https://gcc.gnu.org/bugzilla/show_bug.cgi?id=64429
Bug ID: 64429
Summary: Double free when returning std::string from trivial
lambda
Product: gcc
Version: 4.8.3
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: c++
Assignee: unassigned at gcc dot gnu.org
Reporter: charlie at charliedyson dot net
The following causes a double free on gcc 4.8.2 as shipped with Ubuntu, and
various other versions I tested on Wandbox.
Interestingly enough, explicitly copying the string inside the lambda seems to
fix it.
Code:
#include <string>
using F = std::string(*)(std::string);
std::string call_fn_pointer(F f, std::string s)
{
return f(s);
}
std::string f(std::string s) { return s; }
int main()
{
// fine
call_fn_pointer(f, "foo");
// fine
call_fn_pointer([] (std::string s) { return std::string(s); }, "foo");
// double free
call_fn_pointer([] (std::string s) { return s; }, "foo");
}
Invocation:
$ g++ -std=c++1y foo.cpp -o foo -Wall
$ ./foo
*** Error in `./foo': double free or corruption (fasttop): 0x08372008 ***
Aborted
Apologies in advance if I've found another duplicate! Could this relate to
64329?
