This is an archive of the discontinued LLVM Phabricator instance.

Differential D143327

[libc++] Introduce __is_pointer_in_range
ClosedPublic

Authored by philnik on Feb 4 2023, 2:54 PM.

Details

Reviewers
ldionne
Mordante
var-const
Group Reviewers
Restricted Project
Commits
rG7949ee0d4f10: [libc++] Introduce __is_pointer_in_range
Summary

This checks whether a pointer is within a range, even during constant evaluation. This allows running optimized code paths during constant evaluation, instead of falling back to the general-purpose implementation all the time. This is also a central place for comparing unrelated pointers, which is technically UB.

Diff Detail

Event Timeline

philnik created this revision.Feb 4 2023, 2:54 PM
Herald added a project: Restricted Project. · View Herald TranscriptFeb 4 2023, 2:54 PM
philnik requested review of this revision.Feb 4 2023, 2:54 PM
Herald added a project: Restricted Project. · View Herald TranscriptFeb 4 2023, 2:54 PM
Herald added a reviewer: Restricted Project. · View Herald Transcript
Herald added a subscriber: libcxx-commits. · View Herald Transcript
philnik added inline comments.Feb 4 2023, 2:56 PM
libcxx/include/__utility/is_pointer_in_range.h
48

Am I correct here that it's impossible to get aliasing pointers during constant evaluation that are not comparable normally?

Harbormaster completed remote builds in B211887: Diff 494854.Feb 4 2023, 3:01 PM
philnik added a parent revision: D143329: [libc++] Move constexpr <cstring> functions into their own headers and remove unused <cstring> includes.Feb 5 2023, 1:19 AM
philnik updated this revision to Diff 494871.Feb 5 2023, 1:21 AM

Generate files

Harbormaster completed remote builds in B211900: Diff 494871.Feb 5 2023, 1:48 AM
Mordante edited the summary of this revision. (Show Details)Feb 5 2023, 3:49 AM
Mordante added a comment.Feb 5 2023, 4:13 AM

Note I fixed a typo in the commit message.

Thanks for working on this, I think it's useful to have, but it requires a bit more work.

libcxx/include/CMakeLists.txt
833

I miss the module map entry.

libcxx/include/__config
1105

Can you add a link to the documentation of this attribute?

libcxx/include/__utility/is_pointer_in_range.h
34

Or are empty ranges prohibited?

Based on the code below it is indeed prohibited. If that is intended I really dislike the name of the function.
The function does not test whether the pointer is in the range, but whether the pointer is in the range and can be dereferenced.Maybe __is_pointer_in_dereferencable_range would be a better name.

42

I think we should document this is technically UB, but all supported compilers accept this.

51

Is this really safe on all supported platforms?

libcxx/test/libcxx/utilities/is_pointer_in_range.pass.cpp
38

I really like to see more test. This only compares pointers where _Tp and _Up are the same type. Since the code tests different pointer types I really would like to see tests for volatile pointers against non-volatile pointers. Test with object pointers against function pointers, data member pointer, member function pointers.

philnik updated this revision to Diff 496142.Feb 9 2023, 8:24 AM
philnik marked 3 inline comments as done.

Address comments

libcxx/include/__config
1105

I don't really see the point here. All the clang attributes are described at https://clang.llvm.org/docs/AttributeReference.html. Having a link to the same page for every attribute we use seems redundant. We can add a link at the top of the file if you think that's useful.

libcxx/include/__utility/is_pointer_in_range.h
34

No, empty ranges are not prohibited. This just checks that it is valid to compare the two pointers. It doesn't actually check that __begin is smaller than __end. IOW __builtin_constant_p(ptr < ptr) is always true, since the expression is known to result in false (https://godbolt.org/z/EMfW7179r).

AFAIK a range is normally [begin, end), i.e. excluding the end pointer. Returning true for the end pointer would be inconsistent with any other function taking a range.

51

I think it should be. Do you have anything specific in mind?

libcxx/test/libcxx/utilities/is_pointer_in_range.pass.cpp
38

I don't think it makes sense to call __is_pointer_in_range with function pointers or member pointers, so I added static_asserts instead.

Harbormaster completed remote builds in B212824: Diff 496142.Feb 9 2023, 8:25 AM
Mordante added inline comments.Feb 11 2023, 6:02 AM
libcxx/include/__config
1105

I think it would help readers to quickly find the documentation, instead of remember where the clang attributes are exactly available.

libcxx/include/__utility/is_pointer_in_range.h
34

Yes a range is [begin, end), and an empty for an empty range begin == end.
I'm happy with the fix.

51

You can compare integral types with different sizes, but you can't just cast pointers from one to another.

Concretely I wonder whether we violate alignment rules.
For example`_Tp == int`, _Up = signed char and __ptr = 0xFFF01. This will create a const int* at an odd numbered address. (This is valid on x86, but that platform has less alignment restrictions than other platforms.)

philnik updated this revision to Diff 497246.Feb 14 2023, 2:09 AM
philnik marked 5 inline comments as done.

