[Bug c++/77312] New: Lambda that deletes itself accesses freed memory, but only if class is templated

halliwell at chromium dot org gcc-bugzilla@gcc.gnu.org
Mon Aug 22 01:31:00 GMT 2016


https://gcc.gnu.org/bugzilla/show_bug.cgi?id=77312

            Bug ID: 77312
           Summary: Lambda that deletes itself accesses freed memory, but
                    only if class is templated
           Product: gcc
           Version: unknown
            Status: UNCONFIRMED
          Severity: normal
          Priority: P3
         Component: c++
          Assignee: unassigned at gcc dot gnu.org
          Reporter: halliwell at chromium dot org
  Target Milestone: ---

Created attachment 39481
  --> https://gcc.gnu.org/bugzilla/attachment.cgi?id=39481&action=edit
Full preprocessor output using -save-temps when compiling

Preprocessed .ii file is attached.  The bug is most easily reproduced using
-fsanitize=address option (also running the program under valgrind).  I
compiled with

g++ --std=c++11 -fsanitize=address -o test gcc-bug.cc

and then ran:
./test

Curiously, the bug only happens when class LambdaHolder is templated.  If you
remove the template <class U> line and remove <int> from the instantiation
line, then the bug is gone.


Output of gcc -v:
Using built-in specs.
COLLECT_GCC=gcc
COLLECT_LTO_WRAPPER=/usr/lib/gcc/x86_64-linux-gnu/4.8/lto-wrapper
Target: x86_64-linux-gnu
Configured with: ../src/configure -v --with-pkgversion='Ubuntu
4.8.4-2ubuntu1~14.04.3' --with-bugurl=file:///usr/share/doc/gcc-4.8/README.Bugs
--enable-languages=c,c++,java,go,d,fortran,objc,obj-c++ --prefix=/usr
--program-suffix=-4.8 --enable-shared --enable-linker-build-id
--libexecdir=/usr/lib --without-included-gettext --enable-threads=posix
--with-gxx-include-dir=/usr/include/c++/4.8 --libdir=/usr/lib --enable-nls
--with-sysroot=/ --enable-clocale=gnu --enable-libstdcxx-debug
--enable-libstdcxx-time=yes --enable-gnu-unique-object --disable-libmudflap
--enable-plugin --with-system-zlib --disable-browser-plugin
--enable-java-awt=gtk --enable-gtk-cairo
--with-java-home=/usr/lib/jvm/java-1.5.0-gcj-4.8-amd64/jre --enable-java-home
--with-jvm-root-dir=/usr/lib/jvm/java-1.5.0-gcj-4.8-amd64
--with-jvm-jar-dir=/usr/lib/jvm-exports/java-1.5.0-gcj-4.8-amd64
--with-arch-directory=amd64 --with-ecj-jar=/usr/share/java/eclipse-ecj.jar
--enable-objc-gc --enable-multiarch --disable-werror --with-arch-32=i686
--with-abi=m64 --with-multilib-list=m32,m64,mx32 --with-tune=generic
--enable-checking=release --build=x86_64-linux-gnu --host=x86_64-linux-gnu
--target=x86_64-linux-gnu
Thread model: posix
gcc version 4.8.4 (Ubuntu 4.8.4-2ubuntu1~14.04.3)


More information about the Gcc-bugs mailing list