[libcxx-commits] [libcxx] [libc++][hardening] Categorize more 'valid-element-access' checks. (PR #71620)
via libcxx-commits
libcxx-commits at lists.llvm.org
Fri Dec 15 16:21:21 PST 2023
github-actions[bot] wrote:
<!--LLVM CODE FORMAT COMMENT: {clang-format}-->
:warning: C/C++ code formatter, clang-format found issues in your code. :warning:
<details>
<summary>
You can test this locally with the following command:
</summary>
``````````bash
git-clang-format --diff b3e353d263f9d6ef061f4e6d89619c72a3553002 6460a340d960df30c4ffc8add9ebad3b9e0fbc36 -- libcxx/test/libcxx/iterators/predef.iterators/counted.iterator/assert.pass.cpp libcxx/test/libcxx/iterators/predef.iterators/iterators.common/assert.pass.cpp libcxx/include/__algorithm/ranges_max.h libcxx/include/__algorithm/ranges_min.h libcxx/include/__algorithm/ranges_minmax.h libcxx/include/__algorithm/sample.h libcxx/include/__format/formatter_output.h libcxx/include/__format/parser_std_format_spec.h libcxx/include/__iterator/common_iterator.h libcxx/include/__iterator/counted_iterator.h libcxx/include/__ranges/subrange.h libcxx/include/__ranges/view_interface.h libcxx/include/__utility/is_pointer_in_range.h libcxx/include/experimental/__simd/vec_ext.h libcxx/src/support/ibm/xlocale_zos.cpp libcxx/test/libcxx/algorithms/alg.sorting/assert.min.max.pass.cpp
``````````
</details>
<details>
<summary>
View the diff from clang-format here.
</summary>
``````````diff
diff --git a/libcxx/include/__format/parser_std_format_spec.h b/libcxx/include/__format/parser_std_format_spec.h
index 5ee9df82d5..46018f9963 100644
--- a/libcxx/include/__format/parser_std_format_spec.h
+++ b/libcxx/include/__format/parser_std_format_spec.h
@@ -593,9 +593,10 @@ private:
|| (same_as<_CharT, wchar_t> && sizeof(wchar_t) == 2)
# endif
_LIBCPP_HIDE_FROM_ABI constexpr bool __parse_fill_align(_Iterator& __begin, _Iterator __end, bool __use_range_fill) {
- _LIBCPP_ASSERT_VALID_ELEMENT_ACCESS(__begin != __end,
- "when called with an empty input the function will cause "
- "undefined behavior by evaluating data not in the input");
+ _LIBCPP_ASSERT_VALID_ELEMENT_ACCESS(
+ __begin != __end,
+ "when called with an empty input the function will cause "
+ "undefined behavior by evaluating data not in the input");
__unicode::__code_point_view<_CharT> __view{__begin, __end};
__unicode::__consume_result __consumed = __view.__consume();
if (__consumed.__status != __unicode::__consume_result::__ok)
@@ -625,9 +626,10 @@ private:
template <contiguous_iterator _Iterator>
requires(same_as<_CharT, wchar_t> && sizeof(wchar_t) == 4)
_LIBCPP_HIDE_FROM_ABI constexpr bool __parse_fill_align(_Iterator& __begin, _Iterator __end, bool __use_range_fill) {
- _LIBCPP_ASSERT_VALID_ELEMENT_ACCESS(__begin != __end,
- "when called with an empty input the function will cause "
- "undefined behavior by evaluating data not in the input");
+ _LIBCPP_ASSERT_VALID_ELEMENT_ACCESS(
+ __begin != __end,
+ "when called with an empty input the function will cause "
+ "undefined behavior by evaluating data not in the input");
if (__begin + 1 != __end && __parse_alignment(*(__begin + 1))) {
if (!__unicode::__is_scalar_value(*__begin))
std::__throw_format_error("The fill option contains an invalid value");
