caio/clang-p2996
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
dda73336ad22bd0b5ecda17040c50fb10fcbe5fb
clang-p2996/libcxx/test/std/utilities/expected/expected.expected/assign/emplace.pass.cpp
Jan Kokemüller 4f4690530e [libc++] Ensure that std::expected has no tail padding (#69673) 
Currently std::expected can have some padding bytes in its tail due to
[[no_unique_address]]. Those padding bytes can be used by other objects.
For example, in the current implementation:

  sizeof(std::expected<std::optional<int>, bool>) == 
    sizeof(std::expected<std::expected<std::optional<int>, bool>, bool>)

As a result, the data layout of an
  std::expected<std::expected<std::optional<int>, bool>, bool> 
can look like this:

              +-- optional "has value" flag
              |        +--padding
  /---int---\ |        |
  00 00 00 00 01 00 00 00
                |  |
                |  +- "outer" expected "has value" flag
                |
                +- expected "has value" flag

This is problematic because `emplace()`ing the "inner" expected can not
only overwrite the "inner" expected "has value" flag (issue #68552) but
also the tail padding where other objects might live.

This patch fixes the problem by ensuring that std::expected has no tail
padding, which is achieved by conditional usage of [[no_unique_address]]
based on the tail padding that this would create.

This is an ABI breaking change because the following property changes:

  sizeof(std::expected<std::optional<int>, bool>) <
    sizeof(std::expected<std::expected<std::optional<int>, bool>, bool>)

Before the change, this relation didn't hold. After the change, the relation
does hold, which means that the size of std::expected in these cases increases
after this patch. The data layout will change in the following cases where
tail padding can be reused by other objects:

  class foo : std::expected<std::optional<int>, bool> {
    bool b;
  };

or using [[no_unique_address]]:

  struct foo {
    [[no_unique_address]] std::expected<std::optional<int>, bool> e;
    bool b;
  };

The vendor communication is handled in #70820.
Fixes: #70494

Co-authored-by: philnik777 <nikolasklauser@berlin.de>
Co-authored-by: Louis Dionne <ldionne.2@gmail.com>
2024-01-22 09:05:39 -05:00

105 lines
2.7 KiB
C++
Raw Blame History

//===----------------------------------------------------------------------===//
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
// See https://llvm.org/LICENSE.txt for license information.
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
//
//===----------------------------------------------------------------------===//
// UNSUPPORTED: c++03, c++11, c++14, c++17, c++20
// template<class... Args>
// constexpr T& emplace(Args&&... args) noexcept;
// Constraints: is_nothrow_constructible_v<T, Args...> is true.
//
// Effects: Equivalent to:
// if (has_value()) {
// destroy_at(addressof(val));
// } else {
// destroy_at(addressof(unex));
// has_val = true;
// }
// return *construct_at(addressof(val), std::forward<Args>(args)...);
#include <cassert>
#include <concepts>
#include <expected>
#include <type_traits>
#include <utility>
#include "../../types.h"
#include "test_macros.h"
template <class T, class... Args>
concept CanEmplace = requires(T t, Args&&... args) { t.emplace(std::forward<Args>(args)...); };
static_assert(CanEmplace<std::expected<int, int>, int>);
template <bool Noexcept>
struct CtorFromInt {
CtorFromInt(int) noexcept(Noexcept);
CtorFromInt(int, int) noexcept(Noexcept);
};
static_assert(CanEmplace<std::expected<CtorFromInt<true>, int>, int>);
static_assert(CanEmplace<std::expected<CtorFromInt<true>, int>, int, int>);
static_assert(!CanEmplace<std::expected<CtorFromInt<false>, int>, int>);
static_assert(!CanEmplace<std::expected<CtorFromInt<false>, int>, int, int>);
constexpr bool test() {
// has_value
{
BothNoexcept::state oldState{};
BothNoexcept::state newState{};
std::expected<BothNoexcept, int> e(std::in_place, oldState, 5);
decltype(auto) x = e.emplace(newState, 10);
static_assert(std::same_as<decltype(x), BothNoexcept&>);
assert(&x == &(*e));
assert(oldState.dtorCalled);
assert(e.has_value());
assert(e.value().data_ == 10);
}
// !has_value
{
BothMayThrow::state oldState{};
std::expected<int, BothMayThrow> e(std::unexpect, oldState, 5);
decltype(auto) x = e.emplace(10);
static_assert(std::same_as<decltype(x), int&>);
assert(&x == &(*e));
assert(oldState.dtorCalled);
assert(e.has_value());
assert(e.value() == 10);
}
// TailClobberer
{
std::expected<TailClobberer<0>, bool> e(std::unexpect);
e.emplace();
assert(e.has_value());
}
// CheckForInvalidWrites
{
{
CheckForInvalidWrites<true> e;
e.emplace();
assert(e.check());
}
{
CheckForInvalidWrites<false> e;
e.emplace();
assert(e.check());
}
}
return true;
}
int main(int, char**) {
test();
static_assert(test());
return 0;
}
Reference in New Issue View Git Blame Copy Permalink