[cfe-dev] Undiagnosed "reference to stack memory [...] returned"

Matthieu Monrocq matthieu.monrocq at gmail.com
Tue Nov 30 09:56:33 PST 2010 

Hi Argyrios,

Thank you very much!

It's great that clang will diagnose this UB, it's a really nasty bug to
track down :)

Matthieu.

2010/11/29 Argyrios Kyrtzidis <akyrtzi at gmail.com>

> Hi Matthieu,
>
> Sorry for the (very..) late response. We now warn for all cases since
> http://lists.cs.uiuc.edu/pipermail/cfe-commits/Week-of-Mon-20101129/036838.html
>
> Thanks for reporting the issue!
>
> -Argiris
>
> On Wed, Sep 15, 2010 at 11:04 AM, Matthieu Monrocq <
> matthieu.monrocq at gmail.com> wrote:
>
>> Hi guys,
>>
>> here is a very simple test case:
>>
>>     int const& get_reference_warning()
>>     {
>>       int w = 0;
>>       return w; // expected-warning{{reference to stack memory associated
>> with local variable 'w' returned}}
>>     }
>>
>>     int get_value();
>>
>>     int const& get_reference_no_warning() { return get_value(); } //
>> Diagnosed by VC++ 2010 (haven't tested on gcc), but unnoticed by Clang
>>
>>     int const& get_reference_no_warning_2()
>>     {
>>       int const& w2 = get_value();         // Correct, lifetime of the
>> value is extended to the lifetime of the const reference
>>       return w2;                                   // Undefined behavior:
>> goes unnoticed by Clang, VC++ 2010 and gcc 3.4.2
>>     }
>>
>> I compiled it with:   clang.exe -fsyntax-only -Wall -pedantic test.cpp
>> (on Windows, using PowerShell)
>>
>>     test.cpp(9) :  warning: reference to stack memory associated with
>> local variable 'w' returned
>>       return w; // expected-warning{{reference to stack memory associated
>> with local variable 'w' returned}}
>>          ^
>>     1 warning generated.
>>
>> As expected, the first return provoked a warning.
>>
>> However in the two other cases, no warning is generated.
>>
>> I was wondering if it would be possible for clang to diagnose those cases
>> as well. I guess the third case is the trickier, though since the lifetime
>> of the value is correctly extended, therre should be a way to detect that
>> `w2` is not just an ordinary const reference. I must admit I haven't come
>> over the Clang code base yet so it's still a bit blurry to me (by the way if
>> someone could kindly point me to some doc for developers...)
>>
>> Should I file a bug ? (or perhaps one already exists...)
>>
>> Matthieu.
>>
>> _______________________________________________
>> cfe-dev mailing list
>> cfe-dev at cs.uiuc.edu
>> http://lists.cs.uiuc.edu/mailman/listinfo/cfe-dev
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/cfe-dev/attachments/20101130/e64891ae/attachment.html>

More information about the cfe-dev mailing list