT_CRITICAL(&s_init_spinlock); +} + +/** + * Use s_static_init_wait_sem to wait until guard->pending == 0. + * Preconditions: + * - s_static_init_mutex taken + * - guard.pending == 1 + * Postconditions: + * - s_static_init_mutex taken + * - guard.pending == 0 + */ +static void wait_for_guard_obj(guard_t* g) +{ + s_static_init_waiting_count++; +#ifndef _NDEBUG + s_static_init_max_waiting_count = std::max(s_static_init_waiting_count, + s_static_init_max_waiting_count); +#endif + + do { + auto result = xSemaphoreGive(s_static_init_mutex); + assert(result); + /* Task may be preempted here, but this isn't a problem, + * as the semaphore will be given exactly the s_static_init_waiting_count + * number of times; eventually the current task will execute next statement, + * which will immediately succeed. + */ + result = xSemaphoreTake(s_static_init_wait_sem, portMAX_DELAY); + assert(result); + /* At this point the semaphore was given, so all waiting tasks have woken up. + * We take s_static_init_mutex before accessing the state of the guard + * object again. + */ + result = xSemaphoreTake(s_static_init_mutex, portMAX_DELAY); + assert(result); + /* Semaphore may have been given because some other guard object became ready. + * Check the guard object we need and wait again if it is still pending. + */ + } while(g->pending); + s_static_init_waiting_count--; +} + +/** + * Unblock tasks waiting for static initialization to complete. + * Preconditions: + * - s_static_init_mutex taken + * Postconditions: + * - s_static_init_mutex taken + */ +static void signal_waiting_tasks() +{ + auto count = s_static_init_waiting_count; + while (count--) { + xSemaphoreGive(s_static_init_wait_sem); + } +} + +extern "C" int __cxa_guard_acquire(__guard* pg) +{ + guard_t* g = reinterpret_cast(pg); + const auto scheduler_started = xTaskGetSchedulerState() != taskSCHEDULER_NOT_STARTED; + if (!scheduler_started) { + if (g->pending) { + /* Before the scheduler has started, there we don't support simultaneous + * static initialization. This may be implemented using a spinlock and a + * s32c1i instruction, though. + */ + abort(); + } + } else { + if (s_static_init_mutex == NULL) { + static_init_prepare(); + } + + /* We don't need to use double-checked locking pattern here, as the compiler + * must generate code to check if the first byte of *pg is non-zero, before + * calling __cxa_guard_acquire. + */ + auto result = xSemaphoreTake(s_static_init_mutex, portMAX_DELAY); + assert(result); + if (g->pending) { + /* Another task is doing initialization at the moment; wait until it calls + * __cxa_guard_release or __cxa_guard_abort + */ + wait_for_guard_obj(g); + /* At this point there are two scenarios: + * - the task which was doing static initialization has called __cxa_guard_release, + * which means that g->ready is set. We need to return 0. + * - the task which was doing static initialization has called __cxa_guard_abort, + * which means that g->ready is not set; we should acquire the guard and return 1, + * same as for the case if we didn't have to wait. + * Note: actually the second scenario is unlikely to occur in the current + * configuration because exception support is disabled. + */ + } + } + int ret; + if (g->ready) { + /* Static initialization has been done by another task; nothing to do here */ + ret = 0; + } else { + /* Current task can start doing static initialization */ + g->pending = 1; + ret = 1; + } + if (scheduler_started) { + auto result = xSemaphoreGive(s_static_init_mutex); + assert(result); + } + return ret; +} + +extern "C" void __cxa_guard_release(__guard* pg) +{ + guard_t* g = reinterpret_cast(pg); + const auto scheduler_started = xTaskGetSchedulerState() != taskSCHEDULER_NOT_STARTED; + if (scheduler_started) { + auto result = xSemaphoreTake(s_static_init_mutex, portMAX_DELAY); + assert(result); + } + assert(g->pending && "tried to release a guard which wasn't acquired"); + g->pending = 0; + /* Initialization was successful */ + g->ready = 1; + if (scheduler_started) { + /* Unblock the tasks waiting for static initialization to complete */ + signal_waiting_tasks(); + auto result = xSemaphoreGive(s_static_init_mutex); + assert(result); + } +} + +extern "C" void __cxa_guard_abort(__guard* pg) +{ + guard_t* g = reinterpret_cast(pg); + const auto scheduler_started = xTaskGetSchedulerState() != taskSCHEDULER_NOT_STARTED; + if (scheduler_started) { + auto result = xSemaphoreTake(s_static_init_mutex, portMAX_DELAY); + assert(result); + } + assert(!g->ready && "tried to abort a guard which is ready"); + assert(g->pending && "tried to release a guard which is not acquired"); + g->pending = 0; + if (scheduler_started) { + /* Unblock the tasks waiting for static initialization to complete */ + signal_waiting_tasks(); + auto result = xSemaphoreGive(s_static_init_mutex); + assert(result); + } +} + +/** + * Dummy function used to force linking this file instead of the same one in libstdc++. + * This works via -u __cxa_guard_dummy flag in component.mk + */ +extern "C" void __cxa_guard_dummy() +{ +} diff --git a/components/cxx/test/component.mk b/components/cxx/test/component.mk new file mode 100644 index 0000000000..ce464a212a --- /dev/null +++ b/components/cxx/test/component.mk @@ -0,0 +1 @@ +COMPONENT_ADD_LDFLAGS = -Wl,--whole-archive -l$(COMPONENT_NAME) -Wl,--no-whole-archive diff --git a/components/cxx/test/test_cxx.cpp b/components/cxx/test/test_cxx.cpp new file mode 100644 index 0000000000..8b790783ed --- /dev/null +++ b/components/cxx/test/test_cxx.cpp @@ -0,0 +1,203 @@ +#include +#include +#include +#include "unity.h" +#include "esp_log.h" +#include "freertos/FreeRTOS.h" +#include "freertos/task.h" +#include "freertos/semphr.h" + +static const char* TAG = "cxx"; + +TEST_CASE("can use new and delete", "[cxx]") +{ + int* int_p = new int(10); + delete int_p; + int* int_array = new int[10]; + delete[] int_array; +} + +class Base +{ +public: + virtual ~Base() {} + virtual void foo() = 0; +}; + +class Derived : public Base +{ +public: + virtual void foo() { } +}; + +TEST_CASE("can call virtual functions", "[cxx]") +{ + Derived d; + Base& b = static_cast(d); + b.foo(); +} + +class NonPOD +{ +public: + NonPOD(int a_) : a(a_) { } + int a; +}; + +static int non_pod_test_helper(int new_val) +{ + static NonPOD non_pod(42); + int ret = non_pod.a; + non_pod.a = new_val; + return ret; +} + +TEST_CASE("can use static initializers for non-POD types", "[cxx]") +{ + TEST_ASSERT_EQUAL(42, non_pod_test_helper(1)); + TEST_ASSERT_EQUAL(1, non_pod_test_helper(0)); +} + +TEST_CASE("can call std::function and bind", "[cxx]") +{ + int outer = 1; + std::function fn = [&outer](int x) -> int { + return x + outer; + }; + outer = 5; + TEST_ASSERT_EQUAL(6, fn(1)); + + auto bound = std::bind(fn, outer); + outer = 10; + TEST_ASSERT_EQUAL(15, bound()); +} + +TEST_CASE("can use std::vector", "[cxx]") +{ + std::vector v(10, 1); + v[0] = 