Add lifetimebound to ArrayRef and StringRef to detect dangling issues
#113533
Comments
hokein
added
the
clang:memory-safety
|
Probably people run into that less frequently, but we could annotate all containers in ADT including small vector and such. They have a number of APIs handing out pointers and references that have the same lifetime as the container itself. |
This enables clang to detect more dangling issues.
```
ArrayRef<int> func() {
constexpr int array[] = {...}; // oops, missing the static
return array; // return a dangling reference, bomb.
}
```
See #113533.
Adding the lifetimebound annotation to the ArrayRef's array constructor
can enable us to detect the following use-after-free issues:
```
llvm::StringRef TestZoneName() {
char test[] = "foo"; // oops, missing static
return test; // use-after-free.
}
```
See #113533
…13547) This enables clang to detect more dangling issues. ``` ArrayRef<int> func() { constexpr int array[] = {...}; // oops, missing the static return array; // return a dangling reference, bomb. } ``` See llvm#113533.
…113878) Adding the lifetimebound annotation to the ArrayRef's array constructor can enable us to detect the following use-after-free issues: ``` llvm::StringRef TestZoneName() { char test[] = "foo"; // oops, missing static return test; // use-after-free. } ``` See llvm#113533
Thanks for the idea, annotating all containers in ADT could certainly help. My intention of this issue primarily targets the ArrayRef and StringRef constructors, which have already discovered some bugs in our internal codebase. |
|
Closing this issue now, as annotations for both ArrayRef and StringRef have been added. |
Adding the lifetimebound annotation to the
ArrayRef's array constructor can enable us to detect the following use-after-free issues:cc @Xazax-hun, @usx95
The text was updated successfully, but these errors were encountered: