This is an archive of the discontinued LLVM Phabricator instance.

Paths

Table of Contentst

-
libcxx/
-
include/
2/8
__config
-
src/filesystem/
-
filesystem/
1
directory_iterator.cpp
1/4
filesystem_common.h
-
operations.cpp

Differential D96986

[libc++] Drop template layer when using vsnprintf
AbandonedPublic

Authored by joerg on Feb 18 2021, 12:14 PM.

Download Raw Diff

Details

Reviewers

• Quuxplusone

Group Reviewers

Restricted Project

Summary

The filesystem implementation used variadic templates to convert path
arguments to C strings, but in the process, format string checks for
vsnprintf was lost. The latter is more useful than the former, so prefer
the simpler code. While here, fix a small bug in the va_list handling as
the initial list could be va_end'd twice, once by the second vsnprintf
and another time by the guard itself.

Diff Detail

Repository: rG LLVM Github Monorepo

Event Timeline

joerg requested review of this revision.Feb 18 2021, 12:14 PM

joerg created this revision.

Herald added a project: Restricted Project. · View Herald TranscriptFeb 18 2021, 12:14 PM

Herald added a reviewer: Restricted Project. · View Herald Transcript

Herald added a subscriber: libcxx-commits. · View Herald Transcript

Harbormaster completed remote builds in B89773: Diff 324730.Feb 18 2021, 6:41 PM

mstorsjo mentioned this in D98065: [libcxx] Remove an unused overload in filesystem_common.h. NFC..Mar 5 2021, 11:54 AM

Just a few comments from a quick look.

libcxx/include/__config
1452	Does clang-cl support this attribute? If yes, then it should be `#if defined(__GNUC_) \|\| defined(__clang__)`.
1453	The macro name is misleading for me. It doesn't print, and it doesn't print files. It annotates a printf-like function though. IMO it should contain something like format and attribute in the name, but I haven't given it a long thought.
libcxx/src/filesystem/directory_iterator.cpp
275	@mstorsjo, you probably need to sync on this part regarding https://reviews.llvm.org/D98077.
libcxx/src/filesystem/filesystem_common.h
78	Typo.

• Quuxplusone added a subscriber: • Quuxplusone.Mar 5 2021, 3:31 PM

• Quuxplusone added inline comments.

libcxx/include/__config
1453	Looks like the typical name would be `_LIBCPP_FORMAT_PRINTF`. (Compare `_LIBCPP_NOALIAS`, `_LIBCPP_NORETURN`, `_LIBCPP_ALWAYS_INLINE`, etc.)
libcxx/src/filesystem/filesystem_common.h
210	It looks like you're trying to make sure that `va_end` is called even during exception-based stack unwinding, is that right? If so, I think you should do the RAII thing and create a proper struct type that calls `va_end` in its destructor. Hey, it looks like `GuardVaList` might already be that RAII type! Use it on line 209, and on line 218, and on line 113. Don't call `va_end` manually on line 189 — let these `GuardVaList` objects deal with that cleanup. Basically, make sure every time you call `va_start` or `va_copy`, you follow it immediately with a transfer of ownership to a `GuardVaList`.

joerg added inline comments.Mar 5 2021, 4:05 PM

libcxx/include/__config
1452	It seems to work as is with clang-cl.
1453	Yeah, C&P of a type. It should have been _LIBCPP_PRINTFLIKE. I'm not sure _LIBCPP_FORMAT_PRINTF is better, but I'm not really attached to the name either way.
libcxx/src/filesystem/filesystem_common.h
210	I don't think there is any advantage to moving GuardVaList out. If anything, calling format_string_impl first and building the result afterwards seems like the way forward as it removes the only possible exception path.

