public inbox for libstdc++-cvs@sourceware.org help / color / mirror / Atom feed
From: Jonathan Wakely <redi@gcc.gnu.org> To: gcc-cvs@gcc.gnu.org, libstdc++-cvs@gcc.gnu.org Subject: [gcc r13-5048] libstdc++: Fix misuse of alloca in std::bitset [PR108214] Date: Fri, 6 Jan 2023 14:11:13 +0000 (GMT) [thread overview] Message-ID: <20230106141113.2630B385840A@sourceware.org> (raw) https://gcc.gnu.org/g:553332c19a04ad0a6bbdd2aafc3499a1cb4dfa0c commit r13-5048-g553332c19a04ad0a6bbdd2aafc3499a1cb4dfa0c Author: Jonathan Wakely <jwakely@redhat.com> Date: Fri Jan 6 13:42:07 2023 +0000 libstdc++: Fix misuse of alloca in std::bitset [PR108214] The use of alloca in a constructor is wrong, because the memory is gone after the constructor returns, and will be overwritten by a subsequent function call. This didn't show up in testing because function inlining alters the stack usage. libstdc++-v3/ChangeLog: PR libstdc++/108214 * include/std/bitset (operator>>): Use alloca in the right scope, not in a constructor. * testsuite/20_util/bitset/io/input.cc: Check case from PR. Diff: --- libstdc++-v3/include/std/bitset | 24 +++++++++++++---------- libstdc++-v3/testsuite/20_util/bitset/io/input.cc | 21 ++++++++++++++++++++ 2 files changed, 35 insertions(+), 10 deletions(-) diff --git a/libstdc++-v3/include/std/bitset b/libstdc++-v3/include/std/bitset index 1f3f68fefce..edda0776629 100644 --- a/libstdc++-v3/include/std/bitset +++ b/libstdc++-v3/include/std/bitset @@ -1598,20 +1598,24 @@ _GLIBCXX_BEGIN_NAMESPACE_CONTAINER struct _Buffer { - _Buffer() - : _M_base(_Nb > 256 ? new _CharT[_Nb] : (_CharT*)__builtin_alloca(_Nb)) - { } + static _GLIBCXX_CONSTEXPR bool _S_use_alloca() { return _Nb <= 256; } + + explicit _Buffer(_CharT* __p) : _M_ptr(__p) { } ~_Buffer() { - if _GLIBCXX17_CONSTEXPR (_Nb > 256) - delete[] _M_base; + if _GLIBCXX17_CONSTEXPR (!_S_use_alloca()) + delete[] _M_ptr; } - _CharT* const _M_base; + _CharT* const _M_ptr; }; - _Buffer __buf; - _CharT* __ptr = __buf._M_base; + _CharT* __ptr; + if _GLIBCXX17_CONSTEXPR (_Buffer::_S_use_alloca()) + __ptr = (_CharT*)__builtin_alloca(_Nb); + else + __ptr = new _CharT[_Nb]; + const _Buffer __buf(__ptr); // _GLIBCXX_RESOLVE_LIB_DEFECTS // 303. Bitset input operator underspecified @@ -1662,8 +1666,8 @@ _GLIBCXX_BEGIN_NAMESPACE_CONTAINER if _GLIBCXX17_CONSTEXPR (_Nb) { - if (size_t __len = __ptr - __buf._M_base) - __x.template _M_copy_from_ptr<_CharT, _Traits>(__buf._M_base, __len, + if (size_t __len = __ptr - __buf._M_ptr) + __x.template _M_copy_from_ptr<_CharT, _Traits>(__buf._M_ptr, __len, 0, __len, __zero, __one); else diff --git a/libstdc++-v3/testsuite/20_util/bitset/io/input.cc b/libstdc++-v3/testsuite/20_util/bitset/io/input.cc index 0f22cefbb5b..4f7e6281ac5 100644 --- a/libstdc++-v3/testsuite/20_util/bitset/io/input.cc +++ b/libstdc++-v3/testsuite/20_util/bitset/io/input.cc @@ -42,8 +42,29 @@ void test01() VERIFY( ss.rdstate() == ios_base::goodbit ); // LWG 3199 } +void +test02() +{ + std::bitset<4> a(0b1100), b; + std::stringstream ss; + ss << a; + ss >> b; // PR libstdc++/108214 + VERIFY( b == a ); + + ss.str(""); + ss.clear(); + + std::bitset<4000> c, d; + for (int i = 0; i < 4000; i += 5) + c.flip(i); + ss << c; + ss >> d; + VERIFY( d == c ); +} + int main() { test01(); + test02(); return 0; }
reply other threads:[~2023-01-06 14:11 UTC|newest] Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=20230106141113.2630B385840A@sourceware.org \ --to=redi@gcc.gnu.org \ --cc=gcc-cvs@gcc.gnu.org \ --cc=libstdc++-cvs@gcc.gnu.org \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).