This is the mail archive of the
gcc-bugs@gcc.gnu.org
mailing list for the GCC project.
[Bug c++/82172] Destruction of basic_string in basic_stringbuf::overflow with _GLIBCXX_USE_CXX11_ABI=0, -flto, and C++17 mode results in invalid delete
- From: "general+gcc at matley dot com.au" <gcc-bugzilla at gcc dot gnu dot org>
- To: gcc-bugs at gcc dot gnu dot org
- Date: Mon, 11 Sep 2017 06:44:24 +0000
- Subject: [Bug c++/82172] Destruction of basic_string in basic_stringbuf::overflow with _GLIBCXX_USE_CXX11_ABI=0, -flto, and C++17 mode results in invalid delete
- Auto-submitted: auto-generated
- References: <bug-82172-4@http.gcc.gnu.org/bugzilla/>
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=82172
--- Comment #1 from Shane <general+gcc at matley dot com.au> ---
Pressed submit accidentally. Sorry.
OS: Arch Linux
Compile flags: g++ -std=c++17 -O1 -D_GLIBCXX_USE_CXX11_ABI=0 -flto
./abi_crash.cpp
G++ version: $ g++ -v
Using built-in specs.
COLLECT_GCC=g++
COLLECT_LTO_WRAPPER=/usr/lib/gcc/x86_64-pc-linux-gnu/7.2.0/lto-wrapper
Target: x86_64-pc-linux-gnu
Configured with: /build/gcc-multilib/src/gcc/configure --prefix=/usr
--libdir=/usr/lib --libexecdir=/usr/lib --mandir=/usr/share/man
--infodir=/usr/share/info --with-bugurl=https://bugs.archlinux.org/
--enable-languages=c,c++,ada,fortran,go,lto,objc,obj-c++ --enable-shared
--enable-threads=posix --enable-libmpx --with-system-zlib --with-isl
--enable-__cxa_atexit --disable-libunwind-exceptions --enable-clocale=gnu
--disable-libstdcxx-pch --disable-libssp --enable-gnu-unique-object
--enable-linker-build-id --enable-lto --enable-plugin
--enable-install-libiberty --with-linker-hash-style=gnu
--enable-gnu-indirect-function --enable-multilib --disable-werror
--enable-checking=release --enable-default-pie --enable-default-ssp
Thread model: posix
gcc version 7.2.0 (GCC)
Running the compiled code under valgrind results in:
valgrind ./a.out
==23743== Memcheck, a memory error detector
==23743== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al.
==23743== Using Valgrind-3.13.0 and LibVEX; rerun with -h for copyright info
==23743== Command: ./a.out
==23743==
==23743== Invalid free() / delete / delete[] / realloc()
==23743== at 0x4C2E64B: operator delete(void*) (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==23743== by 0x4F02623: _M_dispose (basic_string.h:3155)
==23743== by 0x4F02623: ~basic_string (basic_string.h:3498)
==23743== by 0x4F02623: std::basic_stringbuf<char, std::char_traits<char>,
std::allocator<char> >::overflow(int) (sstream.tcc:113)
==23743== by 0x108C1C: main (in /var/tmp/a.out)
==23743== Address 0x30a0a0 is 0 bytes inside data symbol
"_ZNSs4_Rep20_S_empty_rep_storageE"
==23743==
{
<insert_a_suppression_name_here>
Memcheck:Free
fun:_ZdlPv
fun:_M_dispose
fun:~basic_string
fun:_ZNSt15basic_stringbufIcSt11char_traitsIcESaIcEE8overflowEi
fun:main
}
==23743==
==23743== HEAP SUMMARY:
==23743== in use at exit: 0 bytes in 0 blocks
==23743== total heap usage: 2 allocs, 3 frees, 73,241 bytes allocated
==23743==
==23743== All heap blocks were freed -- no leaks are possible
==23743==
==23743== For counts of detected and suppressed errors, rerun with: -v
==23743== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 0 from 0)