• Quuxplusone requested changes to this revision.Mar 5 2021, 4:41 PM

• Quuxplusone added inline comments.

libcxx/src/filesystem/filesystem_common.h
210	...Actually, I take back the "RAII guard" idea. From OSX's `man stdarg`: Note that each call to va_start() must be matched by a call to va_end(), from within the same function. And see https://stackoverflow.com/questions/37454179/how-to-properly-va-end So you should just figure out a way to make `report_impl` noexcept, and then do both va_start and va_end from within this function. (`format_string_impl` will continue to call both va_copy and va_end from within the same function; but again, it shouldn't use the RAII type to do it; it should just be made noexcept.) Also, please pass `va_list ap` by value, not reference; that way we match what libc does with vprintf, which we know is OK. Pass-by-reference is probably fine in practice, but why take the chance?

This revision now requires changes to proceed.Mar 5 2021, 4:41 PM

• Quuxplusone mentioned this in D98097: [libc++] "Merged wording" for D98077 and D96986.Mar 5 2021, 6:45 PM

curdeius added inline comments.Mar 8 2021, 12:27 AM

libcxx/include/__config
1452	I just tested it and `__GNUC__` is not defined by clang-cl. Please adjust. Or @Quuxplusone, please update this in D98097, depending on how you both want to proceed.

• Quuxplusone added inline comments.Mar 8 2021, 5:37 AM

libcxx/include/__config
1452	I would like to proceed with D98097, and @joerg has said D98097 works for him as well. It's still waiting on libc++ approval though, so, ping! :) I'm only 75% sure I understand what you're requesting here. I think you're saying that all Clangs do support `__attribute__((format(printf)))` with the right semantics, and clang-cl is an example of a Clang that doesn't define `__GNUC__`, so therefore we should change this to `#if defined(__GNUC__) \|\| defined(__clang__)`. Right? I'll do that in D98097.

curdeius added inline comments.Mar 8 2021, 5:50 AM

libcxx/include/__config
1452	That's exactly this.

joerg abandoned this revision.Mar 8 2021, 11:38 AM

• arthur.j.odwyer mentioned this in rG0aa637b2037d: [libc++] Improve src/filesystem's formatting of paths..Mar 16 2021, 12:00 PM

Revision Contents

Path

Size

libcxx/

include/

__config

7 lines

src/

filesystem/

directory_iterator.cpp

6 lines

filesystem_common.h

47 lines

operations.cpp

6 lines

Diff 324730

libcxx/include/__config

	Show First 20 Lines • Show All 1,443 Lines • ▼ Show 20 Lines
	#endif			#endif

	#if __has_attribute(init_priority)			#if __has_attribute(init_priority)
	# define _LIBCPP_INIT_PRIORITY_MAX __attribute__((init_priority(101)))			# define _LIBCPP_INIT_PRIORITY_MAX __attribute__((init_priority(101)))
	#else			#else
	# define _LIBCPP_INIT_PRIORITY_MAX			# define _LIBCPP_INIT_PRIORITY_MAX
	#endif			#endif

