This is an archive of the discontinued LLVM Phabricator instance.

Paths

Table of Contentst

-
lib/AST/
-
AST/
3/5
MicrosoftMangle.cpp
-
test/CodeGen/
-
CodeGen/
1
mangle-ms-string-literals.c

Differential D48928

[ms] Fix mangling of string literals used to initialize arrays larger or smaller than the literal
ClosedPublic

Authored by hans on Jul 4 2018, 3:24 AM.

Download Raw Diff

Details

Reviewers

thakis
majnemer

Commits

rG7525edc89078: [ms] Fix mangling of string literals used to initialize arrays larger or…
rL336415: [ms] Fix mangling of string literals used to initialize arrays larger or…
rC336415: [ms] Fix mangling of string literals used to initialize arrays larger or…

Summary

A Chromium developer reported a bug which turned out to be a mangling collision between these two literals:

char s[] = "foo";
char t[32] = "foo";

They may look the same, but for the initialization of t we will (under some circumstances) use a literal that's extended with zeros, and both the length and those zeros should be accounted for by the mangling.

This actually makes the mangling code simpler: where it previously had special logic for null terminators, which are not part of the StringLiteral, that is now covered by the general algorithm.

Diff Detail

Repository: rC Clang

Event Timeline

hans created this revision.Jul 4 2018, 3:24 AM

I couldn't get MSVC to create a symbol with padding at the end; they seem to always insert the padding with a separate loop during initialization, but this does show the truncated case: https://godbolt.org/g/B8ktA3

kwiberg added a subscriber: kwiberg.Jul 4 2018, 3:46 AM

Nice!

lib/AST/MicrosoftMangle.cpp
3198	nit: Also do `unsigned StingByteLength = StringLength * SL->getCharByteWidth()` here and use it the 3 times you have that computation below
3211	You're capturing StringLength here, but then you don't use it in the lambda body.
3220	likewise
test/CodeGen/mangle-ms-string-literals.c
8	Nice, we used to mismangle this. MSVC matches the string here: https://godbolt.org/g/dbm6jT (old clang: https://godbolt.org/g/Yy7iCK)

This revision is now accepted and ready to land.Jul 5 2018, 2:31 PM

hans marked 3 inline comments as done.Jul 5 2018, 11:47 PM

hans added inline comments.

lib/AST/MicrosoftMangle.cpp
3198	Good idea, thanks!
3211	Oops, a leftover from an older version of the patch. Removed.

Closed by commit rC336415: [ms] Fix mangling of string literals used to initialize arrays larger or… (authored by hans). · Explain WhyJul 5 2018, 11:59 PM

This revision was automatically updated to reflect the committed changes.

hans marked 2 inline comments as done.

Revision Contents

Path

Size

lib/

AST/

MicrosoftMangle.cpp

44 lines

test/

CodeGen/

mangle-ms-string-literals.c

10 lines

Diff 154359

lib/AST/MicrosoftMangle.cpp

Show First 20 Lines • Show All 3,165 Lines • ▼ Show 20 Lines	void MicrosoftMangleContextImpl::mangleStringLiteral(const StringLiteral *SL,
raw_ostream &Out) {		raw_ostream &Out) {
// <char-type> ::= 0 # char, char16_t, char32_t		// <char-type> ::= 0 # char, char16_t, char32_t
// # (little endian char data in mangling)		// # (little endian char data in mangling)
// ::= 1 # wchar_t (big endian char data in mangling)		// ::= 1 # wchar_t (big endian char data in mangling)
//		//
// <literal-length> ::= <non-negative integer> # the length of the literal		// <literal-length> ::= <non-negative integer> # the length of the literal
//		//
// <encoded-crc> ::= <hex digit>+ @ # crc of the literal including		// <encoded-crc> ::= <hex digit>+ @ # crc of the literal including
// # null-terminator		// # trailing null bytes
//		//
// <encoded-string> ::= <simple character> # uninteresting character		// <encoded-string> ::= <simple character> # uninteresting character
// ::= '?$' <hex digit> <hex digit> # these two nibbles		// ::= '?$' <hex digit> <hex digit> # these two nibbles
// # encode the byte for the		// # encode the byte for the
// # character		// # character
// ::= '?' [a-z] # \xe1 - \xfa		// ::= '?' [a-z] # \xe1 - \xfa
// ::= '?' [A-Z] # \xc1 - \xda		// ::= '?' [A-Z] # \xc1 - \xda
// ::= '?' [0-9] # [,/\:. \n\t'-]		// ::= '?' [0-9] # [,/\:. \n\t'-]
//		//
// <literal> ::= '??_C@_' <char-type> <literal-length> <encoded-crc>		// <literal> ::= '??_C@_' <char-type> <literal-length> <encoded-crc>
// <encoded-string> '@'		// <encoded-string> '@'
MicrosoftCXXNameMangler Mangler(*this, Out);		MicrosoftCXXNameMangler Mangler(*this, Out);
Mangler.getStream() << "??_C@_";		Mangler.getStream() << "??_C@_";