@@ -652,9 +654,10 @@ private:
// range-fill and tuple-fill are identical
template <contiguous_iterator _Iterator>
_LIBCPP_HIDE_FROM_ABI constexpr bool __parse_fill_align(_Iterator& __begin, _Iterator __end, bool __use_range_fill) {
- _LIBCPP_ASSERT_VALID_ELEMENT_ACCESS(__begin != __end,
- "when called with an empty input the function will cause "
- "undefined behavior by evaluating data not in the input");
+ _LIBCPP_ASSERT_VALID_ELEMENT_ACCESS(
+ __begin != __end,
+ "when called with an empty input the function will cause "
+ "undefined behavior by evaluating data not in the input");
if (__begin + 1 != __end) {
if (__parse_alignment(*(__begin + 1))) {
__validate_fill_character(*__begin, __use_range_fill);
diff --git a/libcxx/include/__iterator/common_iterator.h b/libcxx/include/__iterator/common_iterator.h
index 06e9fca9b2..5a23c33424 100644
--- a/libcxx/include/__iterator/common_iterator.h
+++ b/libcxx/include/__iterator/common_iterator.h
@@ -74,23 +74,23 @@ public:
_LIBCPP_HIDE_FROM_ABI constexpr common_iterator(_Iter __i) : __hold_(in_place_type<_Iter>, std::move(__i)) {}
_LIBCPP_HIDE_FROM_ABI constexpr common_iterator(_Sent __s) : __hold_(in_place_type<_Sent>, std::move(__s)) {}
- template<class _I2, class _S2>
+ template <class _I2, class _S2>
requires convertible_to<const _I2&, _Iter> && convertible_to<const _S2&, _Sent>
_LIBCPP_HIDE_FROM_ABI constexpr common_iterator(const common_iterator<_I2, _S2>& __other)
- : __hold_([&]() -> variant<_Iter, _Sent> {
- _LIBCPP_ASSERT_VALID_ELEMENT_ACCESS(!__other.__hold_.valueless_by_exception(),
- "Attempted to construct from a valueless common_iterator");
- if (__other.__hold_.index() == 0)
- return variant<_Iter, _Sent>{in_place_index<0>, std::__unchecked_get<0>(__other.__hold_)};
- return variant<_Iter, _Sent>{in_place_index<1>, std::__unchecked_get<1>(__other.__hold_)};
- }()) {}
+ : __hold_([&]() -> variant<_Iter, _Sent> {
+ _LIBCPP_ASSERT_VALID_ELEMENT_ACCESS(
+ !__other.__hold_.valueless_by_exception(), "Attempted to construct from a valueless common_iterator");
+ if (__other.__hold_.index() == 0)
+ return variant<_Iter, _Sent>{in_place_index<0>, std::__unchecked_get<0>(__other.__hold_)};
+ return variant<_Iter, _Sent>{in_place_index<1>, std::__unchecked_get<1>(__other.__hold_)};
+ }()) {}
template<class _I2, class _S2>
requires convertible_to<const _I2&, _Iter> && convertible_to<const _S2&, _Sent> &&
assignable_from<_Iter&, const _I2&> && assignable_from<_Sent&, const _S2&>
_LIBCPP_HIDE_FROM_ABI common_iterator& operator=(const common_iterator<_I2, _S2>& __other) {
- _LIBCPP_ASSERT_VALID_ELEMENT_ACCESS(!__other.__hold_.valueless_by_exception(),
- "Attempted to assign from a valueless common_iterator");
+ _LIBCPP_ASSERT_VALID_ELEMENT_ACCESS(
+ !__other.__hold_.valueless_by_exception(), "Attempted to assign from a valueless common_iterator");
auto __idx = __hold_.index();
auto __other_idx = __other.__hold_.index();
@@ -112,16 +112,16 @@ public:
_LIBCPP_HIDE_FROM_ABI constexpr decltype(auto) operator*()
{
- _LIBCPP_ASSERT_VALID_ELEMENT_ACCESS(std::holds_alternative<_Iter>(__hold_),
- "Attempted to dereference a non-dereferenceable common_iterator");
+ _LIBCPP_ASSERT_VALID_ELEMENT_ACCESS(