				#ifdef __GNUC__
				curdeiusUnsubmitted Not Done Reply Inline Actions Does clang-cl support this attribute? If yes, then it should be `#if defined(__GNUC_) \|\| defined(__clang__)`. curdeius: Does clang-cl support this attribute? If yes, then it should be `#if defined(__GNUC_) \|\|…
				joergAuthorUnsubmitted Done Reply Inline Actions It seems to work as is with clang-cl. joerg: It seems to work as is with clang-cl.
				curdeiusUnsubmitted Not Done Reply Inline Actions I just tested it and `__GNUC__` is not defined by clang-cl. Please adjust. Or @Quuxplusone, please update this in D98097, depending on how you both want to proceed. curdeius: I just tested it and `__GNUC__` is not defined by clang-cl. Please adjust. Or @Quuxplusone…
				QuuxplusoneUnsubmitted Not Done Reply Inline Actions I would like to proceed with D98097, and @joerg has said D98097 works for him as well. It's still waiting on libc++ approval though, so, ping! :) I'm only 75% sure I understand what you're requesting here. I think you're saying that all Clangs do support `__attribute__((format(printf)))` with the right semantics, and clang-cl is an example of a Clang that doesn't define `__GNUC__`, so therefore we should change this to `#if defined(__GNUC__) \|\| defined(__clang__)`. Right? I'll do that in D98097. Quuxplusone: I would like to proceed with D98097, and @joerg has said D98097 works for him as well. It's…
				curdeiusUnsubmitted Not Done Reply Inline Actions That's exactly this. curdeius: That's exactly this.
				# define _LIBCPP_PRINTFILE(fmtarg, firstvararg) \
				curdeiusUnsubmitted Not Done Reply Inline Actions The macro name is misleading for me. It doesn't print, and it doesn't print files. It annotates a printf-like function though. IMO it should contain something like format and attribute in the name, but I haven't given it a long thought. curdeius: The macro name is misleading for me. It doesn't print, and it doesn't print files. It annotates…
				QuuxplusoneUnsubmitted Not Done Reply Inline Actions Looks like the typical name would be `_LIBCPP_FORMAT_PRINTF`. (Compare `_LIBCPP_NOALIAS`, `_LIBCPP_NORETURN`, `_LIBCPP_ALWAYS_INLINE`, etc.) Quuxplusone: Looks like the typical name would be `_LIBCPP_FORMAT_PRINTF`. (Compare `_LIBCPP_NOALIAS`…
				joergAuthorUnsubmitted Done Reply Inline Actions Yeah, C&P of a type. It should have been _LIBCPP_PRINTFLIKE. I'm not sure _LIBCPP_FORMAT_PRINTF is better, but I'm not really attached to the name either way. joerg: Yeah, C&P of a type. It should have been _LIBCPP_PRINTFLIKE. I'm not sure _LIBCPP_FORMAT_PRINTF…
				__attribute__((__format__(__printf__, fmtarg, firstvararg)))
				#else
				# define _LIBCPP_PRINTFILE(fmtarg, firstvararg)
				#endif

	#endif // __cplusplus			#endif // __cplusplus

	#endif // _LIBCPP_CONFIG			#endif // _LIBCPP_CONFIG

libcxx/src/filesystem/directory_iterator.cpp

Show First 20 Lines • Show All 266 Lines • ▼ Show 20 Lines	directory_iterator& directory_iterator::__increment(error_code* ec) {
_LIBCPP_ASSERT(__imp_, "Attempting to increment an invalid iterator");		_LIBCPP_ASSERT(__imp_, "Attempting to increment an invalid iterator");
ErrorHandler<void> err("directory_iterator::operator++()", ec);		ErrorHandler<void> err("directory_iterator::operator++()", ec);

error_code m_ec;		error_code m_ec;
if (!__imp_->advance(m_ec)) {		if (!__imp_->advance(m_ec)) {
path root = move(__imp_->__root_);		path root = move(__imp_->__root_);
__imp_.reset();		__imp_.reset();
if (m_ec)		if (m_ec)
err.report(m_ec, "at root \"%s\"", root);		err.report(m_ec, "at root \"%s\"", root.c_str());
		curdeiusUnsubmitted Not Done Reply Inline Actions @mstorsjo, you probably need to sync on this part regarding https://reviews.llvm.org/D98077. curdeius: @mstorsjo, you probably need to sync on this part regarding https://reviews.llvm.org/D98077.
}		}
return *this;		return *this;
}		}

directory_entry const& directory_iterator::__dereference() const {		directory_entry const& directory_iterator::__dereference() const {
_LIBCPP_ASSERT(__imp_, "Attempting to dereference an invalid iterator");		_LIBCPP_ASSERT(__imp_, "Attempting to dereference an invalid iterator");
return __imp_->__entry_;		return __imp_->__entry_;
}		}
▲ Show 20 Lines • Show All 70 Lines • ▼ Show 20 Lines	while (stack.size() > 0) {
if (m_ec)		if (m_ec)
break;		break;
stack.pop();		stack.pop();
}		}

