[cfe-dev] Undiagnosed "reference to stack memory [...] returned"

Matthieu Monrocq matthieu.monrocq at gmail.com
Wed Dec 1 01:00:09 PST 2010 

Hi Argyrios,

this one is astonishing! It goes even beyond what I expected truth to be
told.

I really hope it passes the self-hosting test and you don't have to revert
it.

Thanks,
Matthieu.

2010/12/1 Argyrios Kyrtzidis <kyrtzidis at apple.com>

> On Nov 30, 2010, at 9:56 AM, Matthieu Monrocq wrote:
>
> Hi Argyrios,
>
> Thank you very much!
>
> It's great that clang will diagnose this UB, it's a really nasty bug to
> track down :)
>
>
> I reverted the previous commit, much better fix in
> http://lists.cs.uiuc.edu/pipermail/cfe-commits/Week-of-Mon-20101129/036875.html
> .
> e.g. for
>
> struct S {
>   int x;
> };
>
> int &get_ref() {
>   S s;
>   S &s2 = s;
>   int &x2 = s2.x;
>   return x2;
> }
>
> we get
>
> t3.cpp:9:10: warning: reference to stack memory associated with local
> variable 's' returned
>   return x2;
>          ^~
> t3.cpp:8:8: note: binding reference variable 'x2' here
>   int &x2 = s2.x;
>        ^    ~~
> t3.cpp:7:6: note: binding reference variable 's2' here
>   S &s2 = s;
>      ^    ~
> 1 warning generated.
>
>
> Matthieu.
>
> 2010/11/29 Argyrios Kyrtzidis <akyrtzi at gmail.com>
>
>> Hi Matthieu,
>>
>> Sorry for the (very..) late response. We now warn for all cases since
>> http://lists.cs.uiuc.edu/pipermail/cfe-commits/Week-of-Mon-20101129/036838.html
>>
>> Thanks for reporting the issue!
>>
>> -Argiris
>>
>> On Wed, Sep 15, 2010 at 11:04 AM, Matthieu Monrocq <
>> matthieu.monrocq at gmail.com> wrote:
>>
>>> Hi guys,
>>>
>>> here is a very simple test case:
>>>
>>>     int const& get_reference_warning()
>>>     {
>>>       int w = 0;
>>>       return w; // expected-warning{{reference to stack memory associated
>>> with local variable 'w' returned}}
>>>     }
>>>
>>>     int get_value();
>>>
>>>     int const& get_reference_no_warning() { return get_value(); } //
>>> Diagnosed by VC++ 2010 (haven't tested on gcc), but unnoticed by Clang
>>>
>>>     int const& get_reference_no_warning_2()
>>>     {
>>>       int const& w2 = get_value();         // Correct, lifetime of the
>>> value is extended to the lifetime of the const reference
>>>       return w2;                                   // Undefined behavior:
>>> goes unnoticed by Clang, VC++ 2010 and gcc 3.4.2
>>>     }
>>>
>>> I compiled it with:   clang.exe -fsyntax-only -Wall -pedantic test.cpp
>>> (on Windows, using PowerShell)
>>>
>>>     test.cpp(9) :  warning: reference to stack memory associated with
>>> local variable 'w' returned
>>>       return w; // expected-warning{{reference to stack memory associated
>>> with local variable 'w' returned}}
>>>          ^
>>>     1 warning generated.
>>>
>>> As expected, the first return provoked a warning.
>>>
>>> However in the two other cases, no warning is generated.
>>>
>>> I was wondering if it would be possible for clang to diagnose those cases
>>> as well. I guess the third case is the trickier, though since the lifetime
>>> of the value is correctly extended, therre should be a way to detect that
>>> `w2` is not just an ordinary const reference. I must admit I haven't come
>>> over the Clang code base yet so it's still a bit blurry to me (by the way if
>>> someone could kindly point me to some doc for developers...)
>>>
>>> Should I file a bug ? (or perhaps one already exists...)
>>>
>>> Matthieu.
>>>
>>> _______________________________________________
>>> cfe-dev mailing list
>>> cfe-dev at cs.uiuc.edu
>>> http://lists.cs.uiuc.edu/mailman/listinfo/cfe-dev
>>>
>>>
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/cfe-dev/attachments/20101201/0ce4bce3/attachment.html>

More information about the cfe-dev mailing list