Modify

Ticket #2929 (closed Bugs: fixed)

Opened 5 years ago

Last modified 4 years ago

boost::function cause runtime stack overflow

Reported by: Dmitriy Iassenev <iassenev@…> Owned by: dgregor
Milestone: Boost 1.39.0 Component: function
Version: Boost 1.38.0 Severity: Showstopper
Keywords: boost function stack overflow Cc:

Description

the bug described below is presented in all the boost versions starting from 1.36 and to development trunk

#include <boost/function.hpp>

void main()
{
	boost::function<void () > f( &main );
	boost::function<void () > g;
	g.assign ( f, std::allocator<int>() );
}

this code sample being compiled under MSVC 8.0 SP1 give the following warning

warning C4717: 'boost::detail::function::functor_wrapper<boost::function<void __cdecl(void)>,std::allocator<int> >::functor_wrapper<boost::function<void __cdecl(void)>,std::allocator<int> >' : recursive on all control paths, function will cause runtime stack overflow

if we run the sample, it does cause stack overflow with the following call stack:

...

test_boost.exe!boost::detail::function::functor_wrapper<boost::function<void __cdecl(void)>,std::allocator<int> >::functor_wrapper<boost::function<void __cdecl(void)>,std::allocator<int> >(const boost::detail::function::functor_wrapper<boost::function<void __cdecl(void)>,std::allocator<int> > & that={...}) + 0x39 bytes C++

test_boost.exe!boost::detail::function::functor_wrapper<boost::function<void __cdecl(void)>,std::allocator<int> >::functor_wrapper<boost::function<void __cdecl(void)>,std::allocator<int> >(const boost::detail::function::functor_wrapper<boost::function<void __cdecl(void)>,std::allocator<int> > & that={...}) + 0x39 bytes C++

test_boost.exe!std::_Construct<boost::detail::function::functor_wrapper<boost::function<void __cdecl(void)>,std::allocator<int> >,boost::detail::function::functor_wrapper<boost::function<void __cdecl(void)>,std::allocator<int> > >(boost::detail::function::functor_wrapper<boost::function<void __cdecl(void)>,std::allocator<int> > * _Ptr=0x00185008, const boost::detail::function::functor_wrapper<boost::function<void __cdecl(void)>,std::allocator<int> > & _Val={...}) Line 53 + 0x33 bytes C++

test_boost.exe!std::allocator<boost::detail::function::functor_wrapper<boost::function<void __cdecl(void)>,std::allocator<int> > >::construct(boost::detail::function::functor_wrapper<boost::function<void __cdecl(void)>,std::allocator<int> > * _Ptr=0x00185008, const boost::detail::function::functor_wrapper<boost::function<void __cdecl(void)>,std::allocator<int> > & _Val={...}) Line 156 + 0xd bytes C++

test_boost.exe!boost::detail::function::basic_vtable0<void>::assign_functor_a<boost::function<void __cdecl(void)>,std::allocator<int> >(boost::function<void cdecl(void)> f={...}, boost::detail::function::function_buffer & functor={...}, std::allocator<int> a={...}, boost::mpl::bool_<0> formal={...}) Line 591 + 0x60 bytes C++

test_boost.exe!boost::detail::function::basic_vtable0<void>::assign_to_a<boost::function<void __cdecl(void)>,std::allocator<int> >(boost::function<void cdecl(void)> f={...}, boost::detail::function::function_buffer & functor={...}, std::allocator<int> a={...}, boost::detail::function::function_obj_tag formal={...}) Line 615 C++

test_boost.exe!boost::detail::function::basic_vtable0<void>::assign_to_a<boost::function<void __cdecl(void)>,std::allocator<int> >(boost::function<void cdecl(void)> f={...}, boost::detail::function::function_buffer & functor={...}, std::allocator<int> a={...}) Line 497 + 0x47 bytes C++

test_boost.exe!boost::function0<void>::assign_to_a<boost::function<void __cdecl(void)>,std::allocator<int> >(boost::function<void cdecl(void)> f={...}, std::allocator<int> a={...}) Line 949 + 0x3d bytes C++

test_boost.exe!boost::function0<void>::assign<boost::function<void __cdecl(void)>,std::allocator<int> >(boost::function<void cdecl(void)> f={...}, std::allocator<int> a={...}) Line 802 + 0x34 bytes C++

test_boost.exe!main() Line 8 C++

Attachments

function_base.hpp.patch Download (454 bytes) - added by steven_watanabe 5 years ago.

