r213790 - PR20228: don't retain a pointer to a vector element after the container has been resized.

Alexey Samsonov vonosmas at gmail.com
Wed Jul 23 13:32:01 PDT 2014 

+kcc

I wonder if we could detect it with container-overflow feature in ASan and
annotated libcxx vector.


On Wed, Jul 23, 2014 at 1:07 PM, Richard Smith <richard-llvm at metafoo.co.uk>
wrote:

> Author: rsmith
> Date: Wed Jul 23 15:07:08 2014
> New Revision: 213790
>
> URL: http://llvm.org/viewvc/llvm-project?rev=213790&view=rev
> Log:
> PR20228: don't retain a pointer to a vector element after the container
> has been resized.
>
> Modified:
>     cfe/trunk/lib/Sema/SemaExprCXX.cpp
>     cfe/trunk/test/SemaCXX/type-traits.cpp
>
> Modified: cfe/trunk/lib/Sema/SemaExprCXX.cpp
> URL:
> http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/Sema/SemaExprCXX.cpp?rev=213790&r1=213789&r2=213790&view=diff
>
> ==============================================================================
> --- cfe/trunk/lib/Sema/SemaExprCXX.cpp (original)
> +++ cfe/trunk/lib/Sema/SemaExprCXX.cpp Wed Jul 23 15:07:08 2014
> @@ -3651,12 +3651,13 @@ static bool evaluateTypeTrait(Sema &S, T
>        if (T->isObjectType() || T->isFunctionType())
>          T = S.Context.getRValueReferenceType(T);
>        OpaqueArgExprs.push_back(
> -        OpaqueValueExpr(Args[I]->getTypeLoc().getLocStart(),
> +        OpaqueValueExpr(Args[I]->getTypeLoc().getLocStart(),
>                          T.getNonLValueExprType(S.Context),
>                          Expr::getValueKindForType(T)));
> -      ArgExprs.push_back(&OpaqueArgExprs.back());
>      }
> -
> +    for (Expr &E : OpaqueArgExprs)
> +      ArgExprs.push_back(&E);
> +
>      // Perform the initialization in an unevaluated context within a
> SFINAE
>      // trap at translation unit scope.
>      EnterExpressionEvaluationContext Unevaluated(S, Sema::Unevaluated);
>
> Modified: cfe/trunk/test/SemaCXX/type-traits.cpp
> URL:
> http://llvm.org/viewvc/llvm-project/cfe/trunk/test/SemaCXX/type-traits.cpp?rev=213790&r1=213789&r2=213790&view=diff
>
> ==============================================================================
> --- cfe/trunk/test/SemaCXX/type-traits.cpp (original)
> +++ cfe/trunk/test/SemaCXX/type-traits.cpp Wed Jul 23 15:07:08 2014
> @@ -146,6 +146,10 @@ struct ThreeArgCtor {
>    ThreeArgCtor(int*, char*, int);
>  };
>
> +struct VariadicCtor {
> +  template<typename...T> VariadicCtor(T...);
> +};
> +
>  void is_pod()
>  {
>    { int arr[T(__is_pod(int))]; }
> @@ -1968,6 +1972,10 @@ void constructible_checks() {
>    // PR19178
>    { int arr[F(__is_constructible(Abstract))]; }
>    { int arr[F(__is_nothrow_constructible(Abstract))]; }
> +
> +  // PR20228
> +  { int arr[T(__is_constructible(VariadicCtor,
> +                                 int, int, int, int, int, int, int, int,
> int))]; }
>  }
>
>  // Instantiation of __is_trivially_constructible
>
>
> _______________________________________________
> cfe-commits mailing list
> cfe-commits at cs.uiuc.edu
> http://lists.cs.uiuc.edu/mailman/listinfo/cfe-commits
>



-- 
Alexey Samsonov
vonosmas at gmail.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/cfe-commits/attachments/20140723/08eae221/attachment.html>

More information about the cfe-commits mailing list