[cfe-dev] is there any way to detect temporary referencing with clang?

Kostya Serebryany kcc at google.com
Wed Jul 16 08:01:35 PDT 2014 

This is more like use-after-scope (not implemented yet) in asan
https://code.google.com/p/address-sanitizer/issues/detail?id=83


On Wed, Jul 16, 2014 at 6:35 PM, David Blaikie <dblaikie at gmail.com> wrote:

> Either msan or the static analyzer might catch this, but there's no
> straight up compiler warning for this (and as the issue is interprocedural,
> any such warning would have to be assisted by source annotations)
> On Jul 15, 2014 11:58 PM, "Dennis Luehring" <dl.soluz at gmx.net> wrote:
>
>> or is that already covered by https://code.google.com/p/
>> address-sanitizer/issues/detail?id=73
>>
>> example:
>>
>> #include <cstdint>
>> #include <cstdio>
>>
>> class user_t
>> {
>> public:
>>   user_t(const int64_t& p_a):
>>     m_a(p_a)
>>   {
>>   }
>>
>>   const int64_t& m_a; // someone added evil & while refactoring
>>
>>   int64_t use_it() const
>>   {
>>     return m_a;
>>   }
>> };
>>
>> #define EVIL_TEMPORARY
>>
>> //example result:
>> //EVIL_TEMPORARY  Mode
>> //     X          Release  --> a: 8, user_a: 75769734271860736 FAIL
>> //     X          Debug    --> a: 8, user_a: 7 FAIL
>> //     -          Release  --> a: 8, user_a: 8 OK
>> //     -          Debug    --> a: 8, user_a: 8 OK
>>
>> int main(int argc, char** argv)
>> {
>>   const int64_t value = argc+6;
>>   int64_t a = value;
>>
>> #if defined(EVIL_TEMPORARY)
>>   const user_t user(a++); // the temporary result of a++ is referenced by
>> member m_a
>> #else
>>   const user_t user(a);
>>   ++a;
>> #endif
>>   const int64_t user_a = user.use_it();
>>   const bool ok = user_a == a;
>>   printf("a: %I64d, user_a: %I64d %s\n", a, user_a, ok ? "OK":"FAIL");
>>   return ok;
>> }
>> _______________________________________________
>> cfe-dev mailing list
>> cfe-dev at cs.uiuc.edu
>> http://lists.cs.uiuc.edu/mailman/listinfo/cfe-dev
>>
>
> _______________________________________________
> cfe-dev mailing list
> cfe-dev at cs.uiuc.edu
> http://lists.cs.uiuc.edu/mailman/listinfo/cfe-dev
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/cfe-dev/attachments/20140716/d71cb16e/attachment.html>

More information about the cfe-dev mailing list