Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[libc++] Encode additional ODR-affecting properties in the ABI tag #69669

Merged
merged 4 commits into from
Oct 26, 2023
+161 −15
Merged

[libc++] Encode additional ODR-affecting properties in the ABI tag #69669

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
4a47a7c
[libc++] Encode additional ODR-affecting properties in the ABI tag
ldionne Oct 20, 2023
9be4117
Reorder ABI tag components to get rid of one byte
ldionne Oct 23, 2023
80cdeb1
Adjust XFAILs
ldionne Oct 23, 2023
7faee0f
Change XFAILs for MSVC since it appears to only fail with clang-cl
ldionne Oct 24, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
58 changes: 43 additions & 15 deletions libcxx/include/__config
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -56,10 +56,6 @@
# define _LIBCPP_CONCAT_IMPL(_X, _Y) _X##_Y
# define _LIBCPP_CONCAT(_X, _Y) _LIBCPP_CONCAT_IMPL(_X, _Y)

// Valid C++ identifier that revs with every libc++ version. This can be used to
// generate identifiers that must be unique for every released libc++ version.
# define _LIBCPP_VERSIONED_IDENTIFIER _LIBCPP_CONCAT(v, _LIBCPP_VERSION)

# if __STDC_HOSTED__ == 0
# define _LIBCPP_FREESTANDING
# endif
Expand Down Expand Up @@ -734,22 +730,54 @@ typedef __char32_t char32_t;
# define _LIBCPP_EXCLUDE_FROM_EXPLICIT_INSTANTIATION _LIBCPP_ALWAYS_INLINE
# endif

# if _LIBCPP_ENABLE_HARDENED_MODE
# define _LIBCPP_HARDENING_SIG h
# elif _LIBCPP_ENABLE_SAFE_MODE
# define _LIBCPP_HARDENING_SIG s
# elif _LIBCPP_ENABLE_DEBUG_MODE
# define _LIBCPP_HARDENING_SIG d
# else
# define _LIBCPP_HARDENING_SIG u // for unchecked
# endif

# ifdef _LIBCPP_HAS_NO_EXCEPTIONS
# define _LIBCPP_EXCEPTIONS_SIG n
# else
# define _LIBCPP_EXCEPTIONS_SIG e
# endif

# define _LIBCPP_ODR_SIGNATURE \
_LIBCPP_CONCAT(_LIBCPP_CONCAT(_LIBCPP_CONCAT(v, _LIBCPP_VERSION), _LIBCPP_HARDENING_SIG), _LIBCPP_EXCEPTIONS_SIG)
ldionne marked this conversation as resolved.
Show resolved Hide resolved
ldionne marked this conversation as resolved.
Show resolved Hide resolved

// This macro marks a symbol as being hidden from libc++'s ABI. This is achieved
// on two levels:
// 1. The symbol is given hidden visibility, which ensures that users won't start exporting
// symbols from their dynamic library by means of using the libc++ headers. This ensures
// that those symbols stay private to the dynamic library in which it is defined.
//
// 2. The symbol is given an ABI tag that changes with each version of libc++. This ensures
// that no ODR violation can arise from mixing two TUs compiled with different versions
// of libc++ where we would have changed the definition of a symbol. If the symbols shared
// the same name, the ODR would require that their definitions be token-by-token equivalent,
// which basically prevents us from being able to make any change to any function in our
// headers. Using this ABI tag ensures that the symbol name is "bumped" artificially at
// each release, which lets us change the definition of these symbols at our leisure.
// Note that historically, this has been achieved in various ways, including force-inlining
// all functions or giving internal linkage to all functions. Both these (previous) solutions
// suffer from drawbacks that lead notably to code bloat.
// 2. The symbol is given an ABI tag that encodes the ODR-relevant properties of the library.
ldionne marked this conversation as resolved.
Show resolved Hide resolved
// This ensures that no ODR violation can arise from mixing two TUs compiled with different
// versions or configurations of libc++ (such as exceptions vs no-exceptions). Indeed, if the
// program contains two definitions of a function, the ODR requires them to be token-by-token
// equivalent, and the linker is allowed to pick either definition and discard the other one.
//
// For example, if a program contains a copy of `vector::at()` compiled with exceptions enabled
// *and* a copy of `vector::at()` compiled with exceptions disabled (by means of having two TUs
// compiled with different settings), the two definitions are both visible by the linker and they
// have the same name, but they have a meaningfully different implementation (one throws an exception
// and the other aborts the program). This violates the ODR and makes the program ill-formed, and in
// practice what will happen is that the linker will pick one of the definitions at random and will
// discard the other one. This can quite clearly lead to incorrect program behavior.
//
// A similar reasoning holds for many other properties that are ODR-affecting. Essentially any
// property that causes the code of a function to differ from the code in another configuration
// can be considered ODR-affecting. In practice, we don't encode all such properties in the ABI
// tag, but we encode the ones that we think are most important: library version, exceptions, and
// hardening mode.
//
// Note that historically, solving this problem has been achieved in various ways, including
// force-inlining all functions or giving internal linkage to all functions. Both these previous
// solutions suffer from drawbacks that lead notably to code bloat.
//
// Note that we use _LIBCPP_EXCLUDE_FROM_EXPLICIT_INSTANTIATION to ensure that we don't depend
// on _LIBCPP_HIDE_FROM_ABI methods of classes explicitly instantiated in the dynamic library.
Expand All @@ -769,7 +797,7 @@ typedef __char32_t char32_t;
# ifndef _LIBCPP_NO_ABI_TAG
# define _LIBCPP_HIDE_FROM_ABI \
_LIBCPP_HIDDEN _LIBCPP_EXCLUDE_FROM_EXPLICIT_INSTANTIATION \
__attribute__((__abi_tag__(_LIBCPP_TOSTRING(_LIBCPP_VERSIONED_IDENTIFIER))))
__attribute__((__abi_tag__(_LIBCPP_TOSTRING(_LIBCPP_ODR_SIGNATURE))))
# else
# define _LIBCPP_HIDE_FROM_ABI _LIBCPP_HIDDEN _LIBCPP_EXCLUDE_FROM_EXPLICIT_INSTANTIATION
# endif
Expand Down
43 changes: 43 additions & 0 deletions libcxx/test/libcxx/odr_signature.exceptions.sh.cpp
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,43 @@
//===----------------------------------------------------------------------===//
//
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
// See https://llvm.org/LICENSE.txt for license information.
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
//
//===----------------------------------------------------------------------===//

