From: Tim King Date: Fri, 23 Oct 2015 22:35:57 +0000 (-0700) Subject: Specify that the default initialization must always be done for CDOhash_map's data... X-Git-Tag: cvc5-1.0.0~6192 X-Git-Url: https://git.libre-soc.org/?a=commitdiff_plain;h=3a67d649379f20000b2416b02860aa057ac38607;p=cvc5.git Specify that the default initialization must always be done for CDOhash_map's data field. Without doing this, there exists a loop where uninitialized data can be read. This can happen if T is a type like bool. The trace goes: CDOhash_map::set(data) calls ContextObj::make_current(). Now (d_pScope->isCurrent()) is false. So ContextObj::make_current() calls ContextObj::update(). ContextObj::update() calls CDOhash_map::save(). CDOhash_map::save() calls return new(pCMM) CDOhash_map(*this) which calls the copy constructor which reads the data using d_data(other.d_data). --- diff --git a/src/context/cdhashmap.h b/src/context/cdhashmap.h index 324a5a2b4..338c46b0d 100644 --- a/src/context/cdhashmap.h +++ b/src/context/cdhashmap.h @@ -188,6 +188,7 @@ public: bool allocatedInCMM = false) : ContextObj(allocatedInCMM, context), d_key(key), + d_data(), d_map(NULL), d_noTrash(allocatedInCMM) {