On Mon, May 12, 2014 at 5:29 PM, Kostya Serebryany <k...@google.com> wrote:
> > > > On Mon, May 12, 2014 at 3:45 PM, Stephan Tolksdorf <s...@quanttec.com>wrote: > >> On 12.05.14 13:13, Kostya Serebryany wrote: >> >>> Do you have a test that demonstrates that? That would be very helpful. >>> >> >> In push_back for example, you annotate that the length increases by 1, >> but then you don't undo that annotation if the copy constructor of the >> element throws an exception. Afterwards the sanitizer can't properly check >> accesses to the end of the vector and the next time the vector calls >> __sanitizer_annotate_contiguous_container it will pass a wrong old_mid >> pointer. >> > > Trying to build a test case with libc++ and exceptions... (not trivial, > will take some time) > Reproduced. (we have very little code with exceptions so this has avoided our testing efforts :) Any suggestion for the fix? #include <vector> #include <assert.h> #include <iostream> #include <sanitizer/asan_interface.h> using namespace std; class X { public: X(const X &x) { if (x.a == 42) throw 0; a = x.a; } X(char arg): a(arg){} char get() const { return a; } private: char a; }; int main() { vector<X> v; v.reserve(2); v.push_back(X(2)); assert(v.size() == 1); try { v.push_back(X(42)); assert(0); } catch (int e) { assert(v.size() == 1); } assert(v.size() == 1); assert(v[1].get() != 777); char *p = (char*)v.data(); assert(!__asan_address_is_poisoned(p)); assert(__asan_address_is_poisoned(p+1)); } > > >> >> And an unrelated issue: the documentation for >> __sanitizer_annotate_contiguous_container >> states that the complete buffer should be unpoisened before it is >> deallocated. This doesn't seem to be happening in the destructor or in the >> deallocate function. > > Here we rely on the fact that vector is using the default allocator, which > immediately calls delete, which itself unpoisons the memory chunk. > > --kcc > >> >> >> - Stephan >> >> >
_______________________________________________ cfe-commits mailing list cfe-commits@cs.uiuc.edu http://lists.cs.uiuc.edu/mailman/listinfo/cfe-commits