From patchwork Fri Jan 10 21:23:12 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jonathan Wakely X-Patchwork-Id: 104548 Return-Path: X-Original-To: patchwork@sourceware.org Delivered-To: patchwork@sourceware.org Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id 66C723858433 for ; Fri, 10 Jan 2025 21:48:46 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 66C723858433 Authentication-Results: sourceware.org; dkim=pass (1024-bit key, unprotected) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256 header.s=mimecast20190719 header.b=fAYNifqs X-Original-To: gcc-patches@gcc.gnu.org Delivered-To: gcc-patches@gcc.gnu.org Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by sourceware.org (Postfix) with ESMTP id D78D33857B98 for ; Fri, 10 Jan 2025 21:28:38 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org D78D33857B98 Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=redhat.com Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=redhat.com ARC-Filter: OpenARC Filter v1.0.0 sourceware.org D78D33857B98 Authentication-Results: server2.sourceware.org; arc=none smtp.remote-ip=170.10.133.124 ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1736544518; cv=none; b=SuNVq4oZliIZJnQd0Iwl6/Tb7GpAwYtmFVD6YGaudehojseCyvhUGV9ZqDJnICcXyjdIkVckSSo6EWakklWJonmm/NKVpqdAjTREFLm6RNblQVd0bLUS5+Y+fSKz+E4LF1YB7yZ0NZeMck6dqozASi1VlE2YgJvPEsDmOI4FWPo= ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1736544518; c=relaxed/simple; bh=k8kUw+NDidBbbIQ9oMMwAIjg5FySq/yeFK/wXVYQ1Os=; h=DKIM-Signature:From:To:Subject:Date:Message-ID:MIME-Version; b=K8ypalmiyU40RAnNv57eJdZEnzEz+lzdFaV8sphWPTs9EoRMJ42MvM4eE8SKAyLybvPSVIxc2jJQTeeH4ILi7ROtlNjBUuY+AHya1KJlO4ZzVmaBz6NPlsZnzE8yAiQ1ZJHUbW66Igp/kLUGPVyT5Tw7nAYUKXqe6tin4DB2fWw= ARC-Authentication-Results: i=1; server2.sourceware.org DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org D78D33857B98 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1736544518; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=s+/EWYIJVh6ZsxxIIhfG8/7AKh8QFfTKMDAf06T/H6s=; b=fAYNifqs+196Ba720UoZqW0fiWNRxKTxIIE5xTV/OL9H4GC9z8Fe5R72nLmVFWJR6i2riR jBtFajdfNZ8/liSqpUGPW3WNjj0PSXNAS/Y3YGCeF21cvOyBV40xW0AmMUBlhdBjYmsBvw qn49RSTd72hTZSAltk27sLoOdxa8GuE= Received: from mx-prod-mc-04.mail-002.prod.us-west-2.aws.redhat.com (ec2-54-186-198-63.us-west-2.compute.amazonaws.com [54.186.198.63]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-662-pTwNVItDOtWqdcq_kus4Dg-1; Fri, 10 Jan 2025 16:28:35 -0500 X-MC-Unique: pTwNVItDOtWqdcq_kus4Dg-1 X-Mimecast-MFC-AGG-ID: pTwNVItDOtWqdcq_kus4Dg Received: from mx-prod-int-05.mail-002.prod.us-west-2.aws.redhat.com (mx-prod-int-05.mail-002.prod.us-west-2.aws.redhat.com [10.30.177.17]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mx-prod-mc-04.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS id 2303F1955DCC; Fri, 10 Jan 2025 21:28:34 +0000 (UTC) Received: from localhost (unknown [10.42.28.9]) by mx-prod-int-05.