https://gcc.gnu.org/bugzilla/show_bug.cgi?id=20416
shri314 at yahoo dot com <shri314 at yahoo dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |shri314 at yahoo dot com
--- Comment #7 from shri314 at yahoo dot com <shri314 at yahoo dot com> ---
Issue exists in 4.1.2 as well. And it can cause heap corruption from seemingly
mundane and regular pieces of code:
<snip>
#include <string>
std::string::size_type foo() {
const static std::string& bad = "r=";
return bad.size();
}
int main() {
foo();
foo();
}
</snip>
valgrind shows "invalid free"
-----------------------------
> ERROR SUMMARY: 5 errors from 3 contexts (suppressed: 18 from 9)
>
> 1 errors in context 1 of 3:
> Invalid free() / delete / delete[]
> at 0x40054B4: operator delete(void*) (vg_replace_malloc.c:346)
> by 0x4095C9C: std::string::_Rep::_M_destroy(std::allocator<char> const&)
> (in /usr/lib/libstdc++.so.6.0.8)
> by 0x804871B: foo() (basic_string.h:233)
> by 0x804875A: main (A.cpp:13)
> Address 0x410e028 is 0 bytes inside a block of size 15 free'd
> at 0x40054B4: operator delete(void*) (vg_replace_malloc.c:346)
> by 0x4095C9C: std::string::_Rep::_M_destroy(std::allocator<char> const&)
> (in /usr/lib/libstdc++.so.6.0.8)
> by 0x804871B: foo() (basic_string.h:233)