+ std::holds_alternative<_Iter>(__hold_), "Attempted to dereference a non-dereferenceable common_iterator");
return *std::__unchecked_get<_Iter>(__hold_);
}
_LIBCPP_HIDE_FROM_ABI constexpr decltype(auto) operator*() const
requires __dereferenceable<const _Iter>
{
- _LIBCPP_ASSERT_VALID_ELEMENT_ACCESS(std::holds_alternative<_Iter>(__hold_),
- "Attempted to dereference a non-dereferenceable common_iterator");
+ _LIBCPP_ASSERT_VALID_ELEMENT_ACCESS(
+ std::holds_alternative<_Iter>(__hold_), "Attempted to dereference a non-dereferenceable common_iterator");
return *std::__unchecked_get<_Iter>(__hold_);
}
@@ -132,8 +132,8 @@ public:
is_reference_v<iter_reference_t<_I2>> ||
constructible_from<iter_value_t<_I2>, iter_reference_t<_I2>>)
{
- _LIBCPP_ASSERT_VALID_ELEMENT_ACCESS(std::holds_alternative<_Iter>(__hold_),
- "Attempted to dereference a non-dereferenceable common_iterator");
+ _LIBCPP_ASSERT_VALID_ELEMENT_ACCESS(
+ std::holds_alternative<_Iter>(__hold_), "Attempted to dereference a non-dereferenceable common_iterator");
if constexpr (is_pointer_v<_Iter> || requires(const _Iter& __i) { __i.operator->(); }) {
return std::__unchecked_get<_Iter>(__hold_);
} else if constexpr (is_reference_v<iter_reference_t<_Iter>>) {
@@ -145,14 +145,14 @@ public:
}
_LIBCPP_HIDE_FROM_ABI common_iterator& operator++() {
- _LIBCPP_ASSERT_VALID_ELEMENT_ACCESS(std::holds_alternative<_Iter>(__hold_),
- "Attempted to increment a non-dereferenceable common_iterator");
+ _LIBCPP_ASSERT_VALID_ELEMENT_ACCESS(
+ std::holds_alternative<_Iter>(__hold_), "Attempted to increment a non-dereferenceable common_iterator");
++std::__unchecked_get<_Iter>(__hold_); return *this;
}
_LIBCPP_HIDE_FROM_ABI decltype(auto) operator++(int) {
- _LIBCPP_ASSERT_VALID_ELEMENT_ACCESS(std::holds_alternative<_Iter>(__hold_),
- "Attempted to increment a non-dereferenceable common_iterator");
+ _LIBCPP_ASSERT_VALID_ELEMENT_ACCESS(
+ std::holds_alternative<_Iter>(__hold_), "Attempted to increment a non-dereferenceable common_iterator");
if constexpr (forward_iterator<_Iter>) {
auto __tmp = *this;
++*this;
@@ -171,10 +171,10 @@ public:
requires sentinel_for<_Sent, _I2>
_LIBCPP_HIDE_FROM_ABI
friend constexpr bool operator==(const common_iterator& __x, const common_iterator<_I2, _S2>& __y) {
- _LIBCPP_ASSERT_VALID_ELEMENT_ACCESS(!__x.__hold_.valueless_by_exception(),
- "Attempted to compare a valueless common_iterator");
- _LIBCPP_ASSERT_VALID_ELEMENT_ACCESS(!__y.__hold_.valueless_by_exception(),
- "Attempted to compare a valueless common_iterator");
+ _LIBCPP_ASSERT_VALID_ELEMENT_ACCESS(
+ !__x.__hold_.valueless_by_exception(), "Attempted to compare a valueless common_iterator");
+ _LIBCPP_ASSERT_VALID_ELEMENT_ACCESS(
+ !__y.__hold_.valueless_by_exception(), "Attempted to compare a valueless common_iterator");
auto __x_index = __x.__hold_.index();
auto __y_index = __y.__hold_.index();
@@ -192,10 +192,10 @@ public:
requires sentinel_for<_Sent, _I2> && equality_comparable_with<_Iter, _I2>
_LIBCPP_HIDE_FROM_ABI
friend constexpr bool operator==(const common_iterator& __x, const common_iterator<_I2, _S2>& __y) {
- _LIBCPP_ASSERT_VALID_ELEMENT_ACCESS(!__x.__hold_.valueless_by_exception(),
