public inbox for gcc-bugs@sourceware.org help / color / mirror / Atom feed
* [Bug c++/62052] New: function parameter has wrong address in lambda converted to pointer-to-function @ 2014-08-07 16:48 redi at gcc dot gnu.org 2014-08-07 17:19 ` [Bug c++/62052] " redi at gcc dot gnu.org ` (3 more replies) 0 siblings, 4 replies; 5+ messages in thread From: redi at gcc dot gnu.org @ 2014-08-07 16:48 UTC (permalink / raw) To: gcc-bugs https://gcc.gnu.org/bugzilla/show_bug.cgi?id=62052 Bug ID: 62052 Summary: function parameter has wrong address in lambda converted to pointer-to-function Product: gcc Version: 4.10.0 Status: UNCONFIRMED Keywords: wrong-code Severity: normal Priority: P3 Component: c++ Assignee: unassigned at gcc dot gnu.org Reporter: redi at gcc dot gnu.org CC: jason at gcc dot gnu.org Blocks: 54367 extern "C" int printf(const char*, ...); const char* locn = nullptr; struct X { X() { printf("%p cons in %s\n", this, locn); } X(X const& x) { printf("%p copy %p in %s\n", this, &x, locn); } ~X() { printf("%p dest\n", this); } }; int main() { locn = "main"; auto f = [] (X xx) { locn = "lambda"; printf("%p is &xx in lambda\n", &xx); return xx; }; X (*ff) (X) = f; ff ( X{} ); } Compiled with -std=c++11 this prints: 0x7fff50eed717 cons in main 0x7fff50eed6e0 is &xx in lambda 0x7fff50eed716 copy 0x7fff50eed6e0 in lambda 0x7fff50eed716 dest 0x7fff50eed717 dest The second line shows the function parameter xx is at 0x7fff50eed6e0 but no object is ever constructed (or destroyed) at that address, it should be 0x7fff50eed717. If the lambda is invoked directly the parameter has the right address, it only happens when converted to a pointer-to-function. The same bug occurs with -fno-elide-constructors, there are just more intermediate objects. As shown at https://bugzilla.redhat.com/show_bug.cgi?id=1079788 this can cause two unique_ptr objects to own the same memory and lead to a double free (because the move constructor called for the lambda's return value zeros out the wrong location) ^ permalink raw reply [flat|nested] 5+ messages in thread
* [Bug c++/62052] function parameter has wrong address in lambda converted to pointer-to-function 2014-08-07 16:48 [Bug c++/62052] New: function parameter has wrong address in lambda converted to pointer-to-function redi at gcc dot gnu.org @ 2014-08-07 17:19 ` redi at gcc dot gnu.org 2014-09-12 19:02 ` redi at gcc dot gnu.org ` (2 subsequent siblings) 3 siblings, 0 replies; 5+ messages in thread From: redi at gcc dot gnu.org @ 2014-08-07 17:19 UTC (permalink / raw) To: gcc-bugs https://gcc.gnu.org/bugzilla/show_bug.cgi?id=62052 Jonathan Wakely <redi at gcc dot gnu.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Known to fail| |4.10.0, 4.7.4, 4.8.2, 4.9.1 --- Comment #1 from Jonathan Wakely <redi at gcc dot gnu.org> --- Smaller testcase that aborts on error instead of printing addresses to stdout: extern "C" void __attribute((noreturn)) abort(); struct X; X const* objects[10]; int find(X const* x) { for (int i=0; i<10; ++i) if (objects[i] == x) return i; abort(); } struct X { X() { objects[ find(nullptr) ] = this; } X(X const& x) { find(&x); objects[ find(nullptr) ] = this; } ~X() { objects[ find(this) ] = nullptr; } }; int main() { auto f = [] (X xx) { return xx; }; X (*ff) (X) = f; ff ( X{} ); } ^ permalink raw reply [flat|nested] 5+ messages in thread
* [Bug c++/62052] function parameter has wrong address in lambda converted to pointer-to-function 2014-08-07 16:48 [Bug c++/62052] New: function parameter has wrong address in lambda converted to pointer-to-function redi at gcc dot gnu.org 2014-08-07 17:19 ` [Bug c++/62052] " redi at gcc dot gnu.org @ 2014-09-12 19:02 ` redi at gcc dot gnu.org 2015-03-09 10:13 ` redi at gcc dot gnu.org 2015-03-09 10:15 ` redi at gcc dot gnu.org 3 siblings, 0 replies; 5+ messages in thread From: redi at gcc dot gnu.org @ 2014-09-12 19:02 UTC (permalink / raw) To: gcc-bugs https://gcc.gnu.org/bugzilla/show_bug.cgi?id=62052 Jonathan Wakely <redi at gcc dot gnu.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|UNCONFIRMED |NEW Last reconfirmed| |2014-09-12 Ever confirmed|0 |1 Known to fail|4.10.0 |5.0 ^ permalink raw reply [flat|nested] 5+ messages in thread
* [Bug c++/62052] function parameter has wrong address in lambda converted to pointer-to-function 2014-08-07 16:48 [Bug c++/62052] New: function parameter has wrong address in lambda converted to pointer-to-function redi at gcc dot gnu.org 2014-08-07 17:19 ` [Bug c++/62052] " redi at gcc dot gnu.org 2014-09-12 19:02 ` redi at gcc dot gnu.org @ 2015-03-09 10:13 ` redi at gcc dot gnu.org 2015-03-09 10:15 ` redi at gcc dot gnu.org 3 siblings, 0 replies; 5+ messages in thread From: redi at gcc dot gnu.org @ 2015-03-09 10:13 UTC (permalink / raw) To: gcc-bugs https://gcc.gnu.org/bugzilla/show_bug.cgi?id=62052 Jonathan Wakely <redi at gcc dot gnu.org> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |charlie at charliedyson dot net --- Comment #2 from Jonathan Wakely <redi at gcc dot gnu.org> --- *** Bug 65354 has been marked as a duplicate of this bug. *** ^ permalink raw reply [flat|nested] 5+ messages in thread
* [Bug c++/62052] function parameter has wrong address in lambda converted to pointer-to-function 2014-08-07 16:48 [Bug c++/62052] New: function parameter has wrong address in lambda converted to pointer-to-function redi at gcc dot gnu.org ` (2 preceding siblings ...) 2015-03-09 10:13 ` redi at gcc dot gnu.org @ 2015-03-09 10:15 ` redi at gcc dot gnu.org 3 siblings, 0 replies; 5+ messages in thread From: redi at gcc dot gnu.org @ 2015-03-09 10:15 UTC (permalink / raw) To: gcc-bugs https://gcc.gnu.org/bugzilla/show_bug.cgi?id=62052 --- Comment #3 from Jonathan Wakely <redi at gcc dot gnu.org> --- Segfaulting testcase from PR 65354: #include <iostream> int main () { auto f = +[] (std::string s) { return std::string (std::move (s)); }; std::string s ("hello"); f (std::move (s)); } ^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2015-03-09 10:15 UTC | newest] Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2014-08-07 16:48 [Bug c++/62052] New: function parameter has wrong address in lambda converted to pointer-to-function redi at gcc dot gnu.org 2014-08-07 17:19 ` [Bug c++/62052] " redi at gcc dot gnu.org 2014-09-12 19:02 ` redi at gcc dot gnu.org 2015-03-09 10:13 ` redi at gcc dot gnu.org 2015-03-09 10:15 ` redi at gcc dot gnu.org
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).