This is an archive of the discontinued LLVM Phabricator instance.

Differential D101674

[libc++] [LIBCXX-DEBUG-FIXME] Constexpr char_traits::copy mustn't compare unrelated pointers.
ClosedPublic

Authored by Quuxplusone on Apr 30 2021, 4:50 PM.

Details

Reviewers
ldionne
Mordante
Group Reviewers
Restricted Project
Commits
rGdf81bb71aa45: [libc++] [LIBCXX-DEBUG-FIXME] Constexpr char_traits::copy mustn't compare…
Summary
Now that __builtin_is_constant_evaluated() is present on all supported
compilers, we can use it to skip the UB-inducing assert in cases where
the computation might be happening at constexpr time.

Diff Detail

Event Timeline

Quuxplusone requested review of this revision.Apr 30 2021, 4:50 PM
Quuxplusone created this revision.
Herald added 1 blocking reviewer(s): Restricted Project. · View Herald TranscriptApr 30 2021, 4:50 PM
Herald added a subscriber: libcxx-commits. · View Herald Transcript
Harbormaster completed remote builds in B102053: Diff 342085.Apr 30 2021, 5:22 PM
Quuxplusone updated this revision to Diff 342239.May 2 2021, 6:53 AM

poke buildkite

Harbormaster completed remote builds in B102174: Diff 342239.May 2 2021, 9:12 AM
ldionne requested changes to this revision.May 5 2021, 10:53 AM

We should be able to compare pointers with std::less to solve this problem. It won't work if you just start using std::less because our std::less is actually wrong, however that's another problem we need to solve. We shouldn't just remove this assertion and hide the problem. So:

  1. Fix std::less so that it's not UB to use it to compare unrelated pointers (will require having some sort of special contract with the compiler that std::less can do that -- this could be done with some sort of builtin).
  2. Fix the debug mode so that it allows comparing unrelated pointers with std::less (frankly I'm not sure what's the best way of doing that off the top of my head, but we can explore).
  3. Use std::less to implement those pointer comparisons.

WDYT?

This revision now requires changes to proceed.May 5 2021, 10:53 AM
Quuxplusone planned changes to this revision.May 5 2021, 4:34 PM

We should be able to compare pointers with std::less to solve this problem. [...]
(will require having some sort of special contract with the compiler that std::less can do that -- this could be done with some sort of builtin)

I agree that that's what WG21 seems to want vendors to do. But that requires coordinating a new pointer-comparison builtin with both Clang and GCC, which is (definitely a good idea but) far above my pay grade. I'm happy to abandon this PR and let someone-not-me pursue the builtin angle...

Discussed offline with @ldionne and decided to sit on this for now, with the intent that someone will pursue adding a builtin at least to Clang.

Quuxplusone updated this revision to Diff 371762.Sep 9 2021, 6:36 PM
Quuxplusone edited the summary of this revision. (Show Details)
Quuxplusone added a reviewer: Mordante.

Now that __builtin_is_constant_evaluated() is present on all supported
compilers, we can use it to skip the UB-inducing assert in cases where
the computation might be happening at constexpr time.

@ldionne ping!

Harbormaster completed remote builds in B123341: Diff 371762.Sep 9 2021, 7:39 PM
Mordante accepted this revision as: Mordante.Sep 15 2021, 11:07 AM

Nice to see more tests working in debug mode. LGTM!

libcxx/include/__string
268–270

WDYT about adding a short comment. // comparing unrelated pointers is invalid in a constexpr function?

Quuxplusone added inline comments.Sep 16 2021, 10:01 AM
libcxx/include/__string
268–270

Seems relatively harmless, but repetitive (do it in all 6 places, right?). And if anyone did wonder enough about why the if was there, they could always remove it and see what tests broke. So, I'm ambivalent, but can add the comment if someone else — @ldionne? — also thinks it's a good idea.
Nit: s/constexpr function/constant expression/ or maybe constexpr context (which is a phrase I use a lot but has no textual support in the standard AFAIK).

ldionne accepted this revision.Sep 20 2021, 10:25 AM
This revision is now accepted and ready to land.Sep 20 2021, 10:25 AM
Closed by commit rGdf81bb71aa45: [libc++] [LIBCXX-DEBUG-FIXME] Constexpr char_traits::copy mustn't compare… (authored by arthur.j.odwyer). · Explain WhySep 20 2021, 11:45 AM
This revision was automatically updated to reflect the committed changes.
arthur.j.odwyer added a commit: rGdf81bb71aa45: [libc++] [LIBCXX-DEBUG-FIXME] Constexpr char_traits::copy mustn't compare….

