This is an archive of the discontinued LLVM Phabricator instance.

Differential D151637

DRAFT: hardening "interface"
AbandonedPublic

Authored by var-const on May 28 2023, 8:57 PM.

Details

Reviewers
None
Group Reviewers
Restricted Project

Diff Detail

Event Timeline

var-const created this revision.May 28 2023, 8:57 PM
Herald added a project: Restricted Project. · View Herald TranscriptMay 28 2023, 8:57 PM
var-const updated this revision to Diff 526366.May 28 2023, 8:59 PM

Undo accidental change.

Harbormaster completed remote builds in B235096: Diff 526366.May 28 2023, 9:06 PM
ldionne added a subscriber: ldionne.May 30 2023, 1:04 PM
ldionne added inline comments.
libcxx/include/__config_hardening
20–40 ↗(On Diff #526366)

This should move to __config under the ABI selection block. Or while we're at it, I've been meaning to move the ABI checks to somewhere outside of __config for a while but never got to it, so this could be a refactoring we do before adding these new knobs.

Maybe __config_dir/abi.h, __config_dir/assertions.h, __config_dir/availability.h, etc?

61 ↗(On Diff #526366)

Let's create a bug report on github to track this improvement and explain what it is in a few words.

63 ↗(On Diff #526366)

We should have a way to define default values for those in the __config_site so that a vendor can pick a default value for a given platform. This will probably require using 0 and 1 instead of just #ifndef to check for these macros.

63 ↗(On Diff #526366)

We should add documentation for these macros where we document the safe libc++ mode (actually this needs more updating in light of the "new" debug mode).

63 ↗(On Diff #526366)

We should have tests that a user can enable/disable the mode on a per-TU basis -- that's a pretty important property of the design. You can probably take inspiration from libcxx/test/libcxx/assertions/assertions_disabled.pass.cpp.

71 ↗(On Diff #526366)

This is going to conflict with the existing "legacy" debug mode. Can you write a short RFC proposing the removal of the legacy debug mode since it's really causing trouble here and that legacy debug mode has been broken. A few problems about it:

  1. It takes a global lock
  2. It's not constexpr friendly
  3. It hasn't really been maintained (e.g. new features don't necessarily use it)
  4. It was design with the goal of not changing the ABI, but that didn't work because updating the global database is an ABI affecting property (for example if you get a std::string from the dylib which hasn't been built with the debug mode enabled, it won't be in the database so you'll fail if your user code tries to check that the std::string is in the database).
  5. Some vendors (at least Apple) never shipped it
78 ↗(On Diff #526366)

For this one, we probably want to do

// in __config_dir/assertions.h
#ifdef _LIBCPP_DEBUG_RANDOMIZE_UNSPECIFIED_STABILITY
# define _LIBCPP_ASSERTIONS_ENABLE_DEBUG_RANDOMIZE_UNSPECIFIED_BEHAVIOR
# warning "this is deprecated, use _LIBCPP_ASSERTIONS_ENABLE_DEBUG_RANDOMIZE_UNSPECIFIED_BEHAVIOR"
#endif

Or maybe we can mark the macro as deprecated with an attribute, it seems to ring a bell but I'm not sure anymore.

84–95 ↗(On Diff #526366)

I think we should just use _LIBCPP_ASSERT here. _LIBCPP_ASSERT isn't tied to the debug mode anymore, it's just a self-standing utility for assertions in libc++ and we should use it universally.

#ifdef _LIBCPP_ENABLE_HARDENING_ASSERTIONS
#  define _LIBCPP_HARDENING_ASSERT(...) _LIBCPP_ASSERT(__VA_ARGS__)
#else
#  define _LIBCPP_HARDENING_ASSERT(...) /* nothing */
#endif
102 ↗(On Diff #526366)

We should force ourselves to put a semicolon after using the macro, otherwise editors will be confused.

libcxx/include/__hardening.h
26 ↗(On Diff #526366)

Should this be part of some kind of __hardening_traits class? Would there be anything else in there other than __refer_to_same_range?

var-const marked an inline comment as done.Jun 1 2023, 9:45 AM
var-const added inline comments.
libcxx/include/__config_hardening
20–40 ↗(On Diff #526366)

Created https://reviews.llvm.org/D151900 to move things under __config_dir (without any other changes for now). We want to move __config itself into the new directory as well, right?

71 ↗(On Diff #526366)

Posted the RFC to Discourse: https://discourse.llvm.org/t/rfc-removing-the-legacy-debug-mode-from-libc/71026/1

var-const marked 3 inline comments as done.Jun 21 2023, 10:12 AM
var-const added inline comments.
libcxx/include/__config_hardening
61 ↗(On Diff #526366)

https://github.com/llvm/llvm-project/issues/63153

var-const updated this revision to Diff 533505.Jun 22 2023, 1:30 AM
var-const marked 6 inline comments as done.

Address more feedback.

var-const updated this revision to Diff 533506.Jun 22 2023, 1:32 AM

hardening.h -> hardening

libcxx/include/__config_hardening
20–40 ↗(On Diff #526366)

Update: this turned out to be a lot harder than initially assumed because the split makes it easier to forget to include a header and mistakenly presume that a macro is undefined. I will postpone D151900 for now and keep everything in the same __config file for the purposes of this patch.

Moved to the ABI section of __config instead.

63 ↗(On Diff #526366)

It looks like the flags I'm passing to the command line get ignored (probably overwritten), I'll need to investigate more to find out why.

libcxx/include/__hardening.h
26 ↗(On Diff #526366)

Done.

My first idea was to rely on overload resolution to find the best match given that _Iter is a dependent name. However, that needs ADL to work which I coincidentally disabled by explicitly qualifying the function name with std::. I think using a traits class is more convenient regardless, thanks for the suggestion!

var-const updated this revision to Diff 533507.Jun 22 2023, 1:36 AM

Quick fix.

var-const added inline comments.Jun 22 2023, 1:44 AM
libcxx/include/__config
88

These are leftovers from testing, but I'm keeping them for now as useful reminders.

92

Note to self: this prevents a compiler warning/error.

286

IIUC, the current state where _LIBCPP_ENABLE_NEW_DEBUG_MODE automatically enables _LIBCPP_ASSERTIONS_ENABLE_HARDENING_ASSERTIONS doesn't quite work because then the user cannot use _LIBCPP_ASSERTIONS_ENABLE_HARDENING_ASSERTIONS to override the current hardening mode, right? If so, does that mean that the user has to define both e.g. _LIBCPP_ASSERTIONS_ENABLE_HARDENING_ASSERTIONS and _LIBCPP_ENABLE_NEW_DEBUG_MODE?

325

I copied this from existing macros. Is there a reason to prefer this form to just /*nothing*/?

libcxx/include/__config_site.in
42

Some notes and questions:

  1. We don't want _ASSERTIONS in the names of the top-level macros, e.g. it should be _LIBCPP_ENABLE_HARDENED_MODE and not _LIBCPP_ASSERTIONS_ENABLE_HARDENED_MODE, right? What about _LIBCPP_ASSERTIONS_ENABLE_HARDENING_ASSERTIONS?
  2. I'm not 100% happy with the names _LIBCPP_ENABLE_HARDENED_MODE_ABI_BREAK and _LIBCPP_ENABLE_HARDENED_MODE. They look obviously related, but the relationship isn't obvious.
  3. For now I went with _LIBCPP_ENABLE_NEW_DEBUG_MODE but this definitely could be improved.
  4. How do CMake definitions from this file interact with what's passed from the command line? I'm getting lots of warnings/errors about macros being undefined or redefined, but I'm probably doing the configuration wrong.
46

Do we want lower-level macros like _LIBCPP_ASSERTIONS_ENABLE_CHECK_INVALID_RANGE here?

48

I used the word "feature" here since it's not directly a check, rather it enables a certain behavior. Also, this name is pretty verbose, very open to suggestions on how to shorten it.

libcxx/test/std/containers/views/views.span/span.cons/iterator_sentinel.pass.cpp
117

Looks like this operator wasn't invoked before.

Harbormaster completed remote builds in B240433: Diff 533507.Jun 22 2023, 2:18 AM
ldionne published this revision for review.Jun 22 2023, 10:23 AM

I really like the shape of this. At a high level, here's what I would recommend:

  1. Extract the ABI macro for bounded iterators out of this patch. This will make this patch smaller and also get that out of the way when you try to remove the legacy debug mode.
  2. Introduce the assertions machinery in a separate patch: _LIBCPP_ENABLE_HARDENED_MODE and _LIBCPP_ENABLE_NEW_DEBUG_MODE, but without any of the check macros like _LIBCPP_ASSERTIONS_ENABLE_CHECK_BAD_CONTAINER_ACCESS. Yes, that patch is going to look kinda stupid, but that will allow us to properly consider the interaction between those settings and the existing settings we have.
  3. Then, in a separate patch, let's introduce some (or all) of the _LIBCPP_ASSERTIONS_ENABLE_CHECK_foo checks and plumb them into _LIBCPP_ENABLE_HARDENED_MODE/_LIBCPP_ENABLE_NEW_DEBUG_MODE which will already have been introduced.
libcxx/include/__config
196–198

I would suggest not introducing this macro, at least not for now. Instead, I would rename _LIBCPP_ASSERTIONS_ENABLE_HARDENING_BOUNDED_ITERATORS to _LIBCPP_ABI_BOUNDED_ITERATORS, a normal ABI macro like we have others and I would simply not define it in any configuration by default. In fact, this could be done in a separate patch to simplify this one quite a bit.

Actually if you do that in a separate patch, _LIBCPP_ABI_BOUNDED_ITERATORS could take over _LIBCPP_DEBUG_ITERATOR_BOUNDS_CHECKING.

242

Since this affects both hardening and "debug" checks, I don't think _LIBCPP_ASSERTIONS_ENABLE_HARDENING_ASSERTIONS is the right name. Is this different from _LIBCPP_ENABLE_ASSERTIONS?

Answer: The difference between this macro and _LIBCPP_ENABLE_ASSERTIONS is that the latter also disables some currently-uncategorized assertions.

IMO it's not worth introducing another public knob for this, I think people don't need that much granularity. I can't think of anyone wanting to disable hardening and debug assertions while somehow keeping all the "uncategorized" assertions.

274–276

Suggestion: instead, you could do this outside of the #if block:

#if _LIBCPP_ENABLE_HARDENED_MODE && _LIBCPP_ENABLE_NEW_DEBUG_MODE
# error "Only one of _LIBCPP_ENABLE_HARDENED_MODE and _LIBCPP_ENABLE_NEW_DEBUG_MODE can be defined."
#endif
316

Let's fully qualify everything in macros.

325

I think it's to make this valid to use in an expression. I have a test that _LIBCPP_ASSERT can be used in an expression, and we should have similar tests for new assertion macros being introduced (possibly add to the same test).

libcxx/include/__config_site.in
42

We don't want _ASSERTIONS in the names of the top-level macros, e.g. it should be _LIBCPP_ENABLE_HARDENED_MODE and not _LIBCPP_ASSERTIONS_ENABLE_HARDENED_MODE, right?

I would agree with that.

I'm not 100% happy with the names _LIBCPP_ENABLE_HARDENED_MODE_ABI_BREAK and _LIBCPP_ENABLE_HARDENED_MODE. They look obviously related, but the relationship isn't obvious.

As I suggested, I think we can remove _LIBCPP_ENABLE_HARDENED_MODE_ABI_BREAK entirely, at least for now. This makes the issue moot.

46

I don't think it makes sense for those to be settable at configure time in the __config_site.in. I think I would only define the default value we want for the debug and hardened mode in here. Basically, vendors could decide whether they want a specific build of libc++ to enable the debug/hardened mode by default (users could still override it) by setting it in CMake. For example you might want to do:

#cmakedefine01 _LIBCPP_ENABLE_HARDENED_MODE_DEFAULT
#cmakedefine01 _LIBCPP_ENABLE_DEBUG_MODE_DEFAULT

Those would be set from CMake and would provide the default value to use for _LIBCPP_ENABLE_HARDENED_MODE resp _LIBCPP_ENABLE_DEBUG_MODE inside __config.

libcxx/include/__debug_utils/randomize_range.h
14

To reduce the size of this patch, I would suggest that we "onboard" features into the hardened/debug mode in separate patches. This patch can introduce the basic functionality, but then we can have a separate patch that simply moves _LIBCPP_DEBUG_RANDOMIZE_UNSPECIFIED_STABILITY from the old debug mode into the "new debug mode".

I think doing those piecemeal is going to make this patch much easier to review, but also give us space to consider important things like transitions and temporary backwards compatibility for existing macros.

libcxx/include/span
241

I find this potentially confusing. The name _LIBCPP_ASSERT_CHECK_INVALID_RANGE makes it look as if we're checking that the range is invalid, when we're trying to do the reverse. Should this be called _LIBCPP_ASSERT_CHECK_VALID_RANGE instead (and similarly for other types of checks)?

libcxx/test/std/containers/views/views.span/span.cons/iterator_sentinel.pass.cpp
117

Let's land this as a NFC before this patch. Actually, is there a reason for defining it at all if it's not used?

Herald added a project: Restricted Project. · View Herald TranscriptJun 22 2023, 10:23 AM
Herald added a reviewer: Restricted Project. · View Herald Transcript
Herald added a subscriber: libcxx-commits. · View Herald Transcript
var-const updated this revision to Diff 534755.Jun 26 2023, 2:49 PM
var-const marked 3 inline comments as done.

Addressing feedback wip.

Harbormaster completed remote builds in B241314: Diff 534755.Jun 26 2023, 5:10 PM
var-const updated this revision to Diff 534833.Jun 26 2023, 9:50 PM
var-const marked 3 inline comments as done.

Address more feedback

libcxx/include/__config
242

https://reviews.llvm.org/D153816 (s/_LIBCPP_ASSERT/_LIBCPP_ASSERT_UNCATEGORIZED).

325

Do we need to add those tests considering that we deliberately define the new assertions to expand to _LIBCPP_ASSERT which is already thoroughly tested in this regard?

libcxx/include/span
241

I think it depends on how the reader sees the purpose of the check. I'm looking at it from the perspective of "which condition will cause the assertion to trigger?" (and more broadly, "what kind of bad behavior are we providing guarantees against?"). Or to put it simpler, I'm reading this kinda like "abort if the range is invalid", which I find slightly more natural than "make sure the range is valid and proceed".

I don't feel too strongly about this and can be convinced to change. One argument in favor of "check valid range" is that it follows the semantics of "assert" (which fires if the condition is false, not true).

EDIT: after some thinking, I went ahead with the renaming as suggested in this comment.

libcxx/test/std/containers/views/views.span/span.cons/iterator_sentinel.pass.cpp
117

Done. It's used by some of the hardening checks.

Harbormaster completed remote builds in B241376: Diff 534833.Jun 26 2023, 10:12 PM
var-const updated this revision to Diff 535035.Jun 27 2023, 9:58 AM

Remove commented-out code.

var-const updated this revision to Diff 535041.Jun 27 2023, 10:08 AM
var-const marked an inline comment as done.

BAD_CONTAINER_ACCESS -> VALID_CONTAINER_ACCESS

Harbormaster completed remote builds in B241531: Diff 535041.Jun 27 2023, 10:33 AM
Mordante added a subscriber: Mordante.Jun 27 2023, 10:37 AM

Thanks for working on this!

libcxx/include/__config
88

Would it make sense to try to land the __config split patch first?

206

Is it intended to add all containers in the future?

223

I really dislike names with _NEW_ in it, it tends to get stale at some point. Just like terms as "modern C++" which some people feel is C++11...

I would suggest _LIBCPP_ENABLE_HARDENED_DEBUG_MODE instead. Or would it make sense to do
//#define _LIBCPP_ENABLE_HARDENED_MODE 1 as is
//#define _LIBCPP_ENABLE_HARDENED_MODE 2 the debug mode. This automatically makes them mutually exclusive.

238
244

Can you change them to TODO HARDENING or similar to make grepping them easier.

253

Thanks a lot for the documentation! It really helps to understand what the hardening mode will do.

var-const added inline comments.Jun 27 2023, 10:49 AM
libcxx/include/__config
196–198

Patch for introducing _LIBCPP_ABI_BOUNDED_ITERATORS: https://reviews.llvm.org/D153895

var-const added a comment.Jun 27 2023, 11:08 AM
In D151637#4441919, @ldionne wrote:
  1. Extract the ABI macro for bounded iterators out of this patch. This will make this patch smaller and also get that out of the way when you try to remove the legacy debug mode.

https://reviews.llvm.org/D153895

  1. Introduce the assertions machinery in a separate patch: _LIBCPP_ENABLE_HARDENED_MODE and _LIBCPP_ENABLE_NEW_DEBUG_MODE, but without any of the check macros like _LIBCPP_ASSERTIONS_ENABLE_CHECK_BAD_CONTAINER_ACCESS. Yes, that patch is going to look kinda stupid, but that will allow us to properly consider the interaction between those settings and the existing settings we have.

https://reviews.llvm.org/D153902

  1. Then, in a separate patch, let's introduce some (or all) of the _LIBCPP_ASSERTIONS_ENABLE_CHECK_foo checks and plumb them into _LIBCPP_ENABLE_HARDENED_MODE/_LIBCPP_ENABLE_NEW_DEBUG_MODE which will already have been introduced.

I'll reuse this patch once the other two patches have landed.

libcxx/include/__config
223

My hope is that I can land https://reviews.llvm.org/D153672 first which would allow me to reuse the "obvious" name _LIBCPP_ENABLE_DEBUG_MODE. Otherwise, I like _LIBCPP_ENABLE_HARDENED_DEBUG_MODE -- I wasn't very happy with the "new" name either, so thanks a lot for the suggestion!

Re. using 1 and 2 as levels -- I agree it automatically makes them mutually exclusive which is a good property to have. On the other hand, having named macros is perhaps a little more readable than using numbers to represent each mode -- it's not obvious without reading the documentation what exactly _LIBCPP_ENABLE_HARDENED_MODE 2 means (and whether 2 is the max value or not).

Following @ldionne's feedback, I created a new patch that only adds the configuration macros, without any assertions, and used the name _LIBCPP_ENABLE_HARDENED_DEBUG_MODE there: https://reviews.llvm.org/D153902

var-const mentioned this in D153902: [libc++][hardening][NFC] Add macros to enable hardened mode..Jun 27 2023, 11:09 AM
var-const mentioned this in D153895: [libc++][hardening] Add an ABI macro `_LIBCPP_ABI_BOUNDED_ITERATORS`..
var-const mentioned this in D153816: [libc++][hardening][NFC] Introduce `_LIBCPP_ASSERT_UNCATEGORIZED`..
AdvenamTacet added a subscriber: AdvenamTacet.Aug 2 2023, 10:49 AM
var-const abandoned this revision.Aug 31 2023, 7:08 PM

This patch is no longer relevant -- most of its contents have been merged in other patches.

