https://gcc.gnu.org/bugzilla/show_bug.cgi?id=118807
--- Comment #3 from GCC Commits <cvs-commit at gcc dot gnu.org> --- The master branch has been updated by Nathaniel Shead <nsh...@gcc.gnu.org>: https://gcc.gnu.org/g:ef83fae50d8f085fe8440bfa595875a2e2329871 commit r15-7470-gef83fae50d8f085fe8440bfa595875a2e2329871 Author: Nathaniel Shead <nathanielosh...@gmail.com> Date: Mon Feb 10 22:15:30 2025 +1100 c++: Fix use-after-free of replaced friend instantiation [PR118807] When instantiating a friend function, we call register_specialization which adds it to the DECL_TEMPLATE_INSTANTIATIONS of the template. However, in some circumstances we might immediately call pushdecl and find an existing specialisation. In this case, when reregistering the specialisation we also need to update the DECL_TEMPLATE_INSTANTIATIONS list so that we don't try to access the freed spec again later. PR c++/118807 gcc/cp/ChangeLog: * pt.cc (reregister_specialization): Remove spec from DECL_TEMPLATE_INSTANTIATIONS. gcc/testsuite/ChangeLog: * g++.dg/modules/pr118807.C: New test. Signed-off-by: Nathaniel Shead <nathanielosh...@gmail.com> Reviewed-by: Jason Merrill <ja...@redhat.com>
