This is an archive of the discontinued LLVM Phabricator instance.

Differential D107712

Fix possible infinite loop in itanium demangler
ClosedPublic

Authored by borman on Aug 8 2021, 3:43 AM.

Details

Reviewers
libcxx-commits
ldionne
Group Reviewers
Restricted Project
Commits
rGf0fcd4249543: [libc++abi] Fix possible infinite loop in itanium demangler
Summary

A libfuzzer run has discovered some inputs for which the demangler does not terminate.

When minimized, it looks like this: _Zcv1BIRT_EIS1_E

Deciphered:

_Z
cv    - conversion operator

      * result type
 1B   - "B"
 I    - template args begin
  R   - reference type              <.
   T_ - forward template reference   |  *
 E    - template args end            |  |
                                     |  |
      * parameter type               |  |
 I    - template args begin          |  |
  S1_ - substitution #1              * <'
 E    - template args end

The reason is: template-parameter refs in conversion operator result type create forward-references, while substitutions are instantly resolved via back-references. Together these can create a reference loop. It causes an infinite loop in ReferenceType::collapse().

I see three possible ways to avoid these loops:

  1. check if resolving a forward reference creates a loop and reject the invalid input (hard to traverse AST at this point)
  2. check if a substitution contains a malicious forward reference and reject the invalid input (hard to traverse AST at this point; substitutions are quite common: may affect performance; hard to clearly detect loops at this point)
  3. detect loops in ReferenceType::collapse() (cannot reject the input)

This patch implements (3) as seemingly the least-impact change. As a side effect, such invalid input strings are not rejected and produce garbage, however there are already similar guards in if (Printing) return; checks.

Fixes: https://bugs.llvm.org/show_bug.cgi?id=51407

Diff Detail

Event Timeline

borman requested review of this revision.Aug 8 2021, 3:43 AM
borman created this revision.
Herald added a reviewer: Restricted Project. · View Herald TranscriptAug 8 2021, 3:43 AM
Herald added a project: Restricted Project. · View Herald Transcript
borman added inline comments.Aug 8 2021, 3:48 AM
llvm/include/llvm/Demangle/ItaniumDemangle.h
112–229

I could submit this change as a NFC to clean up the actual patch; however the move itself would be out of context.

borman edited the summary of this revision. (Show Details)Aug 8 2021, 3:51 AM
georgthegreat added a subscriber: georgthegreat.Aug 8 2021, 11:33 AM
Harbormaster completed remote builds in B118545: Diff 365012.Aug 9 2021, 6:29 AM
ldionne requested changes to this revision.Aug 9 2021, 6:37 AM
ldionne added a subscriber: ldionne.

Thanks a lot for looking into this! When you re-upload the patch, can you please do it with arc diff so that context is included in the diff? See https://www.llvm.org/docs/Phabricator.html#requesting-a-review-via-the-command-line for instructions.

libcxxabi/test/test_demangle.pass.cpp
29847

We need to add this at the top of this file:

// https://llvm.org/PR51407 was not fixed in some previously-released demanglers, which
// causes them to run into the infinite loop.
// UNSUPPORTED: use_system_cxx_lib && target={{.+}}-apple-macosx10.{{9|10|11|12|13|14|15}}
// UNSUPPORTED: use_system_cxx_lib && target={{.+}}-apple-macosx11.0

Otherwise, we'll try to run the test on those configurations and we'll run into the infinite loop. Incidentally, this just stalled the CI for 24 hours (I'll put a timeout on our tests).

29848

Please normalize to https://llvm.org/PR51407.

llvm/include/llvm/Demangle/ItaniumDemangle.h
112–229

I would rather the move be performed as a separate NFC. The commit message can mention it's for a follow-up change.