Address comments

libcxx/include/__utility/is_pointer_in_range.h
51

Yeah, I'm not sure. Casting all pointers to char should make it safe.

Harbormaster completed remote builds in B213606: Diff 497246.Feb 14 2023, 2:10 AM
ldionne requested changes to this revision.Feb 27 2023, 9:05 AM
ldionne added inline comments.
libcxx/include/module.modulemap.in
1743–1744

By the way, I think this is highly relevant to the existing issue that std::less is supposed to be blessed to compare unrelated pointers, but we currently don't do anything special with it. I think we should have a single solution for both of those issues.

libcxx/include/string
1952

The new code is not equivalent to the old one. The old code does data() <= __p && __p <= data() + size(), the new code looks for data() <= __p && __p < data() + size() (notice <= vs <).

1957

I would handle the !is-less-than-comparable case here instead of in __is_pointer_in_range. __is_pointer_in_range is more general purpose, and it doesn't make sense for it to return false when trying to compare unrelated pointers -- instead it should be a compiler error to do so.

In other words, __is_pointer_in_range should be equivalent to first <= p < last, except blessed by the compiler -- nothing less, nothing more. If that expression would not be well formed, then __is_pointer_in_range should also not be well formed, and we shouldn't try to give it a value.

This revision now requires changes to proceed.Feb 27 2023, 9:05 AM
philnik updated this revision to Diff 501134.Feb 28 2023, 7:32 AM
philnik marked 2 inline comments as done.

Address comments

Harbormaster completed remote builds in B216466: Diff 501134.Feb 28 2023, 8:07 AM
philnik updated this revision to Diff 501228.Feb 28 2023, 10:53 AM

Try to fix CI

Harbormaster completed remote builds in B216535: Diff 501228.Feb 28 2023, 10:54 AM
ldionne accepted this revision.Mar 2 2023, 8:33 AM

LGTM, but this needs to be rebased on the patch with the __less refactoring before going in.

libcxx/include/__utility/is_pointer_in_range.h
42–43

That way, we technically don't have to change anything but std::less in the future.

We could also use __less instead here, and make __less be the canonical place where we bless comparison of unrelated pointers. We would then also use __less from std::less. Let's do that part as a separate patch, it's actually a nice cleanup.

libcxx/include/string
1958

Here and below.

1971

For symmetry with above?

libcxx/test/libcxx/utilities/is_pointer_in_range.pass.cpp
35

Could we move this test to test_cv_quals?

This revision is now accepted and ready to land.Mar 2 2023, 8:33 AM
philnik edited parent revisions, added: D145285: [libc++] Refactor __less; removed: D143329: [libc++] Move constexpr <cstring> functions into their own headers and remove unused <cstring> includes.Jun 1 2023, 3:18 PM
philnik updated this revision to Diff 527646.Jun 1 2023, 3:18 PM
philnik marked 5 inline comments as done.

Address comments

Harbormaster completed remote builds in B236012: Diff 527646.Jun 1 2023, 8:55 PM
philnik added a child revision: D151953: [libc++] Fix std::copy and std::move for ranges with potentially overlapping tail padding.Jun 2 2023, 8:47 AM
philnik updated this revision to Diff 529037.Jun 6 2023, 2:00 PM

Rebased

Harbormaster completed remote builds in B237067: Diff 529037.Jun 6 2023, 4:31 PM
philnik updated this revision to Diff 529093.Jun 6 2023, 4:59 PM

Try to fix CI

Harbormaster completed remote builds in B237117: Diff 529093.Jun 6 2023, 8:01 PM
philnik updated this revision to Diff 529322.Jun 7 2023, 8:37 AM

Try to fix CI

Harbormaster completed remote builds in B237286: Diff 529322.Jun 7 2023, 8:41 AM
philnik updated this revision to Diff 529326.Jun 7 2023, 8:54 AM

Try to fix CI

Harbormaster completed remote builds in B237288: Diff 529326.Jun 7 2023, 11:42 AM
Closed by commit rG7949ee0d4f10: [libc++] Introduce __is_pointer_in_range (authored by philnik). · Explain WhyJun 7 2023, 1:34 PM
This revision was automatically updated to reflect the committed changes.
philnik added a commit: rG7949ee0d4f10: [libc++] Introduce __is_pointer_in_range.
philnik removed a child revision: D151953: [libc++] Fix std::copy and std::move for ranges with potentially overlapping tail padding.Jun 8 2023, 10:56 AM

Revision Contents

PathSize
libcxx/
1 line
include/
1 line
8 lines
__utility/
52 lines
1 line
41 lines
test/
libcxx/
utilities/
58 lines