// Test that we encode whether exceptions are supported in an ABI tag to avoid
// ODR violations when linking TUs that have different values for it.

// RUN: %{cxx} %s %{flags} %{compile_flags} -c -DTU1 -fno-exceptions -o %t.tu1.o
// RUN: %{cxx} %s %{flags} %{compile_flags} -c -DTU2 -fexceptions -o %t.tu2.o
// RUN: %{cxx} %s %{flags} %{compile_flags} -c -DMAIN -o %t.main.o
// RUN: %{cxx} %t.tu1.o %t.tu2.o %t.main.o %{flags} %{link_flags} -o %t.exe
// RUN: %{exec} %t.exe

// -fno-exceptions
#ifdef TU1
# include <__config>
_LIBCPP_HIDE_FROM_ABI inline int f() { return 1; }
int tu1() { return f(); }
#endif // TU1

// -fexceptions
#ifdef TU2
# include <__config>
_LIBCPP_HIDE_FROM_ABI inline int f() { return 2; }
int tu2() { return f(); }
#endif // TU2

#ifdef MAIN
# include <cassert>

int tu1();
int tu2();

int main(int, char**) {
assert(tu1() == 1);
assert(tu2() == 2);
return 0;
}
#endif // MAIN
63 changes: 63 additions & 0 deletions libcxx/test/libcxx/odr_signature.hardening.sh.cpp
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,63 @@
//===----------------------------------------------------------------------===//
ldionne marked this conversation as resolved.
Show resolved Hide resolved
//
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
// See https://llvm.org/LICENSE.txt for license information.
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
//
//===----------------------------------------------------------------------===//

// Test that we encode the hardening mode in an ABI tag to avoid ODR violations
// when linking TUs that have different values for it.

// RUN: %{cxx} %s %{flags} %{compile_flags} -c -DTU1 -D_LIBCPP_ENABLE_HARDENED_MODE -o %t.tu1.o
// RUN: %{cxx} %s %{flags} %{compile_flags} -c -DTU2 -D_LIBCPP_ENABLE_SAFE_MODE -o %t.tu2.o
// RUN: %{cxx} %s %{flags} %{compile_flags} -c -DTU3 -D_LIBCPP_ENABLE_DEBUG_MODE -o %t.tu3.o
// RUN: %{cxx} %s %{flags} %{compile_flags} -c -DTU4 -o %t.tu4.o
// RUN: %{cxx} %s %{flags} %{compile_flags} -c -DMAIN -o %t.main.o
// RUN: %{cxx} %t.tu1.o %t.tu2.o %t.tu3.o %t.tu4.o %t.main.o %{flags} %{link_flags} -o %t.exe
// RUN: %{exec} %t.exe

// hardened mode
#ifdef TU1
# include <__config>
_LIBCPP_HIDE_FROM_ABI inline int f() { return 1; }
int tu1() { return f(); }
#endif // TU1

// safe mode
#ifdef TU2
# include <__config>
_LIBCPP_HIDE_FROM_ABI inline int f() { return 2; }
int tu2() { return f(); }
#endif // TU2

// debug mode
#ifdef TU3
# include <__config>
_LIBCPP_HIDE_FROM_ABI inline int f() { return 3; }
int tu3() { return f(); }
#endif // TU3

// unchecked mode
#ifdef TU4
# include <__config>
_LIBCPP_HIDE_FROM_ABI inline int f() { return 4; }
int tu4() { return f(); }
#endif // TU4

#ifdef MAIN
# include <cassert>

int tu1();
int tu2();
int tu3();
int tu4();

int main(int, char**) {
assert(tu1() == 1);
assert(tu2() == 2);
assert(tu3() == 3);
assert(tu4() == 4);
return 0;
}
#endif // MAIN