Revision Contents

PathSize
libcxx/
docs/
DesignDocs/
7 lines
include/
1 line
__algorithm/
4 lines
185 lines
5 lines
4 lines
__debug_utils/
4 lines
59 lines
__iterator/
12 lines
91 lines
6 lines
54 lines
test/
libcxx/
algorithms/
2 lines
2 lines
2 lines
assertions/
hardening/
32 lines
22 lines
32 lines
22 lines
containers/
views/
views.span/
span.cons/
2 lines
2 lines
2 lines
2 lines
span.elem/
2 lines
2 lines
2 lines
span.sub/
2 lines
2 lines
2 lines
std/
containers/
views/
views.span/
span.cons/
2 lines

Diff 535041

libcxx/docs/DesignDocs/UnspecifiedBehaviorRandomization.rst

Show All 29 Lines
For example, as of LLVM version 13, libcxx sorting algorithm takes For example, as of LLVM version 13, libcxx sorting algorithm takes
`O(n^2) worst case <https://llvm.org/PR20837>`_ but according `O(n^2) worst case <https://llvm.org/PR20837>`_ but according
to the standard its worst case should be `O(n log n)`. This effort helps users to the standard its worst case should be `O(n log n)`. This effort helps users
to gradually fix their tests while updating to new faster algorithms. to gradually fix their tests while updating to new faster algorithms.
Design Design
====== ======
* Introduce new macro ``_LIBCPP_DEBUG_RANDOMIZE_UNSPECIFIED_STABILITY`` which should * Introduce new macro
be a part of the libcxx config. ``_LIBCPP_ASSERTIONS_ENABLE_FEATURE_RANDOMIZE_UNSPECIFIED_BEHAVIOR`` which
should be a part of the libcxx config.
* This macro randomizes the unspecified behavior of algorithms and containers. * This macro randomizes the unspecified behavior of algorithms and containers.
For example, for sorting algorithm the input range is shuffled and then For example, for sorting algorithm the input range is shuffled and then
sorted. sorted.
* This macro is off by default because users should enable it only for testing * This macro is off by default because users should enable it only for testing
purposes and/or migrations if they happen to libcxx. purposes and/or migrations if they happen to libcxx.
* This feature is only available for C++11 and further because of * This feature is only available for C++11 and further because of
``std::shuffle`` availability. ``std::shuffle`` availability.
* We may use `ASLR <https://en.wikipedia.org/wiki/Address_space_layout_randomization>`_ or * We may use `ASLR <https://en.wikipedia.org/wiki/Address_space_layout_randomization>`_ or
static ``std::random_device`` for seeding the random number generator. This static ``std::random_device`` for seeding the random number generator. This
guarantees the same stability guarantee within a run but not through different guarantees the same stability guarantee within a run but not through different
runs, for example, for tests become flaky and eventually be seen as broken. runs, for example, for tests become flaky and eventually be seen as broken.
For platforms which do not support ASLR, the seed is fixed during build. For platforms which do not support ASLR, the seed is fixed during build.
* The users can fix the seed of the random number generator by providing * The users can fix the seed of the random number generator by providing
``_LIBCPP_RANDOMIZE_UNSPECIFIED_STABILITY_SEED=seed`` definition. ``_LIBCPP_ASSERTIONS_ENABLE_FEATURE_RANDOMIZE_UNSPECIFIED_BEHAVIOR_SEED=seed`` definition.
This comes with some side effects if any of the flags is on: This comes with some side effects if any of the flags is on:
* Computation penalty, we think users are OK with that if they use this feature. * Computation penalty, we think users are OK with that if they use this feature.
* Non reproducible results if they don't use the fixed seed. * Non reproducible results if they don't use the fixed seed.
Impact Impact
Show All 25 Lines

libcxx/include/CMakeLists.txt

Show First 20 LinesShow All 411 Lines▼ Show 20 Linesset(files
__fwd/pair.h __fwd/pair.h
__fwd/span.h __fwd/span.h
__fwd/sstream.h __fwd/sstream.h
__fwd/streambuf.h __fwd/streambuf.h
__fwd/string.h __fwd/string.h
__fwd/string_view.h __fwd/string_view.h
__fwd/subrange.h __fwd/subrange.h
__fwd/tuple.h __fwd/tuple.h
__hardening
__hash_table __hash_table
__ios/fpos.h __ios/fpos.h
__iterator/access.h __iterator/access.h
__iterator/advance.h __iterator/advance.h
__iterator/back_insert_iterator.h __iterator/back_insert_iterator.h
__iterator/bounded_iter.h __iterator/bounded_iter.h
__iterator/common_iterator.h __iterator/common_iterator.h
__iterator/concepts.h __iterator/concepts.h
▲ Show 20 LinesShow All 609 LinesShow Last 20 Lines

libcxx/include/__algorithm/shuffle.h

Show First 20 LinesShow All 48 Lines▼ Show 20 Linespublic:
static _LIBCPP_HIDE_FROM_ABI _LIBCPP_CONSTEXPR result_type min() { return _Min; } static _LIBCPP_HIDE_FROM_ABI _LIBCPP_CONSTEXPR result_type min() { return _Min; }
static _LIBCPP_HIDE_FROM_ABI _LIBCPP_CONSTEXPR result_type max() { return _Max; } static _LIBCPP_HIDE_FROM_ABI _LIBCPP_CONSTEXPR result_type max() { return _Max; }
private: private:
uint_fast64_t __state_; uint_fast64_t __state_;
uint_fast64_t __inc_; uint_fast64_t __inc_;
_LIBCPP_HIDE_FROM_ABI static uint_fast64_t __seed() { _LIBCPP_HIDE_FROM_ABI static uint_fast64_t __seed() {
#ifdef _LIBCPP_DEBUG_RANDOMIZE_UNSPECIFIED_STABILITY_SEED #ifdef _LIBCPP_ASSERTIONS_ENABLE_FEATURE_RANDOMIZE_UNSPECIFIED_BEHAVIOR_SEED
return _LIBCPP_DEBUG_RANDOMIZE_UNSPECIFIED_STABILITY_SEED; return _LIBCPP_ASSERTIONS_ENABLE_FEATURE_RANDOMIZE_UNSPECIFIED_BEHAVIOR_SEED;
#else #else
static char __x; static char __x;
return reinterpret_cast<uintptr_t>(&__x); return reinterpret_cast<uintptr_t>(&__x);
#endif #endif
} }
}; };
#if _LIBCPP_STD_VER <= 14 || defined(_LIBCPP_ENABLE_CXX17_REMOVED_RANDOM_SHUFFLE) \ #if _LIBCPP_STD_VER <= 14 || defined(_LIBCPP_ENABLE_CXX17_REMOVED_RANDOM_SHUFFLE) \
▲ Show 20 LinesShow All 109 LinesShow Last 20 Lines

libcxx/include/__config

Show First 20 LinesShow All 78 Lines▼ Show 20 Lines
# elif defined(__wasm__) # elif defined(__wasm__)
# define _LIBCPP_OBJECT_FORMAT_WASM 1 # define _LIBCPP_OBJECT_FORMAT_WASM 1
# elif defined(_AIX) # elif defined(_AIX)
# define _LIBCPP_OBJECT_FORMAT_XCOFF 1 # define _LIBCPP_OBJECT_FORMAT_XCOFF 1
# else # else
// ... add new file formats here ... // ... add new file formats here ...
# endif # endif
// ABI {
var-constAuthorUnsubmitted
Done
ReplyInline Actions

These are leftovers from testing, but I'm keeping them for now as useful reminders.

var-const: These are leftovers from testing, but I'm keeping them for now as useful reminders.
MordanteUnsubmitted
Not Done
ReplyInline Actions

Would it make sense to try to land the __config split patch first?

Mordante: Would it make sense to try to land the `__config` split patch first?
# if _LIBCPP_ABI_VERSION >= 2 # if _LIBCPP_ABI_VERSION >= 2
// Change short string representation so that string data starts at offset 0, // Change short string representation so that string data starts at offset 0,
// improving its alignment in some cases. // improving its alignment in some cases.
# define _LIBCPP_ABI_ALTERNATE_STRING_LAYOUT # define _LIBCPP_ABI_ALTERNATE_STRING_LAYOUT
var-constAuthorUnsubmitted
Done
ReplyInline Actions

Note to self: this prevents a compiler warning/error.

var-const: Note to self: this prevents a compiler warning/error.
// Fix deque iterator type in order to support incomplete types. // Fix deque iterator type in order to support incomplete types.
# define _LIBCPP_ABI_INCOMPLETE_TYPES_IN_DEQUE # define _LIBCPP_ABI_INCOMPLETE_TYPES_IN_DEQUE
// Fix undefined behavior in how std::list stores its linked nodes. // Fix undefined behavior in how std::list stores its linked nodes.
# define _LIBCPP_ABI_LIST_REMOVE_NODE_POINTER_UB # define _LIBCPP_ABI_LIST_REMOVE_NODE_POINTER_UB
// Fix undefined behavior in how __tree stores its end and parent nodes. // Fix undefined behavior in how __tree stores its end and parent nodes.
# define _LIBCPP_ABI_TREE_REMOVE_NODE_POINTER_UB # define _LIBCPP_ABI_TREE_REMOVE_NODE_POINTER_UB
// Fix undefined behavior in how __hash_table stores its pointer types. // Fix undefined behavior in how __hash_table stores its pointer types.
# define _LIBCPP_ABI_FIX_UNORDERED_NODE_POINTER_UB # define _LIBCPP_ABI_FIX_UNORDERED_NODE_POINTER_UB
▲ Show 20 LinesShow All 85 Lines▼ Show 20 Lines
# define _LIBCPP_ABI_ENABLE_ADDITIONAL_IOSTREAM_EXPLICIT_INSTANTIATIONS_1 # define _LIBCPP_ABI_ENABLE_ADDITIONAL_IOSTREAM_EXPLICIT_INSTANTIATIONS_1
// Define a key function for `bad_function_call` in the library, to centralize // Define a key function for `bad_function_call` in the library, to centralize
// its vtable and typeinfo to libc++ rather than having all other libraries // its vtable and typeinfo to libc++ rather than having all other libraries
// using that class define their own copies. // using that class define their own copies.
# define _LIBCPP_ABI_BAD_FUNCTION_CALL_KEY_FUNCTION # define _LIBCPP_ABI_BAD_FUNCTION_CALL_KEY_FUNCTION
# endif # endif
// Changes the iterator type of select containers (see below) to a bounded iterator that:
// - keeps track of which container it refers to;
// - keeps track of whether it's valid or not and asserts validity on every dereference;
// - allows enabling the check that a given range is valid (sentinel is reachable from the begin iterator, etc.) in
// constant time.
ldionneUnsubmitted
Done
ReplyInline Actions

I would suggest not introducing this macro, at least not for now. Instead, I would rename _LIBCPP_ASSERTIONS_ENABLE_HARDENING_BOUNDED_ITERATORS to _LIBCPP_ABI_BOUNDED_ITERATORS, a normal ABI macro like we have others and I would simply not define it in any configuration by default. In fact, this could be done in a separate patch to simplify this one quite a bit.

Actually if you do that in a separate patch, _LIBCPP_ABI_BOUNDED_ITERATORS could take over _LIBCPP_DEBUG_ITERATOR_BOUNDS_CHECKING.

ldionne: I would suggest not introducing this macro, at least not for now. Instead, I would rename…
var-constAuthorUnsubmitted
Done
ReplyInline Actions

Patch for introducing _LIBCPP_ABI_BOUNDED_ITERATORS: https://reviews.llvm.org/D153895

var-const: Patch for introducing `_LIBCPP_ABI_BOUNDED_ITERATORS`: https://reviews.llvm.org/D153895
//
// ABI impact: increases the size and changes the layout of containers (to store additional information that is used by
// bounded iterators), changes the return type of container functions that return iterators.
//
// Supported containers:
// - `span`;
// - `string_view`;
// - `array`.
MordanteUnsubmitted
Not Done
ReplyInline Actions

Is it intended to add all containers in the future?

Mordante: Is it intended to add all containers in the future?
// #define _LIBCPP_ABI_BOUNDED_ITERATORS
// } ABI
// HARDENING {
// Enables the hardened mode which consists of all checks intended to be used in production. Hardened mode prioritizes
// security-critical checks that can be done with relatively little overhead in constant time. Mutually exclusive with
// `_LIBCPP_ENABLE_NEW_DEBUG_MODE`.
//
//#define _LIBCPP_ENABLE_HARDENED_MODE 1
// Enables the debug mode which contains all the checks from the hardened mode and additionally more expensive checks
// that may affect the complexity of algorithms. The debug mode is intended to be used for testing, not in production.
// Mutually exclusive with `_LIBCPP_ENABLE_HARDENED_MODE`.
//
//#define _LIBCPP_ENABLE_NEW_DEBUG_MODE 1
MordanteUnsubmitted
Not Done
ReplyInline Actions

I really dislike names with _NEW_ in it, it tends to get stale at some point. Just like terms as "modern C++" which some people feel is C++11...

I would suggest _LIBCPP_ENABLE_HARDENED_DEBUG_MODE instead. Or would it make sense to do
//#define _LIBCPP_ENABLE_HARDENED_MODE 1 as is
//#define _LIBCPP_ENABLE_HARDENED_MODE 2 the debug mode. This automatically makes them mutually exclusive.

Mordante: I really dislike names with _NEW_ in it, it tends to get stale at some point. Just like terms…
var-constAuthorUnsubmitted
Done
ReplyInline Actions

My hope is that I can land https://reviews.llvm.org/D153672 first which would allow me to reuse the "obvious" name _LIBCPP_ENABLE_DEBUG_MODE. Otherwise, I like _LIBCPP_ENABLE_HARDENED_DEBUG_MODE -- I wasn't very happy with the "new" name either, so thanks a lot for the suggestion!

Re. using 1 and 2 as levels -- I agree it automatically makes them mutually exclusive which is a good property to have. On the other hand, having named macros is perhaps a little more readable than using numbers to represent each mode -- it's not obvious without reading the documentation what exactly _LIBCPP_ENABLE_HARDENED_MODE 2 means (and whether 2 is the max value or not).

Following @ldionne's feedback, I created a new patch that only adds the configuration macros, without any assertions, and used the name _LIBCPP_ENABLE_HARDENED_DEBUG_MODE there: https://reviews.llvm.org/D153902

var-const: My hope is that I can land https://reviews.llvm.org/D153672 first which would allow me to reuse…
// Available checks:
// Checks that ranges (whether expressed as an iterator pair, an iterator and a count, or a `std::range`) given as
// input to library functions are valid:
// - both iterators refer to the same container;
// - the sentinel is reachable from the begin iterator;
// - where applicable, the input range and the output range do not overlap.
//
// The level of support depends on whether bounded iterators are enabled in the ABI. If bounded iterators are not
// enabled, the library falls back to more basic checks.
//
// #define _LIBCPP_ASSERTIONS_ENABLE_CHECK_VALID_RANGE 1
// Checks any calls into a container that attempt to access a non-existent element. Types like `optional` and `function`
MordanteUnsubmitted
Not Done
ReplyInline Actions
// #define _LIBCPP_ASSERTIONS_ENABLE_CHECK_VALID_RANGE 1
- // Checks any calls into a container that attempt to access a non-existent element. Types like `optional` and `function`
+ // Checks any calls into a container that attempts to access a non-existent element. Types like `optional` and `function`
// are considered one-element containers for the purposes of this check. This check only applies to member functions of
Mordante:
// are considered one-element containers for the purposes of this check. This check only applies to member functions of
// containers, not any access made purely via iterators.
//
// #define _LIBCPP_ASSERTIONS_ENABLE_CHECK_VALID_CONTAINER_ACCESS 1
ldionneUnsubmitted
Done
ReplyInline Actions

Since this affects both hardening and "debug" checks, I don't think _LIBCPP_ASSERTIONS_ENABLE_HARDENING_ASSERTIONS is the right name. Is this different from _LIBCPP_ENABLE_ASSERTIONS?

Answer: The difference between this macro and _LIBCPP_ENABLE_ASSERTIONS is that the latter also disables some currently-uncategorized assertions.

IMO it's not worth introducing another public knob for this, I think people don't need that much granularity. I can't think of anyone wanting to disable hardening and debug assertions while somehow keeping all the "uncategorized" assertions.

ldionne: Since this affects both hardening and "debug" checks, I don't think…
var-constAuthorUnsubmitted
Done
ReplyInline Actions

https://reviews.llvm.org/D153816 (s/_LIBCPP_ASSERT/_LIBCPP_ASSERT_UNCATEGORIZED).

var-const: https://reviews.llvm.org/D153816 (`s/_LIBCPP_ASSERT/_LIBCPP_ASSERT_UNCATEGORIZED`).
// TODO:
MordanteUnsubmitted
Not Done
ReplyInline Actions

Can you change them to TODO HARDENING or similar to make grepping them easier.

Mordante: Can you change them to `TODO HARDENING` or similar to make grepping them easier.
// See docs/DesignDocs/UnspecifiedBehaviorRandomization.rst
//
// #define _LIBCPP_ASSERTIONS_ENABLE_FEATURE_RANDOMIZE_UNSPECIFIED_BEHAVIOR 1
// TODO:
// Checks whether the given input satisfies some algorithm-specific criteria (such as being sorted, heapified or
// partitioned).
//
// #define _LIBCPP_ASSERTIONS_ENABLE_CHECK_UNSORTED_ETC_INPUT 1
MordanteUnsubmitted
Not Done
ReplyInline Actions

Thanks a lot for the documentation! It really helps to understand what the hardening mode will do.

Mordante: Thanks a lot for the documentation! It really helps to understand what the hardening mode will…
#ifndef _LIBCPP_ENABLE_HARDENED_MODE
# define _LIBCPP_ENABLE_HARDENED_MODE _LIBCPP_ENABLE_HARDENED_MODE_DEFAULT
#endif
#if _LIBCPP_ENABLE_HARDENED_MODE != 0 && _LIBCPP_ENABLE_HARDENED_MODE != 1
# error "_LIBCPP_ENABLE_HARDENED_MODE must be set to 0 or 1."
#endif
#ifndef _LIBCPP_ENABLE_NEW_DEBUG_MODE
# define _LIBCPP_ENABLE_NEW_DEBUG_MODE _LIBCPP_ENABLE_NEW_DEBUG_MODE_DEFAULT
#endif
#if _LIBCPP_ENABLE_NEW_DEBUG_MODE != 0 && _LIBCPP_ENABLE_NEW_DEBUG_MODE != 1
# error "_LIBCPP_ENABLE_NEW_DEBUG_MODE must be set to 0 or 1."
#endif
#if _LIBCPP_ENABLE_HARDENED_MODE && _LIBCPP_ENABLE_NEW_DEBUG_MODE
# error "Only one of _LIBCPP_ENABLE_HARDENED_MODE and _LIBCPP_ENABLE_NEW_DEBUG_MODE can be defined."
#endif
// Hardened mode checks.
#if _LIBCPP_ENABLE_HARDENED_MODE
// Automatically enable assertions in hardened mode (unless the user explicitly turned them off).
ldionneUnsubmitted
Done
ReplyInline Actions

Suggestion: instead, you could do this outside of the #if block:

#if _LIBCPP_ENABLE_HARDENED_MODE && _LIBCPP_ENABLE_NEW_DEBUG_MODE
# error "Only one of _LIBCPP_ENABLE_HARDENED_MODE and _LIBCPP_ENABLE_NEW_DEBUG_MODE can be defined."
#endif
ldionne: Suggestion: instead, you could do this outside of the `#if` block: ``` #if…
# ifndef _LIBCPP_ENABLE_ASSERTIONS
# define _LIBCPP_ENABLE_ASSERTIONS 1
# endif
# define _LIBCPP_ASSERTIONS_ENABLE_CHECK_VALID_RANGE 1
# define _LIBCPP_ASSERTIONS_ENABLE_CHECK_VALID_CONTAINER_ACCESS 1
# define _LIBCPP_ASSERTIONS_ENABLE_FEATURE_RANDOMIZE_UNSPECIFIED_BEHAVIOR 0
//# define _LIBCPP_ASSERTIONS_ENABLE_CHECK_UNSORTED_ETC_INPUT 0
// TODO: more checks to be added here...
var-constAuthorUnsubmitted
Done
ReplyInline Actions

IIUC, the current state where _LIBCPP_ENABLE_NEW_DEBUG_MODE automatically enables _LIBCPP_ASSERTIONS_ENABLE_HARDENING_ASSERTIONS doesn't quite work because then the user cannot use _LIBCPP_ASSERTIONS_ENABLE_HARDENING_ASSERTIONS to override the current hardening mode, right? If so, does that mean that the user has to define both e.g. _LIBCPP_ASSERTIONS_ENABLE_HARDENING_ASSERTIONS and _LIBCPP_ENABLE_NEW_DEBUG_MODE?

var-const: IIUC, the current state where `_LIBCPP_ENABLE_NEW_DEBUG_MODE` automatically enables…
// Debug mode checks.
#elif _LIBCPP_ENABLE_NEW_DEBUG_MODE
// Automatically enable assertions in debug mode (unless the user explicitly turned them off).
# ifndef _LIBCPP_ENABLE_ASSERTIONS
# define _LIBCPP_ENABLE_ASSERTIONS 1
# endif
// Always enable ABI-breaking checks in debug mode since it's not intended to be ABI-stable.
#if !defined(_LIBCPP_ABI_BOUNDED_ITERATORS)
# define _LIBCPP_ABI_BOUNDED_ITERATORS
#endif
# define _LIBCPP_ASSERTIONS_ENABLE_CHECK_VALID_RANGE 1
# define _LIBCPP_ASSERTIONS_ENABLE_CHECK_VALID_CONTAINER_ACCESS 1
# define _LIBCPP_ASSERTIONS_ENABLE_FEATURE_RANDOMIZE_UNSPECIFIED_BEHAVIOR 1
//# define _LIBCPP_ASSERTIONS_ENABLE_CHECK_UNSORTED_ETC_INPUT 1
// TODO: more checks to be added here...
// Disable all checks if neither the hardened mode nor the debug mode is enabled.
#else
# ifndef _LIBCPP_ASSERTIONS_ENABLE_CHECK_VALID_RANGE
# define _LIBCPP_ASSERTIONS_ENABLE_CHECK_VALID_RANGE 0
# endif
# ifndef _LIBCPP_ASSERTIONS_ENABLE_CHECK_VALID_CONTAINER_ACCESS
# define _LIBCPP_ASSERTIONS_ENABLE_CHECK_VALID_CONTAINER_ACCESS 0
# endif
# ifndef _LIBCPP_ASSERTIONS_ENABLE_FEATURE_RANDOMIZE_UNSPECIFIED_BEHAVIOR
# define _LIBCPP_ASSERTIONS_ENABLE_FEATURE_RANDOMIZE_UNSPECIFIED_BEHAVIOR 0
ldionneUnsubmitted
Done
ReplyInline Actions
# define _LIBCPP_ASSERT_CHECK_INVALID_RANGE2(range, message) \
- _LIBCPP_HARDENING_ASSERT(__hardening::_CheckInvalidRange(range), message)
+ _LIBCPP_HARDENING_ASSERT(::std::__hardening::_CheckInvalidRange(range), message)
# define _LIBCPP_ASSERT_CHECK_INVALID_RANGE3(first, last, message) \

