c++/10427: [3.0/3.2/3.3/3.4 regression] Stack corruption with variable-length automatic arrays and virtual destructors
Matthias Klose
doko@net.local
Thu Apr 17 20:06:00 GMT 2003
>Number: 10427
>Category: c++
>Synopsis: [3.0/3.2/3.3/3.4 regression] Stack corruption with variable-length automatic arrays and virtual destructors
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: unassigned
>State: open
>Class: wrong-code
>Submitter-Id: net
>Arrival-Date: Thu Apr 17 20:06:00 UTC 2003
>Closed-Date:
>Last-Modified:
>Originator: Toni Timonen <ttimonen@users.sourceforge.net>
>Release:
>Organization:
The Debian Project
>Environment:
>Description:
[ Reported to the Debian BTS as report #188527.
Please CC 188527@bugs.debian.org on replies.
Log of report can be found at http://bugs.debian.org/188527 ]
Regression from 2.95, rechecked with 3.0.4, 3.2 20030415, 3.3
20030415, HEAD 20030329.
the following program compiles (compiled as "g++ stackcorrupt.cpp"),
but crashes when run. It seems that the stack gets corrupted with that
variable-length array when A class with a virtual function is used
and the length assigning variable(foo) is being changed.
stackcorrupt.cpp:
--snip--
class A {
public:
virtual ~A() {}
};
int main(void) {
int foo=1;
A bar[foo];
foo++;
return 0;
}
--snip--
The same problem can also be reproduced by using the compiler from the
gcc-snapshot (20030314-1) or with the g++-3.0 (3.0.4-13). The g++-2.95
(2.95.4-17) does not have the same problem.
>How-To-Repeat:
>Fix:
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the Gcc-prs
mailing list