Change History

Changed 5 years ago by steven_watanabe

comment:1 follow-up: ↓ 2 Changed 5 years ago by steven_watanabe

MSVC's copy constructor bug strikes again. Patch attached.

comment:2 in reply to: ↑ 1 Changed 5 years ago by Dmitriy Iassenev <iassenev@…>

  • Status changed from new to closed
  • Resolution set to fixed

Replying to steven_watanabe:

MSVC's copy constructor bug strikes again. Patch attached.

it works! thank you for fast reply :)

comment:3 Changed 5 years ago by steven_watanabe

  • Status changed from closed to reopened
  • Resolution fixed deleted

Whoa. This patch still needs to go into the trunk.

comment:4 Changed 5 years ago by danieljames

  • Status changed from reopened to closed
  • Resolution set to fixed

(In [54619]) Work around Visual C++ copy constructor bug. Fixes #2929.

Based on the patch by Steven Watanabe.

comment:5 Changed 5 years ago by danieljames

(In [54824]) Merge various function changes from trunk.

Merged revisions 49571,50064,51743,51745,53722,54616-54619 via svnmerge from  https://svn.boost.org/svn/boost/trunk

........

r49571 | noel_belcourt | 2008-11-03 18:37:49 +0000 (Mon, 03 Nov 2008) | 9 lines

Both Sun and Pgi on Linux correctly put typeinfo into the std namespace, but function_base keys off the BOOST_NO_EXCEPTION_STD_NAMESPACE macro instead of the BOOST_NO_STD_TYPEINFO macro. The attached patch changes function_base to use the typeinfo macro. Because eVC 4.2 doesn't put typeinfo into the std namespace, I need to define BOOST_NO_STD_TYPEINFO only for this eVC version.

........

r50064 | johnmaddock | 2008-12-02 10:10:46 +0000 (Tue, 02 Dec 2008) | 1 line

Fix -Wundef warning and suspect usage of BOOST_STRICT_CONFIG.

........

r51743 | dgregor | 2009-03-13 05:23:53 +0000 (Fri, 13 Mar 2009) | 11 lines

Implement an optimization that David Abrahams and myself came up with, where Boost.Function uses a bit in the vtable pointer to indicate when the target function object has a trivial copy constructor, trivial destructor, and fits within the small object buffer. In this case, we just copy the bits of the function object rather than performing an indirect call to the manager.

This results in a 60% speedup on a micro-benchmark that copies and calls such function objects repeatedly.

........

r51745 | dgregor | 2009-03-13 05:49:02 +0000 (Fri, 13 Mar 2009) | 7 lines

Make Boost.Function compile under BOOST_NO_EXCEPTIONS.

Fixes #2499 Fixes #2494 Fixes #2469 Fixes #2466

........

r53722 | vladimir_prus | 2009-06-07 16:44:50 +0100 (Sun, 07 Jun 2009) | 4 lines

Make Boost.Function compile with disabled exceptions.

Closes #2900. Patch from Gabi Davar.

........

r54616 | danieljames | 2009-07-03 23:20:26 +0100 (Fri, 03 Jul 2009) | 3 lines

When copying boost::ref, copy even when the referenced function is empty. Fixes #2642

Patch by Steven Watanabe

........

r54617 | danieljames | 2009-07-03 23:20:52 +0100 (Fri, 03 Jul 2009) | 6 lines

Add 'and later versions' to support info for GCC and Visual C++. Fixes #2847.

I didn't explicitly specify the versions since no one's updating this list and it's highly unlikely that a future version will break this. The same could probably be done for the other compilers but I don't know them very well so I'm leaving them alone.

........

r54618 | danieljames | 2009-07-03 23:21:40 +0100 (Fri, 03 Jul 2009) | 4 lines

Fix Boost.Function unit tests for C++0x. Fixes #3012

Based on a patch from Richard Webb. Changed a bit so that it also works for the Visual C++ 10 beta.

........

r54619 | danieljames | 2009-07-03 23:22:03 +0100 (Fri, 03 Jul 2009) | 3 lines

Work around Visual C++ copy constructor bug. Fixes #2929.

Based on the patch by Steven Watanabe.

........

View

Add a comment

Modify Ticket

Change Properties
<Author field>
Action
as closed
The resolution will be deleted. Next status will be 'reopened'
Author


E-mail address and user name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.