Let's fully qualify everything in macros.

ldionne: Let's fully qualify everything in macros.
# endif
//# ifndef _LIBCPP_ASSERTIONS_ENABLE_CHECK_UNSORTED_ETC_INPUT
//# define _LIBCPP_ASSERTIONS_ENABLE_CHECK_UNSORTED_ETC_INPUT 0
//# endif
// TODO: more checks to be added here...
#endif
// The assertions machinery.
var-constAuthorUnsubmitted
Done
ReplyInline Actions

I copied this from existing macros. Is there a reason to prefer this form to just /*nothing*/?

var-const: I copied this from existing macros. Is there a reason to prefer this form to just `/*nothing*/`?
ldionneUnsubmitted
Not Done
ReplyInline Actions

I think it's to make this valid to use in an expression. I have a test that _LIBCPP_ASSERT can be used in an expression, and we should have similar tests for new assertion macros being introduced (possibly add to the same test).

ldionne: I think it's to make this valid to use in an expression. I have a test that `_LIBCPP_ASSERT`…
var-constAuthorUnsubmitted
Done
ReplyInline Actions

Do we need to add those tests considering that we deliberately define the new assertions to expand to _LIBCPP_ASSERT which is already thoroughly tested in this regard?

var-const: Do we need to add those tests considering that we deliberately define the new assertions to…
// Emulates overloaded functions for macros by delegating from a macro taking variadic arguments to one of the few other
// macros taking a certain number of arguments. Expects to be called from the variadic macro:
//
// _LIBCPP_OVERLOADED_MACRO(__VA_ARGS_, MACRO_TAKING_3_ARGS, MACRO_TAKING_2_ARGS, MACRO_TAKING_1_ARG)
//
// This will expand to `MACRO_TAKING_3_ARGS` if `__VA_ARGS__` expands to 3 arguments, `MACRO_TAKING_2_ARGS` if
// `__VA_ARGS__` expands to 2 arguments, and so on. This technique can be easily extended to any number of arguments.
#define _LIBCPP_OVERLOADED_MACRO(_ARG1, _ARG2, _ARG3, _SELECTED_OVERLOAD, ...) _SELECTED_OVERLOAD
// Definitions of different categories of assertions.
#if _LIBCPP_ASSERTIONS_ENABLE_CHECK_VALID_RANGE
# define _LIBCPP_ASSERT_CHECK_VALID_RANGE2(range, message) \
_LIBCPP_ASSERT(::std::__hardening::_CheckValidRange(range), message)
# define _LIBCPP_ASSERT_CHECK_VALID_RANGE3(first, last, message) \
_LIBCPP_ASSERT(::std::__hardening::_CheckValidRange(first, last), message)
# define _LIBCPP_ASSERT_CHECK_VALID_RANGE(...) _LIBCPP_OVERLOADED_MACRO(__VA_ARGS__, \
_LIBCPP_ASSERT_CHECK_VALID_RANGE3, _LIBCPP_ASSERT_CHECK_VALID_RANGE2)(__VA_ARGS__);
// TODO: _LIBCPP_ASSERT_CHECK_NONOVERLAPPING_RANGES(range1, range2, message);
#else
# define _LIBCPP_ASSERT_CHECK_VALID_RANGE(...) ((void)0)
#endif // _LIBCPP_ASSERTIONS_ENABLE_CHECK_VALID_RANGE
#if _LIBCPP_ASSERTIONS_ENABLE_CHECK_VALID_CONTAINER_ACCESS
# define _LIBCPP_ASSERT_CHECK_VALID_CONTAINER_ACCESS(condition, message) \
_LIBCPP_ASSERT(condition, message);
#else
# define _LIBCPP_ASSERT_CHECK_VALID_CONTAINER_ACCESS(condition, message) ((void)0)
#endif // _LIBCPP_ASSERTIONS_ENABLE_CHECK_VALID_CONTAINER_ACCESS
// TODO:
// _LIBCPP_ASSERT_CHECK_NONFOREIGN_ITERATOR(container, iter, message);
// TODO: remove when debug mode is removed.
#ifdef _LIBCPP_DEBUG_RANDOMIZE_UNSPECIFIED_STABILITY
# define _LIBCPP_ASSERTIONS_ENABLE_FEATURE_RANDOMIZE_UNSPECIFIED_BEHAVIOR 1
# warning "This is deprecated, use _LIBCPP_ASSERTIONS_ENABLE_FEATURE_RANDOMIZE_UNSPECIFIED_BEHAVIOR"
#endif
#ifdef _LIBCPP_DEBUG_RANDOMIZE_UNSPECIFIED_STABILITY_SEED
# define _LIBCPP_ASSERTIONS_ENABLE_FEATURE_RANDOMIZE_UNSPECIFIED_BEHAVIOR_SEED \
_LIBCPP_DEBUG_RANDOMIZE_UNSPECIFIED_STABILITY_SEED
# warning "This is deprecated, use _LIBCPP_ASSERTIONS_ENABLE_FEATURE_RANDOMIZE_UNSPECIFIED_BEHAVIOR_SEED"
#endif
// } HARDENING
# define _LIBCPP_TOSTRING2(x) #x # define _LIBCPP_TOSTRING2(x) #x
# define _LIBCPP_TOSTRING(x) _LIBCPP_TOSTRING2(x) # define _LIBCPP_TOSTRING(x) _LIBCPP_TOSTRING2(x)
// NOLINTNEXTLINE(libcpp-cpp-version-check) // NOLINTNEXTLINE(libcpp-cpp-version-check)
# if __cplusplus < 201103L # if __cplusplus < 201103L
# define _LIBCPP_CXX03_LANG # define _LIBCPP_CXX03_LANG
# endif # endif
▲ Show 20 LinesShow All 1,124 LinesShow Last 20 Lines

libcxx/include/__config_site.in

Show All 25 Lines
#cmakedefine _LIBCPP_TYPEINFO_COMPARISON_IMPLEMENTATION @_LIBCPP_TYPEINFO_COMPARISON_IMPLEMENTATION@ #cmakedefine _LIBCPP_TYPEINFO_COMPARISON_IMPLEMENTATION @_LIBCPP_TYPEINFO_COMPARISON_IMPLEMENTATION@
#cmakedefine _LIBCPP_HAS_NO_FILESYSTEM_LIBRARY #cmakedefine _LIBCPP_HAS_NO_FILESYSTEM_LIBRARY
#cmakedefine _LIBCPP_HAS_NO_RANDOM_DEVICE #cmakedefine _LIBCPP_HAS_NO_RANDOM_DEVICE
#cmakedefine _LIBCPP_HAS_NO_LOCALIZATION #cmakedefine _LIBCPP_HAS_NO_LOCALIZATION
#cmakedefine _LIBCPP_HAS_NO_FSTREAM #cmakedefine _LIBCPP_HAS_NO_FSTREAM
#cmakedefine _LIBCPP_HAS_NO_WIDE_CHARACTERS #cmakedefine _LIBCPP_HAS_NO_WIDE_CHARACTERS
#cmakedefine01 _LIBCPP_ENABLE_ASSERTIONS_DEFAULT #cmakedefine01 _LIBCPP_ENABLE_ASSERTIONS_DEFAULT
#cmakedefine _LIBCPP_ENABLE_DEBUG_MODE #cmakedefine _LIBCPP_ENABLE_DEBUG_MODE
#cmakedefine _LIBCPP_ABI_BOUNDED_ITERATORS
// PSTL backends // PSTL backends
#cmakedefine _LIBCPP_PSTL_CPU_BACKEND_SERIAL #cmakedefine _LIBCPP_PSTL_CPU_BACKEND_SERIAL
#cmakedefine _LIBCPP_PSTL_CPU_BACKEND_THREAD #cmakedefine _LIBCPP_PSTL_CPU_BACKEND_THREAD
// Hardening.
#cmakedefine01 _LIBCPP_ENABLE_HARDENED_MODE_DEFAULT
#cmakedefine01 _LIBCPP_ENABLE_NEW_DEBUG_MODE_DEFAULT
var-constAuthorUnsubmitted
Done
ReplyInline Actions

Some notes and questions:

  1. We don't want _ASSERTIONS in the names of the top-level macros, e.g. it should be _LIBCPP_ENABLE_HARDENED_MODE and not _LIBCPP_ASSERTIONS_ENABLE_HARDENED_MODE, right? What about _LIBCPP_ASSERTIONS_ENABLE_HARDENING_ASSERTIONS?
  2. I'm not 100% happy with the names _LIBCPP_ENABLE_HARDENED_MODE_ABI_BREAK and _LIBCPP_ENABLE_HARDENED_MODE. They look obviously related, but the relationship isn't obvious.
  3. For now I went with _LIBCPP_ENABLE_NEW_DEBUG_MODE but this definitely could be improved.
  4. How do CMake definitions from this file interact with what's passed from the command line? I'm getting lots of warnings/errors about macros being undefined or redefined, but I'm probably doing the configuration wrong.
var-const: Some notes and questions: 1. We don't want `_ASSERTIONS` in the names of the top-level macros…
ldionneUnsubmitted
Done
ReplyInline Actions

We don't want _ASSERTIONS in the names of the top-level macros, e.g. it should be _LIBCPP_ENABLE_HARDENED_MODE and not _LIBCPP_ASSERTIONS_ENABLE_HARDENED_MODE, right?

I would agree with that.

I'm not 100% happy with the names _LIBCPP_ENABLE_HARDENED_MODE_ABI_BREAK and _LIBCPP_ENABLE_HARDENED_MODE. They look obviously related, but the relationship isn't obvious.

As I suggested, I think we can remove _LIBCPP_ENABLE_HARDENED_MODE_ABI_BREAK entirely, at least for now. This makes the issue moot.

ldionne: > We don't want _ASSERTIONS in the names of the top-level macros, e.g. it should be…
// __USE_MINGW_ANSI_STDIO gets redefined on MinGW // __USE_MINGW_ANSI_STDIO gets redefined on MinGW
#ifdef __clang__ #ifdef __clang__
# pragma clang diagnostic push # pragma clang diagnostic push
var-constAuthorUnsubmitted
Done
ReplyInline Actions

Do we want lower-level macros like _LIBCPP_ASSERTIONS_ENABLE_CHECK_INVALID_RANGE here?

var-const: Do we want lower-level macros like `_LIBCPP_ASSERTIONS_ENABLE_CHECK_INVALID_RANGE` here?
ldionneUnsubmitted
Done
ReplyInline Actions

I don't think it makes sense for those to be settable at configure time in the __config_site.in. I think I would only define the default value we want for the debug and hardened mode in here. Basically, vendors could decide whether they want a specific build of libc++ to enable the debug/hardened mode by default (users could still override it) by setting it in CMake. For example you might want to do:

#cmakedefine01 _LIBCPP_ENABLE_HARDENED_MODE_DEFAULT
#cmakedefine01 _LIBCPP_ENABLE_DEBUG_MODE_DEFAULT

Those would be set from CMake and would provide the default value to use for _LIBCPP_ENABLE_HARDENED_MODE resp _LIBCPP_ENABLE_DEBUG_MODE inside __config.

ldionne: I don't think it makes sense for those to be settable at configure time in the `__config_site.
# pragma clang diagnostic ignored "-Wmacro-redefined" # pragma clang diagnostic ignored "-Wmacro-redefined"
#endif #endif
var-constAuthorUnsubmitted
Done
ReplyInline Actions

I used the word "feature" here since it's not directly a check, rather it enables a certain behavior. Also, this name is pretty verbose, very open to suggestions on how to shorten it.

var-const: I used the word "feature" here since it's not directly a check, rather it enables a certain…
@_LIBCPP_ABI_DEFINES@ @_LIBCPP_ABI_DEFINES@
@_LIBCPP_EXTRA_SITE_DEFINES@ @_LIBCPP_EXTRA_SITE_DEFINES@
#ifdef __clang__ #ifdef __clang__
# pragma clang diagnostic pop # pragma clang diagnostic pop
#endif #endif
#endif // _LIBCPP___CONFIG_SITE #endif // _LIBCPP___CONFIG_SITE

libcxx/include/__debug

Show All 17 Lines
#if !defined(_LIBCPP_HAS_NO_PRAGMA_SYSTEM_HEADER) #if !defined(_LIBCPP_HAS_NO_PRAGMA_SYSTEM_HEADER)
# pragma GCC system_header # pragma GCC system_header
#endif #endif
#if defined(_LIBCPP_ENABLE_DEBUG_MODE) && !defined(_LIBCPP_CXX03_LANG) && !defined(_LIBCPP_DEBUG_RANDOMIZE_UNSPECIFIED_STABILITY) #if defined(_LIBCPP_ENABLE_DEBUG_MODE) && !defined(_LIBCPP_CXX03_LANG) && !defined(_LIBCPP_DEBUG_RANDOMIZE_UNSPECIFIED_STABILITY)
# define _LIBCPP_DEBUG_RANDOMIZE_UNSPECIFIED_STABILITY # define _LIBCPP_DEBUG_RANDOMIZE_UNSPECIFIED_STABILITY
#endif #endif
#if defined(_LIBCPP_ENABLE_DEBUG_MODE) && !defined(_LIBCPP_DEBUG_ITERATOR_BOUNDS_CHECKING) #if defined(_LIBCPP_ENABLE_DEBUG_MODE) && !defined(_LIBCPP_ABI_BOUNDED_ITERATORS)
# define _LIBCPP_DEBUG_ITERATOR_BOUNDS_CHECKING # define _LIBCPP_ABI_BOUNDED_ITERATORS
#endif #endif
#ifdef _LIBCPP_ENABLE_DEBUG_MODE #ifdef _LIBCPP_ENABLE_DEBUG_MODE
# define _LIBCPP_DEBUG_ASSERT(x, m) _LIBCPP_ASSERT(::std::__libcpp_is_constant_evaluated() || (x), m) # define _LIBCPP_DEBUG_ASSERT(x, m) _LIBCPP_ASSERT(::std::__libcpp_is_constant_evaluated() || (x), m)
#else #else
# define _LIBCPP_DEBUG_ASSERT(x, m) ((void)0) # define _LIBCPP_DEBUG_ASSERT(x, m) ((void)0)
#endif #endif
▲ Show 20 LinesShow All 231 LinesShow Last 20 Lines

libcxx/include/__debug_utils/randomize_range.h

//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// //
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
// See https://llvm.org/LICENSE.txt for license information. // See https://llvm.org/LICENSE.txt for license information.
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
// //
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
#ifndef _LIBCPP___LIBCXX_DEBUG_RANDOMIZE_RANGE_H #ifndef _LIBCPP___LIBCXX_DEBUG_RANDOMIZE_RANGE_H
#define _LIBCPP___LIBCXX_DEBUG_RANDOMIZE_RANGE_H #define _LIBCPP___LIBCXX_DEBUG_RANDOMIZE_RANGE_H
#include <__config> #include <__config>
#ifdef _LIBCPP_DEBUG_RANDOMIZE_UNSPECIFIED_STABILITY #if _LIBCPP_ASSERTIONS_ENABLE_FEATURE_RANDOMIZE_UNSPECIFIED_BEHAVIOR
ldionneUnsubmitted
Not Done
ReplyInline Actions

To reduce the size of this patch, I would suggest that we "onboard" features into the hardened/debug mode in separate patches. This patch can introduce the basic functionality, but then we can have a separate patch that simply moves _LIBCPP_DEBUG_RANDOMIZE_UNSPECIFIED_STABILITY from the old debug mode into the "new debug mode".

I think doing those piecemeal is going to make this patch much easier to review, but also give us space to consider important things like transitions and temporary backwards compatibility for existing macros.

ldionne: To reduce the size of this patch, I would suggest that we "onboard" features into the…
# include <__algorithm/shuffle.h> # include <__algorithm/shuffle.h>
# include <__type_traits/is_constant_evaluated.h> # include <__type_traits/is_constant_evaluated.h>
#endif #endif
#if !defined(_LIBCPP_HAS_NO_PRAGMA_SYSTEM_HEADER) #if !defined(_LIBCPP_HAS_NO_PRAGMA_SYSTEM_HEADER)
# pragma GCC system_header # pragma GCC system_header
#endif #endif
_LIBCPP_BEGIN_NAMESPACE_STD _LIBCPP_BEGIN_NAMESPACE_STD
template <class _AlgPolicy, class _Iterator, class _Sentinel> template <class _AlgPolicy, class _Iterator, class _Sentinel>
_LIBCPP_HIDE_FROM_ABI _LIBCPP_CONSTEXPR_SINCE_CXX14 _LIBCPP_HIDE_FROM_ABI _LIBCPP_CONSTEXPR_SINCE_CXX14
void __debug_randomize_range(_Iterator __first, _Sentinel __last) { void __debug_randomize_range(_Iterator __first, _Sentinel __last) {
#ifdef _LIBCPP_DEBUG_RANDOMIZE_UNSPECIFIED_STABILITY #if _LIBCPP_ASSERTIONS_ENABLE_FEATURE_RANDOMIZE_UNSPECIFIED_BEHAVIOR
# ifdef _LIBCPP_CXX03_LANG # ifdef _LIBCPP_CXX03_LANG
# error Support for unspecified stability is only for C++11 and higher # error Support for unspecified stability is only for C++11 and higher
# endif # endif
if (!__libcpp_is_constant_evaluated()) if (!__libcpp_is_constant_evaluated())
std::__shuffle<_AlgPolicy>(__first, __last, __libcpp_debug_randomizer()); std::__shuffle<_AlgPolicy>(__first, __last, __libcpp_debug_randomizer());
#else #else
(void)__first; (void)__first;
(void)__last; (void)__last;
#endif #endif
} }
_LIBCPP_END_NAMESPACE_STD _LIBCPP_END_NAMESPACE_STD
#endif // _LIBCPP___LIBCXX_DEBUG_RANDOMIZE_RANGE_H #endif // _LIBCPP___LIBCXX_DEBUG_RANDOMIZE_RANGE_H

libcxx/include/__hardening

  • This file was added.
// -*- C++ -*-
//===----------------------------------------------------------------------===//
//
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
// See https://llvm.org/LICENSE.txt for license information.
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
//
//===----------------------------------------------------------------------===//
#ifndef _LIBCPP___HARDENING
#define _LIBCPP___HARDENING
#include <__config>
#include <__ranges/access.h>
#include <__ranges/concepts.h>
#include <__utility/forward.h>
#if !defined(_LIBCPP_HAS_NO_PRAGMA_SYSTEM_HEADER)
# pragma GCC system_header
#endif
_LIBCPP_BEGIN_NAMESPACE_STD
// TODO: specialization for random access iterators.
template <class _Iter>
struct __hardening_traits {
_LIBCPP_HIDE_FROM_ABI
static constexpr bool __refer_to_same_range(const _Iter&, const _Iter&) {
// In the general case we can't check whether two arbitrary iterators refer to the same range.
return true;
}
};
namespace __hardening {
template <class _Iter>
_LIBCPP_HIDE_FROM_ABI
constexpr bool _CheckValidRange(_Iter __first, _Iter __last) {
return __hardening_traits<_Iter>::__refer_to_same_range(__first, __last) && __first <= __last;
}
template <class _Iter, class _SizeT>
_LIBCPP_HIDE_FROM_ABI
constexpr bool _CheckValidRange(const _Iter&, _SizeT) {
return true;
}
template <std::ranges::range _Range>
_LIBCPP_HIDE_FROM_ABI
constexpr bool _CheckValidRange(_Range&& __range) {
return __hardening::_CheckValidRange(
ranges::begin(std::forward<_Range>(__range)), ranges::end(std::forward<_Range>(__range)));
}
} // __hardening
_LIBCPP_END_NAMESPACE_STD
#endif // _LIBCPP___HARDENING

