Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

-Zoom=panic double panic due to panicking allocating #126683

Open
alecmocatta opened this issue Jun 19, 2024 · 3 comments
Open

-Zoom=panic double panic due to panicking allocating #126683

alecmocatta opened this issue Jun 19, 2024 · 3 comments
Labels
A-panic Area: Panicking machinery C-bug Category: This is a bug. T-compiler Relevant to the compiler team, which will review and decide on the PR/issue.

Comments

@alecmocatta
Copy link
Contributor

alecmocatta commented Jun 19, 2024
edited
Loading

We had an abort in production from fn begin_panic_handler, specifically FormatStringPayload, allocating during an OoM panic, triggering a second OoM panic and thus abort.

rust/library/std/src/panicking.rs

Lines 593 to 615 in a07f3eb

pub fn begin_panic_handler(info: &PanicInfo<'_>) -> ! {
struct FormatStringPayload<'a> {
inner: &'a fmt::Arguments<'a>,
string: Option<String>,
}
impl<'a> FormatStringPayload<'a> {
fn new(inner: &'a fmt::Arguments<'a>) -> Self {
Self { inner, string: None }
}
fn fill(&mut self) -> &mut String {
use crate::fmt::Write;
let inner = self.inner;
// Lazily, the first time this gets called, run the actual string formatting.
self.string.get_or_insert_with(|| {
let mut s = String::new();
let _err = s.write_fmt(*inner);
s
})
}
}

From that file it looks like there may be other allocations also. Perhaps it's possible to avoid them on the OoM panic path.

cc:

Meta

rustc --version --verbose:

rustc 1.79.0-nightly (a07f3eb43 2024-04-11)
binary: rustc
commit-hash: a07f3eb43acc5df851e15176c7081a900a30a4d7
commit-date: 2024-04-11
host: aarch64-apple-darwin
release: 1.79.0-nightly
LLVM version: 18.1.3
Backtrace 

// target = wasm32-unknown-unknown

std::panicking::rust_panic_with_hook::he5ab6644a2777339
        at <unknown>
std::panicking::begin_panic_handler::{{closure}}::hbc8949711eb93f07
        at <unknown>
std::sys_common::backtrace::__rust_end_short_backtrace::h43c6e6030cfac424
        at src/sys_common/backtrace.rs
rust_begin_unwind
        at <unknown>
core::panicking::panic_fmt::hd059f920eb86b234
        at src/panicking.rs
std::alloc::default_alloc_error_hook::hf29909cb78062dee
        at <unknown>
__rg_oom
        at src/alloc.rs
__rust_alloc_error_handler
        at <unknown>
alloc::alloc::handle_alloc_error::h77f60f5703455990
        at src/alloc.rs
alloc::raw_vec::handle_error::h2651e03894002f2d
        at src/raw_vec.rs
alloc::raw_vec::RawVec<T,A>::reserve::do_reserve_and_handle::h010686df1ee1f672
        at <unknown>
<alloc::string::String as core::fmt::Write>::write_str::h78dc7b49e79e749d.23038
        at lib/rustlib/src/rust/library/alloc/src/string.rs
core::fmt::write::hebf5ad877658ea5c
        at <unknown>
<std::panicking::begin_panic_handler::FormatStringPayload as core::panic::PanicPayload>::get::h8680c05bc1165a6c
        at <unknown>
std::panicking::rust_panic_with_hook::he5ab6644a2777339
        at <unknown>
std::panicking::begin_panic_handler::{{closure}}::hbc8949711eb93f07
        at <unknown>
std::sys_common::backtrace::__rust_end_short_backtrace::h43c6e6030cfac424
        at src/sys_common/backtrace.rs
rust_begin_unwind
        at <unknown>
core::panicking::panic_fmt::hd059f920eb86b234
        at src/panicking.rs
std::alloc::default_alloc_error_hook::hf29909cb78062dee
        at <unknown>
__rg_oom
        at src/alloc.rs
__rust_alloc_error_handler
        at <unknown>
alloc::alloc::handle_alloc_error::h77f60f5703455990
        at src/alloc.rs
<generic_btree::map::binding::Binding<K,V> as core::clone::Clone>::clone::h5d7cc23d7389cd6e
        at <unknown>

@alecmocatta alecmocatta added the C-bug Category: This is a bug. label Jun 19, 2024
@rustbot rustbot added the needs-triage This issue may need triage. Remove it if it has been sufficiently triaged. label Jun 19, 2024
@veera-sivarajan
Copy link
Contributor

@rustbot label -needs-triage +T-compiler +A-panic

@rustbot rustbot added A-panic Area: Panicking machinery T-compiler Relevant to the compiler team, which will review and decide on the PR/issue. and removed needs-triage This issue may need triage. Remove it if it has been sufficiently triaged. labels Jun 19, 2024
@bjorn3
Copy link
Member

bjorn3 commented Jun 19, 2024

Changing

rust/library/std/src/alloc.rs

Line 354 in a07f3eb

panic!("memory allocation of {} bytes failed", layout.size());
to no longer include the allocation size should fix the double panic assuming, but that would be a usability regression. On nightly you could set your own alloc error hook which panics with a constant string yourself though. If you pass any extra argument to panic!() besides the format string itself, it will have to allocate a String to set as payload for the panic info passed to the panic hook. This is unavoidable. Even if you use a separate payload type for allocation errors (as #112331 will do), this still has to be put in a Box when you start unwinding.

@the8472
Copy link
Member

the8472 commented Jun 19, 2024

If we had allocator hierarchies then the panic boxing could use an emergency allocator that is a child of the global allocator but keeps a reserve.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
A-panic Area: Panicking machinery C-bug Category: This is a bug. T-compiler Relevant to the compiler team, which will review and decide on the PR/issue.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@the8472 @alecmocatta @bjorn3 @veera-sivarajan @rustbot