This is the mail archive of the
gcc-bugs@gcc.gnu.org
mailing list for the GCC project.
[Bug c++/52967] Segmentation fault on std::vector destruction
- From: "karlicoss at gmail dot com" <gcc-bugzilla at gcc dot gnu dot org>
- To: gcc-bugs at gcc dot gnu dot org
- Date: Fri, 13 Apr 2012 08:44:10 +0000
- Subject: [Bug c++/52967] Segmentation fault on std::vector destruction
- Auto-submitted: auto-generated
- References: <bug-52967-4@http.gcc.gnu.org/bugzilla/>
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=52967
--- Comment #3 from Dmitry Gerasimov <karlicoss at gmail dot com> 2012-04-13 08:44:10 UTC ---
(In reply to comment #1)
> I don't know if this is not undefined code.
> > v[0].a = run();
>
> Is this:
> double &a = v[0].a;
> a = run();
> Or:
> double tmp = run();
> v[0].a = tmp;
>
> I think both are correct because of the way the C++ standard defines =.
Ok, I got this.
If v[0].a = run(); is equivalent to double &a = v[0].a; a = run();, we:
1. calculate the address of a;
2. recurse into run
3. push_back, causing vector to increase its capacity and reallocate its
memory, which makes a to point to free memory.
I guess I should mark bug as Invalid?