libcxx/include/__iterator/bounded_iter.h

// -*- C++ -*- // -*- C++ -*-
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// //
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
// See https://llvm.org/LICENSE.txt for license information. // See https://llvm.org/LICENSE.txt for license information.
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
// //
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
#ifndef _LIBCPP___ITERATOR_BOUNDED_ITER_H #ifndef _LIBCPP___ITERATOR_BOUNDED_ITER_H
#define _LIBCPP___ITERATOR_BOUNDED_ITER_H #define _LIBCPP___ITERATOR_BOUNDED_ITER_H
#include <__assert> #include <__assert>
#include <__config> #include <__config>
#include <__hardening>
#include <__iterator/iterator_traits.h> #include <__iterator/iterator_traits.h>
#include <__memory/pointer_traits.h> #include <__memory/pointer_traits.h>
#include <__type_traits/enable_if.h> #include <__type_traits/enable_if.h>
#include <__type_traits/integral_constant.h> #include <__type_traits/integral_constant.h>
#include <__type_traits/is_convertible.h> #include <__type_traits/is_convertible.h>
#include <__utility/move.h> #include <__utility/move.h>
#if !defined(_LIBCPP_HAS_NO_PRAGMA_SYSTEM_HEADER) #if !defined(_LIBCPP_HAS_NO_PRAGMA_SYSTEM_HEADER)
▲ Show 20 LinesShow All 173 Lines▼ Show 20 Lines
private: private:
// Return whether the given iterator is in the bounds of this __bounded_iter. // Return whether the given iterator is in the bounds of this __bounded_iter.
_LIBCPP_HIDE_FROM_ABI _LIBCPP_CONSTEXPR bool __in_bounds(_Iterator const& __iter) const { _LIBCPP_HIDE_FROM_ABI _LIBCPP_CONSTEXPR bool __in_bounds(_Iterator const& __iter) const {
return __iter >= __begin_ && __iter < __end_; return __iter >= __begin_ && __iter < __end_;
} }
template <class> template <class>
friend struct pointer_traits; friend struct pointer_traits;
template <class>
friend struct __hardening_traits;
_Iterator __current_; // current iterator _Iterator __current_; // current iterator
_Iterator __begin_, __end_; // valid range represented as [begin, end) _Iterator __begin_, __end_; // valid range represented as [begin, end)
}; };
template <class _It> template <class _It>
_LIBCPP_HIDE_FROM_ABI _LIBCPP_CONSTEXPR __bounded_iter<_It> __make_bounded_iter(_It __it, _It __begin, _It __end) { _LIBCPP_HIDE_FROM_ABI _LIBCPP_CONSTEXPR __bounded_iter<_It> __make_bounded_iter(_It __it, _It __begin, _It __end) {
return __bounded_iter<_It>(std::move(__it), std::move(__begin), std::move(__end)); return __bounded_iter<_It>(std::move(__it), std::move(__begin), std::move(__end));
} }
template <class _It>
struct __hardening_traits<__bounded_iter<_It>> {
_LIBCPP_HIDE_FROM_ABI _LIBCPP_CONSTEXPR
static bool __refer_to_same_range(const __bounded_iter<_It>& __iter1, const __bounded_iter<_It>& __iter2) {
return __iter1.__begin_ == __iter2.__begin_ && __iter1.__end_ == __iter2.__end_;
}
};
#if _LIBCPP_STD_VER <= 17 #if _LIBCPP_STD_VER <= 17
template <class _Iterator> template <class _Iterator>
struct __libcpp_is_contiguous_iterator<__bounded_iter<_Iterator> > : true_type {}; struct __libcpp_is_contiguous_iterator<__bounded_iter<_Iterator> > : true_type {};
#endif #endif
template <class _Iterator> template <class _Iterator>
struct pointer_traits<__bounded_iter<_Iterator> > { struct pointer_traits<__bounded_iter<_Iterator> > {
using pointer = __bounded_iter<_Iterator>; using pointer = __bounded_iter<_Iterator>;
Show All 11 Lines

libcxx/include/span

Show First 20 LinesShow All 124 Lines▼ Show 20 Lines
} // namespace std } // namespace std
*/ */
#include <__assert> // all public C++ headers provide the assertion handler #include <__assert> // all public C++ headers provide the assertion handler
#include <__config> #include <__config>
#include <__debug> #include <__debug>
#include <__hardening>
#include <__fwd/span.h> #include <__fwd/span.h>
#include <__iterator/bounded_iter.h> #include <__iterator/bounded_iter.h>
#include <__iterator/concepts.h> #include <__iterator/concepts.h>
#include <__iterator/iterator_traits.h> #include <__iterator/iterator_traits.h>
#include <__iterator/wrap_iter.h> #include <__iterator/wrap_iter.h>
#include <__memory/pointer_traits.h> #include <__memory/pointer_traits.h>
#include <__ranges/concepts.h> #include <__ranges/concepts.h>
#include <__ranges/data.h> #include <__ranges/data.h>
▲ Show 20 LinesShow All 68 Lines▼ Show 20 Lines// constants and types
using element_type = _Tp; using element_type = _Tp;
using value_type = remove_cv_t<_Tp>; using value_type = remove_cv_t<_Tp>;
using size_type = size_t; using size_type = size_t;
using difference_type = ptrdiff_t; using difference_type = ptrdiff_t;
using pointer = _Tp *; using pointer = _Tp *;
using const_pointer = const _Tp *; using const_pointer = const _Tp *;
using reference = _Tp &; using reference = _Tp &;
using const_reference = const _Tp &; using const_reference = const _Tp &;
#ifdef _LIBCPP_DEBUG_ITERATOR_BOUNDS_CHECKING #if defined(_LIBCPP_ABI_BOUNDED_ITERATORS)
using iterator = __bounded_iter<pointer>; using iterator = __bounded_iter<pointer>;
#else #else
using iterator = __wrap_iter<pointer>; using iterator = __wrap_iter<pointer>;
#endif #endif
using reverse_iterator = _VSTD::reverse_iterator<iterator>; using reverse_iterator = _VSTD::reverse_iterator<iterator>;
static constexpr size_type extent = _Extent; static constexpr size_type extent = _Extent;
// [span.cons], span constructors, copy, assignment, and destructor // [span.cons], span constructors, copy, assignment, and destructor
template <size_t _Sz = _Extent> requires(_Sz == 0) template <size_t _Sz = _Extent> requires(_Sz == 0)
_LIBCPP_INLINE_VISIBILITY constexpr span() noexcept : __data_{nullptr} {} _LIBCPP_INLINE_VISIBILITY constexpr span() noexcept : __data_{nullptr} {}
constexpr span (const span&) noexcept = default; constexpr span (const span&) noexcept = default;
constexpr span& operator=(const span&) noexcept = default; constexpr span& operator=(const span&) noexcept = default;
template <__span_compatible_iterator<element_type> _It> template <__span_compatible_iterator<element_type> _It>
_LIBCPP_INLINE_VISIBILITY _LIBCPP_INLINE_VISIBILITY
constexpr explicit span(_It __first, size_type __count) constexpr explicit span(_It __first, size_type __count)
: __data_{_VSTD::to_address(__first)} { : __data_{_VSTD::to_address(__first)} {
(void)__count; (void)__count;
_LIBCPP_ASSERT(_Extent == __count, "size mismatch in span's constructor (iterator, len)"); _LIBCPP_ASSERT_CHECK_VALID_CONTAINER_ACCESS(_Extent == __count,
"size mismatch in span's constructor (iterator, len)");
_LIBCPP_ASSERT_CHECK_VALID_RANGE(__first, __count, "invalid range passed to span's constructor (iterator, len)");
ldionneUnsubmitted
Not Done
ReplyInline Actions

I find this potentially confusing. The name _LIBCPP_ASSERT_CHECK_INVALID_RANGE makes it look as if we're checking that the range is invalid, when we're trying to do the reverse. Should this be called _LIBCPP_ASSERT_CHECK_VALID_RANGE instead (and similarly for other types of checks)?

ldionne: I find this potentially confusing. The name `_LIBCPP_ASSERT_CHECK_INVALID_RANGE` makes it look…
var-constAuthorUnsubmitted
Done
ReplyInline Actions

I think it depends on how the reader sees the purpose of the check. I'm looking at it from the perspective of "which condition will cause the assertion to trigger?" (and more broadly, "what kind of bad behavior are we providing guarantees against?"). Or to put it simpler, I'm reading this kinda like "abort if the range is invalid", which I find slightly more natural than "make sure the range is valid and proceed".

I don't feel too strongly about this and can be convinced to change. One argument in favor of "check valid range" is that it follows the semantics of "assert" (which fires if the condition is false, not true).

EDIT: after some thinking, I went ahead with the renaming as suggested in this comment.

