This is an archive of the discontinued LLVM Phabricator instance.

Differential D100795

[lldb] Fix RichManglingContext::FromCxxMethodName() leak
ClosedPublic

Authored by rupprecht on Apr 19 2021, 2:35 PM.

Details

Reviewers
shafik
teemperor
JDevlieghere
MaskRay
Commits
rGeb5e11f460b1: [lldb] Fix RichManglingContext::FromCxxMethodName() leak
Summary

RichManglingContext::FromCxxMethodName allocates a m_cxx_method_parser, but never deletes it.

This fixes a -DLLVM_USE_SANITIZER=Leaks failure.

Diff Detail

Event Timeline

rupprecht requested review of this revision.Apr 19 2021, 2:35 PM
rupprecht created this revision.
Herald added a project: Restricted Project. · View Herald TranscriptApr 19 2021, 2:35 PM
Herald added a subscriber: lldb-commits. · View Herald Transcript
Harbormaster completed remote builds in B99567: Diff 338645.Apr 19 2021, 3:30 PM
Herald added a subscriber: JDevlieghere. · View Herald TranscriptApr 19 2021, 3:30 PM
shafik added a subscriber: shafik.Apr 19 2021, 4:03 PM
shafik added inline comments.
lldb/source/Core/RichManglingContext.cpp
24

This code is duplicated from ResetProvider(...) we should factor it out and call it from both places, so we if we ever change this code in the future we don't have to remember to fix both places.

rupprecht updated this revision to Diff 338665.Apr 19 2021, 4:15 PM
  • Refactor cleanup of m_cxx_method_parser
rupprecht marked an inline comment as done.Apr 19 2021, 4:16 PM
MaskRay mentioned this in D100800: [lldb] Fix demangler leaks in the DWARF AST parser.Apr 19 2021, 4:43 PM
Harbormaster completed remote builds in B99584: Diff 338665.Apr 19 2021, 4:45 PM
rupprecht updated this revision to Diff 338979.Apr 20 2021, 1:29 PM
  • Move comment about switch to the correct spot
rupprecht added reviewers: shafik, teemperor, JDevlieghere, MaskRay.Apr 20 2021, 1:29 PM
Harbormaster completed remote builds in B99795: Diff 338979.Apr 20 2021, 2:32 PM
teemperor accepted this revision.Apr 20 2021, 4:05 PM

LGTM, thanks for fixing this!

We don't really have a thread for keep track of what other leak sanitiser failures needs to be fixed, but I believe with this revision (+ the revisions that I have to land) the only leaks left are related to reproducers or Python.

This revision is now accepted and ready to land.Apr 20 2021, 4:05 PM
JDevlieghere added inline comments.Apr 20 2021, 4:10 PM
lldb/source/Core/RichManglingContext.cpp
23

Instead of managing memory by hand, can we use a unique_ptr<char[]> instead?

rupprecht added inline comments.Apr 20 2021, 6:20 PM
lldb/source/Core/RichManglingContext.cpp
23

The buffer here is created by malloc, and from a cursory reading of processIPDStrResult, can be passed to other methods that call realloc on it. It should be paired with free, not delete. You could put that in a unique_ptr<char, FreeDeleter>, but when you go down that road, I think it's probably simpler to leave as-is. (You'd also have to take care to always manually .release() it when updating it to the realloc'd value, because you don't want to delete the pre-realloc'd buffer).

(Note: this line is pulled from the original ~RichManglingContext() definition in the header. I didn't write it so I can't defend it that well :) )

shafik added a comment.Apr 20 2021, 6:58 PM

Thank you for reforactoring into ResetCxxMethodParser.

lldb/source/Core/RichManglingContext.cpp
23

I didn't suggest this b/c it was clear it was a quick fix and it seemed a reach to ask for that in this fix.

JDevlieghere added inline comments.Apr 20 2021, 7:01 PM
lldb/source/Core/RichManglingContext.cpp
23

Thanks for the explanation! That does sound like a bit of overkill. If it's not already documented, would it be useful to leave that as a comment somewhere?

dblaikie added a subscriber: dblaikie.Apr 20 2021, 7:17 PM
dblaikie added inline comments.
lldb/source/Core/RichManglingContext.cpp
23

(I think for this patch, makes sense not to try to address the ownership/allocation model because it is non-trivial, as you've mentioned - but longer term, it might be worth revisiting it at some point - as it has a non-trivial & not well enforced boundary in terms of the allocation scheme shared between RichManglingContext and ItaniumPartialDemangler. It'd be good if that boundary were more clear rather than requiring malloc'd memory to be passed in, and requiring the caller to free it - some kind of abstraction over the memory ownership would probably be good to have)

rupprecht updated this revision to Diff 339264.Apr 21 2021, 9:03 AM
rupprecht marked 4 inline comments as done.
  • Add comments about memory management for m_ipd_buf
rupprecht added inline comments.Apr 21 2021, 9:05 AM
lldb/source/Core/RichManglingContext.cpp
23

Added a comment to the header. Agree about the longer term fixes on the API boundaries -- D100800 is a leak fix for that API, so it's clearly an API with sharp edges.