This revision now requires changes to proceed.Aug 9 2021, 6:37 AM
borman mentioned this in D107771: [NFC][libcxxabi] Move PODSmallVector definition to the top of ItaniumDemangle.h.Aug 9 2021, 10:26 AM
borman added inline comments.Aug 9 2021, 10:28 AM
llvm/include/llvm/Demangle/ItaniumDemangle.h
112–229

Separate review for the move: https://reviews.llvm.org/D107712

borman updated this revision to Diff 366895.Aug 17 2021, 7:38 AM

rebase onto D107771, fix issues

borman added a parent revision: D107771: [NFC][libcxxabi] Move PODSmallVector definition to the top of ItaniumDemangle.h.Aug 17 2021, 7:44 AM
borman updated this revision to Diff 366896.Aug 17 2021, 7:45 AM

resubmit diff against main

Harbormaster completed remote builds in B119902: Diff 366896.Aug 17 2021, 7:46 AM
borman updated this revision to Diff 366897.Aug 17 2021, 7:48 AM

resubmit diff against D107771

borman added a comment.Aug 17 2021, 7:53 AM

Unfortunately, Arcanist doesn't give me any options to send test_demangler.pass.cpp diff as text:

Diff for 'libcxxabi/test/test_demangle.pass.cpp' with context is
5,403,433 bytes in length. Generally, source changes should not be this
large. If the file is not a text file, you can mark it 'binary'. Mark
this file as 'binary' and continue? [y/N] y

Seems like enormous strings in test cases upset it and I'm not proficient enough with it to bypass this.

The actual diff is:

diff --git a/libcxxabi/test/test_demangle.pass.cpp b/libcxxabi/test/test_demangle.pass.cpp
index 1780e684cbb5..0744172a6cbb 100644
--- a/libcxxabi/test/test_demangle.pass.cpp
+++ b/libcxxabi/test/test_demangle.pass.cpp
@@ -9,6 +9,11 @@
 // The demangler does not pass all these tests with the system dylibs on macOS.
 // XFAIL: use_system_cxx_lib && target={{.+}}-apple-macosx10.{{9|10|11|12|13|14|15}}

+// https://llvm.org/PR51407 was not fixed in some previously-released
+// demanglers, which causes them to run into the infinite loop.
+// UNSUPPORTED: use_system_cxx_lib && target={{.+}}-apple-macosx10.{{9|10|11|12|13|14|15}}
+// UNSUPPORTED: use_system_cxx_lib && target={{.+}}-apple-macosx11.0
+
 #include "support/timer.h"
 #include <cassert>
 #include <cstdio>
@@ -29844,6 +29849,9 @@ const char* cases[][2] =

     {"_ZN3xxx3yyyIvNS_1AILm0EEEZNS_2bb2cc2ddILNS_1eE1EEEvRKNS_1fERKNS_1g1hINS_1iEEERKNS_1jEfRKNS_1kEiPhEUlvE_JEEEvT1_DpT2_", "void xxx::yyy<void, xxx::A<0ul>, void xxx::bb::cc::dd<(xxx::e)1>(xxx::f const&, xxx::g::h<xxx::i> const&, xxx::j const&, float, xxx::k const&, int, unsigned char*)::'lambda'()>(void xxx::bb::cc::dd<(xxx::e)1>(xxx::f const&, xxx::g::h<xxx::i> const&, xxx::j const&, float, xxx::k const&, int, unsigned char*)::'lambda'())"},

+    // This should be invalid, but it is currently not recognized as such
+    // See https://llvm.org/PR51407
+    {"_Zcv1BIRT_EIS1_E", "operator B<><>"},
 };

 const unsigned N = sizeof(cases) / sizeof(cases[0]);
borman updated this revision to Diff 366899.Aug 17 2021, 7:55 AM

upload with reduced diff context

borman updated this revision to Diff 366901.Aug 17 2021, 7:56 AM

upload with increased diff context

borman marked 2 inline comments as done.Aug 17 2021, 7:57 AM
Harbormaster completed remote builds in B119906: Diff 366901.Aug 17 2021, 9:50 AM
ldionne mentioned this in rGdb7c68d80807: [libc++abi][NFC] Move PODSmallVector definition to the top of ItaniumDemangle.h.Aug 17 2021, 3:07 PM
ldionne accepted this revision.Aug 17 2021, 3:08 PM

This fell under my radar. I'm fine with this. I'll commit it for you, thanks!