- "Attempted to compare a valueless common_iterator");
- _LIBCPP_ASSERT_VALID_ELEMENT_ACCESS(!__y.__hold_.valueless_by_exception(),
- "Attempted to compare a valueless common_iterator");
+ _LIBCPP_ASSERT_VALID_ELEMENT_ACCESS(
+ !__x.__hold_.valueless_by_exception(), "Attempted to compare a valueless common_iterator");
+ _LIBCPP_ASSERT_VALID_ELEMENT_ACCESS(
+ !__y.__hold_.valueless_by_exception(), "Attempted to compare a valueless common_iterator");
auto __x_index = __x.__hold_.index();
auto __y_index = __y.__hold_.index();
@@ -216,10 +216,10 @@ public:
requires sized_sentinel_for<_Sent, _I2>
_LIBCPP_HIDE_FROM_ABI
friend constexpr iter_difference_t<_I2> operator-(const common_iterator& __x, const common_iterator<_I2, _S2>& __y) {
- _LIBCPP_ASSERT_VALID_ELEMENT_ACCESS(!__x.__hold_.valueless_by_exception(),
- "Attempted to subtract from a valueless common_iterator");
- _LIBCPP_ASSERT_VALID_ELEMENT_ACCESS(!__y.__hold_.valueless_by_exception(),
- "Attempted to subtract a valueless common_iterator");
+ _LIBCPP_ASSERT_VALID_ELEMENT_ACCESS(
+ !__x.__hold_.valueless_by_exception(), "Attempted to subtract from a valueless common_iterator");
+ _LIBCPP_ASSERT_VALID_ELEMENT_ACCESS(
+ !__y.__hold_.valueless_by_exception(), "Attempted to subtract a valueless common_iterator");
auto __x_index = __x.__hold_.index();
auto __y_index = __y.__hold_.index();
@@ -240,8 +240,8 @@ public:
noexcept(noexcept(ranges::iter_move(std::declval<const _Iter&>())))
requires input_iterator<_Iter>
{
- _LIBCPP_ASSERT_VALID_ELEMENT_ACCESS(std::holds_alternative<_Iter>(__i.__hold_),
- "Attempted to iter_move a non-dereferenceable common_iterator");
+ _LIBCPP_ASSERT_VALID_ELEMENT_ACCESS(
+ std::holds_alternative<_Iter>(__i.__hold_), "Attempted to iter_move a non-dereferenceable common_iterator");
return ranges::iter_move( std::__unchecked_get<_Iter>(__i.__hold_));
}
@@ -249,10 +249,10 @@ public:
_LIBCPP_HIDE_FROM_ABI friend constexpr void iter_swap(const common_iterator& __x, const common_iterator<_I2, _S2>& __y)
noexcept(noexcept(ranges::iter_swap(std::declval<const _Iter&>(), std::declval<const _I2&>())))
{
- _LIBCPP_ASSERT_VALID_ELEMENT_ACCESS(std::holds_alternative<_Iter>(__x.__hold_),
- "Attempted to iter_swap a non-dereferenceable common_iterator");
- _LIBCPP_ASSERT_VALID_ELEMENT_ACCESS(std::holds_alternative<_I2>(__y.__hold_),
- "Attempted to iter_swap a non-dereferenceable common_iterator");
+ _LIBCPP_ASSERT_VALID_ELEMENT_ACCESS(
+ std::holds_alternative<_Iter>(__x.__hold_), "Attempted to iter_swap a non-dereferenceable common_iterator");
+ _LIBCPP_ASSERT_VALID_ELEMENT_ACCESS(
+ std::holds_alternative<_I2>(__y.__hold_), "Attempted to iter_swap a non-dereferenceable common_iterator");
return ranges::iter_swap(std::__unchecked_get<_Iter>(__x.__hold_), std::__unchecked_get<_I2>(__y.__hold_));
}
};
diff --git a/libcxx/include/__iterator/counted_iterator.h b/libcxx/include/__iterator/counted_iterator.h
index 9a919dacc3..706a08fde0 100644
--- a/libcxx/include/__iterator/counted_iterator.h
+++ b/libcxx/include/__iterator/counted_iterator.h
@@ -290,8 +290,8 @@ public:
friend constexpr void iter_swap(const counted_iterator& __x, const counted_iterator<_I2>& __y)
