newCTFE Status July 2017
Stefan Koch via Digitalmars-d
digitalmars-d at puremagic.com
Mon Jul 17 10:54:59 PDT 2017
On Thursday, 13 July 2017 at 12:45:19 UTC, Stefan Koch wrote:
> [ ... ]
I just figured out the bug in test/runnable/template8.d
What happens somewhere inside those templates is that the
following expression is executed:
"some string literal" ~ null;
when then happens we executed the equivalent of the following in
bytecode
{
size_t lhsorrhs = lhs | rhs;
if (!lhsorrhs)
return null;
// needed to handle the special case null ~ null == null;
immutable elemSize = elementSize(lhs); // can be assumed to be
the same as rhs
// sema would have
complained otherwise
int newSize = 0;
int lhsSize = lhs ? getLength(lhs) * elemSize : 0;
int rhsSize = rhs ? getLength(rhs) * elemSize : 0;
newSize += lhsSize;
newSize += (getLength(rhs) * elemSize);
void* newString = allocateHeap(newSize +
SliceDescriptor.sizeof);
auto sliceDesc = cast(SliceDescriptor*) newString;
sliceDesc.base = newString + SliceDescriptor.sizeof;
sliceDesc.length = newSize / elemSize;
newString += SliceDescriptor.sizeof;
memcpy(newString, lhs, lhsSize);
memcpy(newString + lhsSize, rhs, rhsSize);
}
now what happens if either lhs OR rhs are null but not both ?
right a null pointer dereference.
and this is what happend here.
Why did it take so long to find ?
Well please scan the test
https://github.com/dlang/dmd/blob/master/test/runnable/template8.d
yourself and tell me where you see "something" ~ null :)
More information about the Digitalmars-d
mailing list