This is an archive of the discontinued LLVM Phabricator instance.

Differential D19818

sanitizers: call __cxa_demangle only on mangled external names
Needs ReviewPublic

Authored by emaste on May 2 2016, 11:41 AM.

Details

Reviewers
samsonov
eugenis
Summary

Explicitly check for mangled external names (starting with "_Z") as __cxa_demangle also handles type mangling, which conflicts with unmangled names such as "f" or "m".

For reference D2552 is the same issue in lldb. See also the discussion at https://lists.freebsd.org/pipermail/freebsd-toolchain/2014-June/001153.html.

Diff Detail

Event Timeline

emaste updated this revision to Diff 55855.May 2 2016, 11:41 AM
emaste retitled this revision from to sanitizers: call __cxa_demangle only on mangled external names.
emaste updated this object.
emaste added reviewers: samsonov, eugenis.
emaste set the repository for this revision to rL LLVM.
emaste added a subscriber: dim.
Herald added subscribers: kubamracek, emaste. · View Herald TranscriptMay 2 2016, 11:41 AM
eugenis edited edge metadata.May 2 2016, 12:02 PM

Will this work on Mac?
I think they add leading underscores, but it's only for C symbols, or is it not?

emaste added a comment.May 2 2016, 12:21 PM
In D19818#418920, @eugenis wrote:

Will this work on Mac?
I think they add leading underscores, but it's only for C symbols, or is it not?

Hrm. Indeed, on OS X nm reports __Z2fni as the mangled name for fn(int). In the case of lldb the extra leading _ must be stripped off earlier.

kubamracek added a comment.May 2 2016, 12:56 PM

Can we return nullptr in case 'name' is nullptr? __cxa_demangle does that and this removes this behavior.

emaste updated this revision to Diff 55878.May 2 2016, 1:07 PM
emaste edited edge metadata.
emaste removed rL LLVM as the repository for this revision.

Restore handling of name = nullptr.

filcab added a subscriber: filcab.May 2 2016, 1:08 PM

Can you create a C test with a function called f, i, m, whatever that
triggered the demangler and doesn't trigger anymore?

Thank you,

Filipe
samsonov edited edge metadata.May 2 2016, 1:09 PM

I am not sure, but IIRC somewhere we depend on the ability of __cxa_demangle to demangle the type names.

samsonov added a comment.May 2 2016, 1:09 PM

That is, even if we want to add this check, it should be closer to the call site, where we know for sure we're demangling the variable name.

filcab added a comment.May 3 2016, 12:39 AM

AFAICT, the only place we might be expecting something that doesn't
start with _Z to be demangled is in lib/ubsan/ubsan_diag.cc:188
But I'm not sure we're calling it in that way.

Ed: I guess the best thing would be to either:

  • Audit usages of Demangle (and its users :-) ), and see if we

actually use it for demangling type names.

  • If we use it only once or twice for that, maybe another function

for those cases would work

  • Or just do what Alexey asked an check before you call Demangle.

Thank you,

Filipe

Revision Contents

PathSize
lib/
sanitizer_common/
5 lines

Diff 55878

lib/sanitizer_common/sanitizer_symbolizer_posix_libcdep.cc

Show First 20 LinesShow All 49 Lines▼ Show 20 Lines
// Attempts to demangle the name via __cxa_demangle from __cxxabiv1. // Attempts to demangle the name via __cxa_demangle from __cxxabiv1.
const char *DemangleCXXABI(const char *name) { const char *DemangleCXXABI(const char *name) {
// FIXME: __cxa_demangle aggressively insists on allocating memory. // FIXME: __cxa_demangle aggressively insists on allocating memory.
// There's not much we can do about that, short of providing our // There's not much we can do about that, short of providing our
// own demangler (libc++abi's implementation could be adapted so that // own demangler (libc++abi's implementation could be adapted so that
// it does not allocate). For now, we just call it anyway, and we leak // it does not allocate). For now, we just call it anyway, and we leak
// the returned value. // the returned value.
if (__cxxabiv1::__cxa_demangle) // Explicitly check for mangled external names (starting with "_Z") as
// __cxa_demangle also handles type mangling, which conflicts with
// unmangled names such as "f" or "m".
if (__cxxabiv1::__cxa_demangle && name && name[0] == '_' && name[1] == 'Z')
if (const char *demangled_name = if (const char *demangled_name =
__cxxabiv1::__cxa_demangle(name, 0, 0, 0)) __cxxabiv1::__cxa_demangle(name, 0, 0, 0))
return demangled_name; return demangled_name;
return name; return name;
} }
// Attempts to demangle a Swift name. The demangler will return nullptr // Attempts to demangle a Swift name. The demangler will return nullptr
▲ Show 20 LinesShow All 424 LinesShow Last 20 Lines