This revision is now accepted and ready to land.Aug 17 2021, 3:08 PM
ldionne added a comment.Aug 17 2021, 3:15 PM

Oh, and thanks a lot for the great explanation of the problem and the fix, I really appreciate that.

Closed by commit rGf0fcd4249543: [libc++abi] Fix possible infinite loop in itanium demangler (authored by borman, committed by ldionne). · Explain WhyAug 17 2021, 3:16 PM
This revision was automatically updated to reflect the committed changes.
ldionne added a commit: rGf0fcd4249543: [libc++abi] Fix possible infinite loop in itanium demangler.

Revision Contents

PathSize
libcxxabi/
src/
demangle/
19 lines
test/
8 lines
llvm/
include/
llvm/
Demangle/
19 lines

Diff 367035

libcxxabi/src/demangle/ItaniumDemangle.h

Show First 20 LinesShow All 645 Lines▼ Show 20 Linesclass ReferenceType : public Node {
const Node *Pointee; const Node *Pointee;
ReferenceKind RK; ReferenceKind RK;
mutable bool Printing = false; mutable bool Printing = false;
// Dig through any refs to refs, collapsing the ReferenceTypes as we go. The // Dig through any refs to refs, collapsing the ReferenceTypes as we go. The
// rule here is rvalue ref to rvalue ref collapses to a rvalue ref, and any // rule here is rvalue ref to rvalue ref collapses to a rvalue ref, and any
// other combination collapses to a lvalue ref. // other combination collapses to a lvalue ref.
//
// A combination of a TemplateForwardReference and a back-ref Substitution
// from an ill-formed string may have created a cycle; use cycle detection to
// avoid looping forever.
std::pair<ReferenceKind, const Node *> collapse(OutputStream &S) const { std::pair<ReferenceKind, const Node *> collapse(OutputStream &S) const {
auto SoFar = std::make_pair(RK, Pointee); auto SoFar = std::make_pair(RK, Pointee);
// Track the chain of nodes for the Floyd's 'tortoise and hare'
// cycle-detection algorithm, since getSyntaxNode(S) is impure
PODSmallVector<const Node *, 8> Prev;
for (;;) { for (;;) {
const Node *SN = SoFar.second->getSyntaxNode(S); const Node *SN = SoFar.second->getSyntaxNode(S);
if (SN->getKind() != KReferenceType) if (SN->getKind() != KReferenceType)
break; break;
auto *RT = static_cast<const ReferenceType *>(SN); auto *RT = static_cast<const ReferenceType *>(SN);
SoFar.second = RT->Pointee; SoFar.second = RT->Pointee;
SoFar.first = std::min(SoFar.first, RT->RK); SoFar.first = std::min(SoFar.first, RT->RK);
// The middle of Prev is the 'slow' pointer moving at half speed
Prev.push_back(SoFar.second);
if (Prev.size() > 1 && SoFar.second == Prev[(Prev.size() - 1) / 2]) {
// Cycle detected
SoFar.second = nullptr;
break;
}
} }
return SoFar; return SoFar;
} }
public: public:
ReferenceType(const Node *Pointee_, ReferenceKind RK_) ReferenceType(const Node *Pointee_, ReferenceKind RK_)
: Node(KReferenceType, Pointee_->RHSComponentCache), : Node(KReferenceType, Pointee_->RHSComponentCache),
Pointee(Pointee_), RK(RK_) {} Pointee(Pointee_), RK(RK_) {}
template<typename Fn> void match(Fn F) const { F(Pointee, RK); } template<typename Fn> void match(Fn F) const { F(Pointee, RK); }
bool hasRHSComponentSlow(OutputStream &S) const override { bool hasRHSComponentSlow(OutputStream &S) const override {
return Pointee->hasRHSComponent(S); return Pointee->hasRHSComponent(S);
} }
void printLeft(OutputStream &s) const override { void printLeft(OutputStream &s) const override {
if (Printing) if (Printing)
return; return;
SwapAndRestore<bool> SavePrinting(Printing, true); SwapAndRestore<bool> SavePrinting(Printing, true);
std::pair<ReferenceKind, const Node *> Collapsed = collapse(s); std::pair<ReferenceKind, const Node *> Collapsed = collapse(s);
if (!Collapsed.second)
return;
Collapsed.second->printLeft(s); Collapsed.second->printLeft(s);
if (Collapsed.second->hasArray(s)) if (Collapsed.second->hasArray(s))
s += " "; s += " ";
if (Collapsed.second->hasArray(s) || Collapsed.second->hasFunction(s)) if (Collapsed.second->hasArray(s) || Collapsed.second->hasFunction(s))
s += "("; s += "(";
s += (Collapsed.first == ReferenceKind::LValue ? "&" : "&&"); s += (Collapsed.first == ReferenceKind::LValue ? "&" : "&&");
} }
void printRight(OutputStream &s) const override { void printRight(OutputStream &s) const override {
if (Printing) if (Printing)
return; return;
SwapAndRestore<bool> SavePrinting(Printing, true); SwapAndRestore<bool> SavePrinting(Printing, true);
std::pair<ReferenceKind, const Node *> Collapsed = collapse(s); std::pair<ReferenceKind, const Node *> Collapsed = collapse(s);
if (!Collapsed.second)
return;
if (Collapsed.second->hasArray(s) || Collapsed.second->hasFunction(s)) if (Collapsed.second->hasArray(s) || Collapsed.second->hasFunction(s))
s += ")"; s += ")";
Collapsed.second->printRight(s); Collapsed.second->printRight(s);
} }
}; };
class PointerToMemberType final : public Node { class PointerToMemberType final : public Node {
const Node *ClassType; const Node *ClassType;
▲ Show 20 LinesShow All 5,015 LinesShow Last 20 Lines

