[libc++] Add a missing assertion in std::span's constructor

Also, add missing tests for assertions in span constructors. Now I
believe that all of std::span's API should be hardened, and all the
assertions should have a corresponding test.

Differential Revision: https://reviews.llvm.org/D131681

diff --git a/libcxx/include/span b/libcxx/include/span
index 00793a2..67d2ac2 100644 (file)
--- a/libcxx/include/span
+++ b/libcxx/include/span
@@ -453,9 +453,10 @@ public:
         : __data{_VSTD::to_address(__first)}, __size{__count} {}
 
     template <__span_compatible_iterator<element_type> _It, __span_compatible_sentinel_for<_It> _End>
-    _LIBCPP_INLINE_VISIBILITY
-    constexpr span(_It __first, _End __last)
-        : __data(_VSTD::to_address(__first)), __size(__last - __first) {}
+    _LIBCPP_INLINE_VISIBILITY constexpr span(_It __first, _End __last)
+        : __data(_VSTD::to_address(__first)), __size(__last - __first) {
+      _LIBCPP_ASSERT(__last - __first >= 0, "invalid range in span's constructor (iterator, sentinel)");
+    }
 
     template <size_t _Sz>
     _LIBCPP_INLINE_VISIBILITY

diff --git a/libcxx/test/libcxx/containers/views/views.span/span.cons/assert.iter_sent.pass.cpp b/libcxx/test/libcxx/containers/views/views.span/span.cons/assert.iter_sent.pass.cpp
new file mode 100644 (file)
index 0000000..cd373e7
--- /dev/null
+++ b/libcxx/test/libcxx/containers/views/views.span/span.cons/assert.iter_sent.pass.cpp
@@ -0,0 +1,48 @@
+//===----------------------------------------------------------------------===//
+//
+// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
+// See https://llvm.org/LICENSE.txt for license information.
+// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
+//
+//===----------------------------------------------------------------------===//
+// UNSUPPORTED: c++03, c++11, c++14, c++17
+
+// <span>
+//
+// constexpr span<T, Extent>::span(Iterator it, Sentinel sent);
+//
+// Check that we ensure `Extent == sent - it` and also that `[it, sent)` is a valid range.
+//
+//
+// constexpr span<T, dynamic_extent>::span(Iterator it, Sentinel sent);
+//
+// Check that we ensure that `[it, sent)` is a valid range.
+
+// REQUIRES: has-unix-headers
+// XFAIL: use_system_cxx_lib && target={{.+}}-apple-macosx{{10.9|10.10|10.11|10.12|10.13|10.14|10.15|11.0|12.0}}
+// ADDITIONAL_COMPILE_FLAGS: -D_LIBCPP_ENABLE_ASSERTIONS=1
+
+#include <array>
+#include <span>
+
+#include "check_assertion.h"
+
+int main(int, char**) {
+    {
+        std::array<int, 3> array{0, 1, 2};
+
+        auto invalid_range = [&] { std::span<int> const s(array.end(), array.begin()); (void)s; };
+        TEST_LIBCPP_ASSERT_FAILURE(invalid_range(), "invalid range in span's constructor (iterator, sentinel)");
+    }
+    {
+        std::array<int, 3> array{0, 1, 2};
+
+        auto invalid_range = [&] { std::span<int, 3> const s(array.end(), array.begin()); (void)s; };
+        TEST_LIBCPP_ASSERT_FAILURE(invalid_range(), "invalid range in span's constructor (iterator, sentinel)");
+
+        auto invalid_size = [&] { std::span<int, 3> const s(array.begin(), array.begin() + 2); (void)s; };
+        TEST_LIBCPP_ASSERT_FAILURE(invalid_size(), "invalid range in span's constructor (iterator, sentinel): last - first != extent");
+    }
+
+    return 0;
+}