var-const: I think it depends on how the reader sees the purpose of the check. I'm looking at it from the…
} }
template <__span_compatible_iterator<element_type> _It, __span_compatible_sentinel_for<_It> _End> template <__span_compatible_iterator<element_type> _It, __span_compatible_sentinel_for<_It> _End>
_LIBCPP_INLINE_VISIBILITY _LIBCPP_INLINE_VISIBILITY
constexpr explicit span(_It __first, _End __last) : __data_{_VSTD::to_address(__first)} { constexpr explicit span(_It __first, _End __last) : __data_{_VSTD::to_address(__first)} {
// [span.cons]/10 // [span.cons]/10
// Throws: When and what last - first throws. // Throws: When and what last - first throws.
[[maybe_unused]] auto __dist = __last - __first; _LIBCPP_ASSERT_CHECK_VALID_CONTAINER_ACCESS(
_LIBCPP_ASSERT(__dist >= 0, "invalid range in span's constructor (iterator, sentinel)"); _Extent == __last - __first,
_LIBCPP_ASSERT( "invalid range in span's constructor (iterator, sentinel): last - first != extent");
__dist == _Extent, "invalid range in span's constructor (iterator, sentinel): last - first != extent"); _LIBCPP_ASSERT_CHECK_VALID_RANGE(
__first, __last,
"invalid range in span's constructor (iterator, sentinel): last - first != extent");
} }
_LIBCPP_INLINE_VISIBILITY constexpr span(type_identity_t<element_type> (&__arr)[_Extent]) noexcept : __data_{__arr} {} _LIBCPP_INLINE_VISIBILITY constexpr span(type_identity_t<element_type> (&__arr)[_Extent]) noexcept : __data_{__arr} {}
template <__span_array_convertible<element_type> _OtherElementType> template <__span_array_convertible<element_type> _OtherElementType>
_LIBCPP_INLINE_VISIBILITY _LIBCPP_INLINE_VISIBILITY
constexpr span(array<_OtherElementType, _Extent>& __arr) noexcept : __data_{__arr.data()} {} constexpr span(array<_OtherElementType, _Extent>& __arr) noexcept : __data_{__arr.data()} {}
template <class _OtherElementType> template <class _OtherElementType>
requires __span_array_convertible<const _OtherElementType, element_type> requires __span_array_convertible<const _OtherElementType, element_type>
_LIBCPP_INLINE_VISIBILITY _LIBCPP_INLINE_VISIBILITY
constexpr span(const array<_OtherElementType, _Extent>& __arr) noexcept : __data_{__arr.data()} {} constexpr span(const array<_OtherElementType, _Extent>& __arr) noexcept : __data_{__arr.data()} {}
template <__span_compatible_range<element_type> _Range> template <__span_compatible_range<element_type> _Range>
_LIBCPP_INLINE_VISIBILITY _LIBCPP_INLINE_VISIBILITY
constexpr explicit span(_Range&& __r) : __data_{ranges::data(__r)} { constexpr explicit span(_Range&& __r) : __data_{ranges::data(__r)} {
_LIBCPP_ASSERT(ranges::size(__r) == _Extent, "size mismatch in span's constructor (range)"); _LIBCPP_ASSERT_CHECK_VALID_RANGE(std::forward<_Range>(__r), "invalid range passed to span's constructor (range)");
_LIBCPP_ASSERT_CHECK_VALID_CONTAINER_ACCESS(ranges::size(__r) == _Extent,
"size mismatch in span's constructor (range)");
} }
template <__span_array_convertible<element_type> _OtherElementType> template <__span_array_convertible<element_type> _OtherElementType>
_LIBCPP_INLINE_VISIBILITY _LIBCPP_INLINE_VISIBILITY
constexpr span(const span<_OtherElementType, _Extent>& __other) constexpr span(const span<_OtherElementType, _Extent>& __other)
: __data_{__other.data()} {} : __data_{__other.data()} {}
template <__span_array_convertible<element_type> _OtherElementType> template <__span_array_convertible<element_type> _OtherElementType>
_LIBCPP_INLINE_VISIBILITY _LIBCPP_INLINE_VISIBILITY
constexpr explicit span(const span<_OtherElementType, dynamic_extent>& __other) noexcept constexpr explicit span(const span<_OtherElementType, dynamic_extent>& __other) noexcept
: __data_{__other.data()} { _LIBCPP_ASSERT(_Extent == __other.size(), "size mismatch in span's constructor (other span)"); } : __data_{__other.data()} {
_LIBCPP_ASSERT_CHECK_VALID_CONTAINER_ACCESS(_Extent == __other.size(),
"size mismatch in span's constructor (other span)");
}
// ~span() noexcept = default; // ~span() noexcept = default;
template <size_t _Count> template <size_t _Count>
_LIBCPP_INLINE_VISIBILITY _LIBCPP_INLINE_VISIBILITY
constexpr span<element_type, _Count> first() const noexcept constexpr span<element_type, _Count> first() const noexcept
{ {
static_assert(_Count <= _Extent, "span<T, N>::first<Count>(): Count out of range"); static_assert(_Count <= _Extent, "span<T, N>::first<Count>(): Count out of range");
return span<element_type, _Count>{data(), _Count}; return span<element_type, _Count>{data(), _Count};
} }
template <size_t _Count> template <size_t _Count>
_LIBCPP_INLINE_VISIBILITY _LIBCPP_INLINE_VISIBILITY
constexpr span<element_type, _Count> last() const noexcept constexpr span<element_type, _Count> last() const noexcept
{ {
static_assert(_Count <= _Extent, "span<T, N>::last<Count>(): Count out of range"); static_assert(_Count <= _Extent, "span<T, N>::last<Count>(): Count out of range");
return span<element_type, _Count>{data() + size() - _Count, _Count}; return span<element_type, _Count>{data() + size() - _Count, _Count};
} }
_LIBCPP_INLINE_VISIBILITY _LIBCPP_INLINE_VISIBILITY
constexpr span<element_type, dynamic_extent> first(size_type __count) const noexcept constexpr span<element_type, dynamic_extent> first(size_type __count) const noexcept
{ {
_LIBCPP_ASSERT(__count <= size(), "span<T, N>::first(count): count out of range"); _LIBCPP_ASSERT_CHECK_VALID_CONTAINER_ACCESS(__count <= size(), "span<T, N>::first(count): count out of range");
return {data(), __count}; return {data(), __count};
} }
_LIBCPP_INLINE_VISIBILITY _LIBCPP_INLINE_VISIBILITY
constexpr span<element_type, dynamic_extent> last(size_type __count) const noexcept constexpr span<element_type, dynamic_extent> last(size_type __count) const noexcept
{ {
_LIBCPP_ASSERT(__count <= size(), "span<T, N>::last(count): count out of range"); _LIBCPP_ASSERT_CHECK_VALID_CONTAINER_ACCESS(__count <= size(), "span<T, N>::last(count): count out of range");
return {data() + size() - __count, __count}; return {data() + size() - __count, __count};
} }
template <size_t _Offset, size_t _Count = dynamic_extent> template <size_t _Offset, size_t _Count = dynamic_extent>
_LIBCPP_INLINE_VISIBILITY _LIBCPP_INLINE_VISIBILITY
constexpr auto subspan() const noexcept constexpr auto subspan() const noexcept
-> span<element_type, _Count != dynamic_extent ? _Count : _Extent - _Offset> -> span<element_type, _Count != dynamic_extent ? _Count : _Extent - _Offset>
{ {
static_assert(_Offset <= _Extent, "span<T, N>::subspan<Offset, Count>(): Offset out of range"); static_assert(_Offset <= _Extent, "span<T, N>::subspan<Offset, Count>(): Offset out of range");
static_assert(_Count == dynamic_extent || _Count <= _Extent - _Offset, "span<T, N>::subspan<Offset, Count>(): Offset + Count out of range"); static_assert(_Count == dynamic_extent || _Count <= _Extent - _Offset, "span<T, N>::subspan<Offset, Count>(): Offset + Count out of range");
using _ReturnType = span<element_type, _Count != dynamic_extent ? _Count : _Extent - _Offset>; using _ReturnType = span<element_type, _Count != dynamic_extent ? _Count : _Extent - _Offset>;
return _ReturnType{data() + _Offset, _Count == dynamic_extent ? size() - _Offset : _Count}; return _ReturnType{data() + _Offset, _Count == dynamic_extent ? size() - _Offset : _Count};
} }
_LIBCPP_INLINE_VISIBILITY _LIBCPP_INLINE_VISIBILITY
constexpr span<element_type, dynamic_extent> constexpr span<element_type, dynamic_extent>
subspan(size_type __offset, size_type __count = dynamic_extent) const noexcept subspan(size_type __offset, size_type __count = dynamic_extent) const noexcept
{ {
_LIBCPP_ASSERT(__offset <= size(), "span<T, N>::subspan(offset, count): offset out of range"); _LIBCPP_ASSERT_CHECK_VALID_CONTAINER_ACCESS(__offset <= size(),
"span<T, N>::subspan(offset, count): offset out of range");
if (__count == dynamic_extent) if (__count == dynamic_extent)
return {data() + __offset, size() - __offset}; return {data() + __offset, size() - __offset};
_LIBCPP_ASSERT(__count <= size() - __offset, "span<T, N>::subspan(offset, count): offset + count out of range"); _LIBCPP_ASSERT_CHECK_VALID_CONTAINER_ACCESS(__count <= size() - __offset,
"span<T, N>::subspan(offset, count): offset + count out of range");
return {data() + __offset, __count}; return {data() + __offset, __count};
} }
_LIBCPP_INLINE_VISIBILITY constexpr size_type size() const noexcept { return _Extent; } _LIBCPP_INLINE_VISIBILITY constexpr size_type size() const noexcept { return _Extent; }
_LIBCPP_INLINE_VISIBILITY constexpr size_type size_bytes() const noexcept { return _Extent * sizeof(element_type); } _LIBCPP_INLINE_VISIBILITY constexpr size_type size_bytes() const noexcept { return _Extent * sizeof(element_type); }
[[nodiscard]] _LIBCPP_INLINE_VISIBILITY constexpr bool empty() const noexcept { return _Extent == 0; } [[nodiscard]] _LIBCPP_INLINE_VISIBILITY constexpr bool empty() const noexcept { return _Extent == 0; }
_LIBCPP_INLINE_VISIBILITY constexpr reference operator[](size_type __idx) const noexcept _LIBCPP_INLINE_VISIBILITY constexpr reference operator[](size_type __idx) const noexcept
{ {
_LIBCPP_ASSERT(__idx < size(), "span<T, N>::operator[](index): index out of range"); _LIBCPP_ASSERT_CHECK_VALID_CONTAINER_ACCESS(__idx < size(),
"span<T, N>::operator[](index): index out of range");
return __data_[__idx]; return __data_[__idx];
} }
_LIBCPP_INLINE_VISIBILITY constexpr reference front() const noexcept _LIBCPP_INLINE_VISIBILITY constexpr reference front() const noexcept
{ {
_LIBCPP_ASSERT(!empty(), "span<T, N>::front() on empty span"); _LIBCPP_ASSERT_CHECK_VALID_CONTAINER_ACCESS(!empty(), "span<T, N>::front() on empty span");
return __data_[0]; return __data_[0];
} }
_LIBCPP_INLINE_VISIBILITY constexpr reference back() const noexcept _LIBCPP_INLINE_VISIBILITY constexpr reference back() const noexcept
{ {
_LIBCPP_ASSERT(!empty(), "span<T, N>::back() on empty span"); _LIBCPP_ASSERT_CHECK_VALID_CONTAINER_ACCESS(!empty(), "span<T, N>::back() on empty span");
return __data_[size()-1]; return __data_[size()-1];
} }
_LIBCPP_INLINE_VISIBILITY constexpr pointer data() const noexcept { return __data_; } _LIBCPP_INLINE_VISIBILITY constexpr pointer data() const noexcept { return __data_; }
// [span.iter], span iterator support // [span.iter], span iterator support
_LIBCPP_INLINE_VISIBILITY constexpr iterator begin() const noexcept { _LIBCPP_INLINE_VISIBILITY constexpr iterator begin() const noexcept {
#ifdef _LIBCPP_DEBUG_ITERATOR_BOUNDS_CHECKING #if defined(_LIBCPP_ABI_BOUNDED_ITERATORS)
return std::__make_bounded_iter(data(), data(), data() + size()); return std::__make_bounded_iter(data(), data(), data() + size());
#else #else
return iterator(this, data()); return iterator(this, data());
#endif #endif
} }
_LIBCPP_INLINE_VISIBILITY constexpr iterator end() const noexcept { _LIBCPP_INLINE_VISIBILITY constexpr iterator end() const noexcept {
#ifdef _LIBCPP_DEBUG_ITERATOR_BOUNDS_CHECKING #if defined(_LIBCPP_ABI_BOUNDED_ITERATORS)
return std::__make_bounded_iter(data() + size(), data(), data() + size()); return std::__make_bounded_iter(data() + size(), data(), data() + size());
#else #else
return iterator(this, data() + size()); return iterator(this, data() + size());
#endif #endif
} }
_LIBCPP_INLINE_VISIBILITY constexpr reverse_iterator rbegin() const noexcept { return reverse_iterator(end()); } _LIBCPP_INLINE_VISIBILITY constexpr reverse_iterator rbegin() const noexcept { return reverse_iterator(end()); }
_LIBCPP_INLINE_VISIBILITY constexpr reverse_iterator rend() const noexcept { return reverse_iterator(begin()); } _LIBCPP_INLINE_VISIBILITY constexpr reverse_iterator rend() const noexcept { return reverse_iterator(begin()); }
Show All 15 Lines// constants and types
using element_type = _Tp; using element_type = _Tp;
using value_type = remove_cv_t<_Tp>; using value_type = remove_cv_t<_Tp>;
using size_type = size_t; using size_type = size_t;
using difference_type = ptrdiff_t; using difference_type = ptrdiff_t;
using pointer = _Tp *; using pointer = _Tp *;
using const_pointer = const _Tp *; using const_pointer = const _Tp *;
using reference = _Tp &; using reference = _Tp &;
using const_reference = const _Tp &; using const_reference = const _Tp &;
#ifdef _LIBCPP_DEBUG_ITERATOR_BOUNDS_CHECKING #if defined(_LIBCPP_ABI_BOUNDED_ITERATORS)
using iterator = __bounded_iter<pointer>; using iterator = __bounded_iter<pointer>;
#else #else
using iterator = __wrap_iter<pointer>; using iterator = __wrap_iter<pointer>;
#endif #endif
using reverse_iterator = _VSTD::reverse_iterator<iterator>; using reverse_iterator = _VSTD::reverse_iterator<iterator>;
static constexpr size_type extent = dynamic_extent; static constexpr size_type extent = dynamic_extent;
// [span.cons], span constructors, copy, assignment, and destructor // [span.cons], span constructors, copy, assignment, and destructor
_LIBCPP_INLINE_VISIBILITY constexpr span() noexcept : __data_{nullptr}, __size_{0} {} _LIBCPP_INLINE_VISIBILITY constexpr span() noexcept : __data_{nullptr}, __size_{0} {}
constexpr span (const span&) noexcept = default; constexpr span (const span&) noexcept = default;
constexpr span& operator=(const span&) noexcept = default; constexpr span& operator=(const span&) noexcept = default;
template <__span_compatible_iterator<element_type> _It> template <__span_compatible_iterator<element_type> _It>
_LIBCPP_INLINE_VISIBILITY _LIBCPP_INLINE_VISIBILITY
constexpr span(_It __first, size_type __count) constexpr span(_It __first, size_type __count)
: __data_{_VSTD::to_address(__first)}, __size_{__count} {} : __data_{_VSTD::to_address(__first)}, __size_{__count} {
_LIBCPP_ASSERT_CHECK_VALID_RANGE(__first, __count, "invalid range in span's constructor (iterator, count)");
}
template <__span_compatible_iterator<element_type> _It, __span_compatible_sentinel_for<_It> _End> template <__span_compatible_iterator<element_type> _It, __span_compatible_sentinel_for<_It> _End>
_LIBCPP_INLINE_VISIBILITY constexpr span(_It __first, _End __last) _LIBCPP_INLINE_VISIBILITY constexpr span(_It __first, _End __last)
: __data_(_VSTD::to_address(__first)), __size_(__last - __first) { : __data_(_VSTD::to_address(__first)), __size_(__last - __first) {
_LIBCPP_ASSERT(__last - __first >= 0, "invalid range in span's constructor (iterator, sentinel)"); _LIBCPP_ASSERT_CHECK_VALID_RANGE(__first, __last, "invalid range in span's constructor (iterator, sentinel)");
} }
template <size_t _Sz> template <size_t _Sz>
_LIBCPP_INLINE_VISIBILITY _LIBCPP_INLINE_VISIBILITY
constexpr span(type_identity_t<element_type> (&__arr)[_Sz]) noexcept : __data_{__arr}, __size_{_Sz} {} constexpr span(type_identity_t<element_type> (&__arr)[_Sz]) noexcept : __data_{__arr}, __size_{_Sz} {}
template <__span_array_convertible<element_type> _OtherElementType, size_t _Sz> template <__span_array_convertible<element_type> _OtherElementType, size_t _Sz>
_LIBCPP_INLINE_VISIBILITY _LIBCPP_INLINE_VISIBILITY
constexpr span(array<_OtherElementType, _Sz>& __arr) noexcept : __data_{__arr.data()}, __size_{_Sz} {} constexpr span(array<_OtherElementType, _Sz>& __arr) noexcept : __data_{__arr.data()}, __size_{_Sz} {}
template <class _OtherElementType, size_t _Sz> template <class _OtherElementType, size_t _Sz>
requires __span_array_convertible<const _OtherElementType, element_type> requires __span_array_convertible<const _OtherElementType, element_type>
_LIBCPP_INLINE_VISIBILITY _LIBCPP_INLINE_VISIBILITY
constexpr span(const array<_OtherElementType, _Sz>& __arr) noexcept : __data_{__arr.data()}, __size_{_Sz} {} constexpr span(const array<_OtherElementType, _Sz>& __arr) noexcept : __data_{__arr.data()}, __size_{_Sz} {}
template <__span_compatible_range<element_type> _Range> template <__span_compatible_range<element_type> _Range>
_LIBCPP_INLINE_VISIBILITY _LIBCPP_INLINE_VISIBILITY
constexpr span(_Range&& __r) : __data_(ranges::data(__r)), __size_{ranges::size(__r)} {} constexpr span(_Range&& __r) : __data_(ranges::data(__r)), __size_{ranges::size(__r)} {
_LIBCPP_ASSERT_CHECK_VALID_RANGE(std::forward<_Range>(__r), "invalid range in span's constructor (range)");
}
template <__span_array_convertible<element_type> _OtherElementType, size_t _OtherExtent> template <__span_array_convertible<element_type> _OtherElementType, size_t _OtherExtent>
_LIBCPP_INLINE_VISIBILITY _LIBCPP_INLINE_VISIBILITY
constexpr span(const span<_OtherElementType, _OtherExtent>& __other) noexcept constexpr span(const span<_OtherElementType, _OtherExtent>& __other) noexcept
: __data_{__other.data()}, __size_{__other.size()} {} : __data_{__other.data()}, __size_{__other.size()} {}
// ~span() noexcept = default; // ~span() noexcept = default;
template <size_t _Count> template <size_t _Count>
_LIBCPP_INLINE_VISIBILITY _LIBCPP_INLINE_VISIBILITY
constexpr span<element_type, _Count> first() const noexcept constexpr span<element_type, _Count> first() const noexcept
{ {
_LIBCPP_ASSERT(_Count <= size(), "span<T>::first<Count>(): Count out of range"); _LIBCPP_ASSERT_CHECK_VALID_CONTAINER_ACCESS(_Count <= size(), "span<T>::first<Count>(): Count out of range");
return span<element_type, _Count>{data(), _Count}; return span<element_type, _Count>{data(), _Count};
} }
template <size_t _Count> template <size_t _Count>
_LIBCPP_INLINE_VISIBILITY _LIBCPP_INLINE_VISIBILITY
constexpr span<element_type, _Count> last() const noexcept constexpr span<element_type, _Count> last() const noexcept
{ {
_LIBCPP_ASSERT(_Count <= size(), "span<T>::last<Count>(): Count out of range"); _LIBCPP_ASSERT_CHECK_VALID_CONTAINER_ACCESS(_Count <= size(), "span<T>::last<Count>(): Count out of range");
return span<element_type, _Count>{data() + size() - _Count, _Count}; return span<element_type, _Count>{data() + size() - _Count, _Count};
} }
_LIBCPP_INLINE_VISIBILITY _LIBCPP_INLINE_VISIBILITY
constexpr span<element_type, dynamic_extent> first(size_type __count) const noexcept constexpr span<element_type, dynamic_extent> first(size_type __count) const noexcept
{ {
_LIBCPP_ASSERT(__count <= size(), "span<T>::first(count): count out of range"); _LIBCPP_ASSERT_CHECK_VALID_CONTAINER_ACCESS(__count <= size(), "span<T>::first(count): count out of range");
return {data(), __count}; return {data(), __count};
} }
_LIBCPP_INLINE_VISIBILITY _LIBCPP_INLINE_VISIBILITY
constexpr span<element_type, dynamic_extent> last (size_type __count) const noexcept constexpr span<element_type, dynamic_extent> last (size_type __count) const noexcept
{ {
_LIBCPP_ASSERT(__count <= size(), "span<T>::last(count): count out of range"); _LIBCPP_ASSERT_CHECK_VALID_CONTAINER_ACCESS(__count <= size(), "span<T>::last(count): count out of range");
return {data() + size() - __count, __count}; return {data() + size() - __count, __count};
} }
template <size_t _Offset, size_t _Count = dynamic_extent> template <size_t _Offset, size_t _Count = dynamic_extent>
_LIBCPP_INLINE_VISIBILITY _LIBCPP_INLINE_VISIBILITY
constexpr span<element_type, _Count> subspan() const noexcept constexpr span<element_type, _Count> subspan() const noexcept
{ {
_LIBCPP_ASSERT(_Offset <= size(), "span<T>::subspan<Offset, Count>(): Offset out of range"); _LIBCPP_ASSERT_CHECK_VALID_CONTAINER_ACCESS(_Offset <= size(),
_LIBCPP_ASSERT(_Count == dynamic_extent || _Count <= size() - _Offset, "span<T>::subspan<Offset, Count>(): Offset + Count out of range"); "span<T>::subspan<Offset, Count>(): Offset out of range");
_LIBCPP_ASSERT_CHECK_VALID_CONTAINER_ACCESS(_Count == dynamic_extent || _Count <= size() - _Offset,
"span<T>::subspan<Offset, Count>(): Offset + Count out of range");
return span<element_type, _Count>{data() + _Offset, _Count == dynamic_extent ? size() - _Offset : _Count}; return span<element_type, _Count>{data() + _Offset, _Count == dynamic_extent ? size() - _Offset : _Count};
} }
constexpr span<element_type, dynamic_extent> constexpr span<element_type, dynamic_extent>
_LIBCPP_INLINE_VISIBILITY _LIBCPP_INLINE_VISIBILITY
subspan(size_type __offset, size_type __count = dynamic_extent) const noexcept subspan(size_type __offset, size_type __count = dynamic_extent) const noexcept
{ {
_LIBCPP_ASSERT(__offset <= size(), "span<T>::subspan(offset, count): offset out of range"); _LIBCPP_ASSERT_CHECK_VALID_CONTAINER_ACCESS(__offset <= size(),
"span<T>::subspan(offset, count): offset out of range");
if (__count == dynamic_extent) if (__count == dynamic_extent)
return {data() + __offset, size() - __offset}; return {data() + __offset, size() - __offset};
_LIBCPP_ASSERT(__count <= size() - __offset, "span<T>::subspan(offset, count): offset + count out of range"); _LIBCPP_ASSERT_CHECK_VALID_CONTAINER_ACCESS(__count <= size() - __offset,
"span<T>::subspan(offset, count): offset + count out of range");
return {data() + __offset, __count}; return {data() + __offset, __count};
} }
_LIBCPP_INLINE_VISIBILITY constexpr size_type size() const noexcept { return __size_; } _LIBCPP_INLINE_VISIBILITY constexpr size_type size() const noexcept { return __size_; }
_LIBCPP_INLINE_VISIBILITY constexpr size_type size_bytes() const noexcept { return __size_ * sizeof(element_type); } _LIBCPP_INLINE_VISIBILITY constexpr size_type size_bytes() const noexcept { return __size_ * sizeof(element_type); }
[[nodiscard]] _LIBCPP_INLINE_VISIBILITY constexpr bool empty() const noexcept { return __size_ == 0; } [[nodiscard]] _LIBCPP_INLINE_VISIBILITY constexpr bool empty() const noexcept { return __size_ == 0; }
_LIBCPP_INLINE_VISIBILITY constexpr reference operator[](size_type __idx) const noexcept _LIBCPP_INLINE_VISIBILITY constexpr reference operator[](size_type __idx) const noexcept
{ {
_LIBCPP_ASSERT(__idx < size(), "span<T>::operator[](index): index out of range"); _LIBCPP_ASSERT_CHECK_VALID_CONTAINER_ACCESS(__idx < size(), "span<T>::operator[](index): index out of range");
return __data_[__idx]; return __data_[__idx];
} }
_LIBCPP_INLINE_VISIBILITY constexpr reference front() const noexcept _LIBCPP_INLINE_VISIBILITY constexpr reference front() const noexcept
{ {
_LIBCPP_ASSERT(!empty(), "span<T>::front() on empty span"); _LIBCPP_ASSERT_CHECK_VALID_CONTAINER_ACCESS(!empty(), "span<T>::front() on empty span");
return __data_[0]; return __data_[0];
} }
_LIBCPP_INLINE_VISIBILITY constexpr reference back() const noexcept _LIBCPP_INLINE_VISIBILITY constexpr reference back() const noexcept
{ {
_LIBCPP_ASSERT(!empty(), "span<T>::back() on empty span"); _LIBCPP_ASSERT_CHECK_VALID_CONTAINER_ACCESS(!empty(), "span<T>::back() on empty span");
return __data_[size()-1]; return __data_[size()-1];
} }
_LIBCPP_INLINE_VISIBILITY constexpr pointer data() const noexcept { return __data_; } _LIBCPP_INLINE_VISIBILITY constexpr pointer data() const noexcept { return __data_; }
// [span.iter], span iterator support // [span.iter], span iterator support
_LIBCPP_INLINE_VISIBILITY constexpr iterator begin() const noexcept { _LIBCPP_INLINE_VISIBILITY constexpr iterator begin() const noexcept {
#ifdef _LIBCPP_DEBUG_ITERATOR_BOUNDS_CHECKING #if defined(_LIBCPP_ABI_BOUNDED_ITERATORS)
return std::__make_bounded_iter(data(), data(), data() + size()); return std::__make_bounded_iter(data(), data(), data() + size());
#else #else
return iterator(this, data()); return iterator(this, data());
#endif #endif
} }
_LIBCPP_INLINE_VISIBILITY constexpr iterator end() const noexcept { _LIBCPP_INLINE_VISIBILITY constexpr iterator end() const noexcept {
#ifdef _LIBCPP_DEBUG_ITERATOR_BOUNDS_CHECKING #if defined(_LIBCPP_ABI_BOUNDED_ITERATORS)
return std::__make_bounded_iter(data() + size(), data(), data() + size()); return std::__make_bounded_iter(data() + size(), data(), data() + size());
#else #else
return iterator(this, data() + size()); return iterator(this, data() + size());
#endif #endif
} }
_LIBCPP_INLINE_VISIBILITY constexpr reverse_iterator rbegin() const noexcept { return reverse_iterator(end()); } _LIBCPP_INLINE_VISIBILITY constexpr reverse_iterator rbegin() const noexcept { return reverse_iterator(end()); }
_LIBCPP_INLINE_VISIBILITY constexpr reverse_iterator rend() const noexcept { return reverse_iterator(begin()); } _LIBCPP_INLINE_VISIBILITY constexpr reverse_iterator rend() const noexcept { return reverse_iterator(begin()); }
▲ Show 20 LinesShow All 59 LinesShow Last 20 Lines

libcxx/include/string_view

Show First 20 LinesShow All 268 Lines▼ Show 20 Lines
public: public:
// types // types
using traits_type = _Traits; using traits_type = _Traits;
using value_type = _CharT; using value_type = _CharT;
using pointer = _CharT*; using pointer = _CharT*;
using const_pointer = const _CharT*; using const_pointer = const _CharT*;
using reference = _CharT&; using reference = _CharT&;
using const_reference = const _CharT&; using const_reference = const _CharT&;
#ifdef _LIBCPP_DEBUG_ITERATOR_BOUNDS_CHECKING #ifdef _LIBCPP_ABI_BOUNDED_ITERATORS
using const_iterator = __bounded_iter<const_pointer>; using const_iterator = __bounded_iter<const_pointer>;
#else #else
using const_iterator = const_pointer; // See [string.view.iterators] using const_iterator = const_pointer; // See [string.view.iterators]
#endif #endif
using iterator = const_iterator; using iterator = const_iterator;
using const_reverse_iterator = _VSTD::reverse_iterator<const_iterator>; using const_reverse_iterator = _VSTD::reverse_iterator<const_iterator>;
using reverse_iterator = const_reverse_iterator; using reverse_iterator = const_reverse_iterator;
using size_type = size_t; using size_type = size_t;
▲ Show 20 LinesShow All 64 Lines▼ Show 20 Lines#endif
_LIBCPP_CONSTEXPR _LIBCPP_INLINE_VISIBILITY _LIBCPP_CONSTEXPR _LIBCPP_INLINE_VISIBILITY
const_iterator begin() const _NOEXCEPT { return cbegin(); } const_iterator begin() const _NOEXCEPT { return cbegin(); }
_LIBCPP_CONSTEXPR _LIBCPP_INLINE_VISIBILITY _LIBCPP_CONSTEXPR _LIBCPP_INLINE_VISIBILITY
const_iterator end() const _NOEXCEPT { return cend(); } const_iterator end() const _NOEXCEPT { return cend(); }
_LIBCPP_CONSTEXPR _LIBCPP_INLINE_VISIBILITY _LIBCPP_CONSTEXPR _LIBCPP_INLINE_VISIBILITY
const_iterator cbegin() const _NOEXCEPT { const_iterator cbegin() const _NOEXCEPT {
#ifdef _LIBCPP_DEBUG_ITERATOR_BOUNDS_CHECKING #ifdef _LIBCPP_ABI_BOUNDED_ITERATORS
return std::__make_bounded_iter(data(), data(), data() + size()); return std::__make_bounded_iter(data(), data(), data() + size());
#else #else
return __data_; return __data_;
#endif #endif
} }
_LIBCPP_CONSTEXPR _LIBCPP_INLINE_VISIBILITY _LIBCPP_CONSTEXPR _LIBCPP_INLINE_VISIBILITY
const_iterator cend() const _NOEXCEPT { const_iterator cend() const _NOEXCEPT {
#ifdef _LIBCPP_DEBUG_ITERATOR_BOUNDS_CHECKING #ifdef _LIBCPP_ABI_BOUNDED_ITERATORS
return std::__make_bounded_iter(data() + size(), data(), data() + size()); return std::__make_bounded_iter(data() + size(), data(), data() + size());
#else #else
return __data_ + __size_; return __data_ + __size_;
#endif #endif
} }
_LIBCPP_CONSTEXPR_SINCE_CXX17 _LIBCPP_INLINE_VISIBILITY _LIBCPP_CONSTEXPR_SINCE_CXX17 _LIBCPP_INLINE_VISIBILITY
const_reverse_iterator rbegin() const _NOEXCEPT { return const_reverse_iterator(cend()); } const_reverse_iterator rbegin() const _NOEXCEPT { return const_reverse_iterator(cend()); }
▲ Show 20 LinesShow All 680 LinesShow Last 20 Lines

