This is GCC Bugzilla
This is GCC Bugzilla Version 2.20+
View Bug Activity | Format For Printing | Clone This Bug
This bit from basic_filebuf::imbue in include/bits/fstream.tcc can't possibly be correct: else if (_M_writing && (__testvalid = _M_terminate_output())) _M_set_buffer(-1); } } if (__testvalid) _M_codecvt = _M_codecvt_tmp; If __testvalid is false for some reason (for example because _M_terminate_output returned false because of a low-level write error), then _M_codecvt will still point to the codecvt facet from the old locale. Since no reference is kept to the old locale, the facet may be deleted at any time, and so keeping a pointer to it is certainly wrong.
Created an attachment (id=6094) [edit] Test case This test case shows a segfault after a low-level write error.
Created an attachment (id=6095) [edit] Test case This test case shows a segfault when an overridden version of overflow returns eof().
Hi Pétur, thanks for the testcases. Indeed, while working on 12077 I had noticed that something was wrong... but had hoped nobody would notice ;)
Subject: Bug 14975 CVSROOT: /cvs/gcc Module name: gcc Changes by: paolo@gcc.gnu.org 2004-04-16 16:06:22 Modified files: libstdc++-v3 : ChangeLog libstdc++-v3/include/bits: fstream.tcc Added files: libstdc++-v3/testsuite/27_io/basic_filebuf/imbue/char: 14975-1.cc libstdc++-v3/testsuite/27_io/basic_filebuf/imbue/wchar_t: 14975-2.cc Log message: 2004-04-16 Paolo Carlini <pcarlini@suse.de> PR libstdc++/14975 * include/bits/fstream.tcc (basic_filebuf::imbue): Zero _M_codecvt in case of error. * testsuite/27_io/basic_filebuf/imbue/char/14975-1.cc: New. * testsuite/27_io/basic_filebuf/imbue/wchar_t/14975-2.cc: New. Patches: http://gcc.gnu.org/cgi-bin/cvsweb.cgi/gcc/libstdc++-v3/ChangeLog.diff?cvsroot=gcc&r1=1.2449&r2=1.2450 http://gcc.gnu.org/cgi-bin/cvsweb.cgi/gcc/libstdc++-v3/include/bits/fstream.tcc.diff?cvsroot=gcc&r1=1.120&r2=1.121 http://gcc.gnu.org/cgi-bin/cvsweb.cgi/gcc/libstdc++-v3/testsuite/27_io/basic_filebuf/imbue/char/14975-1.cc.diff?cvsroot=gcc&r1=NONE&r2=1.1 http://gcc.gnu.org/cgi-bin/cvsweb.cgi/gcc/libstdc++-v3/testsuite/27_io/basic_filebuf/imbue/wchar_t/14975-2.cc.diff?cvsroot=gcc&r1=NONE&r2=1.1
if (__testvalid) _M_codecvt = _M_codecvt_tmp; + else + _M_codecvt = 0; } It would probably also be a good idea to somehow signal the error in overflow (for example by throwing an exception).
Ok, thanks, I will look into this.
Subject: Bug 14975 CVSROOT: /cvs/gcc Module name: gcc Branch: gcc-3_4-branch Changes by: paolo@gcc.gnu.org 2004-04-29 10:26:44 Modified files: libstdc++-v3 : ChangeLog libstdc++-v3/include/bits: fstream.tcc Added files: libstdc++-v3/testsuite/27_io/basic_filebuf/imbue/char: 14975-1.cc libstdc++-v3/testsuite/27_io/basic_filebuf/imbue/wchar_t: 14975-2.cc Log message: 2004-04-29 Paolo Carlini <pcarlini@suse.de> PR libstdc++/14975 * include/bits/fstream.tcc (basic_filebuf::imbue): Zero _M_codecvt in case of error. * testsuite/27_io/basic_filebuf/imbue/char/14975-1.cc: New. * testsuite/27_io/basic_filebuf/imbue/wchar_t/14975-2.cc: New. Patches: http://gcc.gnu.org/cgi-bin/cvsweb.cgi/gcc/libstdc++-v3/ChangeLog.diff?cvsroot=gcc&only_with_tag=gcc-3_4-branch&r1=1.2224.2.87&r2=1.2224.2.88 http://gcc.gnu.org/cgi-bin/cvsweb.cgi/gcc/libstdc++-v3/include/bits/fstream.tcc.diff?cvsroot=gcc&only_with_tag=gcc-3_4-branch&r1=1.116.4.4&r2=1.116.4.5 http://gcc.gnu.org/cgi-bin/cvsweb.cgi/gcc/libstdc++-v3/testsuite/27_io/basic_filebuf/imbue/char/14975-1.cc.diff?cvsroot=gcc&only_with_tag=gcc-3_4-branch&r1=NONE&r2=1.1.6.1 http://gcc.gnu.org/cgi-bin/cvsweb.cgi/gcc/libstdc++-v3/testsuite/27_io/basic_filebuf/imbue/wchar_t/14975-2.cc.diff?cvsroot=gcc&only_with_tag=gcc-3_4-branch&r1=NONE&r2=1.1.6.1
Fixed for 3.4.1.