[Bug libstdc++/28277] __builtin_alloca with no limit in libstdc++
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=28277 --- Comment #22 from Jonathan Wakely --- (In reply to Jonathan Wakely from comment #21) > (In reply to Andrew Pinski from comment #20) > > src/c++11/snprintf_lite.cc (__throw_insufficient_space) > > Another internal impl detail, but this one is not even visible to users. No > declaration in headers, not exported from the shared lib. This one uses > alloca for the same size as __throw_out_of_range_fmt + 104 bytes, but we've > already done the first alloca, so it's (strlen(fmt) + 512) * 2 + 104. There's also __concat_size_t in that file, but it only uses alloca for 3*sizeof(size_t), and that is unnecessary and should be replaced with std::to_chars.
[Bug libstdc++/28277] __builtin_alloca with no limit in libstdc++
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=28277
--- Comment #21 from Jonathan Wakely ---
(In reply to Andrew Pinski from comment #20)
> here is the current list as far as I can tell:
> config/locale/dragonfly/codecvt_members.cc
> config/locale/gnu/codecvt_members.cc
> config/locale/gnu/messages_members.cc
See above.
> include/bits/fstream.tcc
This is potentially unbounded. A malicious user could use filebuf::setbuf to
give the filebuf a huge buffer, and imbue a custom codecvt facet with a large
do_max_length(). Then the alloca would use buflen * maxlen. That could even
overflow. In practice the maximum size will be BUFSZ*4 or so.
> include/bits/locale_facets.tcc (some there are ok as the values are actually
> constant)
maximum alloca for the formatted integer is sizeof(wchar_t) * 5 * sizeof(long
long) + 1
but then we allocate io.width() * sizeof(wchar_t) which could be set to
something huge by a silly user. We also do three alloca calls in the same
function.
For a formatted float it's numeric_limits::digits10 * 3 for the
first alloca, but we use alloca several times, and the max depends on
io.precision() and io.width() so we might need a large buffer.
These need some sanity checks, and use the heap as a fallback. See PR 87228 for
that.
> include/bits/locale_facets_nonio.tcc
These are all fixed size and small.
> include/ext/codecvt_specializations.h (BOM case)
Depends on the size of the input being converted, which could be large. This is
unsafe (but I don't think anybody uses this extension).
> include/ext/string_conversions.h
The worst case is std::to_wstring(long double) which uses:
sizeof(wchar_t) * (__numeric_traits::__max_exponent10 + 20)
So maximum 4 * (4932 + 20) == 19808
That's too big.
> include/std/format (non-char type formating and localization)
Tightly bounded to 2 * ndigits * sizeof(wchar_t) + prefix_len
The worst case is something like std::format("{:#0b}", LLONG_MIN) where the
alloca will be for 2 * 64 * 4 + 3 which is only 515 bytes.
> src/c++11/functexcept.cc (__throw_out_of_range_fmt)
strlen(fmt) + 512, where fmt is ~40 bytes. Users could call that function
themselves, but then that's their problem. It's an internal impl detail, and
our uses are safe.
> src/c++11/snprintf_lite.cc (__throw_insufficient_space)
Another internal impl detail, but this one is not even visible to users. No
declaration in headers, not exported from the shared lib. This one uses alloca
for the same size as __throw_out_of_range_fmt + 104 bytes, but we've already
done the first alloca, so it's (strlen(fmt) + 512) * 2 + 104.
[Bug libstdc++/28277] __builtin_alloca with no limit in libstdc++
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=28277 Andrew Pinski changed: What|Removed |Added Status|ASSIGNED|NEW Last reconfirmed|2006-07-05 23:00:09 |2024-3-19 Assignee|paolo.carlini at oracle dot com|unassigned at gcc dot gnu.org --- Comment #20 from Andrew Pinski --- here is the current list as far as I can tell: config/locale/dragonfly/codecvt_members.cc config/locale/gnu/codecvt_members.cc config/locale/gnu/messages_members.cc include/bits/fstream.tcc include/bits/locale_facets.tcc (some there are ok as the values are actually constant) include/bits/locale_facets_nonio.tcc include/ext/codecvt_specializations.h (BOM case) include/ext/string_conversions.h include/std/format (non-char type formating and localization) src/c++11/functexcept.cc (__throw_out_of_range_fmt) src/c++11/snprintf_lite.cc (__throw_insufficient_space)
[Bug libstdc++/28277] __builtin_alloca with no limit in libstdc++
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=28277
--- Comment #19 from Jonathan Wakely ---
My patch missed a case for num_put, which I'll fix.