Revision Contents

PathSize
libcxx/
include/
26 lines
test/
std/
strings/
char.traits/
char.traits.specializations/
char.traits.specializations.char/
2 lines
char.traits.specializations.char16_t/
2 lines
char.traits.specializations.char32_t/
2 lines
char.traits.specializations.char8_t/
1 line
char.traits.specializations.wchar.t/
2 lines
string.view/
string.view.ops/
1 line

Diff 373674

libcxx/include/__string

Show First 20 LinesShow All 259 Lines▼ Show 20 Lineschar_traits<_CharT>::move(char_type* __s1, const char_type* __s2, size_t __n)
return __r; return __r;
} }
template <class _CharT> template <class _CharT>
inline _LIBCPP_CONSTEXPR_AFTER_CXX17 inline _LIBCPP_CONSTEXPR_AFTER_CXX17
_CharT* _CharT*
char_traits<_CharT>::copy(char_type* __s1, const char_type* __s2, size_t __n) char_traits<_CharT>::copy(char_type* __s1, const char_type* __s2, size_t __n)
{ {
if (!__libcpp_is_constant_evaluated()) {
_LIBCPP_ASSERT(__s2 < __s1 || __s2 >= __s1+__n, "char_traits::copy overlapped range"); _LIBCPP_ASSERT(__s2 < __s1 || __s2 >= __s1+__n, "char_traits::copy overlapped range");
}
MordanteUnsubmitted
Not Done
ReplyInline Actions

WDYT about adding a short comment. // comparing unrelated pointers is invalid in a constexpr function?

Mordante: WDYT about adding a short comment. `// comparing unrelated pointers is invalid in a constexpr…
QuuxplusoneAuthorUnsubmitted
Done
ReplyInline Actions

Seems relatively harmless, but repetitive (do it in all 6 places, right?). And if anyone did wonder enough about why the if was there, they could always remove it and see what tests broke. So, I'm ambivalent, but can add the comment if someone else — @ldionne? — also thinks it's a good idea.
Nit: s/constexpr function/constant expression/ or maybe constexpr context (which is a phrase I use a lot but has no textual support in the standard AFAIK).

