[Bug c++/46264] New: Trunk [4.6.0 20101028] - An overloaded operator returning rvalue reference invalidates stack.

public inbox for gcc-bugs@sourceware.org
help / color / mirror / Atom feed

* [Bug c++/46264] New: Trunk [4.6.0 20101028] - An overloaded operator returning rvalue reference invalidates stack.
@ 2010-11-01 21:04 mirza.husadzic at gmail dot com
  2010-11-01 21:50 ` [Bug c++/46264] " redi at gcc dot gnu.org
  2010-11-01 22:06 ` mirza.husadzic at gmail dot com
  0 siblings, 2 replies; 3+ messages in thread
From: mirza.husadzic at gmail dot com @ 2010-11-01 21:04 UTC (permalink / raw)
  To: gcc-bugs

http://gcc.gnu.org/bugzilla/show_bug.cgi?id=46264

           Summary: Trunk [4.6.0 20101028] - An overloaded operator
                    returning rvalue reference invalidates stack.
           Product: gcc
           Version: unknown
            Status: UNCONFIRMED
          Severity: major
          Priority: P3
         Component: c++
        AssignedTo: unassigned@gcc.gnu.org
        ReportedBy: mirza.husadzic@gmail.com


Created attachment 22223
  --> http://gcc.gnu.org/bugzilla/attachment.cgi?id=22223
./dist/bin/g++ -v -std=c++0x -Wall -g -save-temps rvalue_bug.cpp

The following code is compiled ('-std=c++0x -Wall -g') without optimizations.

Sounds bizarre but the for loop (operator*) invalidates the stack, where
invalid data pointer goes to delete (at the destructor) causing segmentation
fault in libc.so. 
If the code is compiled without *for loop* there is no bug.

Note: By compiling with optimization flags (-0, -O1, -O2, -O3) the bug can't
be reproduced.


#include <iostream>

using namespace std;

class foo
{
        float *data;
        bool   reused;

 public:

        foo() : data(new float), reused(false) 
        {
                cout << "Allocating data: " << data << endl;
        }

        foo(foo&& f) : data(move(f.data)), reused(false) 
        {
                f.data = NULL;
                cout << "Move constructor." << endl;
        }

        ~foo()
        {
                if(reused == false)
                { 
                        cout << "Deleting data: " << data << endl;
                        delete data;
                }else
                        cout << "Reused data: " << data << endl;
        }

        foo&& operator*(const foo& b) const
        {
                foo ab;

                int sum = 0;

                /// This for loop causes invalidation of stack.
                for(int i=0; i<0; i++)
                        sum += i;         

                ab.reused = true;

                cout << "Operator *. Sum: " << sum << endl;

                return move(ab);
        }
};


int
main()
{
        foo a;
        foo b;

        foo c = a * b;

        return 0;
}


^ permalink raw reply	[flat|nested] 3+ messages in thread

* [Bug c++/46264] Trunk [4.6.0 20101028] - An overloaded operator returning rvalue reference invalidates stack.
  2010-11-01 21:04 [Bug c++/46264] New: Trunk [4.6.0 20101028] - An overloaded operator returning rvalue reference invalidates stack mirza.husadzic at gmail dot com
@ 2010-11-01 21:50 ` redi at gcc dot gnu.org
  2010-11-01 22:06 ` mirza.husadzic at gmail dot com
  1 sibling, 0 replies; 3+ messages in thread
From: redi at gcc dot gnu.org @ 2010-11-01 21:50 UTC (permalink / raw)
  To: gcc-bugs

http://gcc.gnu.org/bugzilla/show_bug.cgi?id=46264

--- Comment #1 from Jonathan Wakely <redi at gcc dot gnu.org> 2010-11-01 21:49:56 UTC ---
foo::operator* returns a reference to a local variable which goes out of scope,
causing c.data to contain garbage.

operator* should return by value instead


^ permalink raw reply	[flat|nested] 3+ messages in thread

* [Bug c++/46264] Trunk [4.6.0 20101028] - An overloaded operator returning rvalue reference invalidates stack.
  2010-11-01 21:04 [Bug c++/46264] New: Trunk [4.6.0 20101028] - An overloaded operator returning rvalue reference invalidates stack mirza.husadzic at gmail dot com
  2010-11-01 21:50 ` [Bug c++/46264] " redi at gcc dot gnu.org
@ 2010-11-01 22:06 ` mirza.husadzic at gmail dot com
  1 sibling, 0 replies; 3+ messages in thread
From: mirza.husadzic at gmail dot com @ 2010-11-01 22:06 UTC (permalink / raw)
  To: gcc-bugs

http://gcc.gnu.org/bugzilla/show_bug.cgi?id=46264

Mirza <mirza.husadzic at gmail dot com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|UNCONFIRMED                 |RESOLVED
         Resolution|                            |INVALID

--- Comment #2 from Mirza <mirza.husadzic at gmail dot com> 2010-11-01 22:06:33 UTC ---
Yes, you're right.
Thank you.
Closing this as not a bug.


^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2010-11-01 22:06 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2010-11-01 21:04 [Bug c++/46264] New: Trunk [4.6.0 20101028] - An overloaded operator returning rvalue reference invalidates stack mirza.husadzic at gmail dot com
2010-11-01 21:50 ` [Bug c++/46264] " redi at gcc dot gnu.org
2010-11-01 22:06 ` mirza.husadzic at gmail dot com

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).