Here's a crash test for codecvt::do_length in codecvt_members.cc:
#include
int main()
{
using namespace std;
auto& cvt = use_facet>(locale::classic());
mbstate_t st = { };
size_t n = 8 * 1024 * 1024;
char* s = new char[n+1];
std::fill_n(s, n, 'a');
s[n] = '\0';
cvt.length(st, s, s+6, n);
}
The remaining uses in seem to be limited to sane
values.
messages::do_get also looks vulnerable, but I haven't tested it.
[Bug libstdc++/28277] __builtin_alloca with no limit in libstdc++
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=28277 Jonathan Wakely changed: What|Removed |Added See Also||https://gcc.gnu.org/bugzill ||a/show_bug.cgi?id=87228 --- Comment #18 from Jonathan Wakely --- For PR 87228 I've proposed a patch that makes num_put::_M_insert_int and num_put::_M_insert_float switch from alloca to the heap for sizes larger than one kilobyte: https://gcc.gnu.org/ml/gcc-patches/2018-09/msg00317.html
[Bug libstdc++/28277] __builtin_alloca with no limit in libstdc++
--- Comment #17 from paolo at gcc dot gnu dot org 2007-04-13 00:06 --- Subject: Bug 28277 Author: paolo Date: Fri Apr 13 00:06:37 2007 New Revision: 123770 URL: http://gcc.gnu.org/viewcvs?root=gccview=revrev=123770 Log: 2007-04-12 Paolo Carlini [EMAIL PROTECTED] PR libstdc++/28277 (partial: vstring bits) * include/bits/ostream_insert.h: New. * include/Makefile.am: Add. * include/ext/vstring.h (operator(basic_ostream, const __versa_string): Forward to __ostream_insert. * include/bits/basic_string.h (operator(basic_ostream, const string)): Likewise. * include/std/std_ostream.h (operator(basic_ostream, _CharT), operator(basic_ostreamchar,, char), operator(basic_ostream, const _CharT*), operator(basic_ostreamchar,, const char*)): Likewise. * include/ext/vstring.tcc (operator(basic_ostream, const __versa_string)): Remove. (class basic_ostream): Remove friend declarations. (basic_ostream::_M_write(char_type, streamsize), _M_insert(const char_type*, streamsize)): Remove. * include/bits/ostream.tcc (_M_insert(const char_type*, streamsize)): Remove definition. (operator(basic_ostream, const char*)): Use __ostream_insert. * include/ext/vstring_util.h: Include bits/ostream_insert.h. * include/std/std_string.h: Likewise. * config/abi/pre/gnu.ver: Adjust. * src/ostream-inst.cc: Add __ostream_insert instantiations. * include/Makefile.in: Rebuild. * testsuite/ext/vstring/inserters_extractors/char/28277.cc: New. * testsuite/ext/vstring/inserters_extractors/wchar_t/28277.cc: New. Added: branches/gcc-4_2-branch/libstdc++-v3/include/bits/ostream_insert.h branches/gcc-4_2-branch/libstdc++-v3/testsuite/ext/vstring/inserters_extractors/ branches/gcc-4_2-branch/libstdc++-v3/testsuite/ext/vstring/inserters_extractors/char/ branches/gcc-4_2-branch/libstdc++-v3/testsuite/ext/vstring/inserters_extractors/char/28277.cc branches/gcc-4_2-branch/libstdc++-v3/testsuite/ext/vstring/inserters_extractors/wchar_t/ branches/gcc-4_2-branch/libstdc++-v3/testsuite/ext/vstring/inserters_extractors/wchar_t/28277.cc Modified: branches/gcc-4_2-branch/libstdc++-v3/ChangeLog branches/gcc-4_2-branch/libstdc++-v3/config/abi/pre/gnu.ver branches/gcc-4_2-branch/libstdc++-v3/include/Makefile.am branches/gcc-4_2-branch/libstdc++-v3/include/Makefile.in branches/gcc-4_2-branch/libstdc++-v3/include/bits/basic_string.h branches/gcc-4_2-branch/libstdc++-v3/include/bits/ostream.tcc branches/gcc-4_2-branch/libstdc++-v3/include/ext/vstring.h branches/gcc-4_2-branch/libstdc++-v3/include/ext/vstring.tcc branches/gcc-4_2-branch/libstdc++-v3/include/ext/vstring_util.h branches/gcc-4_2-branch/libstdc++-v3/include/std/std_ostream.h branches/gcc-4_2-branch/libstdc++-v3/include/std/std_string.h branches/gcc-4_2-branch/libstdc++-v3/src/ostream-inst.cc -- http://gcc.gnu.org/bugzilla/show_bug.cgi?id=28277
[Bug libstdc++/28277] __builtin_alloca with no limit in libstdc++
