Fix SIGBUS due to unaligned access

Update RAPIDJSON_ALIGN() to always align on an 8-byte boundary unless otherwise overridden. On some platforms (such as ARM), 64-bit items (such as doubles and 64-bit integers) must be aligned to an 8 byte address, even though the architecture is only 32-bits. On these platforms, MemoryPoolAllocator must match the malloc() behavior and return a 8 byte aligned allocation. This eliminates any alignment issues that may occur at the expense of additional memory overhead. Failure to do so caused a SIGBUS signal when calling GenericValue::SetNull(). The size of the data_ member of the GenericValue class is 16 bytes in 32-bit mode and its constructor requires an 8-byte aligned access. While parsing a JSON formatted string using Document::ParseStream(), a stack object containing GenericValue items was constructed. Since the stack was 8-byte aligned, the constructor calls would succeed. When the lifetime of the object ends, SetObjectRaw() is invoked. This triggered an allocation with 4-byte alignment to which the previously 8-byte aligned GenericValue array was copied. After this, any call to a GenericValue API that triggered the constructor and thus the placement new operation on the Data type member would trigger a SIGBUS. Signed-off-by: Veselin Georgiev <veselin.georgiev@garmin.com> Signed-off-by: Joshua Watt <Joshua.Watt@garmin.com>

Fix SIGBUS due to unaligned access
Update RAPIDJSON_ALIGN() to always align on an 8-byte boundary unless otherwise overridden. On some platforms (such as ARM), 64-bit items (such as doubles and 64-bit integers) must be aligned to an 8 byte address, even though the architecture is only 32-bits. On these platforms, MemoryPoolAllocator must match the malloc() behavior and return a 8 byte aligned allocation. This eliminates any alignment issues that may occur at the expense of additional memory overhead. Failure to do so caused a SIGBUS signal when calling GenericValue::SetNull(). The size of the data_ member of the GenericValue class is 16 bytes in 32-bit mode and its constructor requires an 8-byte aligned access. While parsing a JSON formatted string using Document::ParseStream(), a stack object containing GenericValue items was constructed. Since the stack was 8-byte aligned, the constructor calls would succeed. When the lifetime of the object ends, SetObjectRaw() is invoked. This triggered an allocation with 4-byte alignment to which the previously 8-byte aligned GenericValue array was copied. After this, any call to a GenericValue API that triggered the constructor and thus the placement new operation on the Data type member would trigger a SIGBUS. Signed-off-by: Veselin Georgiev <veselin.georgiev@garmin.com> Signed-off-by: Joshua Watt <Joshua.Watt@garmin.com>
748a652f · Veselin Georgiev · Joshua Watt · 2bbd33b3 · 748a652f · 748a652f
Commit 748a652f authored Jul 27, 2018 by Veselin Georgiev Committed by Joshua Watt Jul 31, 2018
Hide whitespace changes
Inline Side-by-side

Showing with 14 additions and 21 deletions

rapidjson.h include/rapidjson/rapidjson.h +2 -7

allocatorstest.cpp test/unittest/allocatorstest.cpp +12 -14

No files found.
--- a/include/rapidjson/rapidjson.h
+++ b/include/rapidjson/rapidjson.h
@@ -269,16 +269,11 @@
 /*! \ingroup RAPIDJSON_CONFIG
    \param x pointer to align

-    Some machines require strict data alignment. Currently the default uses 4 bytes
-    alignment on 32-bit platforms and 8 bytes alignment for 64-bit platforms.
+    Some machines require strict data alignment. The default is 8 bytes.
    User can customize by defining the RAPIDJSON_ALIGN function macro.
 */
 #ifndef RAPIDJSON_ALIGN
-#if RAPIDJSON_64BIT == 1
-#define RAPIDJSON_ALIGN(x) (((x) + static_cast<uint64_t>(7u)) & ~static_cast<uint64_t>(7u))
-#else
-#define RAPIDJSON_ALIGN(x) (((x) + 3u) & ~3u)
-#endif
+#define RAPIDJSON_ALIGN(x) (((x) + static_cast<size_t>(7u)) & ~static_cast<size_t>(7u))
 #endif

 ///////////////////////////////////////////////////////////////////////////////

--- a/test/unittest/allocatorstest.cpp
+++ b/test/unittest/allocatorstest.cpp
@@ -63,23 +63,21 @@ TEST(Allocator, MemoryPoolAllocator) {
 }

 TEST(Allocator, Alignment) {
-#if RAPIDJSON_64BIT == 1
-    EXPECT_EQ(RAPIDJSON_UINT64_C2(0x00000000, 0x00000000), RAPIDJSON_ALIGN(0));
-    for (uint64_t i = 1; i < 8; i++) {
-        EXPECT_EQ(RAPIDJSON_UINT64_C2(0x00000000, 0x00000008), RAPIDJSON_ALIGN(i));
-        EXPECT_EQ(RAPIDJSON_UINT64_C2(0x00000000, 0x00000010), RAPIDJSON_ALIGN(RAPIDJSON_UINT64_C2(0x00000000, 0x00000008) + i));
-        EXPECT_EQ(RAPIDJSON_UINT64_C2(0x00000001, 0x00000000), RAPIDJSON_ALIGN(RAPIDJSON_UINT64_C2(0x00000000, 0xFFFFFFF8) + i));
-        EXPECT_EQ(RAPIDJSON_UINT64_C2(0xFFFFFFFF, 0xFFFFFFF8), RAPIDJSON_ALIGN(RAPIDJSON_UINT64_C2(0xFFFFFFFF, 0xFFFFFFF0) + i));
+    if (sizeof(size_t) >= 8) {
+        EXPECT_EQ(RAPIDJSON_UINT64_C2(0x00000000, 0x00000000), RAPIDJSON_ALIGN(0));
+        for (uint64_t i = 1; i < 8; i++) {
+            EXPECT_EQ(RAPIDJSON_UINT64_C2(0x00000000, 0x00000008), RAPIDJSON_ALIGN(i));
+            EXPECT_EQ(RAPIDJSON_UINT64_C2(0x00000000, 0x00000010), RAPIDJSON_ALIGN(RAPIDJSON_UINT64_C2(0x00000000, 0x00000008) + i));
+            EXPECT_EQ(RAPIDJSON_UINT64_C2(0x00000001, 0x00000000), RAPIDJSON_ALIGN(RAPIDJSON_UINT64_C2(0x00000000, 0xFFFFFFF8) + i));
+            EXPECT_EQ(RAPIDJSON_UINT64_C2(0xFFFFFFFF, 0xFFFFFFF8), RAPIDJSON_ALIGN(RAPIDJSON_UINT64_C2(0xFFFFFFFF, 0xFFFFFFF0) + i));
+        }
    }
-#else
+
    EXPECT_EQ(0u, RAPIDJSON_ALIGN(0u));
-    for (uint32_t i = 1; i < 4; i++) {
-        EXPECT_EQ(4u, RAPIDJSON_ALIGN(i));
-        EXPECT_EQ(8u, RAPIDJSON_ALIGN(4u + i));
-        EXPECT_EQ(0xFFFFFFF8u, RAPIDJSON_ALIGN(0xFFFFFFF4u + i));
-        EXPECT_EQ(0xFFFFFFFCu, RAPIDJSON_ALIGN(0xFFFFFFF8u + i));
+    for (uint32_t i = 1; i < 8; i++) {
+        EXPECT_EQ(8u, RAPIDJSON_ALIGN(i));
+        EXPECT_EQ(0xFFFFFFF8u, RAPIDJSON_ALIGN(0xFFFFFFF0u + i));
    }
-#endif
 }

 TEST(Allocator, Issue399) {