[llvm] r225338 - [ADT][SmallVector] Flip an assert comparison to avoid overflows yielding false-negatives. NFC.
Ahmed Bougacha
ahmed.bougacha at gmail.com
Tue Jan 6 18:42:01 PST 2015
Author: ab
Date: Tue Jan 6 20:42:01 2015
New Revision: 225338
URL: http://llvm.org/viewvc/llvm-project?rev=225338&view=rev
Log:
[ADT][SmallVector] Flip an assert comparison to avoid overflows yielding false-negatives. NFC.
r221973 changed SmallVector::operator[] to use size_t instead of unsigned.
Before that, on 64bit platforms, when a large index (say -1) was passed,
truncating it to unsigned avoided an overflow when computing 'begin() + idx',
and failed the range checking assertion, as expected.
With r221973, idx isn't truncated, so the addition wraps to
'(char*)begin() - 1', and doesn't fire anymore when it should have done so.
This commit changes the comparison to instead compute 'end() - begin()'
(i.e., 'size()'), which avoids potentially overflowing additions, and
correctly triggers the assertion when values such as -1 are passed.
Note that the problem already existed before that revision, on platforms
where sizeof(size_t) == sizeof(unsigned).
Modified:
llvm/trunk/include/llvm/ADT/SmallVector.h
Modified: llvm/trunk/include/llvm/ADT/SmallVector.h
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/include/llvm/ADT/SmallVector.h?rev=225338&r1=225337&r2=225338&view=diff
==============================================================================
--- llvm/trunk/include/llvm/ADT/SmallVector.h (original)
+++ llvm/trunk/include/llvm/ADT/SmallVector.h Tue Jan 6 20:42:01 2015
@@ -135,11 +135,11 @@ public:
const_pointer data() const { return const_pointer(begin()); }
reference operator[](size_type idx) {
- assert(begin() + idx < end());
+ assert(idx < size());
return begin()[idx];
}
const_reference operator[](size_type idx) const {
- assert(begin() + idx < end());
+ assert(idx < size());
return begin()[idx];
}
More information about the llvm-commits
mailing list