[cxx-abi-dev] N4198 and mangling for member pointer template arguments

Richard Smith richardsmith at google.com
Tue Dec 2 23:51:40 UTC 2014 

On 2 December 2014 at 13:58, John McCall <rjmccall at apple.com> wrote:

> On Dec 2, 2014, at 11:46 AM, Richard Smith <richardsmith at google.com>
> wrote:
> On 1 December 2014 at 17:41, John McCall <rjmccall at apple.com> wrote:
>
>> On Dec 1, 2014, at 2:18 PM, Richard Smith <richardsmith at google.com>
>> wrote:
>>
>> On 1 December 2014 at 12:02, John McCall <rjmccall at apple.com> wrote:
>>
>>> > On Nov 25, 2014, at 6:13 PM, Richard Smith <richardsmith at google.com>
>>> wrote:
>>> >
>>> > N4198 (accepted at Urbana) makes it possible for a template parameter
>>> of type T U::* to have a template argument of type T V::*, where V is a
>>> base class of U or vice versa. A naive attempt to apply the existing ABI
>>> rules leads to mangling collisions in cases like this:
>>> >
>>> > struct A { int n; };
>>> > struct B : A {};
>>> > template<int A::*> void f() {}
>>> > template<int B::*> void f() {}
>>> > void g() {
>>> >   constexpr int A::*p = &A::n;
>>> >   constexpr int B::*q = p;
>>> >   f<p>();
>>> >   f<q>();
>>> > }
>>> >
>>> > (Here, a naive approach would use XadL_ZN1A1nEEE as the template
>>> argument value in both calls.)
>>> >
>>> > In order to resolve this, I suggest we introduce a new mangling for
>>> the case of a member pointer template argument where the class containing
>>> the member is different from the class in the template parameter. The
>>> minimal information we'll need to include is the class in the template
>>> parameter and a designator if the base class is a repeated base class.
>>> >
>>> > One approach would be to use
>>> >
>>> >   sc <type> ad L<member>E
>>> >
>>> > and to explicitly include the final type plus those intermediate types
>>> that introduce multiple inheritance from the base class (that is, just
>>> enough to uniquely identify the path).
>>> >
>>> > Another would be to introduce a new mangling that incorporates the
>>> final type and an offset or discriminator.
>>>
>>> Do we have the same problem for references and pointers to base
>>> subobjects?  Okay, I see that the answer is “no”, but only because you kept
>>> that restriction in N4198.  I think we can assume that that’s not permanent.
>>>
>>
>> I agree; I expect we'll eventually pare back the restrictions to
>> something like "no pointers/references to union members, and no
>> one-past-the-end pointers", or even remove all restrictions altogether if
>> no-one gets upset that different template arguments can compare equal.
>> (We've actually already crossed this bridge by specifying that pointers to
>> members of a union compare equal even if they point to different members,
>> but no-one has got upset about it yet...)
>>
>> I like the idea of using (possibly invented) static_casts; it’s not
>>> optimally compact, but it at least theoretically works with existing
>>> demanglers.  Have you checked to see if it actually works?
>>>
>>
>> For _Z1fIXscM1BiadL_ZN1A1nEEEEvv (from my example above):
>>
>> GCC's c++filt gives void f<static_cast<int B::*>(&A::n)>()
>> libc++abi's demangler gives void f<static_cast<int B::*>(&(A::n))>() ...
>> which is wrong, but it's equally wrong without the static_cast.
>>
>>
>> Awesome.
>>
>> I agree with only including those intermediate steps necessary to
>>> uniquely determine the path.
>>>
>>> We’d have to specify in what dependent situations we include the path.
>>> “Never” is the easiest answer, so that in
>>>   template <class T, int T::*member> void foo(decltype(T() +
>>> temp<&A::baz>());
>>> we’d mangle &A::baz without a path clarification even if we could
>>> type-check "temp<&A::baz>()” at template definition time.
>>
>>
>> That seems reasonable to me, but I'm not exactly sure what classifies as
>> a "dependent situation"; do you mean that we should mangle the path only if
>> the <template-arg> is not nested within an instantiation-dependent
>> <expression>?
>>
>>
>> Good question.  We get this same issue with integer template arguments:
>> the expression 1 has type int, but <1> (sometimes) gets mangled with the
>> template parameter type to which it’s been coerced.  I don’t think the ABI
>> completely specifies when to use one or the other — it’s an example of one
>> of the few places where “mangle the token stream” isn’t really enough
>> information — but I feel like the same rule should clearly apply here.
>>
>> The simplest rule is probably “only mangle using the coerced type when
>> identifying a concrete specialization, as in the <name> of an <encoding>”.
>> However, I suspect that Clang, at least, probably aggressively uses the
>> coerced type whenever it's already type-checked the template arguments,
>> meaning probably whenever the reference isn’t (some kind of) dependent.
>>
>
> It's not just Clang that does this. Consider:
>
> template<int N, short S> struct X {};
> template<int N> void f(X<N, 5>) {}
> template void f<0>(X<0, 5>);
>
> Clang, GCC, and EDG all give _Z1fILi0EEv1XIXT_ELs5EE as the mangling.
>
> Here's a trickier case:
>
> template<int N, short S> struct X {};
> template<int ...N> void f(X<N..., 5>) {}
> template void f<int>(X<int, 5>);
>
> For this, GCC and clang give _Z1fIJLi0EEEv1XIXspT_ELi5EE, and EDG
> gives _Z1fIJLi0EEEv1XIXT_ELs5EE. I think EDG is wrong here, and we should
> not perform conversions on template arguments that appear at or after a
> pack expansion into a non-pack (because we don't know how template
> arguments and parameters correspond beyond that point).
>
> Presumably all implementations also skip canonicalization when the
> template parameter is dependent or the template argument is some kind of
> dependent (though maybe not the same kind).
>
>
> Hmm.  I’d prefer not to hard-code an order dependence, because I think
> it’s likely that the committee will eventually weaken the rules about where
> packs can appear in parameter lists (e.g. to allow templates to pull
> arguments off the end instead of the beginning).
>
So I think we either need to do what EDG does and heroically match later
> arguments which have to be part of the pack — which may or may not work
> equally well with future pack-placement rules — or pull back and say we’re
> completely blocked by the existence of dependent pack expansions.
>