Diff 529418

libcxx/.clang-format

Show All 32 LinesAttributeMacros: ['_LIBCPP_HIDE_FROM_ABI',
'_LIBCPP_EXCEPTION_ABI', '_LIBCPP_EXCEPTION_ABI',
'_LIBCPP_ENUM_VIS', '_LIBCPP_ENUM_VIS',
'_LIBCPP_EXTERN_TEMPLATE_TYPE_VIS', '_LIBCPP_EXTERN_TEMPLATE_TYPE_VIS',
'_LIBCPP_INTERNAL_LINKAGE', '_LIBCPP_INTERNAL_LINKAGE',
'_LIBCPP_EXCLUDE_FROM_EXPLICIT_INSTANTIATION', '_LIBCPP_EXCLUDE_FROM_EXPLICIT_INSTANTIATION',
'_LIBCPP_HIDE_FROM_ABI_AFTER_V1', '_LIBCPP_HIDE_FROM_ABI_AFTER_V1',
'_LIBCPP_INLINE_VISIBILITY', '_LIBCPP_INLINE_VISIBILITY',
'_LIBCPP_NOALIAS', '_LIBCPP_NOALIAS',
'_LIBCPP_NO_SANITIZE',
'_LIBCPP_USING_IF_EXISTS', '_LIBCPP_USING_IF_EXISTS',
'_LIBCPP_DEPRECATED', '_LIBCPP_DEPRECATED',
'_LIBCPP_DEPRECATED_IN_CXX11', '_LIBCPP_DEPRECATED_IN_CXX11',
'_LIBCPP_DEPRECATED_IN_CXX14', '_LIBCPP_DEPRECATED_IN_CXX14',
'_LIBCPP_DEPRECATED_IN_CXX17', '_LIBCPP_DEPRECATED_IN_CXX17',
'_LIBCPP_DEPRECATED_IN_CXX20', '_LIBCPP_DEPRECATED_IN_CXX20',
'_LIBCPP_NODISCARD', '_LIBCPP_NODISCARD',
'_LIBCPP_NODISCARD_EXT', '_LIBCPP_NODISCARD_EXT',
Show All 35 Lines

libcxx/include/CMakeLists.txt

Show First 20 LinesShow All 824 Lines▼ Show 20 Linesset(files
__utility/cmp.h __utility/cmp.h
__utility/convert_to_integral.h __utility/convert_to_integral.h
__utility/declval.h __utility/declval.h
__utility/exception_guard.h __utility/exception_guard.h
__utility/exchange.h __utility/exchange.h
__utility/forward.h __utility/forward.h
__utility/forward_like.h __utility/forward_like.h
__utility/in_place.h __utility/in_place.h
__utility/integer_sequence.h __utility/integer_sequence.h
MordanteUnsubmitted
Done
ReplyInline Actions

I miss the module map entry.

Mordante: I miss the module map entry.
__utility/is_pointer_in_range.h
__utility/move.h __utility/move.h
__utility/pair.h __utility/pair.h
__utility/piecewise_construct.h __utility/piecewise_construct.h
__utility/priority_tag.h __utility/priority_tag.h
__utility/rel_ops.h __utility/rel_ops.h
__utility/swap.h __utility/swap.h
__utility/terminate_on_exception.h __utility/terminate_on_exception.h
__utility/to_underlying.h __utility/to_underlying.h
▲ Show 20 LinesShow All 212 LinesShow Last 20 Lines

libcxx/include/__config

Show All 29 Lines
# define _LIBCPP_COMPILER_CLANG_BASED # define _LIBCPP_COMPILER_CLANG_BASED
# define _LIBCPP_CLANG_VER (__clang_major__ * 100 + __clang_minor__) # define _LIBCPP_CLANG_VER (__clang_major__ * 100 + __clang_minor__)
#elif defined(__GNUC__) #elif defined(__GNUC__)
# define _LIBCPP_COMPILER_GCC # define _LIBCPP_COMPILER_GCC
#endif #endif
#ifdef __cplusplus #ifdef __cplusplus
// The attributes supported by clang are documented at https://clang.llvm.org/docs/AttributeReference.html
// _LIBCPP_VERSION represents the version of libc++, which matches the version of LLVM. // _LIBCPP_VERSION represents the version of libc++, which matches the version of LLVM.
// Given a LLVM release LLVM XX.YY.ZZ (e.g. LLVM 17.0.1 == 17.00.01), _LIBCPP_VERSION is // Given a LLVM release LLVM XX.YY.ZZ (e.g. LLVM 17.0.1 == 17.00.01), _LIBCPP_VERSION is
// defined to XXYYZZ. // defined to XXYYZZ.
# define _LIBCPP_VERSION 170000 # define _LIBCPP_VERSION 170000
# define _LIBCPP_CONCAT_IMPL(_X, _Y) _X##_Y # define _LIBCPP_CONCAT_IMPL(_X, _Y) _X##_Y
# define _LIBCPP_CONCAT(_X, _Y) _LIBCPP_CONCAT_IMPL(_X, _Y) # define _LIBCPP_CONCAT(_X, _Y) _LIBCPP_CONCAT_IMPL(_X, _Y)
▲ Show 20 LinesShow All 1,048 Lines▼ Show 20 Lines
# endif # endif
# if __has_attribute(__preferred_name__) # if __has_attribute(__preferred_name__)
# define _LIBCPP_PREFERRED_NAME(x) __attribute__((__preferred_name__(x))) # define _LIBCPP_PREFERRED_NAME(x) __attribute__((__preferred_name__(x)))
# else # else
# define _LIBCPP_PREFERRED_NAME(x) # define _LIBCPP_PREFERRED_NAME(x)
# endif # endif
# if __has_attribute(__no_sanitize__)
# define _LIBCPP_NO_SANITIZE(...) __attribute__((__no_sanitize__(__VA_ARGS__)))
MordanteUnsubmitted
Done
ReplyInline Actions