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTP id 93F7C1955BE3; Fri, 10 Jan 2025 21:28:33 +0000 (UTC) From: Jonathan Wakely To: libstdc++@gcc.gnu.org, gcc-patches@gcc.gnu.org Subject: [PATCH 09/10] libstdc++: Use safe integer comparisons in std::latch [PR98749] Date: Fri, 10 Jan 2025 21:23:12 +0000 Message-ID: <20250110212810.832494-10-jwakely@redhat.com> In-Reply-To: <20250110212810.832494-1-jwakely@redhat.com> References: <20250110212810.832494-1-jwakely@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.0 on 10.30.177.17 X-Mimecast-Spam-Score: 0 X-Mimecast-MFC-PROC-ID: KPrFl3GwoCXL7uzSqYY3xK8Xg5vDKFpeskuODQ6MAGg_1736544514 X-Mimecast-Originator: redhat.com X-Spam-Status: No, score=-12.2 required=5.0 tests=BAYES_00, DKIMWL_WL_HIGH, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, GIT_PATCH_0, RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H2, SPF_HELO_NONE, SPF_NONE, TXREP autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: gcc-patches@gcc.gnu.org X-Mailman-Version: 2.1.30 Precedence: list List-Id: Gcc-patches mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: gcc-patches-bounces~patchwork=sourceware.org@gcc.gnu.org Also add missing precondition check to constructor and fix existing check in count_down which was duplicated by mistake. libstdc++-v3/ChangeLog: PR libstdc++/98749 * include/std/latch (latch::max()): Use std::cmp_less to handle the case where __platform_wait_t is wider than ptrdiff_t or is unsigned. (latch::latch(ptrdiff_t)): Add assertion. (latch::count_down): Fix copy & pasted duplicate assertion. Use std::cmp_equal to compare __platform_wait_t and ptrdiff_t values. --- libstdc++-v3/include/std/latch | 30 +++++++++++++++++++++--------- 1 file changed, 21 insertions(+), 9 deletions(-) diff --git a/libstdc++-v3/include/std/latch b/libstdc++-v3/include/std/latch index c81a6631d53f..8bdf68f3390a 100644 --- a/libstdc++-v3/include/std/latch +++ b/libstdc++-v3/include/std/latch @@ -41,6 +41,7 @@ #ifdef __cpp_lib_latch // C++ >= 20 && atomic_wait #include #include +#include // cmp_equal, cmp_less_equal, etc. namespace std _GLIBCXX_VISIBILITY(default) { @@ -51,24 +52,34 @@ _GLIBCXX_BEGIN_NAMESPACE_VERSION public: static constexpr ptrdiff_t max() noexcept - { return __gnu_cxx::__int_traits<__detail::__platform_wait_t>::__max; } + { + using __gnu_cxx::__int_traits; + constexpr auto __max = __int_traits<__detail::__platform_wait_t>::__max; + if constexpr (std::cmp_less(__max, __PTRDIFF_MAX__)) + return __max; + return __PTRDIFF_MAX__; + } - constexpr explicit latch(ptrdiff_t __expected) noexcept - : _M_a(__expected) { } + constexpr explicit + latch(ptrdiff_t __expected) noexcept + : _M_a(__expected) + { __glibcxx_assert(__expected >= 0 && __expected <= max()); } ~latch() = default; + latch(const latch&) = delete; latch& operator=(const latch&) = delete; _GLIBCXX_ALWAYS_INLINE void count_down(ptrdiff_t __update = 1) { - __glibcxx_assert(__update >= 0); - auto const __old = __atomic_impl::fetch_sub(&_M_a, - __update, memory_order::release); - __glibcxx_assert(__update >= 0); - if (__old == static_cast<__detail::__platform_wait_t>(__update)) + __glibcxx_assert(__update >= 0 && __update <= max()); + auto const __old = __atomic_impl::fetch_sub(&_M_a, __update, + memory_order::release); + if (std::cmp_equal(__old, __update)) __atomic_impl::notify_all(&_M_a); + else + __glibcxx_assert(std::cmp_less(__update, __old)); } _GLIBCXX_ALWAYS_INLINE bool @@ -97,7 +108,8 @@ _GLIBCXX_BEGIN_NAMESPACE_VERSION private: // This alignas is not redundant, it increases the alignment for // long long on x86. - alignas(__alignof__(__detail::__platform_wait_t)) __detail::__platform_wait_t _M_a; + alignas(__alignof__(__detail::__platform_wait_t)) + __detail::__platform_wait_t _M_a; }; _GLIBCXX_END_NAMESPACE_VERSION } // namespace