EDG's approach is impossible to follow in some cases, such as:

  template<int A, short B, int C = 0> struct X {};
  template<int ...N> void f(X<N..., 5>) {}
  template void f<0>(X<0, 5>);
  template void f<0, 1>(X<0, 1, 5>);

(EDG rejects this, which I suspect is related to their eager analysis of
template arguments.)

I think the ABI rule we’re looking at is something like this:  there are
> two kinds of template argument, dependent and non-dependent.  A template
> argument is dependent if:
>   - it is itself instantiation-dependent,
>   - the template name is dependent, or
>   - <some rule about dependent pack expansions?>.
>

... or its corresponding template parameter is a non-type template
parameter with a dependent type (or perhaps is an instantiation-dependent
template template parameter).

A dependent template argument should be mangled using its original
> value/type/template-name expression.  A non-dependent non-type template
> argument can always be matched with a corresponding template parameter type
> and should be mangled as a (possibly coerced) literal value.
>
> Right now, coercion only applies to non-type template arguments, but it’s
> also possible for it to apply to template template arguments in the future
> — I was just thinking of passing
>   template <class T, class U=int> class A;
> to a parameter typed as:
>   template<class> class
> but Doug points out that you could also pass variadic templates, e.g.
>   template <class… T> class A;
>

The template template argument issue is not an "in the future" issue; we
get this wrong today:

  template<typename> struct X {};
  template<template<typename> class> void f();
  template<template<typename...> class> void f();

Both f<X>s have the same mangling.

This might be a somewhat unhelpful observation, but the root cause of the
problem seems to be that our mangling of a function template misses out
part of the signature (the template parameter list); consequently, if the
name of a function template specialization is not dependent, we must put
sufficient information in the template arguments to allow us to recover the
template parameter list (at least to the point that we can distinguish
between overloads).

It looks like the template template parameter / template type parameter
duality for injected-class-names can also theoretically cause problems, but
you need to be a terrible person to observe it:

  template<template<typename T> class> int f() {}
  template<class> int g() {}
  template<typename> struct A {
    template<typename T> friend void h(decltype(T() + f<A>()) *,
decltype(T() + g<A>()) *, T) {}
    void x() { h(0, 0, this); }
  };
  void j() { A<int>().x(); }

Here, GCC mangles f<A> and g<A> the same, even though one of them refers to
A as a class template, and the other refers to A as a non-template
injected-class-name. That might just be a GCC bug, though; its diagnostics
suggest that it thinks the template argument for f is A<int> rather than A.

> There's another issue that we should probably fix at the same time:
>> qualification conversions are permitted in template arguments, and we
>> currently mangle a signature that performs a qualification conversion the
>> same way as we mangle a signature that does not. We could either fold the
>> qualification conversion into the last (synthetic) static_cast, or add an
>> explicit synthetic const_cast to model it. I'm inclined to favour the
>> latter, even though it will give longer manglings in the (hopefully rare)
>> case where both conversions occur (because it also works if the user has
>> cast away constness, and because it's simpler). Example:
>>
>> // tu1
>> extern int n;
>> template<int*> void f() {}
>> void g() { f<&n>(); }
>>
>> // tu2
>> extern int n;
>> template<const int*> void f() {}
>> void h() { f<&n>(); }
>>
>> Here:
>> g calls _Z1fIXadL_Z1nEEEvv
>> h calls _Z1fIXccPKiadL_Z1nEEEvv
>>
>>
>> Is this a compatibility issue?  As in, aren’t qualification conversions
>> already allowed in template arguments?  There might be a significant number
>> of existing template arguments that, say, bind a non-const global to a
>> const reference.
>>
>
> Yes, this is a pre-existing bug in the ABI; we have always been required
> to miscompile the above code. We could limit the scope of the damage by
> only applying this change to function templates.
>
>
> Hmm, yes, that would help a lot.
>
> A fair amount of code relies on separate template instantiations being
> mangled consistently, but that code is generally either:
>   - using RTTI for a class temploid specialization,
>   - using a class template specialization as a parameter type, or
>   - using an explicit instantiation.
> The second is completely specific to class templates, the first is almost
> completely specific to class templates (the exception being local classes
> in a function template), and the third is mostly used for class templates.
>
> There’s relatively little code doing stuff like:
>   - putting a static local variable in a function template or
>   - using a function template specialization as a non-type template
> argument to a template that itself needs symbol consistency for some reason.
>
> So yes, if this only practically affects instantiations of function
> templates with non-type template parameters, and only when there’s a
> qualifier mismatch between the actual declaration and the parameter, then
> the overall impact should be tiny.
>
> Nonetheless, it’s an ABI break, and not just for a new feature but for
> existing code.  So it should be separately formally proposed.
>
> John.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://sourcerytools.com/pipermail/cxx-abi-dev/attachments/20141202/1ff0a7b4/attachment-0001.html>

More information about the cxx-abi-dev mailing list