|
|
Boost Users : |
Subject: [Boost-users] [function] rare crash on destroy
From: Igor R (boost.lists_at_[hidden])
Date: 2010-01-25 10:57:32
Hello,
In my application I use to "post" a pointer to a dynamically allocated
boost::function to a hidden window in the following manner (WinXP,
MSVC9.0, 1.41):
typedf function<void(void)> Functor;
#define AM_FUNCTOR (WM_USER+79)
// called from some "worker" thread
void post(const Functor &func)
{
Functor *f = new Functor(func);
PostMessage(hWind_, AM_FUNCTOR, 0, reinterpret_cast<LPARAM>(f));
}
// Window procedure, called from the window thread
LRESULT CALLBACK WndProc(HWND hwnd, UINT msg, WPARAM wParam, LPARAM lParam)
{
switch(msg)
{
case AM_FUNCTOR:
{
Functor *f = reinterpret_cast<Functor *>(lParam);
(*f)();
delete f;
}
//....
}
post() is called several times per second.
Sometimes - but *very* rarely - the line "delete f" causes a crash
(Access violation reading location 0xfeeefef6).
The application is compiled with /Ox /GL, linked with /LTCG.
What could be wrong with this code?
Callstack:
function_base.hpp, line 323:
functor_manager_common::manage_small():
reinterpret_cast<functor_type*>(&out_buffer.data)->~Functor(); //
THIS LINE CRASHES
function_base.hpp, line 432:
functor_manager::manage():
manager(in_buffer, out_buffer, op, tag_type());
The assembly code looks like this:
100134C9 mov esi,dword ptr [esi+0Ch]
100134CC test esi,esi
100134CE je
boost::detail::function::functor_manager_common::manage_small+9Eh
100134D0 mov eax,dword ptr [esi]
100134D2 mov ecx,dword ptr [eax+8] // CRASHES HERE, as eax == 0xfeeefeee
100134D5 push esi
100134D6 call ecx
Thanks in advance.
Boost-users list run by williamkempf at hotmail.com, kalb at libertysoft.com, bjorn.karlsson at readsoft.com, gregod at cs.rpi.edu, wekempf at cox.net