Quuxplusone: Seems relatively harmless, but repetitive (do it in all 6 places, right?). And if anyone did…
char_type* __r = __s1; char_type* __r = __s1;
for (; __n; --__n, ++__s1, ++__s2) for (; __n; --__n, ++__s1, ++__s2)
assign(*__s1, *__s2); assign(*__s1, *__s2);
return __r; return __r;
} }
template <class _CharT> template <class _CharT>
inline _LIBCPP_CONSTEXPR_AFTER_CXX17 inline _LIBCPP_CONSTEXPR_AFTER_CXX17
▲ Show 20 LinesShow All 66 Lines▼ Show 20 Lines char_type* move(char_type* __s1, const char_type* __s2, size_t __n) _NOEXCEPT
{ {
return __libcpp_is_constant_evaluated() return __libcpp_is_constant_evaluated()
? _VSTD::__move_constexpr(__s1, __s2, __n) ? _VSTD::__move_constexpr(__s1, __s2, __n)
: __n == 0 ? __s1 : (char_type*)_VSTD::memmove(__s1, __s2, __n); : __n == 0 ? __s1 : (char_type*)_VSTD::memmove(__s1, __s2, __n);
} }
static inline _LIBCPP_CONSTEXPR_AFTER_CXX17 static inline _LIBCPP_CONSTEXPR_AFTER_CXX17
char_type* copy(char_type* __s1, const char_type* __s2, size_t __n) _NOEXCEPT char_type* copy(char_type* __s1, const char_type* __s2, size_t __n) _NOEXCEPT
{ {
if (!__libcpp_is_constant_evaluated()) {
_LIBCPP_ASSERT(__s2 < __s1 || __s2 >= __s1+__n, "char_traits::copy overlapped range"); _LIBCPP_ASSERT(__s2 < __s1 || __s2 >= __s1+__n, "char_traits::copy overlapped range");
}
return __libcpp_is_constant_evaluated() return __libcpp_is_constant_evaluated()
? _VSTD::__copy_constexpr(__s1, __s2, __n) ? _VSTD::__copy_constexpr(__s1, __s2, __n)
: __n == 0 ? __s1 : (char_type*)_VSTD::memcpy(__s1, __s2, __n); : __n == 0 ? __s1 : (char_type*)_VSTD::memcpy(__s1, __s2, __n);
} }
static inline _LIBCPP_CONSTEXPR_AFTER_CXX17 static inline _LIBCPP_CONSTEXPR_AFTER_CXX17
char_type* assign(char_type* __s, size_t __n, char_type __a) _NOEXCEPT char_type* assign(char_type* __s, size_t __n, char_type __a) _NOEXCEPT
{ {
return __libcpp_is_constant_evaluated() return __libcpp_is_constant_evaluated()
▲ Show 20 LinesShow All 86 Lines▼ Show 20 Lines char_type* move(char_type* __s1, const char_type* __s2, size_t __n) _NOEXCEPT
{ {
return __libcpp_is_constant_evaluated() return __libcpp_is_constant_evaluated()
? _VSTD::__move_constexpr(__s1, __s2, __n) ? _VSTD::__move_constexpr(__s1, __s2, __n)
: __n == 0 ? __s1 : _VSTD::wmemmove(__s1, __s2, __n); : __n == 0 ? __s1 : _VSTD::wmemmove(__s1, __s2, __n);
} }
static inline _LIBCPP_CONSTEXPR_AFTER_CXX17 static inline _LIBCPP_CONSTEXPR_AFTER_CXX17
char_type* copy(char_type* __s1, const char_type* __s2, size_t __n) _NOEXCEPT char_type* copy(char_type* __s1, const char_type* __s2, size_t __n) _NOEXCEPT
{ {
if (!__libcpp_is_constant_evaluated()) {
_LIBCPP_ASSERT(__s2 < __s1 || __s2 >= __s1+__n, "char_traits::copy overlapped range"); _LIBCPP_ASSERT(__s2 < __s1 || __s2 >= __s1+__n, "char_traits::copy overlapped range");
}
return __libcpp_is_constant_evaluated() return __libcpp_is_constant_evaluated()
? _VSTD::__copy_constexpr(__s1, __s2, __n) ? _VSTD::__copy_constexpr(__s1, __s2, __n)
: __n == 0 ? __s1 : _VSTD::wmemcpy(__s1, __s2, __n); : __n == 0 ? __s1 : _VSTD::wmemcpy(__s1, __s2, __n);
} }
static inline _LIBCPP_CONSTEXPR_AFTER_CXX17 static inline _LIBCPP_CONSTEXPR_AFTER_CXX17
char_type* assign(char_type* __s, size_t __n, char_type __a) _NOEXCEPT char_type* assign(char_type* __s, size_t __n, char_type __a) _NOEXCEPT
{ {
return __libcpp_is_constant_evaluated() return __libcpp_is_constant_evaluated()
