On Thu, Aug 1, 2013 at 12:57 AM, Jeffrey Walton <span dir="ltr"><<a href="mailto:noloader@gmail.com" target="_blank">noloader@gmail.com</a>></span> wrote:<br><div class="gmail_quote"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
Hi All,<br>
<br>
What is this finding trying to tell me.<br>
<br>
The iterator is a typedef for _Base_ptr, and the address of _M_header<br>
is a pointer. _Link_type is typedef'd as a _Rb_tree_node<_Tp>*. So I<br>
don't see a width problem.<br></blockquote><div><br></div><div>_M_header is an _Rb_tree_node_base, which is smaller than an _Rb_tree_node<_Tp>. Usually, this would be OK -- you can reinterpret_cast between pointers of different types pretty much arbitrarily -- but because _Rb_tree_node_base is a base class of _Rb_tree_node<_Tp>, this is a static_cast, and the ruling wording is 5.2.9/11, which says " If the prvalue of type “pointer to cv1 B” points</div>
<div>to a B that is actually a subobject of an object of type D, the resulting pointer points to the enclosing object of type D. Otherwise, the behavior is undefined."</div><div><br></div><div>We've managed to prove that the prvalue of type "pointer to _Rb_tree_node_base" is not, in fact, a subobject of type "_Rb_tree_node<_Tp>", because there's not enough room in the allocated storage for an object of that type at that address. So we've determined that the behavior is undefined.</div>
<div><br></div><div>This is a bug in libstdc++. The fix is to use reinterpret_cast instead of static_cast in the definition of 'end'.</div><div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
*****<br>
Testing ECDSA (InSiTo unit tests):<br>
../usr/include/c++/4.2.1/bits/stl_tree.h:620:25: runtime error:<br>
downcast of address 0x7fff5598fe88 with insufficient space for an<br>
object of type '_Rb_tree_node' (aka '_Rb_tree_node<std::pair<const<br>
Botan::OID, std::basic_string<char> > >')<br>
0x7fff5598fe88: note: pointer points here<br>
00 00 00 00 00 00 00 00 00 00 00 00 10 a7 14 01 70 60 00 00 80 a7<br>
14 01 70 60 00 00 c0 a5 14 01<br>
^<br>
*****<br>
>From stl_tree.h:<br>
<br>
618 iterator<br>
619 end()<br>
620 { return iterator(static_cast<_Link_type>(&this->_M_impl._M_header)); }<br>
<br>
*****<br>
OS X 10.8.3<br>
<br>
$ uname -a<br>
Darwin riemann.home.pvt 12.4.0 Darwin Kernel Version 12.4.0: Wed May<br>
1 17:57:12 PDT 2013; root:xnu-2050.24.15~1/RELEASE_X86_64 x86_64<br>
_______________________________________________<br>
cfe-dev mailing list<br>
<a href="mailto:cfe-dev@cs.uiuc.edu">cfe-dev@cs.uiuc.edu</a><br>
<a href="http://lists.cs.uiuc.edu/mailman/listinfo/cfe-dev" target="_blank">http://lists.cs.uiuc.edu/mailman/listinfo/cfe-dev</a><br>
</blockquote></div><br>