libcxxabi/test/test_demangle.pass.cpp

  • This file is larger than 256 KB, so syntax highlighting is disabled by default.
//===-------------------------- test_demangle.cpp -------------------------===// //===-------------------------- test_demangle.cpp -------------------------===//
// //
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
// See https://llvm.org/LICENSE.txt for license information. // See https://llvm.org/LICENSE.txt for license information.
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
// //
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// The demangler does not pass all these tests with the system dylibs on macOS. // The demangler does not pass all these tests with the system dylibs on macOS.
// XFAIL: use_system_cxx_lib && target={{.+}}-apple-macosx10.{{9|10|11|12|13|14|15}} // XFAIL: use_system_cxx_lib && target={{.+}}-apple-macosx10.{{9|10|11|12|13|14|15}}
// https://llvm.org/PR51407 was not fixed in some previously-released
// demanglers, which causes them to run into the infinite loop.
// UNSUPPORTED: use_system_cxx_lib && target={{.+}}-apple-macosx10.{{9|10|11|12|13|14|15}}
// UNSUPPORTED: use_system_cxx_lib && target={{.+}}-apple-macosx11.0
#include "support/timer.h" #include "support/timer.h"
#include <cassert> #include <cassert>
#include <cstdio> #include <cstdio>
#include <cstdlib> #include <cstdlib>
#include <cxxabi.h> #include <cxxabi.h>
#include <string> #include <string>
// Is long double fp80? (Only x87 extended double has 64-bit mantissa) // Is long double fp80? (Only x87 extended double has 64-bit mantissa)
▲ Show 20 LinesShow All 29,814 Lines▼ Show 20 Lines// {"_Z1fM1XRFivEMS_OFivEMS_KOFivE", "f(int (X::*)() &, int (X::*)() &&, int (X::*)() const &&)"},
// See https://github.com/itanium-cxx-abi/cxx-abi/issues/106. // See https://github.com/itanium-cxx-abi/cxx-abi/issues/106.
{"_Z1h1XIJZ1fIiEDaOT_E1AZ1gIdEDaS2_E1BEE", "h(X<auto f<int>(int&&)::A, auto g<double>(int&&)::B>)"}, {"_Z1h1XIJZ1fIiEDaOT_E1AZ1gIdEDaS2_E1BEE", "h(X<auto f<int>(int&&)::A, auto g<double>(int&&)::B>)"},
{"_Z1fIL4Enumn1EEvv", "void f<(Enum)-1>()"}, {"_Z1fIL4Enumn1EEvv", "void f<(Enum)-1>()"},
{"_ZN1A1gIiEEDTcldtptfpT1b1fIT_EEEv", "decltype(this->b.f<int>()) A::g<int>()"}, {"_ZN1A1gIiEEDTcldtptfpT1b1fIT_EEEv", "decltype(this->b.f<int>()) A::g<int>()"},
// Optional template-args for vendor extended type qualifier. // Optional template-args for vendor extended type qualifier.
// See https://bugs.llvm.org/show_bug.cgi?id=48009. // See https://bugs.llvm.org/show_bug.cgi?id=48009.
ldionneUnsubmitted
Done
ReplyInline Actions