		// The actual string length might be different from that of the string literal
		// in cases like:
		// char foo[3] = "foobar";
		// char bar[42] = "foobar";
		// Where it is truncated or zero-padded to fit the array. This is the length
		// used for mangling, and any trailing null-bytes also need to be mangled.
		unsigned StringLength = getASTContext()
		.getAsConstantArrayType(SL->getType())
		->getSize()
		.getZExtValue();
		thakisUnsubmitted Done Reply Inline Actions nit: Also do `unsigned StingByteLength = StringLength * SL->getCharByteWidth()` here and use it the 3 times you have that computation below thakis: nit: Also do `unsigned StingByteLength = StringLength * SL->getCharByteWidth()` here and use it…
		hansAuthorUnsubmitted Not Done Reply Inline Actions Good idea, thanks! hans: Good idea, thanks!
		unsigned StringByteLength = StringLength * SL->getCharByteWidth();

// <char-type>: The "kind" of string literal is encoded into the mangled name.		// <char-type>: The "kind" of string literal is encoded into the mangled name.
if (SL->isWide())		if (SL->isWide())
Mangler.getStream() << '1';		Mangler.getStream() << '1';
else		else
Mangler.getStream() << '0';		Mangler.getStream() << '0';

// <literal-length>: The next part of the mangled name consists of the length		// <literal-length>: The next part of the mangled name consists of the length
// of the string.		// of the string in bytes.
// The StringLiteral does not consider the NUL terminator byte(s) but the		Mangler.mangleNumber(StringByteLength);
// mangling does.
// N.B. The length is in terms of bytes, not characters.
Mangler.mangleNumber(SL->getByteLength() + SL->getCharByteWidth());

auto GetLittleEndianByte = [&SL](unsigned Index) {		auto GetLittleEndianByte = [&SL](unsigned Index) {
		thakisUnsubmitted Done Reply Inline Actions You're capturing StringLength here, but then you don't use it in the lambda body. thakis: You're capturing StringLength here, but then you don't use it in the lambda body.
		hansAuthorUnsubmitted Not Done Reply Inline Actions Oops, a leftover from an older version of the patch. Removed. hans: Oops, a leftover from an older version of the patch. Removed.
unsigned CharByteWidth = SL->getCharByteWidth();		unsigned CharByteWidth = SL->getCharByteWidth();
		if (Index / CharByteWidth >= SL->getLength())
		return static_cast<char>(0);
uint32_t CodeUnit = SL->getCodeUnit(Index / CharByteWidth);		uint32_t CodeUnit = SL->getCodeUnit(Index / CharByteWidth);
unsigned OffsetInCodeUnit = Index % CharByteWidth;		unsigned OffsetInCodeUnit = Index % CharByteWidth;
return static_cast<char>((CodeUnit >> (8 * OffsetInCodeUnit)) & 0xff);		return static_cast<char>((CodeUnit >> (8 * OffsetInCodeUnit)) & 0xff);
};		};

auto GetBigEndianByte = [&SL](unsigned Index) {		auto GetBigEndianByte = [&SL](unsigned Index) {
		thakisUnsubmitted Done Reply Inline Actions likewise thakis: likewise
unsigned CharByteWidth = SL->getCharByteWidth();		unsigned CharByteWidth = SL->getCharByteWidth();
		if (Index / CharByteWidth >= SL->getLength())
		return static_cast<char>(0);
uint32_t CodeUnit = SL->getCodeUnit(Index / CharByteWidth);		uint32_t CodeUnit = SL->getCodeUnit(Index / CharByteWidth);
unsigned OffsetInCodeUnit = (CharByteWidth - 1) - (Index % CharByteWidth);		unsigned OffsetInCodeUnit = (CharByteWidth - 1) - (Index % CharByteWidth);
return static_cast<char>((CodeUnit >> (8 * OffsetInCodeUnit)) & 0xff);		return static_cast<char>((CodeUnit >> (8 * OffsetInCodeUnit)) & 0xff);
};		};