Can you add a link to the documentation of this attribute?

Mordante: Can you add a link to the documentation of this attribute?
philnikAuthorUnsubmitted
Done
ReplyInline Actions

I don't really see the point here. All the clang attributes are described at https://clang.llvm.org/docs/AttributeReference.html. Having a link to the same page for every attribute we use seems redundant. We can add a link at the top of the file if you think that's useful.

philnik: I don't really see the point here. All the clang attributes are described at https://clang.llvm.
MordanteUnsubmitted
Done
ReplyInline Actions

I think it would help readers to quickly find the documentation, instead of remember where the clang attributes are exactly available.

Mordante: I think it would help readers to quickly find the documentation, instead of remember where the…
# else
# define _LIBCPP_NO_SANITIZE(...)
# endif
// We often repeat things just for handling wide characters in the library. // We often repeat things just for handling wide characters in the library.
// When wide characters are disabled, it can be useful to have a quick way of // When wide characters are disabled, it can be useful to have a quick way of
// disabling it without having to resort to #if-#endif, which has a larger // disabling it without having to resort to #if-#endif, which has a larger
// impact on readability. // impact on readability.
# if defined(_LIBCPP_HAS_NO_WIDE_CHARACTERS) # if defined(_LIBCPP_HAS_NO_WIDE_CHARACTERS)
# define _LIBCPP_IF_WIDE_CHARACTERS(...) # define _LIBCPP_IF_WIDE_CHARACTERS(...)
# else # else
# define _LIBCPP_IF_WIDE_CHARACTERS(...) __VA_ARGS__ # define _LIBCPP_IF_WIDE_CHARACTERS(...) __VA_ARGS__
▲ Show 20 LinesShow All 208 LinesShow Last 20 Lines

libcxx/include/__utility/is_pointer_in_range.h

  • This file was added.
//===----------------------------------------------------------------------===//
//
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
// See https://llvm.org/LICENSE.txt for license information.
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
//
//===----------------------------------------------------------------------===//
#ifndef _LIBCPP___UTILITY_IS_POINTER_IN_RANGE_H
#define _LIBCPP___UTILITY_IS_POINTER_IN_RANGE_H
#include <__algorithm/comp.h>
#include <__assert>
#include <__config>
#include <__type_traits/enable_if.h>
#include <__type_traits/integral_constant.h>
#include <__type_traits/is_constant_evaluated.h>
#include <__type_traits/is_function.h>
#include <__type_traits/is_member_pointer.h>
#include <__type_traits/void_t.h>
#include <__utility/declval.h>
#if !defined(_LIBCPP_HAS_NO_PRAGMA_SYSTEM_HEADER)
# pragma GCC system_header
#endif
_LIBCPP_BEGIN_NAMESPACE_STD
template <class _Tp, class _Up>
_LIBCPP_CONSTEXPR_SINCE_CXX14 _LIBCPP_HIDE_FROM_ABI _LIBCPP_NO_SANITIZE("address") bool __is_pointer_in_range(
const _Tp* __begin, const _Tp* __end, const _Up* __ptr) {
static_assert(!is_function<_Tp>::value && !is_function<_Up>::value,
"__is_pointer_in_range should not be called with function pointers");
static_assert(!is_member_pointer<_Tp>::value && !is_member_pointer<_Up>::value,
MordanteUnsubmitted
Done
ReplyInline Actions
if (__libcpp_is_constant_evaluated()) {
- _LIBCPP_ASSERT(__builtin_constant_p(__begin < __end), "__begin and __end do not form a range");
+ _LIBCPP_ASSERT(__builtin_constant_p(__begin <= __end), "__begin and __end do not form a range");
// If this is not a constant during constant evaluation we know that __ptr is not part of the allocation where

Or are empty ranges prohibited?

Based on the code below it is indeed prohibited. If that is intended I really dislike the name of the function.
The function does not test whether the pointer is in the range, but whether the pointer is in the range and can be dereferenced.Maybe __is_pointer_in_dereferencable_range would be a better name.

