On Mon, May 12, 2014 at 3:45 PM, Stephan Tolksdorf <s...@quanttec.com> wrote:
> On 12.05.14 13:13, Kostya Serebryany wrote: > >> Do you have a test that demonstrates that? That would be very helpful. >> > > In push_back for example, you annotate that the length increases by 1, but > then you don't undo that annotation if the copy constructor of the element > throws an exception. Afterwards the sanitizer can't properly check accesses > to the end of the vector and the next time the vector calls > __sanitizer_annotate_contiguous_container it will pass a wrong old_mid > pointer. > Trying to build a test case with libc++ and exceptions... (not trivial, will take some time) > > And an unrelated issue: the documentation for > __sanitizer_annotate_contiguous_container > states that the complete buffer should be unpoisened before it is > deallocated. This doesn't seem to be happening in the destructor or in the > deallocate function. Here we rely on the fact that vector is using the default allocator, which immediately calls delete, which itself unpoisons the memory chunk. --kcc > > > - Stephan > >
_______________________________________________ cfe-commits mailing list cfe-commits@cs.uiuc.edu http://lists.cs.uiuc.edu/mailman/listinfo/cfe-commits
