<div dir="ltr"><br><div class="gmail_extra"><br><br><div class="gmail_quote">On Thu, Jul 24, 2014 at 2:25 AM, Richard Smith <span dir="ltr"><<a href="mailto:richard@metafoo.co.uk" target="_blank">richard@metafoo.co.uk</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div class="gmail_extra"><div class="gmail_quote"><div class="">On Wed, Jul 23, 2014 at 1:32 PM, Alexey Samsonov <span dir="ltr"><<a href="mailto:vonosmas@gmail.com" target="_blank">vonosmas@gmail.com</a>></span> wrote:<br>

<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">+kcc<div><br></div><div>I wonder if we could detect it with container-overflow feature in ASan and annotated libcxx vector.</div>

</div></blockquote><div><br></div></div><div>FWIW, the existing ASan diagnostic was great here, and let me find the bug with essentially no work (but only triggers in the cases where the vector actually gets reallocated).</div>
</div></div></div></blockquote><div><br></div><div>The container overflow annotations will not help here -- there is not use of data between begin()+size() and begin()+capacity() here. </div><div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div dir="ltr"><div class="gmail_extra"><div class="gmail_quote"><div><div class="h5">
<div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div class="gmail_extra"><div><div><div class="gmail_quote">On Wed, Jul 23, 2014 at 1:07 PM, Richard Smith <span dir="ltr"><<a href="mailto:richard-llvm@metafoo.co.uk" target="_blank">richard-llvm@metafoo.co.uk</a>></span> wrote:<br>


<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Author: rsmith<br>
Date: Wed Jul 23 15:07:08 2014<br>
New Revision: 213790<br>
<br>
URL: <a href="http://llvm.org/viewvc/llvm-project?rev=213790&view=rev" target="_blank">http://llvm.org/viewvc/llvm-project?rev=213790&view=rev</a><br>
Log:<br>
PR20228: don't retain a pointer to a vector element after the container has been resized.<br>
<br>
Modified:<br>
    cfe/trunk/lib/Sema/SemaExprCXX.cpp<br>
    cfe/trunk/test/SemaCXX/type-traits.cpp<br>
<br>
Modified: cfe/trunk/lib/Sema/SemaExprCXX.cpp<br>
URL: <a href="http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/Sema/SemaExprCXX.cpp?rev=213790&r1=213789&r2=213790&view=diff" target="_blank">http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/Sema/SemaExprCXX.cpp?rev=213790&r1=213789&r2=213790&view=diff</a><br>



==============================================================================<br>
--- cfe/trunk/lib/Sema/SemaExprCXX.cpp (original)<br>
+++ cfe/trunk/lib/Sema/SemaExprCXX.cpp Wed Jul 23 15:07:08 2014<br>
@@ -3651,12 +3651,13 @@ static bool evaluateTypeTrait(Sema &S, T<br>
       if (T->isObjectType() || T->isFunctionType())<br>
         T = S.Context.getRValueReferenceType(T);<br>
       OpaqueArgExprs.push_back(<br>
-        OpaqueValueExpr(Args[I]->getTypeLoc().getLocStart(),<br>
+        OpaqueValueExpr(Args[I]->getTypeLoc().getLocStart(),<br>
                         T.getNonLValueExprType(S.Context),<br>
                         Expr::getValueKindForType(T)));<br>
-      ArgExprs.push_back(&OpaqueArgExprs.back());<br>
     }<br>
-<br>
+    for (Expr &E : OpaqueArgExprs)<br>
+      ArgExprs.push_back(&E);<br>
+<br>
     // Perform the initialization in an unevaluated context within a SFINAE<br>
     // trap at translation unit scope.<br>
     EnterExpressionEvaluationContext Unevaluated(S, Sema::Unevaluated);<br>
<br>
Modified: cfe/trunk/test/SemaCXX/type-traits.cpp<br>
URL: <a href="http://llvm.org/viewvc/llvm-project/cfe/trunk/test/SemaCXX/type-traits.cpp?rev=213790&r1=213789&r2=213790&view=diff" target="_blank">http://llvm.org/viewvc/llvm-project/cfe/trunk/test/SemaCXX/type-traits.cpp?rev=213790&r1=213789&r2=213790&view=diff</a><br>



==============================================================================<br>
--- cfe/trunk/test/SemaCXX/type-traits.cpp (original)<br>
+++ cfe/trunk/test/SemaCXX/type-traits.cpp Wed Jul 23 15:07:08 2014<br>
@@ -146,6 +146,10 @@ struct ThreeArgCtor {<br>
   ThreeArgCtor(int*, char*, int);<br>
 };<br>
<br>
+struct VariadicCtor {<br>
+  template<typename...T> VariadicCtor(T...);<br>
+};<br>
+<br>
 void is_pod()<br>
 {<br>
   { int arr[T(__is_pod(int))]; }<br>
@@ -1968,6 +1972,10 @@ void constructible_checks() {<br>
   // PR19178<br>
   { int arr[F(__is_constructible(Abstract))]; }<br>
   { int arr[F(__is_nothrow_constructible(Abstract))]; }<br>
+<br>
+  // PR20228<br>
+  { int arr[T(__is_constructible(VariadicCtor,<br>
+                                 int, int, int, int, int, int, int, int, int))]; }<br>
 }<br>
<br>
 // Instantiation of __is_trivially_constructible<br>
<br>
<br>
_______________________________________________<br>
cfe-commits mailing list<br>
<a href="mailto:cfe-commits@cs.uiuc.edu" target="_blank">cfe-commits@cs.uiuc.edu</a><br>
<a href="http://lists.cs.uiuc.edu/mailman/listinfo/cfe-commits" target="_blank">http://lists.cs.uiuc.edu/mailman/listinfo/cfe-commits</a><br>
</blockquote></div><br><br clear="all"><div><br></div></div></div><span><font color="#888888">-- <br><div dir="ltr">Alexey Samsonov<br><a href="mailto:vonosmas@gmail.com" target="_blank">vonosmas@gmail.com</a></div>

</font></span></div>
</blockquote></div></div></div><br></div></div>
</blockquote></div><br></div></div>