noexcept(noexcept(ranges::iter_swap(__x.__current_, __y.__current_)))
{
- _LIBCPP_ASSERT_VALID_ELEMENT_ACCESS(__x.__count_ > 0 && __y.__count_ > 0,
- "Iterators must not be past end of range.");
+ _LIBCPP_ASSERT_VALID_ELEMENT_ACCESS(
+ __x.__count_ > 0 && __y.__count_ > 0, "Iterators must not be past end of range.");
return ranges::iter_swap(__x.__current_, __y.__current_);
}
diff --git a/libcxx/include/__ranges/subrange.h b/libcxx/include/__ranges/subrange.h
index 1daba69b7e..4f73bff86f 100644
--- a/libcxx/include/__ranges/subrange.h
+++ b/libcxx/include/__ranges/subrange.h
@@ -109,7 +109,7 @@ namespace ranges {
{
if constexpr (sized_sentinel_for<_Sent, _Iter>)
_LIBCPP_ASSERT_VALID_ELEMENT_ACCESS((__end_ - __begin_) == static_cast<iter_difference_t<_Iter>>(__n),
- "std::ranges::subrange was passed an invalid size hint");
+ "std::ranges::subrange was passed an invalid size hint");
}
template<__different_from<subrange> _Range>
diff --git a/libcxx/test/libcxx/iterators/predef.iterators/counted.iterator/assert.pass.cpp b/libcxx/test/libcxx/iterators/predef.iterators/counted.iterator/assert.pass.cpp
index 0c154b7b76..8a76e206e2 100644
--- a/libcxx/test/libcxx/iterators/predef.iterators/counted.iterator/assert.pass.cpp
+++ b/libcxx/test/libcxx/iterators/predef.iterators/counted.iterator/assert.pass.cpp
@@ -18,7 +18,7 @@
int main(int, char**) {
using Iter = std::counted_iterator<int*>;
- int a[] = {1, 2, 3};
+ int a[] = {1, 2, 3};
Iter valid_i(a, 1);
{
diff --git a/libcxx/test/libcxx/iterators/predef.iterators/iterators.common/assert.pass.cpp b/libcxx/test/libcxx/iterators/predef.iterators/iterators.common/assert.pass.cpp
index d81b13efe8..e112d93497 100644
--- a/libcxx/test/libcxx/iterators/predef.iterators/iterators.common/assert.pass.cpp
+++ b/libcxx/test/libcxx/iterators/predef.iterators/iterators.common/assert.pass.cpp
@@ -18,7 +18,7 @@
int main(int, char**) {
using Iter = std::common_iterator<int*, sentinel_wrapper<int*>>;
- int a[] = {1, 2, 3};
+ int a[] = {1, 2, 3};
sentinel_wrapper<int*> s;
Iter valid_i = a;
@@ -30,10 +30,13 @@ int main(int, char**) {
TEST_LIBCPP_ASSERT_FAILURE(++i, "Attempted to increment a non-dereferenceable common_iterator");
TEST_LIBCPP_ASSERT_FAILURE(i++, "Attempted to increment a non-dereferenceable common_iterator");
- TEST_LIBCPP_ASSERT_FAILURE(std::ranges::iter_move(i), "Attempted to iter_move a non-dereferenceable common_iterator");
+ TEST_LIBCPP_ASSERT_FAILURE(
+ std::ranges::iter_move(i), "Attempted to iter_move a non-dereferenceable common_iterator");
- TEST_LIBCPP_ASSERT_FAILURE(std::ranges::iter_swap(i, valid_i), "Attempted to iter_swap a non-dereferenceable common_iterator");
- TEST_LIBCPP_ASSERT_FAILURE(std::ranges::iter_swap(valid_i, i), "Attempted to iter_swap a non-dereferenceable common_iterator");
+ TEST_LIBCPP_ASSERT_FAILURE(
+ std::ranges::iter_swap(i, valid_i), "Attempted to iter_swap a non-dereferenceable common_iterator");
+ TEST_LIBCPP_ASSERT_FAILURE(
+ std::ranges::iter_swap(valid_i, i), "Attempted to iter_swap a non-dereferenceable common_iterator");
std::ranges::iter_swap(valid_i, valid_i); // Ok
}
``````````
</details>
https://github.com/llvm/llvm-project/pull/71620
More information about the libcxx-commits
mailing list