if (m_ec) {		if (m_ec) {
path root = move(stack.top().__root_);		path root = move(stack.top().__root_);
__imp_.reset();		__imp_.reset();
err.report(m_ec, "at root \"%s\"", root);		err.report(m_ec, "at root \"%s\"", root.c_str());
} else {		} else {
__imp_.reset();		__imp_.reset();
}		}
}		}

bool recursive_directory_iterator::__try_recursion(error_code* ec) {		bool recursive_directory_iterator::__try_recursion(error_code* ec) {
ErrorHandler<void> err("recursive_directory_iterator::operator++()", ec);		ErrorHandler<void> err("recursive_directory_iterator::operator++()", ec);

Show All 28 Lines	if (m_ec) {
const bool allow_eacess =		const bool allow_eacess =
bool(__imp_->__options_ & directory_options::skip_permission_denied);		bool(__imp_->__options_ & directory_options::skip_permission_denied);
if (m_ec.value() == EACCES && allow_eacess) {		if (m_ec.value() == EACCES && allow_eacess) {
if (ec)		if (ec)
ec->clear();		ec->clear();
} else {		} else {
path at_ent = move(curr_it.__entry_.__p_);		path at_ent = move(curr_it.__entry_.__p_);
__imp_.reset();		__imp_.reset();
err.report(m_ec, "attempting recursion into \"%s\"", at_ent);		err.report(m_ec, "attempting recursion into \"%s\"", at_ent.c_str());
}		}
}		}
return false;		return false;
}		}

_LIBCPP_END_NAMESPACE_FILESYSTEM		_LIBCPP_END_NAMESPACE_FILESYSTEM

libcxx/src/filesystem/filesystem_common.h

Show First 20 Lines • Show All 51 Lines • ▼ Show 20 Lines

#if defined(_LIBCPP_WIN32API) #if defined(_LIBCPP_WIN32API)

// Non anonymous, to allow access from two translation units. // Non anonymous, to allow access from two translation units.

errc __win_err_to_errc(int err); errc __win_err_to_errc(int err);

#endif #endif

namespace { namespace {

static string format_string_imp(const char* msg, ...) { static _LIBCPP_PRINTFILE(1, 0) string

// we might need a second shot at this, so pre-emptivly make a copy format_string_impl(const char* msg, va_list& args) {

struct GuardVAList { struct GuardVAList {

va_list& target; va_list& target;

bool active = true; bool active = true;

GuardVAList(va_list& tgt) : target(tgt), active(true) {} GuardVAList(va_list& tgt) : target(tgt), active(true) {}

void clear() { void clear() {

if (active) if (active)

va_end(target); va_end(target);

active = false; active = false;

} }

~GuardVAList() { ~GuardVAList() {

if (active) if (active)

va_end(target); va_end(target);

} }

}; };

va_list args;

va_start(args, msg);

GuardVAList args_guard(args);

// we might need a second shot at this, so pre-emptivly make a copy

curdeiusUnsubmitted

Not Done

GuardVAList args_guard(args);

- // we might need a second shot at this, so pre-emptivly make a copy

+ // We might need a second shot at this, so pre-emptively make a copy.

va_list args_cp;

Typo.

curdeius: Typo.

va_list args_cp; va_list args_cp;

va_copy(args_cp, args); va_copy(args_cp, args);

GuardVAList args_copy_guard(args_cp); GuardVAList args_copy_guard(args_cp);

std::string result; std::string result;

array<char, 256> local_buff; array<char, 256> local_buff;

size_t size_with_null = local_buff.size(); size_t size_with_null = local_buff.size();

Show All 10 Lines static _LIBCPP_PRINTFILE(1, 0) string

} }

// we did not provide a long enough buffer on our first attempt. The // we did not provide a long enough buffer on our first attempt. The

// return value is the number of bytes (excluding the null byte) that are // return value is the number of bytes (excluding the null byte) that are

// needed for formatting. // needed for formatting.

