This is the mail archive of the
gcc-bugs@gcc.gnu.org
mailing list for the GCC project.
[Bug libstdc++/17012] std::list's function, remove, looks like it is reading memory that has been freed.
- From: "caj at cs dot york dot ac dot uk" <gcc-bugzilla at gcc dot gnu dot org>
- To: gcc-bugs at gcc dot gnu dot org
- Date: 5 Sep 2004 09:42:32 -0000
- Subject: [Bug libstdc++/17012] std::list's function, remove, looks like it is reading memory that has been freed.
- References: <20040812195652.17012.debrak@sgi.com>
- Reply-to: gcc-bugzilla at gcc dot gnu dot org
------- Additional Comments From caj at cs dot york dot ac dot uk 2004-09-05 09:42 -------
The cause of this problem is because list::remove takes the object to be
searched for by reference. We then search along the list and (of course) remove
it. This then means that any comparisions later on in the list are checking
against a deleted variable, but tend to work because it was only just deleted.
Strictly very bad things are happening here.
This could be fixed by not taking the input by reference but instead taking a
copy of it. This would however obviously be more inefficent.
I think this problem in fact occurs in various places (basically whenever an
function takes a series of iterators and an object, is it defined if that
object obtained by dereferencing one of the inputer iterators?). I'm not sure
that this is decided one way or the other generally, and probably should be.
--
What |Removed |Added
----------------------------------------------------------------------------
CC| |caj at cs dot york dot ac
| |dot uk
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=17012