Mordante: Or are empty ranges prohibited? Based on the code below it is indeed prohibited. If that is…
philnikAuthorUnsubmitted
Done
ReplyInline Actions

No, empty ranges are not prohibited. This just checks that it is valid to compare the two pointers. It doesn't actually check that __begin is smaller than __end. IOW __builtin_constant_p(ptr < ptr) is always true, since the expression is known to result in false (https://godbolt.org/z/EMfW7179r).

AFAIK a range is normally [begin, end), i.e. excluding the end pointer. Returning true for the end pointer would be inconsistent with any other function taking a range.

philnik: No, empty ranges are not prohibited. This just checks that it is valid to compare the two…
MordanteUnsubmitted
Done
ReplyInline Actions

Yes a range is [begin, end), and an empty for an empty range begin == end.
I'm happy with the fix.

Mordante: Yes a range is `[begin, end)`, and an empty for an empty range `begin == end`. I'm happy with…
"__is_pointer_in_range should not be called with member pointers");
if (__libcpp_is_constant_evaluated()) {
_LIBCPP_ASSERT(__builtin_constant_p(__begin <= __end), "__begin and __end do not form a range");
// If this is not a constant during constant evaluation we know that __ptr is not part of the allocation where
// [__begin, __end) is.
if (!__builtin_constant_p(__begin <= __ptr && __ptr < __end))
MordanteUnsubmitted
Done
ReplyInline Actions

I think we should document this is technically UB, but all supported compilers accept this.

Mordante: I think we should document this is technically UB, but all supported compilers accept this.
return false;
ldionneUnsubmitted
Done
ReplyInline Actions
return false;
}
- // Checking this for unrelated pointers is technically UB, but no compiler optimizes based on it (currently).
- return __begin <= __ptr && __ptr < __end;
+ return !std::less<>()(__ptr, __begin) && std::less<>()(__ptr, __end); // __begin <= __ptr < __end, but avoid UB comparing unrelated pointers with std::less
}
_LIBCPP_END_NAMESPACE_STD

That way, we technically don't have to change anything but std::less in the future.

We could also use __less instead here, and make __less be the canonical place where we bless comparison of unrelated pointers. We would then also use __less from std::less. Let's do that part as a separate patch, it's actually a nice cleanup.

ldionne: That way, we technically don't have to change anything but `std::less` in the future. We could…
}
// Checking this for unrelated pointers is technically UB, but no compiler optimizes based on it (currently).
return !__less<>()(__ptr, __begin) && __less<>()(__ptr, __end);
}
philnikAuthorUnsubmitted
Done
ReplyInline Actions

Am I correct here that it's impossible to get aliasing pointers during constant evaluation that are not comparable normally?

philnik: Am I correct here that it's impossible to get aliasing pointers during constant evaluation that…
_LIBCPP_END_NAMESPACE_STD
MordanteUnsubmitted
Done
ReplyInline Actions

Is this really safe on all supported platforms?

Mordante: Is this really safe on all supported platforms?
philnikAuthorUnsubmitted
Done
ReplyInline Actions

I think it should be. Do you have anything specific in mind?

philnik: I think it should be. Do you have anything specific in mind?
MordanteUnsubmitted
Done
ReplyInline Actions

You can compare integral types with different sizes, but you can't just cast pointers from one to another.

Concretely I wonder whether we violate alignment rules.
For example`_Tp == int`, _Up = signed char and __ptr = 0xFFF01. This will create a const int* at an odd numbered address. (This is valid on x86, but that platform has less alignment restrictions than other platforms.)

Mordante: You can compare integral types with different sizes, but you can't just cast pointers from one…
philnikAuthorUnsubmitted
Done
ReplyInline Actions

Yeah, I'm not sure. Casting all pointers to char should make it safe.

philnik: Yeah, I'm not sure. Casting all pointers to `char` should make it safe.
#endif // _LIBCPP___UTILITY_IS_POINTER_IN_RANGE_H

libcxx/include/module.modulemap.in

Show First 20 LinesShow All 1,734 Lines▼ Show 20 Lines module unordered_set {
export initializer_list export initializer_list
export * export *
} }
module utility { module utility {
header "utility" header "utility"
export initializer_list export initializer_list
export * export *
module __utility { module __utility {
module as_const { private header "__utility/as_const.h" } module as_const { private header "__utility/as_const.h" }
ldionneUnsubmitted
Done
ReplyInline Actions

By the way, I think this is highly relevant to the existing issue that std::less is supposed to be blessed to compare unrelated pointers, but we currently don't do anything special with it. I think we should have a single solution for both of those issues.

