seg fault on coping std::string in std::vector after pointer casting

Question

Code below causes segmentation fault on g++ 5.4.0 20160609. But it works on vs c++ 11.0.

#include <string>
#include <iostream>
#include <vector>

struct fooStruct{
    std::string str;
    fooStruct() : str(std::string("")){}
};

int main()
{
    fooStruct fooObj;

    std::vector<char> cont(sizeof(fooStruct));
    std::cout<<"Size of string = "<<sizeof(std::string)<<std::endl;
    std::cout<<"Size of vec = "<<cont.size()<<std::endl;

    std::cout<<sizeof(fooObj)<<std::endl;

    char* ptr = cont.data();
    ((fooStruct*)(ptr))[0] = fooObj;            //segmentation fault
    //((fooStruct*)(ptr))[0].str = fooObj.str; //segmentation fault

    std::cout<<((fooStruct*)(ptr))[0].str<<std::endl;

    return 0;

}

The only difference between compilers is that msvc takes 40 bytes for string, while gcc only 32. But i don't think that it does matter here. Why does it work on msvc and does not work on g++?

Isn't `((fooStruct*)(ptr))[0] = fooObj;` just straight up violating strict aliasing and invoking UB? — UnholySheep, Mar 22 '18 at 15:33
Related probably : https://stackoverflow.com/questions/7446489/casting-a-pointer-does-not-produce-an-lvalue-why — user8469759, Mar 22 '18 at 15:34
why dont you use a way to copy the data that is less obfuscated and that works? — 463035818_is_not_an_ai, Mar 22 '18 at 15:34
"It works" does not imply that it's not undefined, and it's undefined to assign to something that doesn't exist. — molbdnilo, Mar 22 '18 at 15:38
`((fooStruct*)(ptr))[0] = fooObj;` -- Remove the casts. Now, what compiler error do you get? Whatever it is, *pay attention to it* -- don't just shrug it off and tell the compiler to "shut up" by casting. — PaulMcKenzie, Mar 22 '18 at 15:44
@Sklert -- If your comment on one of the answers is true and that you want to store any object in the vector, you could have used `std::vector` or `std::vector`. — PaulMcKenzie, Mar 22 '18 at 15:55

score 2 · Accepted Answer · answered Mar 22 '18 at 15:38

2

Your code has undefined behavior. That means it could "work" or it could blow up, both are valid outcomes.

ptr points to a char array. It does not represent a fooStruct. So when you do

((fooStruct*)(ptr))[0]

You treat that memory as if it was a fooStruct even though it is not which is undefined behavior.

answered Mar 22 '18 at 15:38

NathanOliver

171,901
28
288
402

@juanchopanza Is it? They did use `sizeof(fooStruct)` for the number of `char`'s. – NathanOliver Mar 22 '18 at 15:46
Yeah, you're right. What's also wrong is the string copy. – juanchopanza Mar 22 '18 at 15:47
Yeah. I figured that was covered by my answer though since if `((fooStruct*)(ptr))[0]` is UB then `((fooStruct*)(ptr))[0].anything` is also UB. – NathanOliver Mar 22 '18 at 15:48
It should be noted that even though the memory does not point to a `fooStruct`, it can be made to, by constructing a `fooStruct` object in that location first, via placement new. And then the dereference, as well as the assignment would be perfectly well defined behavior. – Benjamin Lindley Mar 22 '18 at 16:04
@BenjaminLindley I was thinking that but couldn't that still be an issue as the char array doesn't have to be aligned to the structs alignment? – NathanOliver Mar 22 '18 at 16:06
Thank you. But I guess it should work correctly if struct is POD. Correct me, if it is not true. The reason why it works on msvc is mb in different implementation of `std::string` not in UB. – Sklert Mar 22 '18 at 16:07
1

@Sklert If the struct is a POD type then it is okay as long as the underlying array is properly aligned. I'm not sure if it would be or not but I'm leaning towards it could not be. – NathanOliver Mar 22 '18 at 16:10

seg fault on coping std::string in std::vector after pointer casting

1 Answers1