https://gcc.gnu.org/bugzilla/show_bug.cgi?id=72847
Bug ID: 72847
Summary: vector<bool> copy-assignment basic exception safety
Product: gcc
Version: 7.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: libstdc++
Assignee: unassigned at gcc dot gnu.org
Reporter: dyp-cpp at gmx dot net
Target Milestone: ---
vector<bool>'s copy-assignment operator uses a very simple algorithm if
resizing is required: first, free the current allocation, then create a new
allocation. The pointer data member that holds the allocation is not touched by
the first step, then assigned-to by the second step. Therefore, if the second
step (the allocation) fails via exception, that pointer (_M_end_of_storage -
size()) is dangling. Destruction of a vector<bool> in such a state leads to a
double deletion.
