the problem is that the call to str() will create a std::string() that is then immediately destroyed again. The system is free to reuse the memory that c_str() is pointing to again (since it belonged to the deleted std::string()). In some cases it will do that, in some it will not - that is why the crash happens on some systems but not all.
I grepped through the code base ('format.*c_str') and found more cases where this is happening - note that this is no guarantee that fixing all these removes the problem forever, as code like this is not found but is broken too:
const char* b;
{
std::string a = format().str();
b = a.c_str();
}
// the data b is pointing to is undefined here and should not be used.
But the easily greppable cases must be fixed quickly.
The immediate crash is fixed in r7225.
The problem was code like this:
char* b; format( ...).str( ).c_str( );
b = boost::
the problem is that the call to str() will create a std::string() that is then immediately destroyed again. The system is free to reuse the memory that c_str() is pointing to again (since it belonged to the deleted std::string()). In some cases it will do that, in some it will not - that is why the crash happens on some systems but not all.
I grepped through the code base ('format.*c_str') and found more cases where this is happening - note that this is no guarantee that fixing all these removes the problem forever, as code like this is not found but is broken too:
const char* b;
{
std::string a = format().str();
b = a.c_str();
}
// the data b is pointing to is undefined here and should not be used.
But the easily greppable cases must be fixed quickly.