libcxx/include/vector

Show First 20 LinesShow All 462 Lines▼ Show 20 Lines template <class _ForwardIterator,
int> = 0> int> = 0>
_LIBCPP_CONSTEXPR_SINCE_CXX20 _LIBCPP_HIDE_FROM_ABI _LIBCPP_CONSTEXPR_SINCE_CXX20 _LIBCPP_HIDE_FROM_ABI
vector(_ForwardIterator __first, _ForwardIterator __last, const allocator_type& __a); vector(_ForwardIterator __first, _ForwardIterator __last, const allocator_type& __a);
#if _LIBCPP_STD_VER >= 23 #if _LIBCPP_STD_VER >= 23
template <_ContainerCompatibleRange<_Tp> _Range> template <_ContainerCompatibleRange<_Tp> _Range>
_LIBCPP_HIDE_FROM_ABI constexpr vector(from_range_t, _Range&& __range, _LIBCPP_HIDE_FROM_ABI constexpr vector(from_range_t, _Range&& __range,
const allocator_type& __alloc = allocator_type()) : __end_cap_(nullptr, __alloc) { const allocator_type& __alloc = allocator_type()) : __end_cap_(nullptr, __alloc) {
//_LIBCPP_ASSERT_CHECK_VALID_RANGE(std::forward<_Range>(__range), "vector::vector(from_range_t)");
if constexpr (ranges::forward_range<_Range> || ranges::sized_range<_Range>) { if constexpr (ranges::forward_range<_Range> || ranges::sized_range<_Range>) {
auto __n = static_cast<size_type>(ranges::distance(__range)); auto __n = static_cast<size_type>(ranges::distance(__range));
__init_with_size(ranges::begin(__range), ranges::end(__range), __n); __init_with_size(ranges::begin(__range), ranges::end(__range), __n);
} else { } else {
__init_with_sentinel(ranges::begin(__range), ranges::end(__range)); __init_with_sentinel(ranges::begin(__range), ranges::end(__range));
} }
} }
▲ Show 20 LinesShow All 63 Lines▼ Show 20 Lines template <
is_constructible<value_type, typename iterator_traits<_ForwardIterator>::reference>::value, is_constructible<value_type, typename iterator_traits<_ForwardIterator>::reference>::value,
int> = 0> int> = 0>
_LIBCPP_CONSTEXPR_SINCE_CXX20 _LIBCPP_HIDE_FROM_ABI void assign(_ForwardIterator __first, _ForwardIterator __last); _LIBCPP_CONSTEXPR_SINCE_CXX20 _LIBCPP_HIDE_FROM_ABI void assign(_ForwardIterator __first, _ForwardIterator __last);
#if _LIBCPP_STD_VER >= 23 #if _LIBCPP_STD_VER >= 23
template <_ContainerCompatibleRange<_Tp> _Range> template <_ContainerCompatibleRange<_Tp> _Range>
_LIBCPP_HIDE_FROM_ABI _LIBCPP_HIDE_FROM_ABI
constexpr void assign_range(_Range&& __range) { constexpr void assign_range(_Range&& __range) {
//_LIBCPP_ASSERT_CHECK_VALID_RANGE(std::forward<_Range>(__range), "vector::assign_range");
//_LIBCPP_ASSERT_CHECK_OVERLAPPING_RANGES(*this, std::forward<_Range>(__range), "vector::assign_range");
if constexpr (ranges::forward_range<_Range> || ranges::sized_range<_Range>) { if constexpr (ranges::forward_range<_Range> || ranges::sized_range<_Range>) {
auto __n = static_cast<size_type>(ranges::distance(__range)); auto __n = static_cast<size_type>(ranges::distance(__range));
__assign_with_size(ranges::begin(__range), ranges::end(__range), __n); __assign_with_size(ranges::begin(__range), ranges::end(__range), __n);
} else { } else {
__assign_with_sentinel(ranges::begin(__range), ranges::end(__range)); __assign_with_sentinel(ranges::begin(__range), ranges::end(__range));
} }
} }
▲ Show 20 LinesShow All 58 Lines▼ Show 20 Lines#endif
_LIBCPP_CONSTEXPR_SINCE_CXX20 _LIBCPP_HIDE_FROM_ABI reference operator[](size_type __n) _NOEXCEPT; _LIBCPP_CONSTEXPR_SINCE_CXX20 _LIBCPP_HIDE_FROM_ABI reference operator[](size_type __n) _NOEXCEPT;
_LIBCPP_CONSTEXPR_SINCE_CXX20 _LIBCPP_HIDE_FROM_ABI const_reference operator[](size_type __n) const _NOEXCEPT; _LIBCPP_CONSTEXPR_SINCE_CXX20 _LIBCPP_HIDE_FROM_ABI const_reference operator[](size_type __n) const _NOEXCEPT;
_LIBCPP_CONSTEXPR_SINCE_CXX20 _LIBCPP_HIDE_FROM_ABI reference at(size_type __n); _LIBCPP_CONSTEXPR_SINCE_CXX20 _LIBCPP_HIDE_FROM_ABI reference at(size_type __n);
_LIBCPP_CONSTEXPR_SINCE_CXX20 _LIBCPP_HIDE_FROM_ABI const_reference at(size_type __n) const; _LIBCPP_CONSTEXPR_SINCE_CXX20 _LIBCPP_HIDE_FROM_ABI const_reference at(size_type __n) const;
_LIBCPP_CONSTEXPR_SINCE_CXX20 _LIBCPP_HIDE_FROM_ABI reference front() _NOEXCEPT _LIBCPP_CONSTEXPR_SINCE_CXX20 _LIBCPP_HIDE_FROM_ABI reference front() _NOEXCEPT
{ {
_LIBCPP_ASSERT(!empty(), "front() called on an empty vector"); _LIBCPP_ASSERT(!empty(), "front() called on an empty vector");
//_LIBCPP_ASSERT_CHECK_VALID_CONTAINER_ACCESS(!empty(), "vector::front()");
return *this->__begin_; return *this->__begin_;
} }
_LIBCPP_CONSTEXPR_SINCE_CXX20 _LIBCPP_HIDE_FROM_ABI const_reference front() const _NOEXCEPT _LIBCPP_CONSTEXPR_SINCE_CXX20 _LIBCPP_HIDE_FROM_ABI const_reference front() const _NOEXCEPT
{ {
_LIBCPP_ASSERT(!empty(), "front() called on an empty vector"); _LIBCPP_ASSERT(!empty(), "front() called on an empty vector");
//_LIBCPP_ASSERT_CHECK_VALID_CONTAINER_ACCESS(!empty(), "vector::front()");
return *this->__begin_; return *this->__begin_;
} }
_LIBCPP_CONSTEXPR_SINCE_CXX20 _LIBCPP_HIDE_FROM_ABI reference back() _NOEXCEPT _LIBCPP_CONSTEXPR_SINCE_CXX20 _LIBCPP_HIDE_FROM_ABI reference back() _NOEXCEPT
{ {
_LIBCPP_ASSERT(!empty(), "back() called on an empty vector"); _LIBCPP_ASSERT(!empty(), "back() called on an empty vector");
//_LIBCPP_ASSERT_CHECK_VALID_CONTAINER_ACCESS(!empty(), "vector::back()");
return *(this->__end_ - 1); return *(this->__end_ - 1);
} }
_LIBCPP_CONSTEXPR_SINCE_CXX20 _LIBCPP_HIDE_FROM_ABI const_reference back() const _NOEXCEPT _LIBCPP_CONSTEXPR_SINCE_CXX20 _LIBCPP_HIDE_FROM_ABI const_reference back() const _NOEXCEPT
{ {
_LIBCPP_ASSERT(!empty(), "back() called on an empty vector"); _LIBCPP_ASSERT(!empty(), "back() called on an empty vector");
//_LIBCPP_ASSERT_CHECK_VALID_CONTAINER_ACCESS(!empty(), "vector::back()");
return *(this->__end_ - 1); return *(this->__end_ - 1);
} }
_LIBCPP_CONSTEXPR_SINCE_CXX20 _LIBCPP_HIDE_FROM_ABI _LIBCPP_CONSTEXPR_SINCE_CXX20 _LIBCPP_HIDE_FROM_ABI
value_type* data() _NOEXCEPT value_type* data() _NOEXCEPT
{return std::__to_address(this->__begin_);} {return std::__to_address(this->__begin_);}
_LIBCPP_CONSTEXPR_SINCE_CXX20 _LIBCPP_HIDE_FROM_ABI _LIBCPP_CONSTEXPR_SINCE_CXX20 _LIBCPP_HIDE_FROM_ABI
Show All 11 Lines
#else #else
void emplace_back(_Args&&... __args); void emplace_back(_Args&&... __args);
#endif #endif
#if _LIBCPP_STD_VER >= 23 #if _LIBCPP_STD_VER >= 23
template <_ContainerCompatibleRange<_Tp> _Range> template <_ContainerCompatibleRange<_Tp> _Range>
_LIBCPP_HIDE_FROM_ABI _LIBCPP_HIDE_FROM_ABI
constexpr void append_range(_Range&& __range) { constexpr void append_range(_Range&& __range) {
//_LIBCPP_ASSERT_CHECK_VALID_RANGE(std::forward<_Range>(__range), "vector::append_range");
//_LIBCPP_ASSERT_CHECK_OVERLAPPING_RANGES(*this, std::forward<_Range>(__range), "vector::append_range");
insert_range(end(), std::forward<_Range>(__range)); insert_range(end(), std::forward<_Range>(__range));
} }
#endif #endif
_LIBCPP_CONSTEXPR_SINCE_CXX20 _LIBCPP_HIDE_FROM_ABI _LIBCPP_CONSTEXPR_SINCE_CXX20 _LIBCPP_HIDE_FROM_ABI
void pop_back(); void pop_back();
_LIBCPP_CONSTEXPR_SINCE_CXX20 _LIBCPP_HIDE_FROM_ABI iterator insert(const_iterator __position, const_reference __x); _LIBCPP_CONSTEXPR_SINCE_CXX20 _LIBCPP_HIDE_FROM_ABI iterator insert(const_iterator __position, const_reference __x);
Show All 11 Lines template <class _InputIterator,
int> = 0> int> = 0>
_LIBCPP_CONSTEXPR_SINCE_CXX20 _LIBCPP_HIDE_FROM_ABI iterator _LIBCPP_CONSTEXPR_SINCE_CXX20 _LIBCPP_HIDE_FROM_ABI iterator
insert(const_iterator __position, _InputIterator __first, _InputIterator __last); insert(const_iterator __position, _InputIterator __first, _InputIterator __last);
#if _LIBCPP_STD_VER >= 23 #if _LIBCPP_STD_VER >= 23
template <_ContainerCompatibleRange<_Tp> _Range> template <_ContainerCompatibleRange<_Tp> _Range>
_LIBCPP_HIDE_FROM_ABI _LIBCPP_HIDE_FROM_ABI
constexpr iterator insert_range(const_iterator __position, _Range&& __range) { constexpr iterator insert_range(const_iterator __position, _Range&& __range) {
//_LIBCPP_ASSERT_CHECK_VALID_RANGE(std::forward<_Range>(__range), "vector::insert_range");
//_LIBCPP_ASSERT_CHECK_OVERLAPPING_RANGES(*this, std::forward<_Range>(__range), "vector::insert_range");
//_LIBCPP_ASSERT_CHECK_FOREIGN_ITERATOR(*this, __position, "vector::insert_range");
if constexpr (ranges::forward_range<_Range> || ranges::sized_range<_Range>) { if constexpr (ranges::forward_range<_Range> || ranges::sized_range<_Range>) {
auto __n = static_cast<size_type>(ranges::distance(__range)); auto __n = static_cast<size_type>(ranges::distance(__range));
return __insert_with_size(__position, ranges::begin(__range), ranges::end(__range), __n); return __insert_with_size(__position, ranges::begin(__range), ranges::end(__range), __n);
} else { } else {
return __insert_with_sentinel(__position, ranges::begin(__range), ranges::end(__range)); return __insert_with_sentinel(__position, ranges::begin(__range), ranges::end(__range));
} }
} }
▲ Show 20 LinesShow All 547 Lines▼ Show 20 Lines
template <class _Tp, class _Allocator> template <class _Tp, class _Allocator>
template <class _InputIterator, __enable_if_t<__has_exactly_input_iterator_category<_InputIterator>::value && template <class _InputIterator, __enable_if_t<__has_exactly_input_iterator_category<_InputIterator>::value &&
is_constructible<_Tp, typename iterator_traits<_InputIterator>::reference>::value, is_constructible<_Tp, typename iterator_traits<_InputIterator>::reference>::value,
int> > int> >
_LIBCPP_CONSTEXPR_SINCE_CXX20 _LIBCPP_CONSTEXPR_SINCE_CXX20
vector<_Tp, _Allocator>::vector(_InputIterator __first, _InputIterator __last) vector<_Tp, _Allocator>::vector(_InputIterator __first, _InputIterator __last)
{ {
//_LIBCPP_ASSERT_CHECK_VALID_RANGE(__first, __last, "vector::vector(Iter, Iter)");
__init_with_sentinel(__first, __last); __init_with_sentinel(__first, __last);
} }
template <class _Tp, class _Allocator> template <class _Tp, class _Allocator>
template <class _InputIterator, __enable_if_t<__has_exactly_input_iterator_category<_InputIterator>::value && template <class _InputIterator, __enable_if_t<__has_exactly_input_iterator_category<_InputIterator>::value &&
is_constructible<_Tp, typename iterator_traits<_InputIterator>::reference>::value, is_constructible<_Tp, typename iterator_traits<_InputIterator>::reference>::value,
int> > int> >
_LIBCPP_CONSTEXPR_SINCE_CXX20 _LIBCPP_CONSTEXPR_SINCE_CXX20
vector<_Tp, _Allocator>::vector(_InputIterator __first, _InputIterator __last, const allocator_type& __a) vector<_Tp, _Allocator>::vector(_InputIterator __first, _InputIterator __last, const allocator_type& __a)
: __end_cap_(nullptr, __a) : __end_cap_(nullptr, __a)
{ {
//_LIBCPP_ASSERT_CHECK_VALID_RANGE(__first, __last, "vector::vector(Iter, Iter, Alloc)");
__init_with_sentinel(__first, __last); __init_with_sentinel(__first, __last);
} }
template <class _Tp, class _Allocator> template <class _Tp, class _Allocator>
template <class _ForwardIterator, __enable_if_t<__has_forward_iterator_category<_ForwardIterator>::value && template <class _ForwardIterator, __enable_if_t<__has_forward_iterator_category<_ForwardIterator>::value &&
is_constructible<_Tp, typename iterator_traits<_ForwardIterator>::reference>::value, is_constructible<_Tp, typename iterator_traits<_ForwardIterator>::reference>::value,
int> > int> >
_LIBCPP_CONSTEXPR_SINCE_CXX20 _LIBCPP_CONSTEXPR_SINCE_CXX20
vector<_Tp, _Allocator>::vector(_ForwardIterator __first, _ForwardIterator __last) vector<_Tp, _Allocator>::vector(_ForwardIterator __first, _ForwardIterator __last)
{ {
//_LIBCPP_ASSERT_CHECK_VALID_RANGE(__first, __last, "vector::vector(Iter, Iter)");
size_type __n = static_cast<size_type>(std::distance(__first, __last)); size_type __n = static_cast<size_type>(std::distance(__first, __last));
__init_with_size(__first, __last, __n); __init_with_size(__first, __last, __n);
} }
template <class _Tp, class _Allocator> template <class _Tp, class _Allocator>
template <class _ForwardIterator, __enable_if_t<__has_forward_iterator_category<_ForwardIterator>::value && template <class _ForwardIterator, __enable_if_t<__has_forward_iterator_category<_ForwardIterator>::value &&
is_constructible<_Tp, typename iterator_traits<_ForwardIterator>::reference>::value, is_constructible<_Tp, typename iterator_traits<_ForwardIterator>::reference>::value,
int> > int> >
_LIBCPP_CONSTEXPR_SINCE_CXX20 _LIBCPP_CONSTEXPR_SINCE_CXX20
vector<_Tp, _Allocator>::vector(_ForwardIterator __first, _ForwardIterator __last, const allocator_type& __a) vector<_Tp, _Allocator>::vector(_ForwardIterator __first, _ForwardIterator __last, const allocator_type& __a)
: __end_cap_(nullptr, __a) : __end_cap_(nullptr, __a)
{ {
//_LIBCPP_ASSERT_CHECK_VALID_RANGE(__first, __last, "vector::vector(Iter, Iter, Alloc)");
size_type __n = static_cast<size_type>(std::distance(__first, __last)); size_type __n = static_cast<size_type>(std::distance(__first, __last));
__init_with_size(__first, __last, __n); __init_with_size(__first, __last, __n);
} }
template <class _Tp, class _Allocator> template <class _Tp, class _Allocator>
_LIBCPP_CONSTEXPR_SINCE_CXX20 _LIBCPP_CONSTEXPR_SINCE_CXX20
vector<_Tp, _Allocator>::vector(const vector& __x) vector<_Tp, _Allocator>::vector(const vector& __x)
: __end_cap_(nullptr, __alloc_traits::select_on_container_copy_construction(__x.__alloc())) : __end_cap_(nullptr, __alloc_traits::select_on_container_copy_construction(__x.__alloc()))
▲ Show 20 LinesShow All 145 Lines▼ Show 20 Lines
template <class _Tp, class _Allocator> template <class _Tp, class _Allocator>
template <class _InputIterator, __enable_if_t<__has_exactly_input_iterator_category<_InputIterator>::value && template <class _InputIterator, __enable_if_t<__has_exactly_input_iterator_category<_InputIterator>::value &&
is_constructible<_Tp, typename iterator_traits<_InputIterator>::reference>::value, is_constructible<_Tp, typename iterator_traits<_InputIterator>::reference>::value,
int> > int> >
_LIBCPP_CONSTEXPR_SINCE_CXX20 void _LIBCPP_CONSTEXPR_SINCE_CXX20 void
vector<_Tp, _Allocator>::assign(_InputIterator __first, _InputIterator __last) vector<_Tp, _Allocator>::assign(_InputIterator __first, _InputIterator __last)
{ {
//_LIBCPP_ASSERT_CHECK_VALID_RANGE(__first, __last, "vector::assign()");
//_LIBCPP_ASSERT_CHECK_OVERLAPPING_RANGES(begin(), end(), __first, __last, "vector::assign");
__assign_with_sentinel(__first, __last); __assign_with_sentinel(__first, __last);
} }
template <class _Tp, class _Allocator> template <class _Tp, class _Allocator>
template <class _Iterator, class _Sentinel> template <class _Iterator, class _Sentinel>
_LIBCPP_CONSTEXPR_SINCE_CXX20 _LIBCPP_HIDE_FROM_ABI _LIBCPP_CONSTEXPR_SINCE_CXX20 _LIBCPP_HIDE_FROM_ABI
void vector<_Tp, _Allocator>::__assign_with_sentinel(_Iterator __first, _Sentinel __last) { void vector<_Tp, _Allocator>::__assign_with_sentinel(_Iterator __first, _Sentinel __last) {
clear(); clear();
for (; __first != __last; ++__first) for (; __first != __last; ++__first)
emplace_back(*__first); emplace_back(*__first);
} }
template <class _Tp, class _Allocator> template <class _Tp, class _Allocator>
template <class _ForwardIterator, __enable_if_t<__has_forward_iterator_category<_ForwardIterator>::value && template <class _ForwardIterator, __enable_if_t<__has_forward_iterator_category<_ForwardIterator>::value &&
is_constructible<_Tp, typename iterator_traits<_ForwardIterator>::reference>::value, is_constructible<_Tp, typename iterator_traits<_ForwardIterator>::reference>::value,
int> > int> >
_LIBCPP_CONSTEXPR_SINCE_CXX20 void _LIBCPP_CONSTEXPR_SINCE_CXX20 void
vector<_Tp, _Allocator>::assign(_ForwardIterator __first, _ForwardIterator __last) vector<_Tp, _Allocator>::assign(_ForwardIterator __first, _ForwardIterator __last)
{ {
//_LIBCPP_ASSERT_CHECK_VALID_RANGE(__first, __last, "vector::assign()");
//_LIBCPP_ASSERT_CHECK_OVERLAPPING_RANGES(begin(), end(), __first, __last, "vector::assign");
__assign_with_size(__first, __last, std::distance(__first, __last)); __assign_with_size(__first, __last, std::distance(__first, __last));
} }
template <class _Tp, class _Allocator> template <class _Tp, class _Allocator>
template <class _ForwardIterator, class _Sentinel> template <class _ForwardIterator, class _Sentinel>
_LIBCPP_CONSTEXPR_SINCE_CXX20 _LIBCPP_HIDE_FROM_ABI _LIBCPP_CONSTEXPR_SINCE_CXX20 _LIBCPP_HIDE_FROM_ABI
void vector<_Tp, _Allocator>::__assign_with_size(_ForwardIterator __first, _Sentinel __last, difference_type __n) { void vector<_Tp, _Allocator>::__assign_with_size(_ForwardIterator __first, _Sentinel __last, difference_type __n) {