We need to add this at the top of this file:

// https://llvm.org/PR51407 was not fixed in some previously-released demanglers, which
// causes them to run into the infinite loop.
// UNSUPPORTED: use_system_cxx_lib && target={{.+}}-apple-macosx10.{{9|10|11|12|13|14|15}}
// UNSUPPORTED: use_system_cxx_lib && target={{.+}}-apple-macosx11.0

Otherwise, we'll try to run the test on those configurations and we'll run into the infinite loop. Incidentally, this just stalled the CI for 24 hours (I'll put a timeout on our tests).

ldionne: We need to add this at the top of this file: ``` // https://llvm.org/PR51407 was not fixed in…
{"_Z3fooILi79EEbU7_ExtIntIXT_EEi", "bool foo<79>(int _ExtInt<79>)"}, {"_Z3fooILi79EEbU7_ExtIntIXT_EEi", "bool foo<79>(int _ExtInt<79>)"},
ldionneUnsubmitted
Done
ReplyInline Actions

Please normalize to https://llvm.org/PR51407.

ldionne: Please normalize to https://llvm.org/PR51407.
{"_ZN3xxx3yyyIvNS_1AILm0EEEZNS_2bb2cc2ddILNS_1eE1EEEvRKNS_1fERKNS_1g1hINS_1iEEERKNS_1jEfRKNS_1kEiPhEUlvE_JEEEvT1_DpT2_", "void xxx::yyy<void, xxx::A<0ul>, void xxx::bb::cc::dd<(xxx::e)1>(xxx::f const&, xxx::g::h<xxx::i> const&, xxx::j const&, float, xxx::k const&, int, unsigned char*)::'lambda'()>(void xxx::bb::cc::dd<(xxx::e)1>(xxx::f const&, xxx::g::h<xxx::i> const&, xxx::j const&, float, xxx::k const&, int, unsigned char*)::'lambda'())"}, {"_ZN3xxx3yyyIvNS_1AILm0EEEZNS_2bb2cc2ddILNS_1eE1EEEvRKNS_1fERKNS_1g1hINS_1iEEERKNS_1jEfRKNS_1kEiPhEUlvE_JEEEvT1_DpT2_", "void xxx::yyy<void, xxx::A<0ul>, void xxx::bb::cc::dd<(xxx::e)1>(xxx::f const&, xxx::g::h<xxx::i> const&, xxx::j const&, float, xxx::k const&, int, unsigned char*)::'lambda'()>(void xxx::bb::cc::dd<(xxx::e)1>(xxx::f const&, xxx::g::h<xxx::i> const&, xxx::j const&, float, xxx::k const&, int, unsigned char*)::'lambda'())"},
// This should be invalid, but it is currently not recognized as such
// See https://llvm.org/PR51407
{"_Zcv1BIRT_EIS1_E", "operator B<><>"},
}; };
const unsigned N = sizeof(cases) / sizeof(cases[0]); const unsigned N = sizeof(cases) / sizeof(cases[0]);
struct FPLiteralCase { struct FPLiteralCase {
const char *mangled; const char *mangled;
// There are four possible demanglings of a given float. // There are four possible demanglings of a given float.
std::string expecting[4]; std::string expecting[4];
▲ Show 20 LinesShow All 236 LinesShow Last 20 Lines

