summaryrefslogtreecommitdiff
path: root/src/theory/inference_manager_buffered.cpp
diff options
context:
space:
mode:
authorAndrew Reynolds <andrew.j.reynolds@gmail.com>2020-10-19 02:55:25 -0500
committerGitHub <noreply@github.com>2020-10-19 09:55:25 +0200
commit46b55d615e32ab48065dde0187adeb760cdac949 (patch)
treed31b5b09085cbdf0802932895cc638318f4f86e0 /src/theory/inference_manager_buffered.cpp
parent94e3d9a0c2a51fbfd44516113527f34ed2c13e44 (diff)
Safer version of pending lemma processing in inference manager buffered (#5286)
This ensures we don't segfault if the pending lemma vector is cleared while we are processing it. This is potentially possible in datatypes currently. Fixes #5236.
Diffstat (limited to 'src/theory/inference_manager_buffered.cpp')
-rw-r--r--src/theory/inference_manager_buffered.cpp9
1 files changed, 6 insertions, 3 deletions
diff --git a/src/theory/inference_manager_buffered.cpp b/src/theory/inference_manager_buffered.cpp
index 7985f7de0..cdba5dfd6 100644
--- a/src/theory/inference_manager_buffered.cpp
+++ b/src/theory/inference_manager_buffered.cpp
@@ -100,10 +100,13 @@ void InferenceManagerBuffered::doPendingLemmas()
return;
}
d_processingPendingLemmas = true;
- for (const std::unique_ptr<TheoryInference>& plem : d_pendingLem)
+ size_t i = 0;
+ while (i < d_pendingLem.size())
{
- // process this lemma
- plem->process(this, true);
+ // process this lemma, which notice may enqueue more pending lemmas in this
+ // loop, or clear the lemmas.
+ d_pendingLem[i]->process(this, true);
+ i++;
}
d_pendingLem.clear();
d_processingPendingLemmas = false;
generated by cgit on debian on lair
contact matthew@masot.net with questions or feedback