ldionne: By the way, I think this is highly relevant to the existing issue that `std::less` is supposed…
module auto_cast { module auto_cast {
private header "__utility/auto_cast.h" private header "__utility/auto_cast.h"
export type_traits.decay export type_traits.decay
} }
module cmp { private header "__utility/cmp.h" } module cmp { private header "__utility/cmp.h" }
module convert_to_integral { private header "__utility/convert_to_integral.h" } module convert_to_integral { private header "__utility/convert_to_integral.h" }
module declval { private header "__utility/declval.h" } module declval { private header "__utility/declval.h" }
module exception_guard { private header "__utility/exception_guard.h" } module exception_guard { private header "__utility/exception_guard.h" }
module exchange { private header "__utility/exchange.h" } module exchange { private header "__utility/exchange.h" }
module forward { private header "__utility/forward.h" } module forward { private header "__utility/forward.h" }
module forward_like { private header "__utility/forward_like.h" } module forward_like { private header "__utility/forward_like.h" }
module in_place { private header "__utility/in_place.h" } module in_place { private header "__utility/in_place.h" }
module integer_sequence { private header "__utility/integer_sequence.h" } module integer_sequence { private header "__utility/integer_sequence.h" }
module is_pointer_in_range { private header "__utility/is_pointer_in_range.h" }
module move { private header "__utility/move.h" } module move { private header "__utility/move.h" }
module pair { private header "__utility/pair.h" } module pair { private header "__utility/pair.h" }
module pair_fwd { private header "__fwd/pair.h" } module pair_fwd { private header "__fwd/pair.h" }
module piecewise_construct { private header "__utility/piecewise_construct.h" } module piecewise_construct { private header "__utility/piecewise_construct.h" }
module priority_tag { private header "__utility/priority_tag.h" } module priority_tag { private header "__utility/priority_tag.h" }
module rel_ops { private header "__utility/rel_ops.h" } module rel_ops { private header "__utility/rel_ops.h" }
module swap { private header "__utility/swap.h" } module swap { private header "__utility/swap.h" }
module terminate_on_exception { private header "__utility/terminate_on_exception.h" } module terminate_on_exception { private header "__utility/terminate_on_exception.h" }
▲ Show 20 LinesShow All 139 LinesShow Last 20 Lines

libcxx/include/string

Show First 20 LinesShow All 565 Lines▼ Show 20 Lines
#include <__type_traits/is_convertible.h> #include <__type_traits/is_convertible.h>
#include <__type_traits/is_nothrow_default_constructible.h> #include <__type_traits/is_nothrow_default_constructible.h>
#include <__type_traits/is_nothrow_move_assignable.h> #include <__type_traits/is_nothrow_move_assignable.h>
#include <__type_traits/is_same.h> #include <__type_traits/is_same.h>
#include <__type_traits/is_standard_layout.h> #include <__type_traits/is_standard_layout.h>
#include <__type_traits/is_trivial.h> #include <__type_traits/is_trivial.h>
#include <__type_traits/noexcept_move_assign_container.h> #include <__type_traits/noexcept_move_assign_container.h>
#include <__type_traits/remove_cvref.h> #include <__type_traits/remove_cvref.h>
#include <__type_traits/void_t.h>
#include <__utility/auto_cast.h> #include <__utility/auto_cast.h>
#include <__utility/declval.h>
#include <__utility/is_pointer_in_range.h>
#include <__utility/move.h> #include <__utility/move.h>
#include <__utility/swap.h> #include <__utility/swap.h>
#include <__utility/unreachable.h> #include <__utility/unreachable.h>
#include <climits> #include <climits>
#include <cstdint> #include <cstdint>
#include <cstdio> // EOF #include <cstdio> // EOF
#include <cstring> #include <cstring>
#include <limits> #include <limits>
▲ Show 20 LinesShow All 72 Lines▼ Show 20 Lines
template <class _CharT, class _Traits, class _Tp> template <class _CharT, class _Traits, class _Tp>
struct __can_be_converted_to_string_view : public _BoolConstant< struct __can_be_converted_to_string_view : public _BoolConstant<
is_convertible<const _Tp&, basic_string_view<_CharT, _Traits> >::value && is_convertible<const _Tp&, basic_string_view<_CharT, _Traits> >::value &&
!is_convertible<const _Tp&, const _CharT*>::value !is_convertible<const _Tp&, const _CharT*>::value
> {}; > {};
struct __uninitialized_size_tag {}; struct __uninitialized_size_tag {};
template <class _Tp, class _Up, class = void>
struct __is_less_than_comparable : false_type {};
template <class _Tp, class _Up>
struct __is_less_than_comparable<_Tp, _Up, __void_t<decltype(std::declval<_Tp>() < std::declval<_Up>())> > : true_type {
};
template<class _CharT, class _Traits, class _Allocator> template<class _CharT, class _Traits, class _Allocator>
class basic_string class basic_string
{ {
public: public:
typedef basic_string __self; typedef basic_string __self;
typedef basic_string_view<_CharT, _Traits> __self_view; typedef basic_string_view<_CharT, _Traits> __self_view;
typedef _Traits traits_type; typedef _Traits traits_type;
typedef _CharT value_type; typedef _CharT value_type;
▲ Show 20 LinesShow All 1,266 Lines▼ Show 20 Lines basic_string& __null_terminate_at(value_type* __p, size_type __newsz) {
__set_size(__newsz); __set_size(__newsz);
__invalidate_iterators_past(__newsz); __invalidate_iterators_past(__newsz);
traits_type::assign(__p[__newsz], value_type()); traits_type::assign(__p[__newsz], value_type());
return *this; return *this;
} }
_LIBCPP_HIDE_FROM_ABI _LIBCPP_CONSTEXPR_SINCE_CXX20 void __invalidate_iterators_past(size_type); _LIBCPP_HIDE_FROM_ABI _LIBCPP_CONSTEXPR_SINCE_CXX20 void __invalidate_iterators_past(size_type);
template<class _Tp> template <
_LIBCPP_HIDE_FROM_ABI _LIBCPP_CONSTEXPR_SINCE_CXX20 class _Tp,
bool __addr_in_range(_Tp&& __t) const { __enable_if_t<__is_less_than_comparable<const __remove_cvref_t<_Tp>*, const value_type*>::value, int> = 0>
ldionneUnsubmitted
Done
ReplyInline Actions