llvm/include/llvm/Demangle/ItaniumDemangle.h

Show First 20 LinesShow All 103 Lines▼ Show 20 Lines#define FOR_EACH_NODE_KIND(X) \
X(FloatLiteral) \ X(FloatLiteral) \
X(DoubleLiteral) \ X(DoubleLiteral) \
X(LongDoubleLiteral) \ X(LongDoubleLiteral) \
X(BracedExpr) \ X(BracedExpr) \
X(BracedRangeExpr) X(BracedRangeExpr)
DEMANGLE_NAMESPACE_BEGIN DEMANGLE_NAMESPACE_BEGIN
template <class T, size_t N> class PODSmallVector { template <class T, size_t N> class PODSmallVector {
static_assert(std::is_pod<T>::value, static_assert(std::is_pod<T>::value,
"T is required to be a plain old data type"); "T is required to be a plain old data type");
T *First = nullptr; T *First = nullptr;
T *Last = nullptr; T *Last = nullptr;
T *Cap = nullptr; T *Cap = nullptr;
T Inline[N] = {0}; T Inline[N] = {0};
bool isInline() const { return First == Inline; } bool isInline() const { return First == Inline; }
void clearInline() { void clearInline() {
First = Inline; First = Inline;
Last = Inline; Last = Inline;
Cap = Inline + N; Cap = Inline + N;
} }
void reserve(size_t NewCap) { void reserve(size_t NewCap) {
size_t S = size(); size_t S = size();
if (isInline()) { if (isInline()) {
auto *Tmp = static_cast<T *>(std::malloc(NewCap * sizeof(T))); auto *Tmp = static_cast<T *>(std::malloc(NewCap * sizeof(T)));
if (Tmp == nullptr) if (Tmp == nullptr)
std::terminate(); std::terminate();
std::copy(First, Last, Tmp); std::copy(First, Last, Tmp);
First = Tmp; First = Tmp;
} else { } else {
First = static_cast<T *>(std::realloc(First, NewCap * sizeof(T))); First = static_cast<T *>(std::realloc(First, NewCap * sizeof(T)));
if (First == nullptr) if (First == nullptr)
std::terminate(); std::terminate();
} }
Last = First + S; Last = First + S;
Cap = First + NewCap; Cap = First + NewCap;
} }
public: public:
PODSmallVector() : First(Inline), Last(First), Cap(Inline + N) {} PODSmallVector() : First(Inline), Last(First), Cap(Inline + N) {}
PODSmallVector(const PODSmallVector &) = delete; PODSmallVector(const PODSmallVector &) = delete;
PODSmallVector &operator=(const PODSmallVector &) = delete; PODSmallVector &operator=(const PODSmallVector &) = delete;
PODSmallVector(PODSmallVector &&Other) : PODSmallVector() { PODSmallVector(PODSmallVector &&Other) : PODSmallVector() {
if (Other.isInline()) { if (Other.isInline()) {
std::copy(Other.begin(), Other.end(), First); std::copy(Other.begin(), Other.end(), First);
Last = First + Other.size(); Last = First + Other.size();
Other.clear(); Other.clear();
return; return;
} }
First = Other.First; First = Other.First;
Last = Other.Last; Last = Other.Last;
Cap = Other.Cap; Cap = Other.Cap;
Other.clearInline(); Other.clearInline();
