https://gcc.gnu.org/bugzilla/show_bug.cgi?id=120987
--- Comment #4 from Tom de Vries <vries at gcc dot gnu.org> ---
The problem scenario is as follows.
An error is thrown in symtabs_from_filename:
...
throw_error (NOT_FOUND_ERROR,
_("No symbol table is loaded. "
"Use the \"file\" command."));
...
The error is caught and saved in parse_linespec:
...
catch (gdb_exception_error &ex)
{
file_exception = std::move (ex);
}
...
and then rethrown:
...
if (file_exception.reason < 0)
throw_exception (std::move (file_exception));
...
The gdb_exception class contains a message member:
...
std::shared_ptr<std::string> message;
...
and the std::move should leave file_exception.message in a "valid but
unspecified state" but gcc seems optimize that away.
Upon exiting the parse_linespec scope, the file_exception destructor is called.
Since file_exception.message still points to the string, the string is freed.
The exception is caught by create_breakpoint, and the exception is printed:
...
catch (const gdb_exception_error &e)
{
...
exception_print (gdb_stderr, e);
...
In the process, it accesses the string, which has already been freed, and now
contains random stuff.
