c++: constexpr returning deallocated ptr

In constexpr-new3.C, the f7 function returns a deleted pointer, which we
were happily caching because the new and delete are balanced.  Don't.

gcc/cp/ChangeLog:

	* constexpr.cc (cxx_eval_call_expression): Check for
	heap vars in the result.

diff --git a/gcc/cp/constexpr.cc b/gcc/cp/constexpr.cc
index 1a70fda1dc5513be6761958c09cdf225024420af..45208478c3fe7afab1e0f23e46da12e0dc47edb9 100644 (file)
--- a/gcc/cp/constexpr.cc
+++ b/gcc/cp/constexpr.cc
@@ -1356,6 +1356,7 @@ static tree cxx_eval_constant_expression (const constexpr_ctx *, tree,
                                          value_cat, bool *, bool *, tree * = NULL);
 static tree cxx_fold_indirect_ref (const constexpr_ctx *, location_t, tree, tree,
                                   bool * = NULL);
+static tree find_heap_var_refs (tree *, int *, void *);
 
 /* Attempt to evaluate T which represents a call to a builtin function.
    We assume here that all builtin functions evaluate to scalar types
@@ -2965,6 +2966,10 @@ cxx_eval_call_expression (const constexpr_ctx *ctx, tree t,
                      cacheable = false;
                      break;
                    }
+             /* Also don't cache a call that returns a deallocated pointer.  */
+             if (cacheable && (cp_walk_tree_without_duplicates
+                               (&result, find_heap_var_refs, NULL)))
+               cacheable = false;
            }
 
            /* Rewrite all occurrences of the function's RESULT_DECL with the