| Issue |
169149
|
| Summary |
std::span constructors should materialize data()+size() under ubsan
|
| Labels |
libc++
|
| Assignees |
|
| Reporter |
frobtech
|
When a `std::span` is constructed such that it's nonempty (not default constructed or zero-length), then `data() + size()` is a valid pointer to materialize and work with as the pointer past the end of the putative array being referenced. Under `#if __has_feature(undefined_behavior)`, merely computing `data() + size()` will insert checks that the pointer doesn't become invalid due to overflow or alignment or so on. It would be useful if `std::span` constructors, when compiled with ubsan checking, did something like `std::ignore = data() + size();` at the end of the constructor so these checks will be triggered as soon as the initial UB (invalid pointer/size combination passed to span constructors) is perpetrated, not only when some later span method (or caller code) triggers the check by materializing some pointer relative to `data()`.
CC: @PiJoules
![]()
_______________________________________________
llvm-bugs mailing list
[email protected]
https://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-bugs
