init libsupc++ emergency_pool early

yfeldblum · yfeldblum · commit 0791d5dddbbf · 2025-07-17T18:32:10.000-07:00
When an exception is thrown and caught, destruction of the exception checks whether the exception was allocated in the `emergency_pool`, which is a global variable. This global variable has a runtime constructor, which means access to it is valid only once the constructor has run during the module init phase. But throwing and catching an exception is permitted at any time, not just during the lifetime of `main`. And this must be true whether libsupc++ is linked dynamically or statically. LLVM Address Sanitizer aborts with `initialization-order-fiasco` when, in a binary which links libsupc++ statically, an exception is thrown and caught in some global constructor which happens to run prior to the global constructor of `emergency_pool`. ``` ERROR: AddressSanitizer: initialization-order-fiasco ... READ of size 8 at ... thread T0 SCARINESS: 14 (8-byte-read-initialization-order-fiasco) #0 ... in (anonymous namespace)::pool::in_pool(void*) gcc-11.x/libstdc++-v3/libsupc++/eh_alloc.cc:258 gcc-mirror#1 ... in __cxa_free_exception gcc-11.x/libstdc++-v3/libsupc++/eh_alloc.cc:302 gcc-mirror#2 ... in __gxx_exception_cleanup(_Unwind_Reason_Code, _Unwind_Exception*) gcc-11.x/libstdc++-v3/libsupc++/eh_throw.cc:51 gcc-mirror#3 ... in __cxa_end_catch gcc-11.x/libstdc++-v3/libsupc++/eh_catch.cc:125 ... ... in __cxx_global_var_init ... ... ... in call_init.part.0 glibc-2.40/elf/dl-init.c:74:3 ... in call_init glibc-2.40/elf/dl-init.c:120:14 ... in _dl_init glibc-2.40/elf/dl-init.c:121:5 ... in _dl_start_user glibc-2.40/elf/../sysdeps/aarch64/dl-start.S:46 ... is located 56 bytes inside of global variable '(anonymous namespace)::emergency_pool' defined in 'gcc-11.x/libstdc++-v3/libsupc++/eh_alloc.cc' (...) of size 72 registered at: #0 ... in __asan_register_globals.part.0 llvm-project/compiler-rt/lib/asan/asan_globals.cpp:393:3 gcc-mirror#1 ... in __asan_register_globals llvm-project/compiler-rt/lib/asan/asan_globals.cpp:392:3 gcc-mirror#2 ... in __asan_register_elf_globals llvm-project/compiler-rt/lib/asan/asan_globals.cpp:376:26 gcc-mirror#3 ... in call_init.part.0 glibc-2.40/elf/dl-init.c:74:3 gcc-mirror#4 ... in call_init glibc-2.40/elf/dl-init.c:120:14 gcc-mirror#5 ... in _dl_init glibc-2.40/elf/dl-init.c:121:5 gcc-mirror#6 ... in _dl_start_user glibc-2.40/elf/../sysdeps/aarch64/dl-start.S:46 ```
diff --git a/libstdc++-v3/libsupc++/eh_alloc.cc b/libstdc++-v3/libsupc++/eh_alloc.cc
@@ -370,7 +370,27 @@ namespace
       return less(ptr, arena + arena_size) && less(arena, ptr);
     }
 
-  pool emergency_pool;
+  struct pool_storage {
+    alignas(pool) unsigned char storage[sizeof(pool)];
+    bool init = false;
+  };
+
+  pool_storage emergency_pool_storage;
+
+  __attribute__((__pure__))
+  pool& emergency_pool() {
+    auto& obj = emergency_pool_storage;
+    if (!obj.init, 0) [[__unlikely__]] {
+      new (obj.storage) pool;
+      obj.init = true;
+    }
+    return *reinterpret_cast<pool*>(obj.storage);
+  }
+
+  __attribute__((__constructor__(102)))
+  void init_emergency_pool() noexcept {
+    (void)emergency_pool();
+  }
 }
 
 namespace __gnu_cxx
@@ -380,10 +400,10 @@ namespace __gnu_cxx
   __freeres() noexcept
   {
 #ifndef _GLIBCXX_EH_POOL_STATIC
-    if (emergency_pool.arena)
+    if (emergency_pool().arena)
       {
-	::free(emergency_pool.arena);
-	emergency_pool.arena = 0;
+	::free(emergency_pool().arena);
+	emergency_pool().arena = 0;
       }
 #endif
   }
@@ -399,7 +419,7 @@ __cxxabiv1::__cxa_allocate_exception(std::size_t thrown_size) noexcept
 
 #if USE_POOL
   if (!ret)
-    ret = emergency_pool.allocate (thrown_size);
+    ret = emergency_pool().allocate (thrown_size);
 #endif
 
   if (!ret)
@@ -416,8 +436,8 @@ __cxxabiv1::__cxa_free_exception(void *vptr) noexcept
 {
   char *ptr = (char *) vptr - sizeof (__cxa_refcounted_exception);
 #if USE_POOL
-  if (emergency_pool.in_pool (ptr)) [[__unlikely__]]
-    emergency_pool.free (ptr);
+  if (emergency_pool().in_pool (ptr)) [[__unlikely__]]
+    emergency_pool().free (ptr);
   else
 #endif
     free (ptr);
@@ -431,7 +451,7 @@ __cxxabiv1::__cxa_allocate_dependent_exception() noexcept
 
 #if USE_POOL
   if (!ret)
-    ret = emergency_pool.allocate (sizeof (__cxa_dependent_exception));
+    ret = emergency_pool().allocate (sizeof (__cxa_dependent_exception));
 #endif
 
   if (!ret)
@@ -448,8 +468,8 @@ __cxxabiv1::__cxa_free_dependent_exception
   (__cxa_dependent_exception *vptr) noexcept
 {
 #if USE_POOL
-  if (emergency_pool.in_pool (vptr)) [[__unlikely__]]
-    emergency_pool.free (vptr);
+  if (emergency_pool().in_pool (vptr)) [[__unlikely__]]
+    emergency_pool().free (vptr);
   else
 #endif
     free (vptr);