42; + TEST_ASSERT_EQUAL(51, std::accumulate(std::begin(v), std::end(v), 0)); +} + +/* + * This test exercises static initialization guards for two objects. + * For each object, 4 tasks are created which attempt to perform static initialization. + * We check that constructor runs only once for each object. + */ + +static SemaphoreHandle_t s_slow_init_sem = NULL; + +template +class SlowInit +{ +public: + SlowInit(int arg) { + ESP_LOGD(TAG, "init obj=%d start, arg=%d\n", obj, arg); + vTaskDelay(300/portTICK_PERIOD_MS); + TEST_ASSERT_EQUAL(-1, mInitBy); + TEST_ASSERT_EQUAL(0, mInitCount); + mInitBy = arg; + ++mInitCount; + ESP_LOGD(TAG, "init obj=%d done\n", obj); + } + + static void task(void* arg) { + int taskId = reinterpret_cast(arg); + ESP_LOGD(TAG, "obj=%d before static init, task=%d\n", obj, taskId); + static SlowInit slowinit(taskId); + ESP_LOGD(TAG, "obj=%d after static init, task=%d\n", obj, taskId); + xSemaphoreGive(s_slow_init_sem); + vTaskDelay(10); + vTaskDelete(NULL); + } +private: + static int mInitBy; + static int mInitCount; +}; + +template<> int SlowInit<1>::mInitBy = -1; +template<> int SlowInit<1>::mInitCount = 0; +template<> int SlowInit<2>::mInitBy = -1; +template<> int SlowInit<2>::mInitCount = 0; + +template +static void start_slow_init_task(int id, int affinity) +{ + xTaskCreatePinnedToCore(&SlowInit::task, "slow_init", 2048, + reinterpret_cast(id), 3, NULL, affinity); +} + +TEST_CASE("static initialization guards work as expected", "[cxx]") +{ + s_slow_init_sem = xSemaphoreCreateCounting(10, 0); + TEST_ASSERT_NOT_NULL(s_slow_init_sem); + // four tasks competing for static initialization of one object + start_slow_init_task<1>(0, PRO_CPU_NUM); + start_slow_init_task<1>(1, APP_CPU_NUM); + start_slow_init_task<1>(2, PRO_CPU_NUM); + start_slow_init_task<1>(3, tskNO_AFFINITY); + + // four tasks competing for static initialization of another object + start_slow_init_task<2>(0, PRO_CPU_NUM); + start_slow_init_task<2>(1, APP_CPU_NUM); + start_slow_init_task<2>(2, PRO_CPU_NUM); + start_slow_init_task<2>(3, tskNO_AFFINITY); + + // All tasks should + for (int i = 0; i < 8; ++i) { + TEST_ASSERT_TRUE(xSemaphoreTake(s_slow_init_sem, 500/portTICK_PERIOD_MS)); + } + vSemaphoreDelete(s_slow_init_sem); +} + +struct GlobalInitTest +{ + GlobalInitTest() : index(order++) { + } + int index; + static int order; +}; + +int GlobalInitTest::order = 0; + +GlobalInitTest g_init_test1; +GlobalInitTest g_init_test2; +GlobalInitTest g_init_test3; + +TEST_CASE("global initializers run in the correct order", "[cxx]") +{ + TEST_ASSERT_EQUAL(0, g_init_test1.index); + TEST_ASSERT_EQUAL(1, g_init_test2.index); + TEST_ASSERT_EQUAL(2, g_init_test3.index); +} + +struct StaticInitTestBeforeScheduler +{ + StaticInitTestBeforeScheduler() + { + static int first_init_order = getOrder(); + index = first_init_order; + } + + int getOrder() + { + return order++; + } + + int index; + static int order; +}; + +int StaticInitTestBeforeScheduler::order = 1; + +StaticInitTestBeforeScheduler g_static_init_test1; +StaticInitTestBeforeScheduler g_static_init_test2; +StaticInitTestBeforeScheduler g_static_init_test3; + +TEST_CASE("before scheduler has started, static initializers work correctly", "[cxx]") +{ + TEST_ASSERT_EQUAL(1, g_static_init_test1.index); + TEST_ASSERT_EQUAL(1, g_static_init_test2.index); + TEST_ASSERT_EQUAL(1, g_static_init_test3.index); + TEST_ASSERT_EQUAL(2, StaticInitTestBeforeScheduler::order); +}