--- Begin Message ---
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: g++/armel,armhf: -O2 causes memory corruption for some lambda captures
- From: "Eugene V. Lyubimkin" <jackyf@debian.org>
- Date: Wed, 21 Sep 2016 09:45:07 +0200
- Message-id: <20160921074507.10315.76506.reportbug@debian-w500.Elisa>
Package: g++-6
Version: 6.2.0-4
Severity: normal
Control: affects -1 cupt
Also applicable to g++ 6.1.1. This appears to be a regression from GCC 5.
The code works under -O1 or -O0.
See #836588 for more background.
Here's the test case which explains:
---------------------------8<--------------------------
(sid_armhf-dchroot)jackyf@harris:~/smalltests/small-std-function-arm$ cat hm.cpp
#include <iostream>
#include <functional>
struct C
{
void doCb()
{
size_t dummy_a = 1;
std::cout << "Outside: " << this << std::endl;
std::function<void ()> f;
f = [this, &dummy_a]()
{};
f = [this]()
{
std::cout << "Inside: " << this << std::endl;
};
f();
}
};
int main()
{
C c;
c.doCb();
}
(sid_armhf-dchroot)jackyf@harris:~/smalltests/small-std-function-arm$ cat Makefile
all:
g++ -O2 -Wall -Wextra hm.cpp -o hm.e
(sid_armhf-dchroot)jackyf@harris:~/smalltests/small-std-function-arm$ ./hm.e
Outside: 0xbeaeb5f4
Inside: 0x2
(sid_armhf-dchroot)jackyf@harris:~/smalltests/small-std-function-arm$ ~/valgrind/valgrind-3.12.0~svn20160714
/vg-in-place ./hm.e
==9628== Memcheck, a memory error detector
==9628== Copyright (C) 2002-2015, and GNU GPL'd, by Julian Seward et al.
==9628== Using Valgrind-3.12.0.SVN and LibVEX; rerun with -h for copyright info
==9628== Command: ./hm.e
==9628==
Outside: 0xbdb6a454
==9628== Use of uninitialised value of size 4
==9628== at 0x4916BF6: ??? (in /usr/lib/arm-linux-gnueabihf/libstdc++.so.6.0.22)
==9628==
==9628== Conditional jump or move depends on uninitialised value(s)
==9628== at 0x4916BFC: ??? (in /usr/lib/arm-linux-gnueabihf/libstdc++.so.6.0.22)
==9628==
==9628== Conditional jump or move depends on uninitialised value(s)
==9628== at 0x49179FA: std::ostreambuf_iterator<char, std::char_traits<char> > std::num_put<char,
std::ostreambuf_iterator<char, std::char_traits<char> > >::_M_insert_int<unsigned long>(std::ostreambuf_iterator<char,
std::char_traits<char> >, std::ios_base&, char, unsigned long) const (in /usr/lib/arm-linux-gnueabihf/libstdc++.so.6.0.22)
==9628== by 0x4917AC5: std::num_put<char, std::ostreambuf_iterator<char, std::char_traits<char> >
>::do_put(std::ostreambuf_iterator<char, std::char_traits<char> >, std::ios_base&, char, void const*) const (in
/usr/lib/arm-linux-gnueabihf/libstdc++.so.6.0.22)
==9628== by 0x491FDA3: std::ostream& std::ostream::_M_insert<void const*>(void const*) (in
/usr/lib/arm-linux-gnueabihf/libstdc++.so.6.0.22)
==9628==
Inside: 0x2
==9628==
==9628== HEAP SUMMARY:
==9628== in use at exit: 0 bytes in 0 blocks
==9628== total heap usage: 2 allocs, 2 frees, 21,248 bytes allocated
==9628==
==9628== All heap blocks were freed -- no leaks are possible
==9628==
==9628== For counts of detected and suppressed errors, rerun with: -v
==9628== Use --track-origins=yes to see where uninitialised values come from
==9628== ERROR SUMMARY: 3 errors from 3 contexts (suppressed: 0 from 0)
-- System Information:
Debian Release: 8.0
Architecture: amd64 (x86_64)
Kernel: Linux 4.3.0-1-amd64 (SMP w/2 CPU cores)
Locale: LANG=fi_FI.UTF-8, LC_CTYPE=fi_FI.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)
Versions of packages g++-6 depends on:
ii gcc-6 6.1.1-11
ii gcc-6-base 6.1.1-11
ii libc6 2.23-1
ii libgmp10 2:6.0.0+dfsg-6
ii libisl15 0.17.1-1
ii libmpc3 1.0.2-1
ii libmpfr4 3.1.4-2
ii libstdc++-6-dev 6.1.1-11
ii zlib1g 1:1.2.8.dfsg-2+b1
g++-6 recommends no packages.
Versions of packages g++-6 suggests:
pn g++-6-multilib <none>
pn gcc-6-doc <none>
pn libstdc++6-6-dbg <none>
-- debconf information excluded
--- End Message ---