llvm-project/llvm/unittests
Duncan P. N. Exon Smith 4042d91b63 ADT: Avoid relying on UB in ilist_node::getNextNode()
Re-implement `ilist_node::getNextNode()` and `getPrevNode()` without
relying on the sentinel having a "next" pointer.  Instead, get access to
the owning list and compare against the `begin()` and `end()` iterators.

This only works when the node *can* get access to the owning list.  The
new support is in `ilist_node_with_parent<>`, and any class `Ty`
inheriting from `ilist_node<NodeTy>` that wants `getNextNode()` and/or
`getPrevNode()` should inherit from
`ilist_node_with_parent<NodeTy, ParentTy>` instead.  The requirements:

  - `NodeTy` must have a `getParent()` function that returns the parent.
  - `ParentTy` must have a `getSublistAccess()` static that, given a(n
    ignored) `NodeTy*` (to determine which list), returns a member field
    pointer to the appropriate `ilist<>`.

This isn't the cleanest way to get access to the owning list, but it
leverages the API already used in the IR hierarchy (see, e.g.,
`Instruction::getSublistAccess()`).

If anyone feels like ripping out the calls to `getNextNode()` and
`getPrevNode()` and replacing with direct iterator logic, they can also
remove the access function, etc., but as an incremental step, I'm
maintaining the API where it's currently used in tree.

If these requirements are *not* met, call sites with access to the ilist
can call `iplist<NodeTy>::getNextNode(NodeTy*)` directly, as in
ilistTest.cpp.

Why rewrite this?

The old code was broken, calling `getNext()` on a sentinel that possibly
didn't have a "next" pointer at all!  The new code avoids that
particular flavour of UB (see the commit message for r252538 for more
details about the "lucky" memory layout that made this function so
interesting).

There's still some UB here: the end iterator gets downcast to `NodeTy*`,
even when it's a sentinel (which is typically
`ilist_half_node<NodeTy*>`).  I'll tackle that in follow-up commits.
See this llvm-dev thread for more details:
http://lists.llvm.org/pipermail/llvm-dev/2015-October/091115.html

What's the danger?

There might be some code that relies on `getNextNode()` or
`getPrevNode()` *never* returning `nullptr` -- i.e., that relies on them
being broken when the sentinel is an `ilist_half_node<NodeTy>`.  I tried
to root out those cases with the audits I did leading up to r252380, but
it's possible I missed one or two.  I hope not.

(If (1) you have out-of-tree code, (2) you've reverted r252380
temporarily, and (3) you get some weird crashes with this commit, then I
recommend un-reverting r252380 and auditing the compile errors looking
for "strange" implicit conversions.)

llvm-svn: 252694
2015-11-11 02:26:42 +00:00
..
ADT ADT: Avoid relying on UB in ilist_node::getNextNode() 2015-11-11 02:26:42 +00:00
Analysis [AA] Enhance the new AliasAnalysis infrastructure with an optional 2015-10-21 12:15:19 +00:00
AsmParser Fix PR 24633 - Handle undef values when parsing standalone constants. 2015-09-09 13:44:33 +00:00
Bitcode Fix memory leak in unit test of Bitcode/BitReaderTest.cpp 2015-08-03 21:23:51 +00:00
CodeGen AsmPrinter: Use an intrusively linked list for DIE::Children 2015-06-25 23:52:10 +00:00
DebugInfo Fix compilation of PDBApiTest. 2015-05-01 20:51:49 +00:00
ExecutionEngine Fix some Clang-tidy modernize warnings, other minor fixes. 2015-11-04 22:32:32 +00:00
IR DI: Reverse direction of subprogram -> function edge. 2015-11-05 22:03:56 +00:00
LineEditor Use 'override/final' instead of 'virtual' for overridden methods 2015-04-11 02:11:45 +00:00
Linker unittests: Remove implicit ilist iterator conversions, NFC 2015-10-20 18:30:20 +00:00
MC Add a RAW mode to StringTableBuilder. 2015-10-23 21:48:05 +00:00
Option [Option] Use an ArrayRef to store the Option Infos in OptTable. NFC 2015-10-21 16:30:42 +00:00
ProfileData [PGO] Make indexed value profile data more compact 2015-11-10 00:24:45 +00:00
Support Windows-specific test for sys::path::remove_dots. 2015-11-09 19:36:53 +00:00
Transforms DI: Reverse direction of subprogram -> function edge. 2015-11-05 22:03:56 +00:00
CMakeLists.txt AsmParser: Require a terminating null character when creating memory buffer. 2015-05-20 20:41:27 +00:00
Makefile AsmParser: Require a terminating null character when creating memory buffer. 2015-05-20 20:41:27 +00:00
Makefile.unittest With rpaths being set correctly, SHLIBPATH_VAR is not needed anymore. 2014-02-28 16:16:51 +00:00