▲ Show 20 LinesShow All 114 Lines▼ Show 20 Lines char_type* move(char_type* __s1, const char_type* __s2, size_t __n) _NOEXCEPT
{ {
return __libcpp_is_constant_evaluated() return __libcpp_is_constant_evaluated()
? _VSTD::__move_constexpr(__s1, __s2, __n) ? _VSTD::__move_constexpr(__s1, __s2, __n)
: __n == 0 ? __s1 : (char_type*)_VSTD::memmove(__s1, __s2, __n); : __n == 0 ? __s1 : (char_type*)_VSTD::memmove(__s1, __s2, __n);
} }
static _LIBCPP_CONSTEXPR_AFTER_CXX17 static _LIBCPP_CONSTEXPR_AFTER_CXX17
char_type* copy(char_type* __s1, const char_type* __s2, size_t __n) _NOEXCEPT char_type* copy(char_type* __s1, const char_type* __s2, size_t __n) _NOEXCEPT
{ {
if (!__libcpp_is_constant_evaluated()) {
_LIBCPP_ASSERT(__s2 < __s1 || __s2 >= __s1+__n, "char_traits::copy overlapped range"); _LIBCPP_ASSERT(__s2 < __s1 || __s2 >= __s1+__n, "char_traits::copy overlapped range");
}
return __libcpp_is_constant_evaluated() return __libcpp_is_constant_evaluated()
? _VSTD::__copy_constexpr(__s1, __s2, __n) ? _VSTD::__copy_constexpr(__s1, __s2, __n)
: __n == 0 ? __s1 : (char_type*)_VSTD::memcpy(__s1, __s2, __n); : __n == 0 ? __s1 : (char_type*)_VSTD::memcpy(__s1, __s2, __n);
} }
static _LIBCPP_CONSTEXPR_AFTER_CXX17 static _LIBCPP_CONSTEXPR_AFTER_CXX17
char_type* assign(char_type* __s, size_t __n, char_type __a) _NOEXCEPT char_type* assign(char_type* __s, size_t __n, char_type __a) _NOEXCEPT
{ {
▲ Show 20 LinesShow All 159 Lines▼ Show 20 Lineschar_traits<char16_t>::move(char_type* __s1, const char_type* __s2, size_t __n) _NOEXCEPT
} }
return __r; return __r;
} }
inline _LIBCPP_CONSTEXPR_AFTER_CXX17 inline _LIBCPP_CONSTEXPR_AFTER_CXX17
char16_t* char16_t*
char_traits<char16_t>::copy(char_type* __s1, const char_type* __s2, size_t __n) _NOEXCEPT char_traits<char16_t>::copy(char_type* __s1, const char_type* __s2, size_t __n) _NOEXCEPT
{ {
if (!__libcpp_is_constant_evaluated()) {
_LIBCPP_ASSERT(__s2 < __s1 || __s2 >= __s1+__n, "char_traits::copy overlapped range"); _LIBCPP_ASSERT(__s2 < __s1 || __s2 >= __s1+__n, "char_traits::copy overlapped range");
}
char_type* __r = __s1; char_type* __r = __s1;
for (; __n; --__n, ++__s1, ++__s2) for (; __n; --__n, ++__s1, ++__s2)
assign(*__s1, *__s2); assign(*__s1, *__s2);
return __r; return __r;
} }
inline _LIBCPP_CONSTEXPR_AFTER_CXX17 inline _LIBCPP_CONSTEXPR_AFTER_CXX17
char16_t* char16_t*
▲ Show 20 LinesShow All 103 Lines▼ Show 20 Lineschar_traits<char32_t>::move(char_type* __s1, const char_type* __s2, size_t __n) _NOEXCEPT
} }
return __r; return __r;
} }
inline _LIBCPP_CONSTEXPR_AFTER_CXX17 inline _LIBCPP_CONSTEXPR_AFTER_CXX17
char32_t* char32_t*
char_traits<char32_t>::copy(char_type* __s1, const char_type* __s2, size_t __n) _NOEXCEPT char_traits<char32_t>::copy(char_type* __s1, const char_type* __s2, size_t __n) _NOEXCEPT
{ {
if (!__libcpp_is_constant_evaluated()) {
_LIBCPP_ASSERT(__s2 < __s1 || __s2 >= __s1+__n, "char_traits::copy overlapped range"); _LIBCPP_ASSERT(__s2 < __s1 || __s2 >= __s1+__n, "char_traits::copy overlapped range");
}
char_type* __r = __s1; char_type* __r = __s1;
for (; __n; --__n, ++__s1, ++__s2) for (; __n; --__n, ++__s1, ++__s2)
assign(*__s1, *__s2); assign(*__s1, *__s2);
return __r; return __r;
} }
inline _LIBCPP_CONSTEXPR_AFTER_CXX17 inline _LIBCPP_CONSTEXPR_AFTER_CXX17
char32_t* char32_t*
▲ Show 20 LinesShow All 254 LinesShow Last 20 Lines