size_with_null = static_cast<size_t>(ret) + 1; size_with_null = static_cast<size_t>(ret) + 1;

result.__resize_default_init(size_with_null - 1); result.__resize_default_init(size_with_null - 1);

ret = ::vsnprintf(&result[0], size_with_null, msg, args); ret = ::vsnprintf(&result[0], size_with_null, msg, args);

args_guard.clear();

_LIBCPP_ASSERT(static_cast<size_t>(ret) == (size_with_null - 1), "TODO"); _LIBCPP_ASSERT(static_cast<size_t>(ret) == (size_with_null - 1), "TODO");

return result; return result;

} }

const path::value_type* unwrap(path::string_type const& s) { return s.c_str(); } static _LIBCPP_PRINTFILE(1, 2) string format_string(const char* msg, ...) {

const path::value_type* unwrap(path const& p) { return p.native().c_str(); } va_list args;

template <class Arg> va_start(args, msg);

Arg const& unwrap(Arg const& a) { return format_string_impl(msg, args);

static_assert(!is_class<Arg>::value, "cannot pass class here");

return a;

}

template <class... Args>

string format_string(const char* fmt, Args const&... args) {

return format_string_imp(fmt, unwrap(args)...);

} }

error_code capture_errno() { error_code capture_errno() {

_LIBCPP_ASSERT(errno, "Expected errno to be non-zero"); _LIBCPP_ASSERT(errno, "Expected errno to be non-zero");

return error_code(errno, generic_category()); return error_code(errno, generic_category());

} }

#if defined(_LIBCPP_WIN32API) #if defined(_LIBCPP_WIN32API)

▲ Show 20 Lines • Show All 55 Lines • ▼ Show 20 Lines T report(const error_code& ec) const {

case 1: case 1:

__throw_filesystem_error(what, *p1_, ec); __throw_filesystem_error(what, *p1_, ec);

case 2: case 2:

__throw_filesystem_error(what, *p1_, *p2_, ec); __throw_filesystem_error(what, *p1_, *p2_, ec);

} }

_LIBCPP_UNREACHABLE(); _LIBCPP_UNREACHABLE();

} }

template <class... Args> _LIBCPP_PRINTFILE(3, 0)

T report(const error_code& ec, const char* msg, Args const&... args) const { T report_impl(const error_code& ec, const char* msg, va_list& args) const {

if (ec_) { if (ec_) {

va_end(args);

*ec_ = ec; *ec_ = ec;

return error_value<T>(); return error_value<T>();

} }

string what = string what =

string("in ") + func_name_ + ": " + format_string(msg, args...); string("in ") + func_name_ + ": " + format_string_impl(msg, args);

switch (bool(p1_) + bool(p2_)) { switch (bool(p1_) + bool(p2_)) {

case 0: case 0:

__throw_filesystem_error(what, ec); __throw_filesystem_error(what, ec);

case 1: case 1:

__throw_filesystem_error(what, *p1_, ec); __throw_filesystem_error(what, *p1_, ec);

case 2: case 2:

__throw_filesystem_error(what, *p1_, *p2_, ec); __throw_filesystem_error(what, *p1_, *p2_, ec);

} }

_LIBCPP_UNREACHABLE(); _LIBCPP_UNREACHABLE();

} }

_LIBCPP_PRINTFILE(3, 4)

T report(const error_code& ec, const char* msg, ...) const {

va_list args;

va_start(args, msg);

return report_impl(ec, msg, args);

QuuxplusoneUnsubmitted

Not Done

It looks like you're trying to make sure that va_end is called even during exception-based stack unwinding, is that right? If so, I think you should do the RAII thing and create a proper struct type that calls va_end in its destructor. Hey, it looks like GuardVaList might already be that RAII type! Use it on line 209, and on line 218, and on line 113.

Don't call va_end manually on line 189 — let these GuardVaList objects deal with that cleanup.

Basically, make sure every time you call va_start or va_copy, you follow it immediately with a transfer of ownership to a GuardVaList.