// CRC all the bytes of the StringLiteral.		// CRC all the bytes of the StringLiteral.
llvm::JamCRC JC;		llvm::JamCRC JC;
for (unsigned I = 0, E = SL->getByteLength(); I != E; ++I)		for (unsigned I = 0, E = StringByteLength; I != E; ++I)
JC.update(GetLittleEndianByte(I));		JC.update(GetLittleEndianByte(I));

// The NUL terminator byte(s) were not present earlier,
// we need to manually process those bytes into the CRC.
for (unsigned NullTerminator = 0; NullTerminator < SL->getCharByteWidth();
++NullTerminator)
JC.update('\x00');

// <encoded-crc>: The CRC is encoded utilizing the standard number mangling		// <encoded-crc>: The CRC is encoded utilizing the standard number mangling
// scheme.		// scheme.
Mangler.mangleNumber(JC.getCRC());		Mangler.mangleNumber(JC.getCRC());

// <encoded-string>: The mangled name also contains the first 32 bytes		// <encoded-string>: The mangled name also contains the first 32 bytes
// (including null-terminator bytes) of the encoded StringLiteral.		// (including null-terminator bytes) of the encoded StringLiteral.
// Each character is encoded by splitting them into bytes and then encoding		// Each character is encoded by splitting them into bytes and then encoding
// the constituent bytes.		// the constituent bytes.
Show All 20 Lines	if (isIdentifierBody(Byte, /AllowDollar=/true)) {
Mangler.getStream() << static_cast<char>('A' + ((Byte >> 4) & 0xf));		Mangler.getStream() << static_cast<char>('A' + ((Byte >> 4) & 0xf));
Mangler.getStream() << static_cast<char>('A' + (Byte & 0xf));		Mangler.getStream() << static_cast<char>('A' + (Byte & 0xf));
}		}
}		}
};		};

// Enforce our 32 bytes max, except wchar_t which gets 32 chars instead.		// Enforce our 32 bytes max, except wchar_t which gets 32 chars instead.
unsigned MaxBytesToMangle = SL->isWide() ? 64U : 32U;		unsigned MaxBytesToMangle = SL->isWide() ? 64U : 32U;
unsigned NumBytesToMangle = std::min(MaxBytesToMangle, SL->getByteLength());		unsigned NumBytesToMangle = std::min(MaxBytesToMangle, StringByteLength);
for (unsigned I = 0; I != NumBytesToMangle; ++I)		for (unsigned I = 0; I != NumBytesToMangle; ++I) {
if (SL->isWide())		if (SL->isWide())
MangleByte(GetBigEndianByte(I));		MangleByte(GetBigEndianByte(I));
else		else
MangleByte(GetLittleEndianByte(I));		MangleByte(GetLittleEndianByte(I));
		}
// Encode the NUL terminator if there is room.
if (NumBytesToMangle < MaxBytesToMangle)
for (unsigned NullTerminator = 0; NullTerminator < SL->getCharByteWidth();
++NullTerminator)
MangleByte(0);

Mangler.getStream() << '@';		Mangler.getStream() << '@';
}		}

MicrosoftMangleContext *		MicrosoftMangleContext *
MicrosoftMangleContext::create(ASTContext &Context, DiagnosticsEngine &Diags) {		MicrosoftMangleContext::create(ASTContext &Context, DiagnosticsEngine &Diags) {
return new MicrosoftMangleContextImpl(Context, Diags);		return new MicrosoftMangleContextImpl(Context, Diags);
}		}

test/CodeGen/mangle-ms-string-literals.c

				// RUN: %clang_cc1 -x c -emit-llvm %s -o - -triple=i386-pc-win32 \| FileCheck %s
				// RUN: %clang_cc1 -x c -emit-llvm %s -o - -triple=x86_64-pc-win32 \| FileCheck %s

				void crbug857442(int x) {
				// Make sure to handle truncated or padded literals. The truncation is only valid in C.
				struct {int x; char s[2]; } truncatedAscii = {x, "hello"};
				// CHECK: "??_C@_01CONKJJHI@he@"
				struct {int x; char s[16]; } paddedAscii = {x, "hello"};
				thakisUnsubmitted Not Done Reply Inline Actions Nice, we used to mismangle this. MSVC matches the string here: https://godbolt.org/g/dbm6jT (old clang: https://godbolt.org/g/Yy7iCK) thakis: Nice, we used to mismangle this. MSVC matches the string here: https://godbolt.org/g/dbm6jT…
				// CHECK: "??_C@_0BA@EAAINDNC@hello?$AA?$AA?$AA?$AA?$AA?$AA?$AA?$AA?$AA?$AA?$AA@"
				}