size_type __new_size = static_cast<size_type>(__n); size_type __new_size = static_cast<size_type>(__n);
Show All 20 Linesvoid vector<_Tp, _Allocator>::__assign_with_size(_ForwardIterator __first, _Sentinel __last, difference_type __n) {
std::__debug_db_invalidate_all(this); std::__debug_db_invalidate_all(this);
} }
template <class _Tp, class _Allocator> template <class _Tp, class _Allocator>
_LIBCPP_CONSTEXPR_SINCE_CXX20 _LIBCPP_CONSTEXPR_SINCE_CXX20
void void
vector<_Tp, _Allocator>::assign(size_type __n, const_reference __u) vector<_Tp, _Allocator>::assign(size_type __n, const_reference __u)
{ {
// TODO: _LIBCPP_ASSERT_CHECK_OVERLAPPING_RANGES(
// begin(), end(), __make_iter(__u), __make_iter(__u) + 1, "vector::assign");
if (__n <= capacity()) if (__n <= capacity())
{ {
size_type __s = size(); size_type __s = size();
std::fill_n(this->__begin_, std::min(__n, __s), __u); std::fill_n(this->__begin_, std::min(__n, __s), __u);
if (__n > __s) if (__n > __s)
__construct_at_end(__n - __s, __u); __construct_at_end(__n - __s, __u);
else else
this->__destruct_at_end(this->__begin_ + __n); this->__destruct_at_end(this->__begin_ + __n);
▲ Show 20 LinesShow All 45 Lines▼ Show 20 Lines
template <class _Tp, class _Allocator> template <class _Tp, class _Allocator>
_LIBCPP_CONSTEXPR_SINCE_CXX20 _LIBCPP_CONSTEXPR_SINCE_CXX20
inline _LIBCPP_HIDE_FROM_ABI inline _LIBCPP_HIDE_FROM_ABI
typename vector<_Tp, _Allocator>::reference typename vector<_Tp, _Allocator>::reference
vector<_Tp, _Allocator>::operator[](size_type __n) _NOEXCEPT vector<_Tp, _Allocator>::operator[](size_type __n) _NOEXCEPT
{ {
_LIBCPP_ASSERT(__n < size(), "vector[] index out of bounds"); _LIBCPP_ASSERT(__n < size(), "vector[] index out of bounds");
//_LIBCPP_ASSERT_CHECK_VALID_CONTAINER_ACCESS(__n < size(), "vector::operator[]");
return this->__begin_[__n]; return this->__begin_[__n];
} }
template <class _Tp, class _Allocator> template <class _Tp, class _Allocator>
_LIBCPP_CONSTEXPR_SINCE_CXX20 _LIBCPP_CONSTEXPR_SINCE_CXX20
inline _LIBCPP_HIDE_FROM_ABI inline _LIBCPP_HIDE_FROM_ABI
typename vector<_Tp, _Allocator>::const_reference typename vector<_Tp, _Allocator>::const_reference
vector<_Tp, _Allocator>::operator[](size_type __n) const _NOEXCEPT vector<_Tp, _Allocator>::operator[](size_type __n) const _NOEXCEPT
{ {
_LIBCPP_ASSERT(__n < size(), "vector[] index out of bounds"); _LIBCPP_ASSERT(__n < size(), "vector[] index out of bounds");
//_LIBCPP_ASSERT_CHECK_VALID_CONTAINER_ACCESS(__n < size(), "vector::operator[]");
return this->__begin_[__n]; return this->__begin_[__n];
} }
template <class _Tp, class _Allocator> template <class _Tp, class _Allocator>
_LIBCPP_CONSTEXPR_SINCE_CXX20 _LIBCPP_CONSTEXPR_SINCE_CXX20
typename vector<_Tp, _Allocator>::reference typename vector<_Tp, _Allocator>::reference
vector<_Tp, _Allocator>::at(size_type __n) vector<_Tp, _Allocator>::at(size_type __n)
{ {
▲ Show 20 LinesShow All 130 Lines▼ Show 20 Lines
template <class _Tp, class _Allocator> template <class _Tp, class _Allocator>
_LIBCPP_CONSTEXPR_SINCE_CXX20 _LIBCPP_CONSTEXPR_SINCE_CXX20
inline inline
void void
vector<_Tp, _Allocator>::pop_back() vector<_Tp, _Allocator>::pop_back()
{ {
_LIBCPP_ASSERT(!empty(), "vector::pop_back called on an empty vector"); _LIBCPP_ASSERT(!empty(), "vector::pop_back called on an empty vector");
//_LIBCPP_ASSERT_CHECK_VALID_CONTAINER_ACCESS(!empty(), "vector::pop_back()");
this->__destruct_at_end(this->__end_ - 1); this->__destruct_at_end(this->__end_ - 1);
} }
template <class _Tp, class _Allocator> template <class _Tp, class _Allocator>
_LIBCPP_CONSTEXPR_SINCE_CXX20 _LIBCPP_CONSTEXPR_SINCE_CXX20
inline _LIBCPP_HIDE_FROM_ABI inline _LIBCPP_HIDE_FROM_ABI
typename vector<_Tp, _Allocator>::iterator typename vector<_Tp, _Allocator>::iterator
vector<_Tp, _Allocator>::erase(const_iterator __position) vector<_Tp, _Allocator>::erase(const_iterator __position)
{ {
_LIBCPP_DEBUG_ASSERT(__get_const_db()->__find_c_from_i(std::addressof(__position)) == this, _LIBCPP_DEBUG_ASSERT(__get_const_db()->__find_c_from_i(std::addressof(__position)) == this,
"vector::erase(iterator) called with an iterator not referring to this vector"); "vector::erase(iterator) called with an iterator not referring to this vector");
_LIBCPP_ASSERT(__position != end(), _LIBCPP_ASSERT(__position != end(),
"vector::erase(iterator) called with a non-dereferenceable iterator"); "vector::erase(iterator) called with a non-dereferenceable iterator");
//_LIBCPP_ASSERT_CHECK_VALID_CONTAINER_ACCESS(__position < end(), "vector::erase(Iter)");
//_LIBCPP_ASSERT_CHECK_FOREIGN_ITERATOR(*this, __position, "vector::erase(Iter)");
difference_type __ps = __position - cbegin(); difference_type __ps = __position - cbegin();
pointer __p = this->__begin_ + __ps; pointer __p = this->__begin_ + __ps;
this->__destruct_at_end(std::move(__p + 1, this->__end_, __p)); this->__destruct_at_end(std::move(__p + 1, this->__end_, __p));
if (!__libcpp_is_constant_evaluated()) if (!__libcpp_is_constant_evaluated())
this->__invalidate_iterators_past(__p - 1); this->__invalidate_iterators_past(__p - 1);
return __make_iter(__p); return __make_iter(__p);
} }
template <class _Tp, class _Allocator> template <class _Tp, class _Allocator>
_LIBCPP_CONSTEXPR_SINCE_CXX20 _LIBCPP_CONSTEXPR_SINCE_CXX20
typename vector<_Tp, _Allocator>::iterator typename vector<_Tp, _Allocator>::iterator
vector<_Tp, _Allocator>::erase(const_iterator __first, const_iterator __last) vector<_Tp, _Allocator>::erase(const_iterator __first, const_iterator __last)
{ {
_LIBCPP_DEBUG_ASSERT(__get_const_db()->__find_c_from_i(std::addressof(__first)) == this, _LIBCPP_DEBUG_ASSERT(__get_const_db()->__find_c_from_i(std::addressof(__first)) == this,
"vector::erase(iterator, iterator) called with an iterator not referring to this vector"); "vector::erase(iterator, iterator) called with an iterator not referring to this vector");
_LIBCPP_DEBUG_ASSERT(__get_const_db()->__find_c_from_i(std::addressof(__last)) == this, _LIBCPP_DEBUG_ASSERT(__get_const_db()->__find_c_from_i(std::addressof(__last)) == this,
"vector::erase(iterator, iterator) called with an iterator not referring to this vector"); "vector::erase(iterator, iterator) called with an iterator not referring to this vector");
_LIBCPP_ASSERT(__first <= __last, "vector::erase(first, last) called with invalid range"); _LIBCPP_ASSERT(__first <= __last, "vector::erase(first, last) called with invalid range");
//_LIBCPP_ASSERT_CHECK_VALID_RANGE(__first, __last, "vector::erase(Iter, Iter)");
//_LIBCPP_ASSERT_CHECK_FOREIGN_ITERATOR(*this, __first, "vector::erase(Iter, Iter)");
pointer __p = this->__begin_ + (__first - begin()); pointer __p = this->__begin_ + (__first - begin());
if (__first != __last) { if (__first != __last) {
this->__destruct_at_end(std::move(__p + (__last - __first), this->__end_, __p)); this->__destruct_at_end(std::move(__p + (__last - __first), this->__end_, __p));
if (!__libcpp_is_constant_evaluated()) if (!__libcpp_is_constant_evaluated())
this->__invalidate_iterators_past(__p - 1); this->__invalidate_iterators_past(__p - 1);
} }
return __make_iter(__p); return __make_iter(__p);
} }
Show All 20 Lines
template <class _Tp, class _Allocator> template <class _Tp, class _Allocator>
_LIBCPP_CONSTEXPR_SINCE_CXX20 _LIBCPP_CONSTEXPR_SINCE_CXX20
typename vector<_Tp, _Allocator>::iterator typename vector<_Tp, _Allocator>::iterator
vector<_Tp, _Allocator>::insert(const_iterator __position, const_reference __x) vector<_Tp, _Allocator>::insert(const_iterator __position, const_reference __x)
{ {
_LIBCPP_DEBUG_ASSERT(__get_const_db()->__find_c_from_i(std::addressof(__position)) == this, _LIBCPP_DEBUG_ASSERT(__get_const_db()->__find_c_from_i(std::addressof(__position)) == this,
"vector::insert(iterator, x) called with an iterator not referring to this vector"); "vector::insert(iterator, x) called with an iterator not referring to this vector");
//_LIBCPP_ASSERT_CHECK_FOREIGN_ITERATOR(this, __position, "vector::insert(const_iterator, const_reference)");
pointer __p = this->__begin_ + (__position - begin()); pointer __p = this->__begin_ + (__position - begin());
// We can't compare unrelated pointers inside constant expressions // We can't compare unrelated pointers inside constant expressions
if (!__libcpp_is_constant_evaluated() && this->__end_ < this->__end_cap()) if (!__libcpp_is_constant_evaluated() && this->__end_ < this->__end_cap())
{ {
if (__p == this->__end_) if (__p == this->__end_)
{ {
__construct_one_at_end(__x); __construct_one_at_end(__x);
} }
Show All 18 Lines
template <class _Tp, class _Allocator> template <class _Tp, class _Allocator>
_LIBCPP_CONSTEXPR_SINCE_CXX20 _LIBCPP_CONSTEXPR_SINCE_CXX20
typename vector<_Tp, _Allocator>::iterator typename vector<_Tp, _Allocator>::iterator
vector<_Tp, _Allocator>::insert(const_iterator __position, value_type&& __x) vector<_Tp, _Allocator>::insert(const_iterator __position, value_type&& __x)
{ {
_LIBCPP_DEBUG_ASSERT(__get_const_db()->__find_c_from_i(std::addressof(__position)) == this, _LIBCPP_DEBUG_ASSERT(__get_const_db()->__find_c_from_i(std::addressof(__position)) == this,
"vector::insert(iterator, x) called with an iterator not referring to this vector"); "vector::insert(iterator, x) called with an iterator not referring to this vector");
//_LIBCPP_ASSERT_CHECK_FOREIGN_ITERATOR(this, __position, "vector::insert(const_iterator, value_type&&)");
pointer __p = this->__begin_ + (__position - begin()); pointer __p = this->__begin_ + (__position - begin());
if (this->__end_ < this->__end_cap()) if (this->__end_ < this->__end_cap())
{ {
if (__p == this->__end_) if (__p == this->__end_)
{ {
__construct_one_at_end(std::move(__x)); __construct_one_at_end(std::move(__x));
} }
else else
Show All 15 Lines
template <class _Tp, class _Allocator> template <class _Tp, class _Allocator>
template <class... _Args> template <class... _Args>
_LIBCPP_CONSTEXPR_SINCE_CXX20 _LIBCPP_CONSTEXPR_SINCE_CXX20
typename vector<_Tp, _Allocator>::iterator typename vector<_Tp, _Allocator>::iterator
vector<_Tp, _Allocator>::emplace(const_iterator __position, _Args&&... __args) vector<_Tp, _Allocator>::emplace(const_iterator __position, _Args&&... __args)
{ {
_LIBCPP_DEBUG_ASSERT(__get_const_db()->__find_c_from_i(std::addressof(__position)) == this, _LIBCPP_DEBUG_ASSERT(__get_const_db()->__find_c_from_i(std::addressof(__position)) == this,
"vector::emplace(iterator, x) called with an iterator not referring to this vector"); "vector::emplace(iterator, x) called with an iterator not referring to this vector");
//_LIBCPP_ASSERT_CHECK_FOREIGN_ITERATOR(*this, __position, "vector::emplace(const_iterator, Args&&...)");
pointer __p = this->__begin_ + (__position - begin()); pointer __p = this->__begin_ + (__position - begin());
if (this->__end_ < this->__end_cap()) if (this->__end_ < this->__end_cap())
{ {
if (__p == this->__end_) if (__p == this->__end_)
{ {
__construct_one_at_end(std::forward<_Args>(__args)...); __construct_one_at_end(std::forward<_Args>(__args)...);
} }
else else
Show All 15 Lines
template <class _Tp, class _Allocator> template <class _Tp, class _Allocator>
_LIBCPP_CONSTEXPR_SINCE_CXX20 _LIBCPP_CONSTEXPR_SINCE_CXX20
typename vector<_Tp, _Allocator>::iterator typename vector<_Tp, _Allocator>::iterator
vector<_Tp, _Allocator>::insert(const_iterator __position, size_type __n, const_reference __x) vector<_Tp, _Allocator>::insert(const_iterator __position, size_type __n, const_reference __x)
{ {
_LIBCPP_DEBUG_ASSERT(__get_const_db()->__find_c_from_i(std::addressof(__position)) == this, _LIBCPP_DEBUG_ASSERT(__get_const_db()->__find_c_from_i(std::addressof(__position)) == this,
"vector::insert(iterator, n, x) called with an iterator not referring to this vector"); "vector::insert(iterator, n, x) called with an iterator not referring to this vector");
//_LIBCPP_ASSERT_CHECK_FOREIGN_ITERATOR(
//*this, __position, "vector::insert(const_iterator, size_type, const_reference)");
pointer __p = this->__begin_ + (__position - begin()); pointer __p = this->__begin_ + (__position - begin());
if (__n > 0) if (__n > 0)
{ {
// We can't compare unrelated pointers inside constant expressions // We can't compare unrelated pointers inside constant expressions
if (!__libcpp_is_constant_evaluated() && __n <= static_cast<size_type>(this->__end_cap() - this->__end_)) if (!__libcpp_is_constant_evaluated() && __n <= static_cast<size_type>(this->__end_cap() - this->__end_))
{ {
size_type __old_n = __n; size_type __old_n = __n;
pointer __old_last = this->__end_; pointer __old_last = this->__end_;
Show All 24 Lines
} }
template <class _Tp, class _Allocator> template <class _Tp, class _Allocator>
template <class _InputIterator, __enable_if_t<__has_exactly_input_iterator_category<_InputIterator>::value && template <class _InputIterator, __enable_if_t<__has_exactly_input_iterator_category<_InputIterator>::value &&
is_constructible<_Tp, typename iterator_traits<_InputIterator>::reference>::value, is_constructible<_Tp, typename iterator_traits<_InputIterator>::reference>::value,
int> > int> >
_LIBCPP_CONSTEXPR_SINCE_CXX20 typename vector<_Tp, _Allocator>::iterator _LIBCPP_CONSTEXPR_SINCE_CXX20 typename vector<_Tp, _Allocator>::iterator
vector<_Tp, _Allocator>::insert(const_iterator __position, _InputIterator __first, _InputIterator __last) vector<_Tp, _Allocator>::insert(const_iterator __position, _InputIterator __first, _InputIterator __last)
{ {
//_LIBCPP_ASSERT_CHECK_VALID_RANGE(__first, __last, "vector::insert(const_iterator, Iter, Iter)");
//_LIBCPP_ASSERT_CHECK_FOREIGN_ITERATOR(*this, __position, "vector::insert(const_iterator, Iter, Iter)");
return __insert_with_sentinel(__position, __first, __last); return __insert_with_sentinel(__position, __first, __last);
} }
template <class _Tp, class _Allocator> template <class _Tp, class _Allocator>
template <class _InputIterator, class _Sentinel> template <class _InputIterator, class _Sentinel>
_LIBCPP_CONSTEXPR_SINCE_CXX20 _LIBCPP_HIDE_FROM_ABI _LIBCPP_CONSTEXPR_SINCE_CXX20 _LIBCPP_HIDE_FROM_ABI
typename vector<_Tp, _Allocator>::iterator typename vector<_Tp, _Allocator>::iterator
vector<_Tp, _Allocator>::__insert_with_sentinel(const_iterator __position, _InputIterator __first, _Sentinel __last) { vector<_Tp, _Allocator>::__insert_with_sentinel(const_iterator __position, _InputIterator __first, _Sentinel __last) {
Show All 38 Lines
template <class _Tp, class _Allocator> template <class _Tp, class _Allocator>
template <class _ForwardIterator, __enable_if_t<__has_forward_iterator_category<_ForwardIterator>::value && template <class _ForwardIterator, __enable_if_t<__has_forward_iterator_category<_ForwardIterator>::value &&
is_constructible<_Tp, typename iterator_traits<_ForwardIterator>::reference>::value, is_constructible<_Tp, typename iterator_traits<_ForwardIterator>::reference>::value,
int> > int> >
_LIBCPP_CONSTEXPR_SINCE_CXX20 typename vector<_Tp, _Allocator>::iterator _LIBCPP_CONSTEXPR_SINCE_CXX20 typename vector<_Tp, _Allocator>::iterator
vector<_Tp, _Allocator>::insert(const_iterator __position, _ForwardIterator __first, _ForwardIterator __last) vector<_Tp, _Allocator>::insert(const_iterator __position, _ForwardIterator __first, _ForwardIterator __last)
{ {
//_LIBCPP_ASSERT_CHECK_VALID_RANGE(__first, __last, "vector::insert(const_iterator, Iter, Iter)");
//_LIBCPP_ASSERT_CHECK_FOREIGN_ITERATOR(this, __position, "vector::insert(const_iterator, Iter, Iter)");
return __insert_with_size(__position, __first, __last, std::distance(__first, __last)); return __insert_with_size(__position, __first, __last, std::distance(__first, __last));
} }
template <class _Tp, class _Allocator> template <class _Tp, class _Allocator>
template <class _Iterator, class _Sentinel> template <class _Iterator, class _Sentinel>
_LIBCPP_CONSTEXPR_SINCE_CXX20 _LIBCPP_HIDE_FROM_ABI _LIBCPP_CONSTEXPR_SINCE_CXX20 _LIBCPP_HIDE_FROM_ABI
typename vector<_Tp, _Allocator>::iterator typename vector<_Tp, _Allocator>::iterator
vector<_Tp, _Allocator>::__insert_with_size(const_iterator __position, _Iterator __first, _Sentinel __last, vector<_Tp, _Allocator>::__insert_with_size(const_iterator __position, _Iterator __first, _Sentinel __last,
▲ Show 20 LinesShow All 1,584 LinesShow Last 20 Lines