--- Comment #16 from paolo at gcc dot gnu dot org 2007-04-10 11:39 --- Subject: Bug 28277 Author: paolo Date: Tue Apr 10 11:38:50 2007 New Revision: 123692 URL: http://gcc.gnu.org/viewcvs?root=gccview=revrev=123692 Log: 2007-04-10 Paolo Carlini [EMAIL PROTECTED] PR libstdc++/28277 (partial: vstring bits) * include/bits/ostream_insert.h: New. * include/Makefile.am: Add. * include/ext/vstring.h (operator(basic_ostream, const __versa_string): Forward to __ostream_insert. * include/bits/basic_string.h (operator(basic_ostream, const string)): Likewise. * include/std/ostream (operator(basic_ostream, _CharT), operator(basic_ostreamchar,, char), operator(basic_ostream, const _CharT*), operator(basic_ostreamchar,, const char*)): Likewise. * include/ext/vstring.tcc (operator(basic_ostream, const __versa_string)): Remove. (class basic_ostream): Remove friend declarations. (basic_ostream::_M_write(char_type, streamsize), _M_insert(const char_type*, streamsize)): Remove. * include/bits/ostream.tcc (_M_insert(const char_type*, streamsize)): Remove definition. (operator(basic_ostream, const char*)): Use __ostream_insert. * config/abi/pre/gnu.ver: Adjust. * src/ostream-inst.cc: Add __ostream_insert instantiations. * include/bits/locale_facets.h (__pad::_S_pad): Remove __num parameter. * include/bits/locale_facets.tcc (__pad::_S_pad): Adjust. (num_put::_M_pad(_CharT, streamsize, ios_base, _CharT*, const _CharT*, int)): Likewise. * include/Makefile.in: Rebuild. * testsuite/ext/vstring/inserters_extractors/char/28277.cc: New. * testsuite/ext/vstring/inserters_extractors/wchar_t/28277.cc: New. * include/ext/vstring_util.h: Do not include the whole locale. * include/ext/vstring.tcc (operator(basic_istream, __versa_string, getline(basic_istream, __versa_string, _CharT)): Tweak to refer to ios_base as a base of istream; do not refer to non-standard types of istream. * include/bits/istream.tcc (operator(basic_istream, _CharT*), ws(basic_istream)): Do not refer to non-standard types of istream. * include/std/bitset (operator(std::basic_istream, bitset)): Avoid using basic_streambuf*. * include/bits/istream.tcc (operator(basic_istream, basic_string), getline(basic_istream, basic_string, _CharT)): Move... * include/bits/basic_string.tcc: ... here; tweak to refer to ios_base as a base of istream; do not refer to non-standard types of istream. * include/std/string: Tweak includes. * include/ext/type_traits.h (__is_null_pointer): Add. * include/ext/rc_string_base.h: Use it. * include/ext/sso_string_base.h: Likewise. * include/bits/basic_string.tcc (__is_null_pointer): Remove, use the above. * include/ext/vstring_util.h (__vstring_utility::_S_is_null_pointer): Remove. Added: trunk/libstdc++-v3/include/bits/ostream_insert.h trunk/libstdc++-v3/testsuite/ext/vstring/inserters_extractors/ trunk/libstdc++-v3/testsuite/ext/vstring/inserters_extractors/char/ trunk/libstdc++-v3/testsuite/ext/vstring/inserters_extractors/char/28277.cc trunk/libstdc++-v3/testsuite/ext/vstring/inserters_extractors/wchar_t/ trunk/libstdc++-v3/testsuite/ext/vstring/inserters_extractors/wchar_t/28277.cc Modified: trunk/libstdc++-v3/ChangeLog trunk/libstdc++-v3/config/abi/pre/gnu.ver trunk/libstdc++-v3/include/Makefile.am trunk/libstdc++-v3/include/Makefile.in trunk/libstdc++-v3/include/bits/basic_string.h trunk/libstdc++-v3/include/bits/basic_string.tcc trunk/libstdc++-v3/include/bits/istream.tcc trunk/libstdc++-v3/include/bits/locale_facets.h trunk/libstdc++-v3/include/bits/locale_facets.tcc trunk/libstdc++-v3/include/bits/ostream.tcc trunk/libstdc++-v3/include/ext/rc_string_base.h trunk/libstdc++-v3/include/ext/sso_string_base.h trunk/libstdc++-v3/include/ext/type_traits.h trunk/libstdc++-v3/include/ext/vstring.h trunk/libstdc++-v3/include/ext/vstring.tcc trunk/libstdc++-v3/include/ext/vstring_util.h trunk/libstdc++-v3/include/std/bitset trunk/libstdc++-v3/include/std/ostream trunk/libstdc++-v3/include/std/string trunk/libstdc++-v3/src/ostream-inst.cc -- http://gcc.gnu.org/bugzilla/show_bug.cgi?id=28277
