The attached program demonstrates a bug in gcc. It simulates an out-of-memory condition by overloading the new (nothrow) operators to return NULL, and then tries to allocate an array of items that are the inner class of a template. new (nothrow) should return NULL, but instead, the program segfaults. The fault occurs after the custom new operator returns NULL, but before the new (nothrow) command completes. Release: unknown Environment: Red Hat Linux 8 on a Dual P3/650 256MB How-To-Repeat: g++ membug.zpp ./membug (should segfault after several lines of output)
Fix: Fixed in GCC 3.3 with: http://gcc.gnu.org/ml/gcc-patches/2003-04/msg00947.html and in GCC 3.4 with: http://gcc.gnu.org/ml/gcc-patches/2003-04/msg00948.html
State-Changed-From-To: open->analyzed State-Changed-Why: Behavior confirmed. Here's a slightly trimmed example: ----------------------------- #include <new> void * operator new[](size_t, std::nothrow_t const &) throw() { return NULL; } struct X { struct Inner { ~Inner() {} }; X() { Inner * ic = new (std::nothrow) Inner[1]; // SegFault here } }; int main() { X table; } ----------------------------------- It segfaults at the indicated line when compiled with 3.2, 3.3 and mainline, but not with 2.95, so assuming the code is doing something legal, this is a regression. To be honest, I don't know what the standard assumes what happens for this program, so this needs someone more familiar with these things. W.
Responsible-Changed-From-To: unassigned->mmitchel Responsible-Changed-Why: Working on a fix.
From: mmitchel@gcc.gnu.org To: gcc-gnats@gcc.gnu.org Cc: Subject: c++/10300 Date: 13 Apr 2003 17:49:39 -0000 CVSROOT: /cvs/gcc Module name: gcc Branch: gcc-3_3-branch Changes by: mmitchel@gcc.gnu.org 2003-04-13 17:49:39 Modified files: gcc/cp : ChangeLog init.c gcc/testsuite : ChangeLog Added files: gcc/testsuite/g++.dg/init: new5.C Log message: PR c++/10300 * init.c (build_new_1): Correct logic for checking whether the return value from the allocation function was zero. PR c++/10300 * g++.dg/init/new5.C: New test. Patches: http://gcc.gnu.org/cgi-bin/cvsweb.cgi/gcc/gcc/cp/ChangeLog.diff?cvsroot=gcc&only_with_tag=gcc-3_3-branch&r1=1.3076.2.103&r2=1.3076.2.104 http://gcc.gnu.org/cgi-bin/cvsweb.cgi/gcc/gcc/cp/init.c.diff?cvsroot=gcc&only_with_tag=gcc-3_3-branch&r1=1.299.2.4&r2=1.299.2.5 http://gcc.gnu.org/cgi-bin/cvsweb.cgi/gcc/gcc/testsuite/ChangeLog.diff?cvsroot=gcc&only_with_tag=gcc-3_3-branch&r1=1.2261.2.138&r2=1.2261.2.139 http://gcc.gnu.org/cgi-bin/cvsweb.cgi/gcc/gcc/testsuite/g++.dg/init/new5.C.diff?cvsroot=gcc&only_with_tag=gcc-3_3-branch&r1=NONE&r2=1.1.2.1
From: mmitchel@gcc.gnu.org To: gcc-gnats@gcc.gnu.org Cc: Subject: c++/10300 Date: 13 Apr 2003 17:54:04 -0000 CVSROOT: /cvs/gcc Module name: gcc Changes by: mmitchel@gcc.gnu.org 2003-04-13 17:54:03 Modified files: gcc/cp : ChangeLog init.c gcc/testsuite : ChangeLog Added files: gcc/testsuite/g++.dg/init: new5.C Log message: PR c++/10300 * init.c (build_new_1): Reorganize. PR c++/10300 * g++.dg/init/new5.C: New test. Patches: http://gcc.gnu.org/cgi-bin/cvsweb.cgi/gcc/gcc/cp/ChangeLog.diff?cvsroot=gcc&r1=1.3322&r2=1.3323 http://gcc.gnu.org/cgi-bin/cvsweb.cgi/gcc/gcc/cp/init.c.diff?cvsroot=gcc&r1=1.316&r2=1.317 http://gcc.gnu.org/cgi-bin/cvsweb.cgi/gcc/gcc/testsuite/ChangeLog.diff?cvsroot=gcc&r1=1.2589&r2=1.2590 http://gcc.gnu.org/cgi-bin/cvsweb.cgi/gcc/gcc/testsuite/g++.dg/init/new5.C.diff?cvsroot=gcc&r1=1.1&r2=1.2
State-Changed-From-To: analyzed->closed State-Changed-Why: Fixed for the next release (3.3).