libcxx/test/libcxx/algorithms/nth_element_stability.pass.cpp

//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// //
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
// See https://llvm.org/LICENSE.txt for license information. // See https://llvm.org/LICENSE.txt for license information.
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
// //
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// <algorithm> // <algorithm>
// Test std::nth_element stability randomization // Test std::nth_element stability randomization
// UNSUPPORTED: c++03 // UNSUPPORTED: c++03
// ADDITIONAL_COMPILE_FLAGS: -D_LIBCPP_DEBUG_RANDOMIZE_UNSPECIFIED_STABILITY // ADDITIONAL_COMPILE_FLAGS: -D_LIBCPP_ASSERTIONS_ENABLE_FEATURE_RANDOMIZE_UNSPECIFIED_BEHAVIOR
#include <algorithm> #include <algorithm>
#include <array> #include <array>
#include <cassert> #include <cassert>
#include <functional> #include <functional>
#include <iterator> #include <iterator>
#include <vector> #include <vector>
▲ Show 20 LinesShow All 79 LinesShow Last 20 Lines

libcxx/test/libcxx/algorithms/partial_sort_stability.pass.cpp

//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// //
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
// See https://llvm.org/LICENSE.txt for license information. // See https://llvm.org/LICENSE.txt for license information.
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
// //
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// <algorithm> // <algorithm>
// Test std::partial_sort stability randomization // Test std::partial_sort stability randomization
// UNSUPPORTED: c++03 // UNSUPPORTED: c++03
// ADDITIONAL_COMPILE_FLAGS: -D_LIBCPP_DEBUG_RANDOMIZE_UNSPECIFIED_STABILITY // ADDITIONAL_COMPILE_FLAGS: -D_LIBCPP_ASSERTIONS_ENABLE_FEATURE_RANDOMIZE_UNSPECIFIED_BEHAVIOR
#include <algorithm> #include <algorithm>
#include <array> #include <array>
#include <cassert> #include <cassert>
#include <functional> #include <functional>
#include <iterator> #include <iterator>
#include <vector> #include <vector>
▲ Show 20 LinesShow All 80 LinesShow Last 20 Lines

libcxx/test/libcxx/algorithms/sort_stability.pass.cpp

//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// //
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
// See https://llvm.org/LICENSE.txt for license information. // See https://llvm.org/LICENSE.txt for license information.
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
// //
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// <algorithm> // <algorithm>
// Test std::sort stability randomization // Test std::sort stability randomization
// UNSUPPORTED: c++03 // UNSUPPORTED: c++03
// ADDITIONAL_COMPILE_FLAGS: -D_LIBCPP_DEBUG_RANDOMIZE_UNSPECIFIED_STABILITY // ADDITIONAL_COMPILE_FLAGS: -D_LIBCPP_ASSERTIONS_ENABLE_FEATURE_RANDOMIZE_UNSPECIFIED_BEHAVIOR
#include <algorithm> #include <algorithm>
#include <array> #include <array>
#include <cassert> #include <cassert>
#include <functional> #include <functional>
#include <iterator> #include <iterator>
#include <vector> #include <vector>
▲ Show 20 LinesShow All 78 LinesShow Last 20 Lines

libcxx/test/libcxx/assertions/hardening/debug_mode.pass.cpp

  • This file was added.
//===----------------------------------------------------------------------===//
//
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
// See https://llvm.org/LICENSE.txt for license information.
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
//
//===----------------------------------------------------------------------===//
// Test that enabling debug mode turns on the expected categories of checks.
// ADDITIONAL_COMPILE_FLAGS: -D_LIBCPP_ENABLE_NEW_DEBUG_MODE=1
#include <__hardening>
#include <cassert>
#include "check_assertion.h"
int main(int, char**) {
int a[] = {1, 2, 3};
TEST_LIBCPP_ASSERT_FAILURE([&] {
_LIBCPP_ASSERT_CHECK_VALID_RANGE(a, a + 3, "Valid range");
_LIBCPP_ASSERT_CHECK_VALID_RANGE(a + 3, a, "Invalid range");
}(), "Invalid range");
TEST_LIBCPP_ASSERT_FAILURE([] {
_LIBCPP_ASSERT_CHECK_BAD_CONTAINER_ACCESS(true, "Good container access");
_LIBCPP_ASSERT_CHECK_BAD_CONTAINER_ACCESS(false, "Bad container access");
}(), "Bad container access");
return 0;
}

libcxx/test/libcxx/assertions/hardening/debug_mode_assertions_disabled.pass.cpp

  • This file was added.
//===----------------------------------------------------------------------===//
//
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
// See https://llvm.org/LICENSE.txt for license information.
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
//
//===----------------------------------------------------------------------===//
// Test that it's possible to disable assertions even when debug mode is enabled.
// ADDITIONAL_COMPILE_FLAGS: -Wno-macro-redefined -D_LIBCPP_ENABLE_ASSERTIONS=0 -D_LIBCPP_ENABLE_NEW_DEBUG_MODE=1
#include <cassert>
bool executed_condition = false;
bool f() { executed_condition = true; return false; }
int main(int, char**) {
_LIBCPP_ASSERT(f(), "message"); // should not execute anything
assert(!executed_condition); // really make sure we did not execute anything at all
return 0;
}

libcxx/test/libcxx/assertions/hardening/hardened_mode.pass.cpp

  • This file was added.
//===----------------------------------------------------------------------===//
//
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
// See https://llvm.org/LICENSE.txt for license information.
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
//
//===----------------------------------------------------------------------===//
// Test that enabling hardened mode turns on the expected categories of checks.
// ADDITIONAL_COMPILE_FLAGS: -D_LIBCPP_ENABLE_HARDENED_MODE=1
#include <__hardening>
#include <cassert>
#include "check_assertion.h"
int main(int, char**) {
int a[] = {1, 2, 3};
TEST_LIBCPP_ASSERT_FAILURE([&] {
_LIBCPP_ASSERT_CHECK_VALID_RANGE(a, a + 3, "Valid range");
_LIBCPP_ASSERT_CHECK_VALID_RANGE(a + 3, a, "Invalid range");
}(), "Invalid range");
TEST_LIBCPP_ASSERT_FAILURE([] {
_LIBCPP_ASSERT_CHECK_BAD_CONTAINER_ACCESS(true, "Good container access");
_LIBCPP_ASSERT_CHECK_BAD_CONTAINER_ACCESS(false, "Bad container access");
}(), "Bad container access");
return 0;
}

libcxx/test/libcxx/assertions/hardening/hardened_mode_assertions_disabled.pass.cpp

  • This file was added.
//===----------------------------------------------------------------------===//
//
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
// See https://llvm.org/LICENSE.txt for license information.
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
//
//===----------------------------------------------------------------------===//
// Test that it's possible to disable assertions even when hardened mode is enabled.
// ADDITIONAL_COMPILE_FLAGS: -Wno-macro-redefined -D_LIBCPP_ENABLE_ASSERTIONS=0 -D_LIBCPP_ENABLE_HARDENED_MODE=1
#include <cassert>
bool executed_condition = false;
bool f() { executed_condition = true; return false; }
int main(int, char**) {
_LIBCPP_ASSERT(f(), "message"); // should not execute anything
assert(!executed_condition); // really make sure we did not execute anything at all
return 0;
}

libcxx/test/libcxx/containers/views/views.span/span.cons/assert.iter_sent.pass.cpp

Show All 14 Lines
// //
// //
// constexpr span<T, dynamic_extent>::span(Iterator it, Sentinel sent); // constexpr span<T, dynamic_extent>::span(Iterator it, Sentinel sent);
// //
// Check that we ensure that `[it, sent)` is a valid range. // Check that we ensure that `[it, sent)` is a valid range.
// REQUIRES: has-unix-headers // REQUIRES: has-unix-headers
// XFAIL: availability-verbose_abort-missing // XFAIL: availability-verbose_abort-missing
// ADDITIONAL_COMPILE_FLAGS: -D_LIBCPP_ENABLE_ASSERTIONS=1 // ADDITIONAL_COMPILE_FLAGS: -D_LIBCPP_ENABLE_HARDENED_MODE=1
#include <array> #include <array>
#include <span> #include <span>
#include "check_assertion.h" #include "check_assertion.h"
int main(int, char**) { int main(int, char**) {
{ {
Show All 17 Lines

libcxx/test/libcxx/containers/views/views.span/span.cons/assert.iter_size.pass.cpp

Show All 11 Lines
// constexpr span<T, Extent>::span(Iterator, size_type); // constexpr span<T, Extent>::span(Iterator, size_type);
// //
// Check that the passed size is equal to the statically known extent. // Check that the passed size is equal to the statically known extent.
// Note that it doesn't make sense to validate the incoming size in the // Note that it doesn't make sense to validate the incoming size in the
// dynamic_extent version. // dynamic_extent version.
// REQUIRES: has-unix-headers // REQUIRES: has-unix-headers
// XFAIL: availability-verbose_abort-missing // XFAIL: availability-verbose_abort-missing
// ADDITIONAL_COMPILE_FLAGS: -D_LIBCPP_ENABLE_ASSERTIONS=1 // ADDITIONAL_COMPILE_FLAGS: -D_LIBCPP_ENABLE_HARDENED_MODE=1
#include <array> #include <array>
#include <span> #include <span>
#include "check_assertion.h" #include "check_assertion.h"
int main(int, char**) { int main(int, char**) {
std::array<int, 3> array{0, 1, 2}; std::array<int, 3> array{0, 1, 2};
Show All 9 Lines

libcxx/test/libcxx/containers/views/views.span/span.cons/assert.other_span.pass.cpp

Show All 9 Lines
// <span> // <span>
// //
// constexpr span<T, Extent>::span(const span<U, dynamic_extent>& other); // constexpr span<T, Extent>::span(const span<U, dynamic_extent>& other);
// //
// Check that we ensure `other.size() == Extent`. // Check that we ensure `other.size() == Extent`.
// REQUIRES: has-unix-headers // REQUIRES: has-unix-headers
// XFAIL: availability-verbose_abort-missing // XFAIL: availability-verbose_abort-missing
// ADDITIONAL_COMPILE_FLAGS: -D_LIBCPP_ENABLE_ASSERTIONS=1 // ADDITIONAL_COMPILE_FLAGS: -D_LIBCPP_ENABLE_HARDENED_MODE=1
#include <array> #include <array>
#include <span> #include <span>
#include "check_assertion.h" #include "check_assertion.h"
int main(int, char**) { int main(int, char**) {
std::array<int, 3> array{0, 1, 2}; std::array<int, 3> array{0, 1, 2};
std::span<int> other(array.data(), 3); std::span<int> other(array.data(), 3);
auto invalid_source = [&] { std::span<int, 2> const s(other); (void)s; }; auto invalid_source = [&] { std::span<int, 2> const s(other); (void)s; };
TEST_LIBCPP_ASSERT_FAILURE(invalid_source(), "size mismatch in span's constructor (other span)"); TEST_LIBCPP_ASSERT_FAILURE(invalid_source(), "size mismatch in span's constructor (other span)");
return 0; return 0;
} }

libcxx/test/libcxx/containers/views/views.span/span.cons/assert.range.pass.cpp

Show All 9 Lines
// <span> // <span>
// //
// constexpr span<T, Extent>::span(Range&& r); // constexpr span<T, Extent>::span(Range&& r);
// //
// Check that we ensure `size(r) == Extent`. // Check that we ensure `size(r) == Extent`.
// REQUIRES: has-unix-headers // REQUIRES: has-unix-headers
// XFAIL: availability-verbose_abort-missing // XFAIL: availability-verbose_abort-missing
// ADDITIONAL_COMPILE_FLAGS: -D_LIBCPP_ENABLE_ASSERTIONS=1 // ADDITIONAL_COMPILE_FLAGS: -D_LIBCPP_ENABLE_HARDENED_MODE=1
#include <span> #include <span>
#include <vector> #include <vector>
#include "check_assertion.h" #include "check_assertion.h"
int main(int, char**) { int main(int, char**) {
std::vector<int> vec{0, 1, 2}; // must use std::vector instead of std::array, because std::span has a special constructor from std::array std::vector<int> vec{0, 1, 2}; // must use std::vector instead of std::array, because std::span has a special constructor from std::array
auto invalid_size = [&] { std::span<int, 2> const s(vec); (void)s; }; auto invalid_size = [&] { std::span<int, 2> const s(vec); (void)s; };
TEST_LIBCPP_ASSERT_FAILURE(invalid_size(), "size mismatch in span's constructor (range)"); TEST_LIBCPP_ASSERT_FAILURE(invalid_size(), "size mismatch in span's constructor (range)");
return 0; return 0;
} }

libcxx/test/libcxx/containers/views/views.span/span.elem/assert.back.pass.cpp

Show All 9 Lines
// <span> // <span>
// //
// constexpr reference back() const noexcept; // constexpr reference back() const noexcept;
// Make sure that accessing a span out-of-bounds triggers an assertion. // Make sure that accessing a span out-of-bounds triggers an assertion.
// REQUIRES: has-unix-headers // REQUIRES: has-unix-headers
// XFAIL: availability-verbose_abort-missing // XFAIL: availability-verbose_abort-missing
// ADDITIONAL_COMPILE_FLAGS: -D_LIBCPP_ENABLE_ASSERTIONS=1 // ADDITIONAL_COMPILE_FLAGS: -D_LIBCPP_ENABLE_HARDENED_MODE=1
#include <array> #include <array>
#include <span> #include <span>
#include "check_assertion.h" #include "check_assertion.h"
int main(int, char**) { int main(int, char**) {
{ {
Show All 13 Lines

libcxx/test/libcxx/containers/views/views.span/span.elem/assert.front.pass.cpp

Show All 9 Lines
// <span> // <span>
// //
// constexpr reference front() const noexcept; // constexpr reference front() const noexcept;
// Make sure that accessing a span out-of-bounds triggers an assertion. // Make sure that accessing a span out-of-bounds triggers an assertion.
// REQUIRES: has-unix-headers // REQUIRES: has-unix-headers
// XFAIL: availability-verbose_abort-missing // XFAIL: availability-verbose_abort-missing
// ADDITIONAL_COMPILE_FLAGS: -D_LIBCPP_ENABLE_ASSERTIONS=1 // ADDITIONAL_COMPILE_FLAGS: -D_LIBCPP_ENABLE_HARDENED_MODE=1
#include <array> #include <array>
#include <span> #include <span>
#include "check_assertion.h" #include "check_assertion.h"
int main(int, char**) { int main(int, char**) {
{ {
Show All 13 Lines

libcxx/test/libcxx/containers/views/views.span/span.elem/assert.op_idx.pass.cpp

Show All 9 Lines
// <span> // <span>
// //
// constexpr reference operator[](size_type idx) const; // constexpr reference operator[](size_type idx) const;
// Make sure that accessing a span out-of-bounds triggers an assertion. // Make sure that accessing a span out-of-bounds triggers an assertion.
// REQUIRES: has-unix-headers // REQUIRES: has-unix-headers
// XFAIL: availability-verbose_abort-missing // XFAIL: availability-verbose_abort-missing
// ADDITIONAL_COMPILE_FLAGS: -D_LIBCPP_ENABLE_ASSERTIONS=1 // ADDITIONAL_COMPILE_FLAGS: -D_LIBCPP_ENABLE_HARDENED_MODE=1
#include <array> #include <array>
#include <span> #include <span>
#include "check_assertion.h" #include "check_assertion.h"
int main(int, char**) { int main(int, char**) {
{ {
Show All 13 Lines

libcxx/test/libcxx/containers/views/views.span/span.sub/assert.first.pass.cpp

Show All 9 Lines
// <span> // <span>
// //
// constexpr span<element_type, dynamic_extent> first(size_type count) const; // constexpr span<element_type, dynamic_extent> first(size_type count) const;
// Make sure that creating a sub-span with an incorrect number of elements triggers an assertion. // Make sure that creating a sub-span with an incorrect number of elements triggers an assertion.
// REQUIRES: has-unix-headers // REQUIRES: has-unix-headers
// XFAIL: availability-verbose_abort-missing // XFAIL: availability-verbose_abort-missing
// ADDITIONAL_COMPILE_FLAGS: -D_LIBCPP_ENABLE_ASSERTIONS=1 // ADDITIONAL_COMPILE_FLAGS: -D_LIBCPP_ENABLE_HARDENED_MODE=1
#include <array> #include <array>
#include <span> #include <span>
#include "check_assertion.h" #include "check_assertion.h"
int main(int, char**) { int main(int, char**) {
{ {
Show All 14 Lines

libcxx/test/libcxx/containers/views/views.span/span.sub/assert.last.pass.cpp

Show All 9 Lines
// <span> // <span>
// //
// constexpr span<element_type, dynamic_extent> last(size_type count) const; // constexpr span<element_type, dynamic_extent> last(size_type count) const;
// Make sure that creating a sub-span with an incorrect number of elements triggers an assertion. // Make sure that creating a sub-span with an incorrect number of elements triggers an assertion.
// REQUIRES: has-unix-headers // REQUIRES: has-unix-headers
// XFAIL: availability-verbose_abort-missing // XFAIL: availability-verbose_abort-missing
// ADDITIONAL_COMPILE_FLAGS: -D_LIBCPP_ENABLE_ASSERTIONS=1 // ADDITIONAL_COMPILE_FLAGS: -D_LIBCPP_ENABLE_HARDENED_MODE=1
#include <array> #include <array>
#include <span> #include <span>
#include "check_assertion.h" #include "check_assertion.h"
int main(int, char**) { int main(int, char**) {
{ {
Show All 14 Lines

libcxx/test/libcxx/containers/views/views.span/span.sub/assert.subspan.pass.cpp

Show All 17 Lines
// size_type offset, size_type count = dynamic_extent) const; // size_type offset, size_type count = dynamic_extent) const;
// //
// Requires: offset <= size() && (count == dynamic_extent || count <= size() - offset) // Requires: offset <= size() && (count == dynamic_extent || count <= size() - offset)
// Make sure that creating a sub-span with an incorrect number of elements triggers an assertion. // Make sure that creating a sub-span with an incorrect number of elements triggers an assertion.
// REQUIRES: has-unix-headers // REQUIRES: has-unix-headers
// XFAIL: availability-verbose_abort-missing // XFAIL: availability-verbose_abort-missing
// ADDITIONAL_COMPILE_FLAGS: -D_LIBCPP_ENABLE_ASSERTIONS=1 // ADDITIONAL_COMPILE_FLAGS: -D_LIBCPP_ENABLE_HARDENED_MODE=1
#include <array> #include <array>
#include <span> #include <span>
#include <cstddef> #include <cstddef>
#include "check_assertion.h" #include "check_assertion.h"
int main(int, char**) { int main(int, char**) {
Show All 27 Lines

libcxx/test/std/containers/views/views.span/span.cons/iterator_sentinel.pass.cpp

Show First 20 LinesShow All 108 Lines▼ Show 20 Linespublic:
} }
friend throw_operator_minus operator-(throw_operator_minus x, difference_type n) { friend throw_operator_minus operator-(throw_operator_minus x, difference_type n) {
x -= n; x -= n;
return x; return x;
} }
friend difference_type operator-(throw_operator_minus, throw_operator_minus) { throw 42; }; friend difference_type operator-(throw_operator_minus, throw_operator_minus) { throw 42; };
friend bool operator==(const throw_operator_minus& x, const throw_operator_minus& y) { return x.it_ == y.it_; } friend bool operator==(const throw_operator_minus& x, const throw_operator_minus& y) { return x.it_ == y.it_; }
friend bool operator<=>(const throw_operator_minus& x, const throw_operator_minus& y) { return x.it_ <=> y.it_; } friend auto operator<=>(const throw_operator_minus& x, const throw_operator_minus& y) { return x.it_ <=> y.it_; }
var-constAuthorUnsubmitted
Done
ReplyInline Actions

Looks like this operator wasn't invoked before.

var-const: Looks like this operator wasn't invoked before.
ldionneUnsubmitted
Done
ReplyInline Actions

Let's land this as a NFC before this patch. Actually, is there a reason for defining it at all if it's not used?

ldionne: Let's land this as a NFC before this patch. Actually, is there a reason for defining it at all…
var-constAuthorUnsubmitted
Done
ReplyInline Actions

Done. It's used by some of the hardening checks.

var-const: Done. It's used by some of the hardening checks.
}; };
template <class It> template <class It>
throw_operator_minus(It) -> throw_operator_minus<It>; throw_operator_minus(It) -> throw_operator_minus<It>;
void test_exceptions() { void test_exceptions() {
std::array a{42}; std::array a{42};
TEST_VALIDATE_EXCEPTION( TEST_VALIDATE_EXCEPTION(
Show All 19 Lines