Index out-of-bounds in match_regex with _GLIBCXX_DEBUG

[Bart Janssens <bart.janssens@…>]

Compiling a program that uses match_regex using the -D_GLIBCXX_DEBUG results in an error indicating that an index was out of bounds. Compile the attached testcase with:

g++ -g -O1 -D_GLIBCXX_DEBUG -lboost_regex -o regex regex.cpp

Running it displays the following error:

/usr/include/c++/4.3/debug/vector:237:error: attempt to subscript container
    with out-of-bounds index 2, but container only holds 2 elements.

Objects involved in the operation:
sequence "this" @ 0x0x7fff918bfa40 {
  type = NSt7__debug6vectorIN5boost9sub_matchIN9__gnu_cxx17__normal_iteratorIPKcSsEEEESaIS8_EEE;
}
Aborted

A backtrace of this says:

#0  0x00007fead68e6fb5 in raise () from /lib/libc.so.6
#1  0x00007fead68e8bc3 in abort () from /lib/libc.so.6
#2  0x00007fead712587c in __gnu_debug::_Error_formatter::_M_error () from /usr/lib/libstdc++.so.6
#3  0x0000000000408638 in std::__debug::vector<boost::sub_match<__gnu_cxx::__normal_iterator<char const*, std::string> >, std::allocator<boost::sub_match<__gnu_cxx::__normal_iterator<char const*, std::string> > > >::operator[] (this=0x7fffdf8e8a50, __n=2) at /usr/include/c++/4.3/debug/vector:237
#4  0x00000000004104d5 in boost::re_detail::perl_matcher<__gnu_cxx::__normal_iterator<char const*, std::string>, std::allocator<boost::sub_match<__gnu_cxx::__normal_iterator<char const*, std::string> > >, boost::regex_traits<char, boost::cpp_regex_traits<char> > >::match_prefix (this=0x7fffdf8e6eb0)
    at /usr/local/include/boost/regex/v4/match_results.hpp:418
#5  0x0000000000410899 in boost::re_detail::perl_matcher<__gnu_cxx::__normal_iterator<char const*, std::string>, std::allocator<boost::sub_match<__gnu_cxx::__normal_iterator<char const*, std::string> > >, boost::regex_traits<char, boost::cpp_regex_traits<char> > >::match_imp (this=0x7fffdf8e6eb0)
    at /usr/local/include/boost/regex/v4/perl_matcher_common.hpp:207
#6  0x0000000000410b5d in boost::regex_match<__gnu_cxx::__normal_iterator<char const*, std::string>, std::allocator<boost::sub_match<__gnu_cxx::__normal_iterator<char const*, std::string> > >, char, boost::regex_traits<char, boost::cpp_regex_traits<char> > > (first=<value optimized out>, last=<value optimized out>,
    m=<value optimized out>, e=<value optimized out>, flags=<value optimized out>) at /usr/local/include/boost/regex/v4/perl_matcher_common.hpp:180
#7  0x0000000000405d7c in main () at /usr/local/include/boost/regex/v4/regex_match.hpp:100

It appears that m_subs[2] is used in line 418 of match_results.hpp, but the size of m_subs is only 2.

Compiling without -D_GLIBCXX_DEBUG allows the program to run, and valgrind does not detect any errors. I have tested this on the following platforms:

Linux 2.6.28-15-generic #49-Ubuntu SMP Tue Aug 18 19:25:34 UTC 2009 x86_64 GNU/Linux with g++ (Ubuntu 4.3.3-5ubuntu4) 4.3.3 (Ubuntu Jaunty)

and

Linux 2.6.31-9-generic #29-Ubuntu SMP Sun Aug 30 17:39:23 UTC 2009 i686 GNU/Linux with g++ (Ubuntu 4.4.1-4ubuntu1) 4.4.1 (Ubuntu Karmic)

On Ubuntu Hardy with boost 1.34.1, the problem does not appear.

[Bart Janssens <bart.janssens@…>]

test program

[John Maddock]

I believe that if you build the regex library with -D_GLIBCXX_DEBUG as well then everything should be OK (it is on Ubuntu-9.0).

Is mixing object files compiled with and without -D_GLIBCXX_DEBUG supposed to be OK?

[Bart Janssens <bart.janssens@…>]

Replying to johnmaddock:

I believe that if you build the regex library with -D_GLIBCXX_DEBUG as well then everything should be OK (it is on Ubuntu-9.0).

Is mixing object files compiled with and without -D_GLIBCXX_DEBUG supposed to be OK?

My bad, I recompiled boost with -D_GLIBCXX_DEBUG and it's working fine now, thanks!