public inbox for gcc-bugs@sourceware.org
help / color / mirror / Atom feed
From: "redi at gcc dot gnu.org" <gcc-bugzilla@gcc.gnu.org>
To: gcc-bugs@gcc.gnu.org
Subject: [Bug c++/62052] New: function parameter has wrong address in lambda converted to pointer-to-function
Date: Thu, 07 Aug 2014 16:48:00 -0000 [thread overview]
Message-ID: <bug-62052-4@http.gcc.gnu.org/bugzilla/> (raw)
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=62052
Bug ID: 62052
Summary: function parameter has wrong address in lambda
converted to pointer-to-function
Product: gcc
Version: 4.10.0
Status: UNCONFIRMED
Keywords: wrong-code
Severity: normal
Priority: P3
Component: c++
Assignee: unassigned at gcc dot gnu.org
Reporter: redi at gcc dot gnu.org
CC: jason at gcc dot gnu.org
Blocks: 54367
extern "C" int printf(const char*, ...);
const char* locn = nullptr;
struct X
{
X() {
printf("%p cons in %s\n", this, locn);
}
X(X const& x) {
printf("%p copy %p in %s\n", this, &x, locn);
}
~X() {
printf("%p dest\n", this);
}
};
int main()
{
locn = "main";
auto f = [] (X xx)
{
locn = "lambda";
printf("%p is &xx in lambda\n", &xx);
return xx;
};
X (*ff) (X) = f;
ff ( X{} );
}
Compiled with -std=c++11 this prints:
0x7fff50eed717 cons in main
0x7fff50eed6e0 is &xx in lambda
0x7fff50eed716 copy 0x7fff50eed6e0 in lambda
0x7fff50eed716 dest
0x7fff50eed717 dest
The second line shows the function parameter xx is at 0x7fff50eed6e0 but no
object is ever constructed (or destroyed) at that address, it should be
0x7fff50eed717.
If the lambda is invoked directly the parameter has the right address, it only
happens when converted to a pointer-to-function.
The same bug occurs with -fno-elide-constructors, there are just more
intermediate objects.
As shown at https://bugzilla.redhat.com/show_bug.cgi?id=1079788 this can cause
two unique_ptr objects to own the same memory and lead to a double free
(because the move constructor called for the lambda's return value zeros out
the wrong location)
next reply other threads:[~2014-08-07 16:48 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-08-07 16:48 redi at gcc dot gnu.org [this message]
2014-08-07 17:19 ` [Bug c++/62052] " redi at gcc dot gnu.org
2014-09-12 19:02 ` redi at gcc dot gnu.org
2015-03-09 10:13 ` redi at gcc dot gnu.org
2015-03-09 10:15 ` redi at gcc dot gnu.org
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=bug-62052-4@http.gcc.gnu.org/bugzilla/ \
--to=gcc-bugzilla@gcc.gnu.org \
--cc=gcc-bugs@gcc.gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).