This is an archive of the discontinued LLVM Phabricator instance.

Paths

Table of Contentst

-
libcxx/include/
-
include/
2/2
string

Differential D88849

[libc++] Make sure __clear_and_shrink() maintains string invariants
ClosedPublic

Authored by ldionne on Oct 5 2020, 1:18 PM.

Download Raw Diff

Details

Reviewers

tvanslyke
vsk
ldionne

Group Reviewers

Restricted Project

Commits

rG602c193e2aeb: [libc++] Make sure __clear_and_shrink() maintains string invariants

Summary

__clear_and_shrink() was added in D41976, and a test was added alongside
it to make sure that the string invariants were maintained. However, it
appears that the test never ran under UBSan before, which would have
highlighted the fact that it doesn't actually maintain the string
invariants.

Diff Detail

Repository: rG LLVM Github Monorepo

Event Timeline

ldionne created this revision.Oct 5 2020, 1:18 PM

Herald added a project: Restricted Project. · View Herald TranscriptOct 5 2020, 1:18 PM

Herald added a reviewer: Restricted Project. · View Herald Transcript

Herald added subscribers: libcxx-commits, dexonsmith, jkorous. · View Herald Transcript

ldionne requested review of this revision.Oct 5 2020, 1:18 PM

Adding folks who worked on D41976.

Harbormaster completed remote builds in B74058: Diff 296282.Oct 5 2020, 2:10 PM

Looks reasonable to me, but I'm not comfortable lgtm'ing as I know too little about the string ABI.

It's interesting that UBSan flagged the issue. What diagnostic did you see?

libcxx/include/string
3962	__invariants checks that `data()[0] == value_type(0)` -- is this guaranteed to be equal to `value_type()`?

Use value_type() when checking invariants.

ldionne marked an inline comment as done.Oct 5 2020, 3:00 PM

ldionne added inline comments.

libcxx/include/string
3962	It looks to me like the invariants check is the odd one out here, since we use `value_type()` everywhere else.

Harbormaster completed remote builds in B74068: Diff 296307.Oct 5 2020, 4:24 PM

ldionne accepted this revision.Oct 7 2020, 6:16 AM

ldionne marked an inline comment as done.

This revision is now accepted and ready to land.Oct 7 2020, 6:16 AM

Closed by commit rG602c193e2aeb: [libc++] Make sure __clear_and_shrink() maintains string invariants (authored by ldionne). · Explain WhyOct 7 2020, 6:17 AM

This revision was automatically updated to reflect the committed changes.

ldionne added a commit: rG602c193e2aeb: [libc++] Make sure __clear_and_shrink() maintains string invariants.

Revision Contents

Path

Size

libcxx/

include/

string

3 lines

Diff 296655

libcxx/include/string

	Show First 20 Lines • Show All 3,935 Lines • ▼ Show 20 Lines
	basic_string<_CharT, _Traits, _Allocator>::__invariants() const			basic_string<_CharT, _Traits, _Allocator>::__invariants() const
	{			{
	if (size() > capacity())			if (size() > capacity())
	return false;			return false;
	if (capacity() < __min_cap - 1)			if (capacity() < __min_cap - 1)
	return false;			return false;
	if (data() == 0)			if (data() == 0)
	return false;			return false;
	if (data()[size()] != value_type(0))			if (data()[size()] != value_type())
	return false;			return false;
	return true;			return true;
	}			}

	// __clear_and_shrink			// __clear_and_shrink

	template<class _CharT, class _Traits, class _Allocator>			template<class _CharT, class _Traits, class _Allocator>
	inline			inline
	void			void
	basic_string<_CharT, _Traits, _Allocator>::__clear_and_shrink() _NOEXCEPT			basic_string<_CharT, _Traits, _Allocator>::__clear_and_shrink() _NOEXCEPT
	{			{
	clear();			clear();
	if(__is_long())			if(__is_long())
	{			{
	__alloc_traits::deallocate(__alloc(), __get_long_pointer(), capacity() + 1);			__alloc_traits::deallocate(__alloc(), __get_long_pointer(), capacity() + 1);
	__set_long_cap(0);			__set_long_cap(0);
	__set_short_size(0);			__set_short_size(0);
				traits_type::assign(*__get_short_pointer(), value_type());
				vskUnsubmitted Done Reply Inline Actions __invariants checks that `data()[0] == value_type(0)` -- is this guaranteed to be equal to `value_type()`? vsk: __invariants checks that `data()[0] == value_type(0)` -- is this guaranteed to be equal to…
				ldionneAuthorUnsubmitted Done Reply Inline Actions It looks to me like the invariants check is the odd one out here, since we use `value_type()` everywhere else. ldionne: It looks to me like the invariants check is the odd one out here, since we use `value_type()`…
	}			}
	}			}

	// operator==			// operator==

	template<class _CharT, class _Traits, class _Allocator>			template<class _CharT, class _Traits, class _Allocator>
	inline _LIBCPP_INLINE_VISIBILITY			inline _LIBCPP_INLINE_VISIBILITY
	bool			bool
	▲ Show 20 Lines • Show All 540 Lines • Show Last 20 Lines