OpenE2K/gcc
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
4f0606fe4b
gcc/libstdc++-v3/include/debug/safe_container.h
Jonathan Wakely c2fb0a1a2e libstdc++: Make self-move well-defined for containers [PR 85828] 
The C++ LWG recently confirmed that self-move assignment should not have
undefined behaviour for standard containers (see the proposed resolution
of LWG 2839). The result should be a valid but unspecified value, just
like other times when a container is moved from.

Our std::list, std::__cxx11::basic_string and unordered containers all
have bugs which result in undefined behaviour.

For std::list the problem is that we clear the previous contents using
_M_clear() instead of clear(). This means the _M_next, _M_prev and
_M_size members are not zeroed, and so after we "update" them (with
their existing values), we are left with dangling pointers and a
non-zero size, but no elements.

For the unordered containers the problem is similar. _Hashtable first
deallocates the existing contents, then takes ownership of the pointers
from the RHS object (which has just had its contents deallocated so the
pointers are dangling).

For std::basic_string it's a little more subtle. When the string is
local (i.e. fits in the SSO buffer) we use char_traits::copy to copy the
contents from this->data() to __rhs.data(). When &__rhs == this that
copy violates the precondition that the ranges don't overlap. We only
need to check for self-move for this case where it's local, because the
only other case that can be true for self-move is that it's non-local
but the allocators compare equal. In that case the data pointer is
neither deallocated nor leaked, so the result is well-defined.

This patch also makes a small optimization for std::deque move
assignment, to use the efficient move when is_always_equal is false, but
the allocators compare equal at runtime.

Finally, we need to remove all the Debug Mode checks which abort the
program when a self-move is detected, because it's not undefined to do
that.

Before PR 85828 can be closed we should also look into fixing
std::shuffle so it doesn't do any redundant self-swaps.

libstdc++-v3/ChangeLog:

	PR libstdc++/85828
	* include/bits/basic_string.h (operator=(basic_string&&)): Check
	for self-move before copying with char_traits::copy.
	* include/bits/hashtable.h (operator=(_Hashtable&&)): Check for
	self-move.
	* include/bits/stl_deque.h (_M_move_assign1(deque&&, false_type)):
	Check for equal allocators.
	* include/bits/stl_list.h (_M_move_assign(list&&, true_type)):
	Call clear() instead of _M_clear().
	* include/debug/formatter.h (__msg_self_move_assign): Change
	comment.
	* include/debug/macros.h (__glibcxx_check_self_move_assign):
	(_GLIBCXX_DEBUG_VERIFY): Remove.
	* include/debug/safe_container.h (operator=(_Safe_container&&)):
	Remove assertion check for safe move and make it well-defined.
	* include/debug/safe_iterator.h (operator=(_Safe_iterator&&)):
	Remove assertion check for self-move.
	* include/debug/safe_local_iterator.h
	(operator=(_Safe_local_iterator&&)): Likewise.
	* testsuite/21_strings/basic_string/cons/char/self_move.cc: New test.
	* testsuite/23_containers/deque/cons/self_move.cc: New test.
	* testsuite/23_containers/forward_list/cons/self_move.cc: New test.
	* testsuite/23_containers/list/cons/self_move.cc: New test.
	* testsuite/23_containers/set/cons/self_move.cc: New test.
	* testsuite/23_containers/unordered_set/cons/self_move.cc: New test.
	* testsuite/23_containers/vector/cons/self_move.cc: New test.
2020-08-12 20:36:00 +01:00

130 lines
3.6 KiB
C++
Raw Blame History

// Safe container implementation -*- C++ -*-
// Copyright (C) 2014-2020 Free Software Foundation, Inc.
//
// This file is part of the GNU ISO C++ Library. This library is free
// software; you can redistribute it and/or modify it under the
// terms of the GNU General Public License as published by the
// Free Software Foundation; either version 3, or (at your option)
// any later version.
// This library is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// Under Section 7 of GPL version 3, you are granted additional
// permissions described in the GCC Runtime Library Exception, version
// 3.1, as published by the Free Software Foundation.
// You should have received a copy of the GNU General Public License and
// a copy of the GCC Runtime Library Exception along with this program;
// see the files COPYING3 and COPYING.RUNTIME respectively. If not, see
// <http://www.gnu.org/licenses/>.
/** @file debug/safe_container.h
* This file is a GNU debug extension to the Standard C++ Library.
*/
#ifndef _GLIBCXX_DEBUG_SAFE_CONTAINER_H
#define _GLIBCXX_DEBUG_SAFE_CONTAINER_H 1
#include <ext/alloc_traits.h>
namespace __gnu_debug
{
/// Safe class dealing with some allocator dependent operations.
template<typename _SafeContainer,
typename _Alloc,
template<typename> class _SafeBase,
bool _IsCxx11AllocatorAware = true>
class _Safe_container
: public _SafeBase<_SafeContainer>
{
typedef _SafeBase<_SafeContainer> _Base;
_SafeContainer&
_M_cont() _GLIBCXX_NOEXCEPT
{ return *static_cast<_SafeContainer*>(this); }
protected:
_Safe_container&
_M_safe() _GLIBCXX_NOEXCEPT
{ return *this; }
#if __cplusplus >= 201103L
_Safe_container() = default;
_Safe_container(const _Safe_container&) = default;
_Safe_container(_Safe_container&&) = default;
_Safe_container(_Safe_container&& __x, const _Alloc& __a)
: _Safe_container()
{
if (__x._M_cont().get_allocator() == __a)
_Base::_M_swap(__x);
else
__x._M_invalidate_all();
}
#endif
public:
// Copy assignment invalidate all iterators.
_Safe_container&
operator=(const _Safe_container&) _GLIBCXX_NOEXCEPT
{
this->_M_invalidate_all();
return *this;
}
#if __cplusplus >= 201103L
_Safe_container&
operator=(_Safe_container&& __x) noexcept
{
if (std::__addressof(__x) == this)
{
// Standard containers have a valid but unspecified value after
// self-move, so we invalidate all debug iterators even if the
// underlying container happens to preserve its contents.
this->_M_invalidate_all();
return *this;
}
if (_IsCxx11AllocatorAware)
{
typedef __gnu_cxx::__alloc_traits<_Alloc> _Alloc_traits;
bool __xfer_memory = _Alloc_traits::_S_propagate_on_move_assign()
|| _M_cont().get_allocator() == __x._M_cont().get_allocator();
if (__xfer_memory)
_Base::_M_swap(__x);
else
this->_M_invalidate_all();
}
else
_Base::_M_swap(__x);
__x._M_invalidate_all();
return *this;
}
void
_M_swap(_Safe_container& __x) noexcept
{
if (_IsCxx11AllocatorAware)
{
typedef __gnu_cxx::__alloc_traits<_Alloc> _Alloc_traits;
if (!_Alloc_traits::_S_propagate_on_swap())
__glibcxx_check_equal_allocs(this->_M_cont()._M_base(),
__x._M_cont()._M_base());
}
_Base::_M_swap(__x);
}
#endif
};
} // namespace __gnu_debug
#endif
Reference in New Issue View Git Blame Copy Permalink