https://gcc.gnu.org/bugzilla/show_bug.cgi?id=104959
Bug ID: 104959
Summary: nested lambda capture pack by ref will load from
nullptr
Product: gcc
Version: 10.3.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: tree-optimization
Assignee: unassigned at gcc dot gnu.org
Reporter: andij.cr at gmail dot com
Target Milestone: ---
testcase:
#include <cassert>
template <auto>
auto line = []<typename... Ts>(Ts &&...args) {
if constexpr (sizeof...(Ts) != 0) {
([&] { assert(&args != nullptr); }(), ...);
}
};
int main() { line<10>(false); }
compiling and executing this with
g++ 10.3 -std=c++20 -O1 -fsanitize=undefined
will trigger the assertion.
this code is a reduction of a more complex code, where the bug caused a crash.
compiling with -O0 or with GCC 11 will not trigger the assertion.
each template, lambda, if constexpr (sizeof...) seems to be necessary
to trigger the bug
the assert needs to be here to trigger the load of args
using a different method (e.g. using args in an expression)
will also trigger -Wuninitialized
compiler explorer link:
https://gcc.godbolt.org/z/W7EMTP4W8
note that in the assembly __assert_fail is called directly
this seems similar to
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=68177
and
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=97938
