On 2016-04-06 17:39:21 +0200, Torbjörn Granlund wrote: > Miha Marolt <mi...@beyondsemi.com> writes: > > In some cases a previously freed memory is read inside the mpz_sub > function. Here is an example program that demonstrates the > problem: > > The bug is in your code. > > When passing x by value, you make copies of the two contained mpz_t > variables, including pointers. Then you cause reallocation of the > original variables, making pointer your copies point to stale data.
However, the GMP manual says: [...] Here are some examples of how to declare such integers: mpz_t sum; struct foo { mpz_t x, y; }; mpz_t vec[20]; and doesn't forbid to copy the structure, for instance. I think it would be worth to mention that using several copies of a mpz_t is forbidden (or a write operation invalidates the other copies), here or in one of the next sections (BTW, the MPFR manual should be clarified too). -- Vincent Lefèvre <vinc...@vinc17.net> - Web: <https://www.vinc17.net/> 100% accessible validated (X)HTML - Blog: <https://www.vinc17.net/blog/> Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon) _______________________________________________ gmp-bugs mailing list gmp-bugs@gmplib.org https://gmplib.org/mailman/listinfo/gmp-bugs