} }
PODSmallVector &operator=(PODSmallVector &&Other) { PODSmallVector &operator=(PODSmallVector &&Other) {
if (Other.isInline()) { if (Other.isInline()) {
if (!isInline()) { if (!isInline()) {
std::free(First); std::free(First);
clearInline(); clearInline();
} }
std::copy(Other.begin(), Other.end(), First); std::copy(Other.begin(), Other.end(), First);
Last = First + Other.size(); Last = First + Other.size();
Other.clear(); Other.clear();
return *this; return *this;
} }
if (isInline()) { if (isInline()) {
First = Other.First; First = Other.First;
Last = Other.Last; Last = Other.Last;
Cap = Other.Cap; Cap = Other.Cap;
Other.clearInline(); Other.clearInline();
return *this; return *this;
} }
std::swap(First, Other.First); std::swap(First, Other.First);
std::swap(Last, Other.Last); std::swap(Last, Other.Last);
std::swap(Cap, Other.Cap); std::swap(Cap, Other.Cap);
Other.clear(); Other.clear();
return *this; return *this;
} }
// NOLINTNEXTLINE(readability-identifier-naming) // NOLINTNEXTLINE(readability-identifier-naming)
void push_back(const T &Elem) { void push_back(const T &Elem) {
if (Last == Cap) if (Last == Cap)
reserve(size() * 2); reserve(size() * 2);
*Last++ = Elem; *Last++ = Elem;
} }
// NOLINTNEXTLINE(readability-identifier-naming) // NOLINTNEXTLINE(readability-identifier-naming)
void pop_back() { void pop_back() {
assert(Last != First && "Popping empty vector!"); assert(Last != First && "Popping empty vector!");
--Last; --Last;
} }
void dropBack(size_t Index) { void dropBack(size_t Index) {
assert(Index <= size() && "dropBack() can't expand!"); assert(Index <= size() && "dropBack() can't expand!");
Last = First + Index; Last = First + Index;
} }
T *begin() { return First; } T *begin() { return First; }
T *end() { return Last; } T *end() { return Last; }
bool empty() const { return First == Last; } bool empty() const { return First == Last; }
size_t size() const { return static_cast<size_t>(Last - First); } size_t size() const { return static_cast<size_t>(Last - First); }
T &back() { T &back() {
assert(Last != First && "Calling back() on empty vector!"); assert(Last != First && "Calling back() on empty vector!");
return *(Last - 1); return *(Last - 1);
} }
T &operator[](size_t Index) { T &operator[](size_t Index) {
assert(Index < size() && "Invalid access!"); assert(Index < size() && "Invalid access!");
return *(begin() + Index); return *(begin() + Index);
} }
void clear() { Last = First; } void clear() { Last = First; }
~PODSmallVector() { ~PODSmallVector() {
if (!isInline()) if (!isInline())
std::free(First); std::free(First);
} }
bormanAuthorUnsubmitted
Not Done
ReplyInline Actions