Quuxplusone: It looks like you're trying to make sure that `va_end` is called even during exception-based…

joergAuthorUnsubmitted

Done

I don't think there is any advantage to moving GuardVaList out. If anything, calling format_string_impl first and building the result afterwards seems like the way forward as it removes the only possible exception path.

joerg: I don't think there is any advantage to moving GuardVaList out. If anything, calling…

QuuxplusoneUnsubmitted

Not Done

...Actually, I take back the "RAII guard" idea. From OSX's man stdarg:

Note that each call to va_start() must be matched by a call to va_end(), from within the same function.

And see https://stackoverflow.com/questions/37454179/how-to-properly-va-end

So you should just figure out a way to make report_impl noexcept, and then do both va_start and va_end from within this function. (format_string_impl will continue to call both va_copy and va_end from within the same function; but again, it shouldn't use the RAII type to do it; it should just be made noexcept.)

Also, please pass va_list ap by value, not reference; that way we match what libc does with vprintf, which we know is OK. Pass-by-reference is probably fine in practice, but why take the chance?

Quuxplusone: ...Actually, I take back the "RAII guard" idea. From OSX's `man stdarg`: > Note that each call…

}

T report(errc const& err) const { return report(make_error_code(err)); } T report(errc const& err) const { return report(make_error_code(err)); }

template <class... Args> _LIBCPP_PRINTFILE(3, 4)

T report(errc const& err, const char* msg, Args const&... args) const { T report(errc const& err, const char* msg, ...) const {

return report(make_error_code(err), msg, args...); va_list args;

va_start(args, msg);

return report_impl(make_error_code(err), msg, args);

} }

private: private:

ErrorHandler(ErrorHandler const&) = delete; ErrorHandler(ErrorHandler const&) = delete;

ErrorHandler& operator=(ErrorHandler const&) = delete; ErrorHandler& operator=(ErrorHandler const&) = delete;

}; };

using chrono::duration; using chrono::duration;

▲ Show 20 Lines • Show All 287 Lines • Show Last 20 Lines

libcxx/src/filesystem/operations.cpp

Show First 20 Lines • Show All 1,441 Lines • ▼ Show 20 Lines	#else
if (ret == nullptr)		if (ret == nullptr)
ret = "/tmp";		ret = "/tmp";

path p(ret);		path p(ret);
#endif		#endif
error_code m_ec;		error_code m_ec;
file_status st = detail::posix_stat(p, &m_ec);		file_status st = detail::posix_stat(p, &m_ec);
if (!status_known(st))		if (!status_known(st))
return err.report(m_ec, "cannot access path \"" PS_FMT "\"", p);		return err.report(m_ec, "cannot access path \"" PS_FMT "\"", p.c_str());

if (!exists(st) \|\| !is_directory(st))		if (!exists(st) \|\| !is_directory(st))
return err.report(errc::not_a_directory, "path \"" PS_FMT "\" is not a directory",		return err.report(errc::not_a_directory,
p);		"path \"" PS_FMT "\" is not a directory", p.c_str());

return p;		return p;
}		}

path __weakly_canonical(const path& p, error_code* ec) {		path __weakly_canonical(const path& p, error_code* ec) {
ErrorHandler<path> err("weakly_canonical", ec, &p);		ErrorHandler<path> err("weakly_canonical", ec, &p);

if (p.empty())		if (p.empty())
▲ Show 20 Lines • Show All 529 Lines • Show Last 20 Lines

This is an archive of the discontinued LLVM Phabricator instance.

[libc++] Drop template layer when using vsnprintfAbandonedPublic

Details

Diff Detail

Event Timeline

Revision Contents

Diff 324730

libcxx/include/__config

libcxx/src/filesystem/directory_iterator.cpp

libcxx/src/filesystem/filesystem_common.h

libcxx/src/filesystem/operations.cpp

[libc++] Drop template layer when using vsnprintf
AbandonedPublic