Harbormaster completed remote builds in B100007: Diff 339264.Apr 21 2021, 9:58 AM
This revision was landed with ongoing or failed builds.Apr 21 2021, 12:34 PM
Closed by commit rGeb5e11f460b1: [lldb] Fix RichManglingContext::FromCxxMethodName() leak (authored by rupprecht). · Explain Why
This revision was automatically updated to reflect the committed changes.
rupprecht added a commit: rGeb5e11f460b1: [lldb] Fix RichManglingContext::FromCxxMethodName() leak.

Revision Contents

PathSize
lldb/
include/
lldb/
Core/
8 lines
source/
Core/
11 lines

Diff 339351

lldb/include/lldb/Core/RichManglingContext.h

Show All 23 Lines
/// providers. See Mangled::DemangleWithRichManglingInfo() /// providers. See Mangled::DemangleWithRichManglingInfo()
class RichManglingContext { class RichManglingContext {
public: public:
RichManglingContext() : m_provider(None), m_ipd_buf_size(2048) { RichManglingContext() : m_provider(None), m_ipd_buf_size(2048) {
m_ipd_buf = static_cast<char *>(std::malloc(m_ipd_buf_size)); m_ipd_buf = static_cast<char *>(std::malloc(m_ipd_buf_size));
m_ipd_buf[0] = '\0'; m_ipd_buf[0] = '\0';
} }
~RichManglingContext() { std::free(m_ipd_buf); } ~RichManglingContext();
/// Use the ItaniumPartialDemangler to obtain rich mangling information from /// Use the ItaniumPartialDemangler to obtain rich mangling information from
/// the given mangled name. /// the given mangled name.
bool FromItaniumName(ConstString mangled); bool FromItaniumName(ConstString mangled);
/// Use the legacy language parser implementation to obtain rich mangling /// Use the legacy language parser implementation to obtain rich mangling
/// information from the given demangled name. /// information from the given demangled name.
bool FromCxxMethodName(ConstString demangled); bool FromCxxMethodName(ConstString demangled);
Show All 31 Linesprivate:
/// Selects the rich mangling info provider. /// Selects the rich mangling info provider.
InfoProvider m_provider; InfoProvider m_provider;
/// Reference to the buffer used for results of ParseXy() operations. /// Reference to the buffer used for results of ParseXy() operations.
llvm::StringRef m_buffer; llvm::StringRef m_buffer;
/// Members for ItaniumPartialDemangler /// Members for ItaniumPartialDemangler
llvm::ItaniumPartialDemangler m_ipd; llvm::ItaniumPartialDemangler m_ipd;
/// Note: m_ipd_buf is a raw pointer due to being resized by realloc via
/// ItaniumPartialDemangler. It should be managed with malloc/free, not
/// new/delete.
char *m_ipd_buf; char *m_ipd_buf;
size_t m_ipd_buf_size; size_t m_ipd_buf_size;
/// Members for PluginCxxLanguage /// Members for PluginCxxLanguage
/// Cannot forward declare inner class CPlusPlusLanguage::MethodName. The /// Cannot forward declare inner class CPlusPlusLanguage::MethodName. The
/// respective header is in Plugins and including it from here causes cyclic /// respective header is in Plugins and including it from here causes cyclic
/// dependency. Instead keep a llvm::Any and cast it on-access in the cpp. /// dependency. Instead keep a llvm::Any and cast it on-access in the cpp.
llvm::Any m_cxx_method_parser; llvm::Any m_cxx_method_parser;
/// Clean up memory when using PluginCxxLanguage
void ResetCxxMethodParser();
/// Clean up memory and set a new info provider for this instance. /// Clean up memory and set a new info provider for this instance.
void ResetProvider(InfoProvider new_provider); void ResetProvider(InfoProvider new_provider);
/// Uniform handling of string buffers for ItaniumPartialDemangler. /// Uniform handling of string buffers for ItaniumPartialDemangler.
void processIPDStrResult(char *ipd_res, size_t res_len); void processIPDStrResult(char *ipd_res, size_t res_len);
/// Cast the given parser to the given type. Ideally we would have a type /// Cast the given parser to the given type. Ideally we would have a type
/// trait to deduce \a ParserT from a given InfoProvider, but unfortunately we /// trait to deduce \a ParserT from a given InfoProvider, but unfortunately we
Show All 11 Lines

lldb/source/Core/RichManglingContext.cpp

Show All 13 Lines
#include "Plugins/Language/CPlusPlus/CPlusPlusLanguage.h" #include "Plugins/Language/CPlusPlus/CPlusPlusLanguage.h"
#include "llvm/ADT/StringRef.h" #include "llvm/ADT/StringRef.h"
using namespace lldb; using namespace lldb;
using namespace lldb_private; using namespace lldb_private;
// RichManglingContext // RichManglingContext
void RichManglingContext::ResetProvider(InfoProvider new_provider) { RichManglingContext::~RichManglingContext() {
std::free(m_ipd_buf);
JDevlieghereUnsubmitted
Done
ReplyInline Actions

Instead of managing memory by hand, can we use a unique_ptr<char[]> instead?

JDevlieghere: Instead of managing memory by hand, can we use a `unique_ptr<char[]>` instead?
rupprechtAuthorUnsubmitted
Done
ReplyInline Actions

The buffer here is created by malloc, and from a cursory reading of processIPDStrResult, can be passed to other methods that call realloc on it. It should be paired with free, not delete. You could put that in a unique_ptr<char, FreeDeleter>, but when you go down that road, I think it's probably simpler to leave as-is. (You'd also have to take care to always manually .release() it when updating it to the realloc'd value, because you don't want to delete the pre-realloc'd buffer).

(Note: this line is pulled from the original ~RichManglingContext() definition in the header. I didn't write it so I can't defend it that well :) )

rupprecht: The buffer here is created by `malloc`, and from a cursory reading of `processIPDStrResult`…
JDevlieghereUnsubmitted
Done
ReplyInline Actions

Thanks for the explanation! That does sound like a bit of overkill. If it's not already documented, would it be useful to leave that as a comment somewhere?

JDevlieghere: Thanks for the explanation! That does sound like a bit of overkill. If it's not already…
dblaikieUnsubmitted
Done
ReplyInline Actions

(I think for this patch, makes sense not to try to address the ownership/allocation model because it is non-trivial, as you've mentioned - but longer term, it might be worth revisiting it at some point - as it has a non-trivial & not well enforced boundary in terms of the allocation scheme shared between RichManglingContext and ItaniumPartialDemangler. It'd be good if that boundary were more clear rather than requiring malloc'd memory to be passed in, and requiring the caller to free it - some kind of abstraction over the memory ownership would probably be good to have)

dblaikie: (I think for this patch, makes sense not to try to address the ownership/allocation model…
rupprechtAuthorUnsubmitted
Done
ReplyInline Actions

Added a comment to the header. Agree about the longer term fixes on the API boundaries -- D100800 is a leak fix for that API, so it's clearly an API with sharp edges.

rupprecht: Added a comment to the header. Agree about the longer term fixes on the API boundaries…
shafikUnsubmitted
Done
ReplyInline Actions

I didn't suggest this b/c it was clear it was a quick fix and it seemed a reach to ask for that in this fix.

shafik: I didn't suggest this b/c it was clear it was a quick fix and it seemed a reach to ask for that…
ResetCxxMethodParser();
shafikUnsubmitted
Done
ReplyInline Actions

This code is duplicated from ResetProvider(...) we should factor it out and call it from both places, so we if we ever change this code in the future we don't have to remember to fix both places.

shafik: This code is duplicated from `ResetProvider(...)` we should factor it out and call it from both…
}
void RichManglingContext::ResetCxxMethodParser() {
// If we want to support parsers for other languages some day, we need a // If we want to support parsers for other languages some day, we need a
// switch here to delete the correct parser type. // switch here to delete the correct parser type.
if (m_cxx_method_parser.hasValue()) { if (m_cxx_method_parser.hasValue()) {
assert(m_provider == PluginCxxLanguage); assert(m_provider == PluginCxxLanguage);
delete get<CPlusPlusLanguage::MethodName>(m_cxx_method_parser); delete get<CPlusPlusLanguage::MethodName>(m_cxx_method_parser);
m_cxx_method_parser.reset(); m_cxx_method_parser.reset();
} }
}
void RichManglingContext::ResetProvider(InfoProvider new_provider) {
ResetCxxMethodParser();
assert(new_provider != None && "Only reset to a valid provider"); assert(new_provider != None && "Only reset to a valid provider");
m_provider = new_provider; m_provider = new_provider;
} }
bool RichManglingContext::FromItaniumName(ConstString mangled) { bool RichManglingContext::FromItaniumName(ConstString mangled) {
bool err = m_ipd.partialDemangle(mangled.GetCString()); bool err = m_ipd.partialDemangle(mangled.GetCString());
if (!err) { if (!err) {
▲ Show 20 LinesShow All 135 LinesShow Last 20 Lines