public inbox for gcc-bugs@sourceware.org
help / color / mirror / Atom feed
* [Bug libstdc++/102712] New: std::optional::operator* should assert on unset value
@ 2021-10-12 15:56 ott at fb dot com
2021-10-12 16:04 ` [Bug libstdc++/102712] " redi at gcc dot gnu.org
` (3 more replies)
0 siblings, 4 replies; 5+ messages in thread
From: ott at fb dot com @ 2021-10-12 15:56 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=102712
Bug ID: 102712
Summary: std::optional::operator* should assert on unset value
Product: gcc
Version: unknown
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: libstdc++
Assignee: unassigned at gcc dot gnu.org
Reporter: ott at fb dot com
Target Milestone: ---
It is UB to call operator* on an unset std::optional, and when doing so it is
easy to hit time-traveling UB, resulting in behavior that is very hard to
debug.
For example, setting a field of an unset optional with operator-> may look like
it succeeded, and the rest of the program will behave as if the optional was
set, but it will silently leak memory because the destructor won't run. Another
plausible scenario is having an optional<X> where X has an operator bool(), and
spelling "if (*opt)" when the intention is to spell "if (opt)". The program
compiles and the optional is just assumed set around the condition.
Even UBSan with some of the strictest settings doesn't detect this.
All major implementations of the type have defined behavior in debug builds:
- libc++ asserts
https://github.com/llvm-mirror/libcxx/blob/master/include/optional#L905
- boost asserts
https://github.com/boostorg/optional/blob/develop/include/boost/optional/optional.hpp#L1213
- abseil asserts
https://github.com/abseil/abseil-cpp/blob/master/absl/types/optional.h#L428
- folly throws (in any compilation mode)
https://github.com/facebook/folly/blob/master/folly/Optional.h#L330
https://github.com/facebook/folly/blob/master/folly/Optional.h#L297
So anyone migrating from any of these is in for a world of hurt.
Please consider adding an assertion in libstdc++.
^ permalink raw reply [flat|nested] 5+ messages in thread
* [Bug libstdc++/102712] std::optional::operator* should assert on unset value
2021-10-12 15:56 [Bug libstdc++/102712] New: std::optional::operator* should assert on unset value ott at fb dot com
@ 2021-10-12 16:04 ` redi at gcc dot gnu.org
2021-10-12 16:06 ` redi at gcc dot gnu.org
` (2 subsequent siblings)
3 siblings, 0 replies; 5+ messages in thread
From: redi at gcc dot gnu.org @ 2021-10-12 16:04 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=102712
Jonathan Wakely <redi at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|UNCONFIRMED |RESOLVED
Resolution|--- |WORKSFORME
--- Comment #1 from Jonathan Wakely <redi at gcc dot gnu.org> ---
You mean like this one?
/usr/include/c++/11/optional:440: constexpr _Tp& std::_Optional_base_impl<_Tp,
_Dp>::_M_get() [with _Tp = int; _Dp = std::_Optional_base<int, true, true>]:
Assertion 'this->_M_is_engaged()' failed.
Aborted (core dumped)
It's been there since r248099 more than four years ago.
Just compile with -D_GLIBCXX_ASSERTIONS
^ permalink raw reply [flat|nested] 5+ messages in thread
* [Bug libstdc++/102712] std::optional::operator* should assert on unset value
2021-10-12 15:56 [Bug libstdc++/102712] New: std::optional::operator* should assert on unset value ott at fb dot com
2021-10-12 16:04 ` [Bug libstdc++/102712] " redi at gcc dot gnu.org
@ 2021-10-12 16:06 ` redi at gcc dot gnu.org
2021-10-12 16:09 ` ott at fb dot com
2022-11-28 11:08 ` redi at gcc dot gnu.org
3 siblings, 0 replies; 5+ messages in thread
From: redi at gcc dot gnu.org @ 2021-10-12 16:06 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=102712
--- Comment #2 from Jonathan Wakely <redi at gcc dot gnu.org> ---
(In reply to Jonathan Wakely from comment #1)
> Just compile with -D_GLIBCXX_ASSERTIONS
Or the more heavyweight -D_GLIBCXX_DEBUG which implies _GLIBCXX_ASSERTIONS too.
^ permalink raw reply [flat|nested] 5+ messages in thread
* [Bug libstdc++/102712] std::optional::operator* should assert on unset value
2021-10-12 15:56 [Bug libstdc++/102712] New: std::optional::operator* should assert on unset value ott at fb dot com
2021-10-12 16:04 ` [Bug libstdc++/102712] " redi at gcc dot gnu.org
2021-10-12 16:06 ` redi at gcc dot gnu.org
@ 2021-10-12 16:09 ` ott at fb dot com
2022-11-28 11:08 ` redi at gcc dot gnu.org
3 siblings, 0 replies; 5+ messages in thread
From: ott at fb dot com @ 2021-10-12 16:09 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=102712
--- Comment #3 from Giuseppe Ottaviano <ott at fb dot com> ---
Oh well this is embarrassing, I was looking at _Optional_payload_base::_M_get()
instead of _Optional_base_impl::_M_get() .
Sorry for the noise and thanks for fixing this 4 years ago!
^ permalink raw reply [flat|nested] 5+ messages in thread
* [Bug libstdc++/102712] std::optional::operator* should assert on unset value
2021-10-12 15:56 [Bug libstdc++/102712] New: std::optional::operator* should assert on unset value ott at fb dot com
` (2 preceding siblings ...)
2021-10-12 16:09 ` ott at fb dot com
@ 2022-11-28 11:08 ` redi at gcc dot gnu.org
3 siblings, 0 replies; 5+ messages in thread
From: redi at gcc dot gnu.org @ 2022-11-28 11:08 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=102712
Jonathan Wakely <redi at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |tim at klingt dot org
--- Comment #4 from Jonathan Wakely <redi at gcc dot gnu.org> ---
*** Bug 107894 has been marked as a duplicate of this bug. ***
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2022-11-28 11:08 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-10-12 15:56 [Bug libstdc++/102712] New: std::optional::operator* should assert on unset value ott at fb dot com
2021-10-12 16:04 ` [Bug libstdc++/102712] " redi at gcc dot gnu.org
2021-10-12 16:06 ` redi at gcc dot gnu.org
2021-10-12 16:09 ` ott at fb dot com
2022-11-28 11:08 ` redi at gcc dot gnu.org
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).