This is an archive of the discontinued LLVM Phabricator instance.

Differential D97323

[libcxx] Fix infinite loop regression when building libc++ with ubsan
AbandonedPublic

Authored by thakis on Feb 23 2021, 12:00 PM.

Details

Reviewers
rsmith
ldionne
Group Reviewers
Restricted Project
Summary

https://reviews.llvm.org/rG360ead76480adf7bd7dcef22944e2acc2cc72720
made libcxxabi call typeinfo::operator==() in the implementation of
__dynamic_cast(). When ubsan instrumentation is active, it emits
a call to dynamic_cast<>() for the implementation of
typeinfo::operator== to verify the dynamic type of this. This leads
to infinite recursion.

As a workaround, disable ubsan instrumentation for
typeinfo::operator==().

See https://crbug.com/1181057 for more notes.

Diff Detail

Event Timeline

thakis requested review of this revision.Feb 23 2021, 12:00 PM
thakis created this revision.
ldionne added a subscriber: ldionne.Feb 23 2021, 12:03 PM

The fix looks OK to me, but why doesn't this show up when we run the tests under ubsan?

thakis added a comment.Feb 23 2021, 12:19 PM
In D97323#2582807, @ldionne wrote:

The fix looks OK to me, but why doesn't this show up when we run the tests under ubsan?

I guess the test runner builds against system libc++abi, or doesn't instrument libc++abi with ubsan (?).

rsmith added a comment.Feb 23 2021, 12:28 PM

The ubsan runtime expects its dependencies to not have ubsan enabled. How are you configuring your build so that libc++abi ends up ubsan-instrumented? Can we ensure that doesn't happen somehow?

thakis added a comment.Feb 23 2021, 12:37 PM
In D97323#2582883, @rsmith wrote:

The ubsan runtime expects its dependencies to not have ubsan enabled. How are you configuring your build so that libc++abi ends up ubsan-instrumented? Can we ensure that doesn't happen somehow?

Sure, that's possible too. We've been running with sanitizer-enabled libc++(abi) for years though, and this is the only issue we've run into.

ldionne requested changes to this revision.Feb 23 2021, 5:26 PM
In D97323#2582883, @rsmith wrote:

The ubsan runtime expects its dependencies to not have ubsan enabled. How are you configuring your build so that libc++abi ends up ubsan-instrumented? Can we ensure that doesn't happen somehow?

In that case, I think we should fix the issue at its root and not make this workaround in libc++.

Is there a way we could detect this sort of issue in the sanitizers to error early instead of just misbehaving when someone violates that requirement?

This revision now requires changes to proceed.Feb 23 2021, 5:26 PM
thakis mentioned this in D52386: [Lexer] Add udefined_behavior_sanitizer feature.Feb 23 2021, 5:51 PM
In D97323#2583597, @ldionne wrote:
In D97323#2582883, @rsmith wrote:

The ubsan runtime expects its dependencies to not have ubsan enabled. How are you configuring your build so that libc++abi ends up ubsan-instrumented? Can we ensure that doesn't happen somehow?

In that case, I think we should fix the issue at its root and not make this workaround in libc++.

Is there a way we could detect this sort of issue in the sanitizers to error early instead of just misbehaving when someone violates that requirement?

If the review feedback on D52386 gets addressed, we could add an #if __has_feature(ubsan_vptr) #error to private_typeinfo.cpp.

Harbormaster completed remote builds in B90458: Diff 325864.Feb 23 2021, 11:43 PM
thakis abandoned this revision.Feb 24 2021, 5:51 AM

Revision Contents

PathSize
libcxx/
include/
7 lines

Diff 325864

libcxx/include/typeinfo

Show First 20 LinesShow All 319 Lines▼ Show 20 Linespublic:
_LIBCPP_INLINE_VISIBILITY _LIBCPP_INLINE_VISIBILITY
size_t hash_code() const _NOEXCEPT size_t hash_code() const _NOEXCEPT
{ {
return __impl::__hash(__type_name); return __impl::__hash(__type_name);
} }
_LIBCPP_INLINE_VISIBILITY _LIBCPP_INLINE_VISIBILITY
#if __has_attribute(no_sanitize)
// libcxxabi's __dynamic_cast() implementation calls this operator to
// implement dynamic_cast<>(), but ubsan's instrumentation inserts a
// call to dynamic_cast<>() into the implementation of this function to
// check the dynamic type of |this|, leading to infinite recursion.
__attribute__((__no_sanitize__("undefined")))
#endif
bool operator==(const type_info& __arg) const _NOEXCEPT bool operator==(const type_info& __arg) const _NOEXCEPT
{ {
return __impl::__eq(__type_name, __arg.__type_name); return __impl::__eq(__type_name, __arg.__type_name);
} }
_LIBCPP_INLINE_VISIBILITY _LIBCPP_INLINE_VISIBILITY
bool operator!=(const type_info& __arg) const _NOEXCEPT bool operator!=(const type_info& __arg) const _NOEXCEPT
{ return !operator==(__arg); } { return !operator==(__arg); }
Show All 39 Lines