search

swiftlang / swift

The Swift Programming Language
https://swift.org
Apache License 2.0
67.58k stars 10.36k forks source link

TypeLookupError for getTypeByMangledNameInContext #69615

Open Kyle-Ye opened 1 year ago

Kyle-Ye commented 1 year ago

Description EXC_BAD_ACCESS(code=1, address=0xFFFFFFFFFFFFFFF8)

Steps to reproduce

~One more step is needed: KubrickHostTests's location is invalid and we need to manually update it from "KubrickHostTests" to "../Tests/KubrickTests"~

Full context: https://forums.swift.org/t/67842/4

Expected behavior

Not crash

Environment Xcode 15 + iOS 17

Kyle-Ye commented 1 year ago

Checking the assembly code, the crash is from a call to ldur x8, [x3, #-0x8] where x3 is 0x0 here.

    0x10b687008 <+336>: adrp   x0, 455
    0x10b68700c <+340>: add    x0, x0, #0x270            ; demangling cache variable for type metadata for <<opaque return type of static Kubrick.JobBuilder.buildBlock<τ_0_0 where τ_0_0 == τ_1_0.Value, τ_1_0: Kubrick.Job>(τ_1_0) -> some>>.0
->  0x10b687010 <+344>: bl     0x10b646db8               ; __swift_instantiateConcreteTypeFromMangledName at <compiler-generated>
    0x10b687014 <+348>: stur   x0, [x29, #-0x78]
    ...
    0x10b6870c0 <+520>: ldur   x3, [x29, #-0x78]

step into it we'll get the following stack

                     ___swift_instantiateConcreteTypeFromMangledName:
00000000000010c4         sub        sp, sp, #0x30                               ; CODE XREF=_$sSo8NSBundleC7KubrickE6moduleABvpZfiAByXEfU_+176, _$sSo8NSBundleC7KubrickE6moduleABvpZfiAByXEfU_+292, _$sSo8NSBundleC7KubrickE6moduleABvpZfiAByXEfU_+2544, _$sSo8NSBundleC7KubrickE6moduleABvpZfiAByXEfU_+2616, _$s10Foundation3URLVSgWOb+140, _$s10Foundation3URLVSgWOc+140, _$s7Kubrick17AssistantsWatcherC5start13onUnlockedJobyy10Foundation3URLVc_tYaKFTY2_+572, _$s7Kubrick17AssistantsWatcherC5start13onUnlockedJobyy10Foundation3URLVc_tYaKFTY2_+712, _$s7Kubrick17AssistantsWatcherC5start13onUnlockedJobyy10Foundation3URLVc_tYaKFyAHXEfU3_+1268, _$s7Kubrick17AssistantsWatcherC5start13onUnlockedJobyy10Foundation3URLVc_tYaKFyAHXEfU3_+1540, _$s7Kubrick8BatchJobV16inputDescriptorsSayAA0C15InputDescriptor_pGvg+388
00000000000010c8         stp        fp, lr, [sp, #0x20]
00000000000010cc         add        fp, sp, #0x20
00000000000010d0         str        x0, [sp, #0x20 + var_18]
00000000000010d4         ldr        x0, [x0]
00000000000010d8         str        x0, [sp, #0x20 + var_10]
00000000000010dc         subs       x8, x0, #0x0
00000000000010e0         cset       w8, lt
00000000000010e4         stur       x0, [fp, var_8]
00000000000010e8         tbnz       w8, _$s7Kubrick12BundleFinder33_52D02995FFD15CB49CED8C78FC5C47DFLLCfd, loc_1100

00000000000010ec         b          loc_10f0

                     loc_10f0:
00000000000010f0         ldur       x0, [fp, var_8]                             ; CODE XREF=___swift_instantiateConcreteTypeFromMangledName+40, ___swift_instantiateConcreteTypeFromMangledName+104
00000000000010f4         ldp        fp, lr, [sp, #0x20]
00000000000010f8         add        sp, sp, #0x30
00000000000010fc         ret
                        ; endp

                     loc_1100:
0000000000001100         ldr        x8, [sp, #0x20 + var_18]                    ; CODE XREF=___swift_instantiateConcreteTypeFromMangledName+36
0000000000001104         ldr        x9, [sp, #0x20 + var_10]
0000000000001108         mov        x10, #0x0
000000000000110c         subs       x1, x10, x9, asr #32                        ; argument "typeNameLength" for method _swift_getTypeByMangledNameInContext
0000000000001110         add        x0, x8, w9, sxtw                            ; argument "typeNameStart" for method _swift_getTypeByMangledNameInContext
0000000000001114         mov        x3, #0x0                                    ; argument "genericArgs" for method _swift_getTypeByMangledNameInContext
0000000000001118         mov        x2, x3                                      ; argument "context" for method _swift_getTypeByMangledNameInContext
000000000000111c         bl         _swift_getTypeByMangledNameInContext        ; _swift_getTypeByMangledNameInContext
0000000000001120         ldr        x8, [sp, #0x20 + var_18]
0000000000001124         str        x0, [x8]
0000000000001128         stur       x0, [fp, var_8]
000000000000112c         b          loc_10f0

The is due to a call to _swift_getTypeByMangledNameInContext.

x0 -> KubrickHostTests`symbolic _____y_____ySi______pG______yAC______y______Qo_Qo_Qo_ 7Kubrick10JobBuilderV10buildBlockyQrqd__5ValueQyd__RszAA0B0Rd__lFZQO s6ResultO s5ErrorP AC0D10ExpressionyQrqd__AFRszAaGRd__lFZQO AaGPAAE05mapToG0QryFQO 0A9HostTests03MapbM0C018test_MappingErrorsK7ResultsyyYaKF08ThrowingB0L_V
swift_getTypeByMangledNameInContext(typeNameStart: x0, typeNameLength: 0x35, context: nil, genericArgs: nil)

And the result is 

x8 = 0x000000018cc467e8  libswiftCore.dylib`swift::TypeLookupError::TypeLookupError(char const*)::'lambda'(void*, swift::TypeLookupError::Command, void*)::__invoke(void*, swift::TypeLookupError::Command, void*)

https://github.com/apple/swift/blob/b96b2d9a9ef431ce83974ca76b3c9d9f6dc6fe78/stdlib/public/runtime/MetadataLookup.cpp#L2341-L2370

cc @mikeash and @al45tair as the recent commits for this function.