On Thu, Jul 24, 2014 at 2:25 AM, Richard Smith <[email protected]> wrote:
> On Wed, Jul 23, 2014 at 1:32 PM, Alexey Samsonov <[email protected]> > wrote: > >> +kcc >> >> I wonder if we could detect it with container-overflow feature in ASan >> and annotated libcxx vector. >> > > FWIW, the existing ASan diagnostic was great here, and let me find the bug > with essentially no work (but only triggers in the cases where the vector > actually gets reallocated). > The container overflow annotations will not help here -- there is not use of data between begin()+size() and begin()+capacity() here. > > >> On Wed, Jul 23, 2014 at 1:07 PM, Richard Smith < >> [email protected]> wrote: >> >>> Author: rsmith >>> Date: Wed Jul 23 15:07:08 2014 >>> New Revision: 213790 >>> >>> URL: http://llvm.org/viewvc/llvm-project?rev=213790&view=rev >>> Log: >>> PR20228: don't retain a pointer to a vector element after the container >>> has been resized. >>> >>> Modified: >>> cfe/trunk/lib/Sema/SemaExprCXX.cpp >>> cfe/trunk/test/SemaCXX/type-traits.cpp >>> >>> Modified: cfe/trunk/lib/Sema/SemaExprCXX.cpp >>> URL: >>> http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/Sema/SemaExprCXX.cpp?rev=213790&r1=213789&r2=213790&view=diff >>> >>> ============================================================================== >>> --- cfe/trunk/lib/Sema/SemaExprCXX.cpp (original) >>> +++ cfe/trunk/lib/Sema/SemaExprCXX.cpp Wed Jul 23 15:07:08 2014 >>> @@ -3651,12 +3651,13 @@ static bool evaluateTypeTrait(Sema &S, T >>> if (T->isObjectType() || T->isFunctionType()) >>> T = S.Context.getRValueReferenceType(T); >>> OpaqueArgExprs.push_back( >>> - OpaqueValueExpr(Args[I]->getTypeLoc().getLocStart(), >>> + OpaqueValueExpr(Args[I]->getTypeLoc().getLocStart(), >>> T.getNonLValueExprType(S.Context), >>> Expr::getValueKindForType(T))); >>> - ArgExprs.push_back(&OpaqueArgExprs.back()); >>> } >>> - >>> + for (Expr &E : OpaqueArgExprs) >>> + ArgExprs.push_back(&E); >>> + >>> // Perform the initialization in an unevaluated context within a >>> SFINAE >>> // trap at translation unit scope. >>> EnterExpressionEvaluationContext Unevaluated(S, Sema::Unevaluated); >>> >>> Modified: cfe/trunk/test/SemaCXX/type-traits.cpp >>> URL: >>> http://llvm.org/viewvc/llvm-project/cfe/trunk/test/SemaCXX/type-traits.cpp?rev=213790&r1=213789&r2=213790&view=diff >>> >>> ============================================================================== >>> --- cfe/trunk/test/SemaCXX/type-traits.cpp (original) >>> +++ cfe/trunk/test/SemaCXX/type-traits.cpp Wed Jul 23 15:07:08 2014 >>> @@ -146,6 +146,10 @@ struct ThreeArgCtor { >>> ThreeArgCtor(int*, char*, int); >>> }; >>> >>> +struct VariadicCtor { >>> + template<typename...T> VariadicCtor(T...); >>> +}; >>> + >>> void is_pod() >>> { >>> { int arr[T(__is_pod(int))]; } >>> @@ -1968,6 +1972,10 @@ void constructible_checks() { >>> // PR19178 >>> { int arr[F(__is_constructible(Abstract))]; } >>> { int arr[F(__is_nothrow_constructible(Abstract))]; } >>> + >>> + // PR20228 >>> + { int arr[T(__is_constructible(VariadicCtor, >>> + int, int, int, int, int, int, int, >>> int, int))]; } >>> } >>> >>> // Instantiation of __is_trivially_constructible >>> >>> >>> _______________________________________________ >>> cfe-commits mailing list >>> [email protected] >>> http://lists.cs.uiuc.edu/mailman/listinfo/cfe-commits >>> >> >> >> >> -- >> Alexey Samsonov >> [email protected] >> > >
_______________________________________________ cfe-commits mailing list [email protected] http://lists.cs.uiuc.edu/mailman/listinfo/cfe-commits
