https://gcc.gnu.org/bugzilla/show_bug.cgi?id=65352
Bug ID: 65352
Summary: array<T,0>::begin()/end() etc. forms a null reference
and breaks on clang+ubsan
Product: gcc
Version: 4.9.2
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: libstdc++
Assignee: unassigned at gcc dot gnu.org
Reporter: rs2740 at gmail dot com
Repro:
#include <array>
int main(){
std::array<int, 0> foo;
foo.begin(); // or end(), etc.
}
Output (http://coliru.stacked-crooked.com/a/e1cbe7e73bcee449):
> clang++ --version
clang version 3.5.0 (tags/RELEASE_350/final 217394)
Target: x86_64-unknown-linux-gnu
Thread model: posix
> clang++ -std=c++11 -O0 -Wall -pedantic -pthread main.cpp -fsanitize=undefined
> ./a.out
==15356==WARNING: readlink("/proc/self/exe") failed with errno 2, some stack
frames may not be symbolized
/usr/local/bin/../lib/gcc/x86_64-unknown-linux-gnu/4.9.2/../../../../include/c++/4.9.2/array:63:15:
runtime error: reference binding to null pointer of type 'int'
/usr/local/bin/../lib/gcc/x86_64-unknown-linux-gnu/4.9.2/../../../../include/c++/4.9.2/array:222:33:
runtime error: reference binding to null pointer of type 'int'
begin()/end() are supposed to be well-defined even if N = 0. The implementation
in <array> defers to data(), which in turn returns
std::__addressof(_AT_Type::_S_ref(_M_elems, 0)). The problem is that for the N
= 0 case, __array_traits::_S_ref forms and returns a null reference:
static constexpr _Tp&
_S_ref(const _Type&, std::size_t) noexcept
{ return *static_cast<_Tp*>(nullptr); }
An obvious possible fix is to provide a pointer-returning helper in addition to
or instead of _S_ref.