I would handle the !is-less-than-comparable case here instead of in __is_pointer_in_range. __is_pointer_in_range is more general purpose, and it doesn't make sense for it to return false when trying to compare unrelated pointers -- instead it should be a compiler error to do so.

In other words, __is_pointer_in_range should be equivalent to first <= p < last, except blessed by the compiler -- nothing less, nothing more. If that expression would not be well formed, then __is_pointer_in_range should also not be well formed, and we shouldn't try to give it a value.

ldionne: I would handle the `!is-less-than-comparable` case here instead of in `__is_pointer_in_range`.
// assume that the ranges overlap, because we can't check during constant evaluation _LIBCPP_HIDE_FROM_ABI _LIBCPP_CONSTEXPR_SINCE_CXX20 bool __addr_in_range(const _Tp& __v) const {
ldionneUnsubmitted
Done
ReplyInline Actions
__enable_if_t<__is_less_than_comparable<const __remove_cvref_t<_Tp>*, const value_type*>::value, int> = 0>
- _LIBCPP_HIDE_FROM_ABI _LIBCPP_CONSTEXPR_SINCE_CXX20 bool __addr_in_range(_Tp&& __v) const {
+ _LIBCPP_HIDE_FROM_ABI _LIBCPP_CONSTEXPR_SINCE_CXX20 bool __addr_in_range(_Tp const& __v) const {
return std::__is_pointer_in_range(data(), data() + size() + 1, std::addressof(__v));

Here and below.

ldionne: Here and below.
return std::__is_pointer_in_range(data(), data() + size() + 1, std::addressof(__v));
}
template <
class _Tp,
__enable_if_t<!__is_less_than_comparable<const __remove_cvref_t<_Tp>*, const value_type*>::value, int> = 0>
_LIBCPP_HIDE_FROM_ABI _LIBCPP_CONSTEXPR_SINCE_CXX20 bool __addr_in_range(const _Tp& __v) const {
if (__libcpp_is_constant_evaluated()) if (__libcpp_is_constant_evaluated())
return true; return false;
const volatile void *__p = std::addressof(__t);
return data() <= __p && __p <= data() + size(); auto __t_ptr = reinterpret_cast<const char*>(std::addressof(__v));
ldionneUnsubmitted
Done
ReplyInline Actions

The new code is not equivalent to the old one. The old code does data() <= __p && __p <= data() + size(), the new code looks for data() <= __p && __p < data() + size() (notice <= vs <).

ldionne: The new code is not equivalent to the old one. The old code does `data() <= __p && __p <= data…
return reinterpret_cast<const char*>(data()) <= __t_ptr &&
__t_ptr < reinterpret_cast<const char*>(data() + size() + 1);
ldionneUnsubmitted
Done
ReplyInline Actions
return reinterpret_cast<const char*>(data()) <= __t_ptr &&
- __t_ptr <= reinterpret_cast<const char*>(data() + size());
+ __t_ptr < reinterpret_cast<const char*>(data() + size() + 1);
}
_LIBCPP_NORETURN _LIBCPP_HIDE_FROM_ABI

For symmetry with above?

