Opened 6 years ago
#12207 new Bugs
allocate_shared using fast_pool_allocator results in member vector iterator memory corruption on MSVC
| Reported by: | esas | Owned by: | Chris Newbold |
|---|---|---|---|
| Milestone: | To Be Determined | Component: | pool |
| Version: | Boost 1.61.0 | Severity: | Showstopper |
| Keywords: | Cc: |
Description
Reproducer:
#include <vector>
#include <boost/pool/pool_alloc.hpp>
struct TestStruct {
std::vector<int> vec;
};
int main() {
//std::allocator<TestStruct> allocator; // works
boost::fast_pool_allocator<TestStruct> allocator;
auto test = std::allocate_shared<TestStruct>(allocator);
test->vec.push_back(1);
auto iter = test->vec.begin();
auto val = *iter;
}
When dereferencing iter it will assert "vector iterator not dereferencable" on MSVC (using 2015 Community Edition) everytime on 64-bit and sporadically on 32-bit.
If you put a break point (or break after the assert) and check
"iter" -> "[Raw View]" -> "std::_Vector_const_iterator ..." -> "std::_Iterator012 ..." -> "std::_Iterator_base12" -> "_Myproxy" -> "_Mycont" -> "_Myproxy"
you can see that the _Myproxy of _Mycont is "0xcccccccccccccccc" (uninitialized) when it should point to the _Myproxy of std::_Iterator_base12, forming a loop (which is the case when using std::allocator for the allocation). Note that the times it works when you compile on 32-bit the memory still seems to be corrupted (it's just not set to "0xcccccccccccccccc").
Note:
See TracTickets
for help on using tickets.