libcxx/test/std/strings/char.traits/char.traits.specializations/char.traits.specializations.char/copy.pass.cpp

//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// //
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
// See https://llvm.org/LICENSE.txt for license information. // See https://llvm.org/LICENSE.txt for license information.
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
// //
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// UNSUPPORTED: LIBCXX-DEBUG-FIXME
// <string> // <string>
// template<> struct char_traits<char> // template<> struct char_traits<char>
// static char_type* copy(char_type* s1, const char_type* s2, size_t n); // static char_type* copy(char_type* s1, const char_type* s2, size_t n);
#include <string> #include <string>
#include <cassert> #include <cassert>
Show All 27 Lines

libcxx/test/std/strings/char.traits/char.traits.specializations/char.traits.specializations.char16_t/copy.pass.cpp

//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// //
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
// See https://llvm.org/LICENSE.txt for license information. // See https://llvm.org/LICENSE.txt for license information.
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
// //
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// UNSUPPORTED: LIBCXX-DEBUG-FIXME
// <string> // <string>
// template<> struct char_traits<char16_t> // template<> struct char_traits<char16_t>
// static char_type* copy(char_type* s1, const char_type* s2, size_t n); // static char_type* copy(char_type* s1, const char_type* s2, size_t n);
#include <string> #include <string>
#include <cassert> #include <cassert>
Show All 29 Lines

libcxx/test/std/strings/char.traits/char.traits.specializations/char.traits.specializations.char32_t/copy.pass.cpp

//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// //
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
// See https://llvm.org/LICENSE.txt for license information. // See https://llvm.org/LICENSE.txt for license information.
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
// //
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// UNSUPPORTED: LIBCXX-DEBUG-FIXME
// <string> // <string>
// template<> struct char_traits<char32_t> // template<> struct char_traits<char32_t>
// static char_type* copy(char_type* s1, const char_type* s2, size_t n); // static char_type* copy(char_type* s1, const char_type* s2, size_t n);
#include <string> #include <string>
#include <cassert> #include <cassert>
Show All 29 Lines

libcxx/test/std/strings/char.traits/char.traits.specializations/char.traits.specializations.char8_t/copy.pass.cpp

//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// //
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
// See https://llvm.org/LICENSE.txt for license information. // See https://llvm.org/LICENSE.txt for license information.
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
// //
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// UNSUPPORTED: c++03, c++11, c++14, c++17 // UNSUPPORTED: c++03, c++11, c++14, c++17
// UNSUPPORTED: LIBCXX-DEBUG-FIXME
// <string> // <string>
// template<> struct char_traits<char8_t> // template<> struct char_traits<char8_t>
// static char_type* copy(char_type* s1, const char_type* s2, size_t n); // static char_type* copy(char_type* s1, const char_type* s2, size_t n);
#include <string> #include <string>
Show All 30 Lines

libcxx/test/std/strings/char.traits/char.traits.specializations/char.traits.specializations.wchar.t/copy.pass.cpp

//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// //
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
// See https://llvm.org/LICENSE.txt for license information. // See https://llvm.org/LICENSE.txt for license information.
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
// //
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// UNSUPPORTED: LIBCXX-DEBUG-FIXME
// <string> // <string>
// template<> struct char_traits<wchar_t> // template<> struct char_traits<wchar_t>
// static char_type* copy(char_type* s1, const char_type* s2, size_t n); // static char_type* copy(char_type* s1, const char_type* s2, size_t n);
#include <string> #include <string>
#include <cassert> #include <cassert>
Show All 27 Lines

libcxx/test/std/strings/string.view/string.view.ops/copy.pass.cpp

//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// //
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
// See https://llvm.org/LICENSE.txt for license information. // See https://llvm.org/LICENSE.txt for license information.
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
// //
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// GCC's __builtin_strlen isn't constexpr yet // GCC's __builtin_strlen isn't constexpr yet
// XFAIL: gcc-11 && !(c++11 || c++14 || c++17) // XFAIL: gcc-11 && !(c++11 || c++14 || c++17)
// UNSUPPORTED: LIBCXX-DEBUG-FIXME
// <string_view> // <string_view>
// size_type copy(charT* s, size_type n, size_type pos = 0) const; // size_type copy(charT* s, size_type n, size_type pos = 0) const;
// Throws: out_of_range if pos > size(). // Throws: out_of_range if pos > size().
// Remarks: Let rlen be the smaller of n and size() - pos. // Remarks: Let rlen be the smaller of n and size() - pos.
// Requires: [s, s+rlen) is a valid range. // Requires: [s, s+rlen) is a valid range.
▲ Show 20 LinesShow All 115 LinesShow Last 20 Lines