ldionne: For symmetry with above?
} }
_LIBCPP_NORETURN _LIBCPP_HIDE_FROM_ABI _LIBCPP_NORETURN _LIBCPP_HIDE_FROM_ABI
void __throw_length_error() const { void __throw_length_error() const {
std::__throw_length_error("basic_string"); std::__throw_length_error("basic_string");
} }
_LIBCPP_NORETURN _LIBCPP_HIDE_FROM_ABI _LIBCPP_NORETURN _LIBCPP_HIDE_FROM_ABI
▲ Show 20 LinesShow All 920 Lines▼ Show 20 Linesbasic_string<_CharT, _Traits, _Allocator>::replace(size_type __pos, size_type __n1, const value_type* __s, size_type __n2)
_LIBCPP_ASSERT(__n2 == 0 || __s != nullptr, "string::replace received nullptr"); _LIBCPP_ASSERT(__n2 == 0 || __s != nullptr, "string::replace received nullptr");
size_type __sz = size(); size_type __sz = size();
if (__pos > __sz) if (__pos > __sz)
__throw_out_of_range(); __throw_out_of_range();
__n1 = std::min(__n1, __sz - __pos); __n1 = std::min(__n1, __sz - __pos);
size_type __cap = capacity(); size_type __cap = capacity();
if (__cap - __sz + __n1 >= __n2) if (__cap - __sz + __n1 >= __n2)
{ {
if (__libcpp_is_constant_evaluated()) {
__grow_by_and_replace(__cap, 0, __sz, __pos, __n1, __n2, __s);
return *this;
}
value_type* __p = std::__to_address(__get_pointer()); value_type* __p = std::__to_address(__get_pointer());
if (__n1 != __n2) if (__n1 != __n2)
{ {
size_type __n_move = __sz - __pos - __n1; size_type __n_move = __sz - __pos - __n1;
if (__n_move != 0) if (__n_move != 0)
{ {
if (__n1 > __n2) if (__n1 > __n2)
{ {
traits_type::move(__p + __pos, __s, __n2); traits_type::move(__p + __pos, __s, __n2);
traits_type::move(__p + __pos + __n2, __p + __pos + __n1, __n_move); traits_type::move(__p + __pos + __n2, __p + __pos + __n1, __n_move);
return __null_terminate_at(__p, __sz + (__n2 - __n1)); return __null_terminate_at(__p, __sz + (__n2 - __n1));
} }
if (__p + __pos < __s && __s < __p + __sz) if (std::__is_pointer_in_range(__p + __pos + 1, __p + __sz, __s))
{ {
if (__p + __pos + __n1 <= __s) if (__p + __pos + __n1 <= __s)
__s += __n2 - __n1; __s += __n2 - __n1;
else // __p + __pos < __s < __p + __pos + __n1 else // __p + __pos < __s < __p + __pos + __n1
{ {
traits_type::move(__p + __pos, __s, __n1); traits_type::move(__p + __pos, __s, __n1);
__pos += __n1; __pos += __n1;
__s += __n2; __s += __n2;
▲ Show 20 LinesShow All 1,486 LinesShow Last 20 Lines

libcxx/test/libcxx/utilities/is_pointer_in_range.pass.cpp

  • This file was added.
//===----------------------------------------------------------------------===//
//
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
// See https://llvm.org/LICENSE.txt for license information.
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
//
//===----------------------------------------------------------------------===//
// ADDITIONAL_COMPILE_FLAGS: -Wno-private-header
#include <__utility/is_pointer_in_range.h>
#include <cassert>
#include "test_macros.h"
template <class T, class U>
TEST_CONSTEXPR_CXX14 void test_cv_quals() {
T i = 0;
U j = 0;
assert(!std::__is_pointer_in_range(&i, &i, &i));
assert(std::__is_pointer_in_range(&i, &i + 1, &i));
assert(!std::__is_pointer_in_range(&i, &i + 1, &j));
#if TEST_STD_VER >= 20
{
T* arr1 = new int[4]{1, 2, 3, 4};
U* arr2 = new int[4]{5, 6, 7, 8};
assert(!std::__is_pointer_in_range(arr1, arr1 + 4, arr2));
assert(std::__is_pointer_in_range(arr1, arr1 + 4, arr1 + 3));
assert(!std::__is_pointer_in_range(arr1, arr1, arr1 + 3));
delete[] arr1;
delete[] arr2;
}
ldionneUnsubmitted
Done
ReplyInline Actions

Could we move this test to test_cv_quals?

ldionne: Could we move this test to `test_cv_quals`?
#endif
}
MordanteUnsubmitted
Done
ReplyInline Actions

I really like to see more test. This only compares pointers where _Tp and _Up are the same type. Since the code tests different pointer types I really would like to see tests for volatile pointers against non-volatile pointers. Test with object pointers against function pointers, data member pointer, member function pointers.

Mordante: I really like to see more test. This only compares pointers where `_Tp` and `_Up` are the same…
philnikAuthorUnsubmitted
Done
ReplyInline Actions

I don't think it makes sense to call __is_pointer_in_range with function pointers or member pointers, so I added static_asserts instead.

philnik: I don't think it makes sense to call `__is_pointer_in_range` with function pointers or member…
TEST_CONSTEXPR_CXX14 bool test() {
test_cv_quals<int, int>();
test_cv_quals<const int, int>();
test_cv_quals<int, const int>();
test_cv_quals<const int, const int>();
test_cv_quals<volatile int, int>();
test_cv_quals<int, volatile int>();
test_cv_quals<volatile int, volatile int>();
return true;
}
int main(int, char**) {
test();
#if TEST_STD_VER >= 14
static_assert(test(), "");
#endif
return 0;
}