I could submit this change as a NFC to clean up the actual patch; however the move itself would be out of context.

borman: I could submit this change as a NFC to clean up the actual patch; however the move itself would…
ldionneUnsubmitted
Not Done
ReplyInline Actions

I would rather the move be performed as a separate NFC. The commit message can mention it's for a follow-up change.

ldionne: I would rather the move be performed as a separate NFC. The commit message can mention it's for…
bormanAuthorUnsubmitted
Done
ReplyInline Actions

Separate review for the move: https://reviews.llvm.org/D107712

borman: Separate review for the move: https://reviews.llvm.org/D107712
}; };
// Base class of all AST nodes. The AST is built by the parser, then is // Base class of all AST nodes. The AST is built by the parser, then is
// traversed by the printLeft/Right functions to produce a demangled string. // traversed by the printLeft/Right functions to produce a demangled string.
class Node { class Node {
public: public:
enum Kind : unsigned char { enum Kind : unsigned char {
#define ENUMERATOR(NodeKind) K ## NodeKind, #define ENUMERATOR(NodeKind) K ## NodeKind,
▲ Show 20 LinesShow All 408 Lines▼ Show 20 Linesclass ReferenceType : public Node {
const Node *Pointee; const Node *Pointee;
ReferenceKind RK; ReferenceKind RK;
mutable bool Printing = false; mutable bool Printing = false;
// Dig through any refs to refs, collapsing the ReferenceTypes as we go. The // Dig through any refs to refs, collapsing the ReferenceTypes as we go. The
// rule here is rvalue ref to rvalue ref collapses to a rvalue ref, and any // rule here is rvalue ref to rvalue ref collapses to a rvalue ref, and any
// other combination collapses to a lvalue ref. // other combination collapses to a lvalue ref.
//
// A combination of a TemplateForwardReference and a back-ref Substitution
// from an ill-formed string may have created a cycle; use cycle detection to
// avoid looping forever.
std::pair<ReferenceKind, const Node *> collapse(OutputStream &S) const { std::pair<ReferenceKind, const Node *> collapse(OutputStream &S) const {
auto SoFar = std::make_pair(RK, Pointee); auto SoFar = std::make_pair(RK, Pointee);
// Track the chain of nodes for the Floyd's 'tortoise and hare'
// cycle-detection algorithm, since getSyntaxNode(S) is impure
PODSmallVector<const Node *, 8> Prev;
for (;;) { for (;;) {
const Node *SN = SoFar.second->getSyntaxNode(S); const Node *SN = SoFar.second->getSyntaxNode(S);
if (SN->getKind() != KReferenceType) if (SN->getKind() != KReferenceType)
break; break;
auto *RT = static_cast<const ReferenceType *>(SN); auto *RT = static_cast<const ReferenceType *>(SN);
SoFar.second = RT->Pointee; SoFar.second = RT->Pointee;
SoFar.first = std::min(SoFar.first, RT->RK); SoFar.first = std::min(SoFar.first, RT->RK);
// The middle of `Prev` is the 'slow' pointer moving at half speed
Prev.push_back(SoFar.second);
if (Prev.size() > 1 && SoFar.second == Prev[(Prev.size() - 1) / 2]) {
// Cycle detected
SoFar.second = nullptr;
break;
}
} }
return SoFar; return SoFar;
} }
public: public:
ReferenceType(const Node *Pointee_, ReferenceKind RK_) ReferenceType(const Node *Pointee_, ReferenceKind RK_)
: Node(KReferenceType, Pointee_->RHSComponentCache), : Node(KReferenceType, Pointee_->RHSComponentCache),
Pointee(Pointee_), RK(RK_) {} Pointee(Pointee_), RK(RK_) {}
template<typename Fn> void match(Fn F) const { F(Pointee, RK); } template<typename Fn> void match(Fn F) const { F(Pointee, RK); }
bool hasRHSComponentSlow(OutputStream &S) const override { bool hasRHSComponentSlow(OutputStream &S) const override {
return Pointee->hasRHSComponent(S); return Pointee->hasRHSComponent(S);
} }
void printLeft(OutputStream &s) const override { void printLeft(OutputStream &s) const override {
if (Printing) if (Printing)
return; return;
SwapAndRestore<bool> SavePrinting(Printing, true); SwapAndRestore<bool> SavePrinting(Printing, true);
std::pair<ReferenceKind, const Node *> Collapsed = collapse(s); std::pair<ReferenceKind, const Node *> Collapsed = collapse(s);
if (!Collapsed.second)
return;
Collapsed.second->printLeft(s); Collapsed.second->printLeft(s);
if (Collapsed.second->hasArray(s)) if (Collapsed.second->hasArray(s))
s += " "; s += " ";
if (Collapsed.second->hasArray(s) || Collapsed.second->hasFunction(s)) if (Collapsed.second->hasArray(s) || Collapsed.second->hasFunction(s))
s += "("; s += "(";
s += (Collapsed.first == ReferenceKind::LValue ? "&" : "&&"); s += (Collapsed.first == ReferenceKind::LValue ? "&" : "&&");
} }
void printRight(OutputStream &s) const override { void printRight(OutputStream &s) const override {
if (Printing) if (Printing)
return; return;
SwapAndRestore<bool> SavePrinting(Printing, true); SwapAndRestore<bool> SavePrinting(Printing, true);
std::pair<ReferenceKind, const Node *> Collapsed = collapse(s); std::pair<ReferenceKind, const Node *> Collapsed = collapse(s);
if (!Collapsed.second)
return;
if (Collapsed.second->hasArray(s) || Collapsed.second->hasFunction(s)) if (Collapsed.second->hasArray(s) || Collapsed.second->hasFunction(s))
s += ")"; s += ")";
Collapsed.second->printRight(s); Collapsed.second->printRight(s);
} }
}; };
class PointerToMemberType final : public Node { class PointerToMemberType final : public Node {
const Node *ClassType; const Node *ClassType;
▲ Show 20 LinesShow All 5,015 LinesShow Last 20 Lines