diff --git a/libcxx/test/libcxx/containers/views/views.span/span.cons/assert.iter_size.pass.cpp b/libcxx/test/libcxx/containers/views/views.span/span.cons/assert.iter_size.pass.cpp
new file mode 100644 (file)
index 0000000..1888b4b
--- /dev/null
+++ b/libcxx/test/libcxx/containers/views/views.span/span.cons/assert.iter_size.pass.cpp
@@ -0,0 +1,37 @@
+//===----------------------------------------------------------------------===//
+//
+// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
+// See https://llvm.org/LICENSE.txt for license information.
+// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
+//
+//===----------------------------------------------------------------------===//
+// UNSUPPORTED: c++03, c++11, c++14, c++17
+
+// <span>
+//
+// constexpr span<T, Extent>::span(Iterator, size_type);
+//
+// Check that the passed size is equal to the statically known extent.
+// Note that it doesn't make sense to validate the incoming size in the
+// dynamic_extent version.
+
+// REQUIRES: has-unix-headers
+// XFAIL: use_system_cxx_lib && target={{.+}}-apple-macosx{{10.9|10.10|10.11|10.12|10.13|10.14|10.15|11.0|12.0}}
+// ADDITIONAL_COMPILE_FLAGS: -D_LIBCPP_ENABLE_ASSERTIONS=1
+
+#include <array>
+#include <span>
+
+#include "check_assertion.h"
+
+int main(int, char**) {
+    std::array<int, 3> array{0, 1, 2};
+
+    auto too_large = [&] { std::span<int, 3> const s(array.data(), 4); (void)s; };
+    TEST_LIBCPP_ASSERT_FAILURE(too_large(), "size mismatch in span's constructor (iterator, len)");
+
+    auto too_small = [&] { std::span<int, 3> const s(array.data(), 2); (void)s; };
+    TEST_LIBCPP_ASSERT_FAILURE(too_small(), "size mismatch in span's constructor (iterator, len)");
+
+    return 0;
+}

diff --git a/libcxx/test/libcxx/containers/views/views.span/span.cons/assert.other_span.pass.cpp b/libcxx/test/libcxx/containers/views/views.span/span.cons/assert.other_span.pass.cpp
new file mode 100644 (file)
index 0000000..9e92e83
--- /dev/null
+++ b/libcxx/test/libcxx/containers/views/views.span/span.cons/assert.other_span.pass.cpp
@@ -0,0 +1,33 @@
+//===----------------------------------------------------------------------===//
+//
+// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
+// See https://llvm.org/LICENSE.txt for license information.
+// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
+//
+//===----------------------------------------------------------------------===//
+// UNSUPPORTED: c++03, c++11, c++14, c++17
+
+// <span>
+//
+// constexpr span<T, Extent>::span(const span<U, dynamic_extent>& other);
+//
+// Check that we ensure `other.size() == Extent`.
+
+// REQUIRES: has-unix-headers
+// XFAIL: use_system_cxx_lib && target={{.+}}-apple-macosx{{10.9|10.10|10.11|10.12|10.13|10.14|10.15|11.0|12.0}}
+// ADDITIONAL_COMPILE_FLAGS: -D_LIBCPP_ENABLE_ASSERTIONS=1
+
+#include <array>
+#include <span>
+
+#include "check_assertion.h"
+
+int main(int, char**) {
+    std::array<int, 3> array{0, 1, 2};
+    std::span<int> other(array.data(), 3);
+
+    auto invalid_source = [&] { std::span<int, 2> const s(other); (void)s; };
+    TEST_LIBCPP_ASSERT_FAILURE(invalid_source(), "size mismatch in span's constructor (other span)");
+
+    return 0;
+}

diff --git a/libcxx/test/libcxx/containers/views/views.span/span.cons/assert.range.pass.cpp b/libcxx/test/libcxx/containers/views/views.span/span.cons/assert.range.pass.cpp
new file mode 100644 (file)
index 0000000..bf1233f
--- /dev/null
+++ b/libcxx/test/libcxx/containers/views/views.span/span.cons/assert.range.pass.cpp
@@ -0,0 +1,32 @@
+//===----------------------------------------------------------------------===//
+//
+// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
+// See https://llvm.org/LICENSE.txt for license information.
+// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
+//
+//===----------------------------------------------------------------------===//
+// UNSUPPORTED: c++03, c++11, c++14, c++17
+
+// <span>
+//
+// constexpr span<T, Extent>::span(Range&& r);
+//
+// Check that we ensure `size(r) == Extent`.
+
+// REQUIRES: has-unix-headers
+// XFAIL: use_system_cxx_lib && target={{.+}}-apple-macosx{{10.9|10.10|10.11|10.12|10.13|10.14|10.15|11.0|12.0}}
+// ADDITIONAL_COMPILE_FLAGS: -D_LIBCPP_ENABLE_ASSERTIONS=1
+
+#include <span>
+#include <vector>
+
+#include "check_assertion.h"
+
+int main(int, char**) {
+    std::vector<int> vec{0, 1, 2}; // must use std::vector instead of std::array, because std::span has a special constructor from std::array
+
+    auto invalid_size = [&] { std::span<int, 2> const s(vec); (void)s; };
+    TEST_LIBCPP_ASSERT_FAILURE(invalid_size(), "size mismatch in span's constructor (range)");
+
+    return 0;
+}