[Bug libstdc++/28277] __builtin_alloca with no limit in libstdc++
--- Comment #15 from pcarlini at suse dot de 2007-04-09 22:35 --- Doesn't really block this one. -- pcarlini at suse dot de changed: What|Removed |Added BugsThisDependsOn|29236 | http://gcc.gnu.org/bugzilla/show_bug.cgi?id=28277
[Bug libstdc++/28277] __builtin_alloca with no limit in libstdc++
--- Comment #14 from paolo at gcc dot gnu dot org 2006-10-13 09:00 --- Subject: Bug 28277 Author: paolo Date: Fri Oct 13 09:00:31 2006 New Revision: 117689 URL: http://gcc.gnu.org/viewcvs?root=gccview=revrev=117689 Log: 2006-10-13 Paolo Carlini [EMAIL PROTECTED] PR libstdc++/28277 (partial: ostream bits 2) * include/std/std_ostream.h (basic_ostream::_M_insert(const char_type*, streamsize)): New. (basic_ostream::_M_write(char_type, streamsize)): Likewise. (operator(basic_ostream, _CharT), operator(basic_ostream, char), operator(basic_ostream, const _CharT*), operator(basic_ostream, const char*)): Use the latter. * include/bits/ostream.tcc (basic_ostream::_M_insert(const char_type*, streamsize)): Define. (operator(basic_ostream, const char*)): Use the latter. (operator(basic_ostream, _CharT), operator(basic_ostream, char), operator(basic_ostream, const _CharT*), operator(basic_ostream, const char*), operator(basic_ostream, const basic_string)): Remove. * include/bits/basic_string.h (operator(basic_ostream, const basic_string)): Use the latter, implement DR 586. * config/abi/pre/gnu.ver: Adjust, export the new _M_insert. * docs/html/ext/howto.html: Add an entry for DR 586. * testsuite/21_strings/basic_string/inserters_extractors/char/ 28277.cc: New. * testsuite/21_strings/basic_string/inserters_extractors/wchar_t/ 28277.cc: Likewise. * testsuite/27_io/basic_ostream/inserters_character/char/ 28277-3.cc: Likewise. * testsuite/27_io/basic_ostream/inserters_character/char/ 28277-4.cc: Likewise. * testsuite/27_io/basic_ostream/inserters_character/wchar_t/ 28277-2.cc: Likewise. * testsuite/27_io/basic_ostream/inserters_character/wchar_t/ 28277-3.cc: Likewise. * testsuite/27_io/basic_ostream/inserters_character/wchar_t/ 28277-4.cc: Likewise. Added: trunk/libstdc++-v3/testsuite/21_strings/basic_string/inserters_extractors/char/28277.cc trunk/libstdc++-v3/testsuite/21_strings/basic_string/inserters_extractors/wchar_t/28277.cc trunk/libstdc++-v3/testsuite/27_io/basic_ostream/inserters_character/char/28277-3.cc trunk/libstdc++-v3/testsuite/27_io/basic_ostream/inserters_character/char/28277-4.cc trunk/libstdc++-v3/testsuite/27_io/basic_ostream/inserters_character/wchar_t/28277-2.cc trunk/libstdc++-v3/testsuite/27_io/basic_ostream/inserters_character/wchar_t/28277-3.cc trunk/libstdc++-v3/testsuite/27_io/basic_ostream/inserters_character/wchar_t/28277-4.cc Modified: trunk/libstdc++-v3/ChangeLog trunk/libstdc++-v3/config/abi/pre/gnu.ver trunk/libstdc++-v3/docs/html/ext/howto.html trunk/libstdc++-v3/include/bits/basic_string.h trunk/libstdc++-v3/include/bits/ostream.tcc trunk/libstdc++-v3/include/std/std_ostream.h -- http://gcc.gnu.org/bugzilla/show_bug.cgi?id=28277
[Bug libstdc++/28277] __builtin_alloca with no limit in libstdc++
--- Comment #12 from paolo at gcc dot gnu dot org 2006-10-09 10:50 --- Subject: Bug 28277 Author: paolo Date: Mon Oct 9 10:49:50 2006 New Revision: 117571 URL: http://gcc.gnu.org/viewcvs?root=gccview=revrev=117571 Log: 2006-10-09 Paolo Carlini [EMAIL PROTECTED] PR libstdc++/28277 (partial: money_put bits) * include/bits/locale_facets.tcc (money_put::_M_insert(iter_type, ios_base, char_type, const string_type)): Avoid __builtin_alloca with no limit, do the work in place. * include/bits/locale_facets.tcc (money_put::do_put(iter_type, bool, ios_base, char_type, long double)): Avoid unnecessary __builtin_alloca, do the work in place. Modified: trunk/libstdc++-v3/ChangeLog trunk/libstdc++-v3/include/bits/locale_facets.tcc -- http://gcc.gnu.org/bugzilla/show_bug.cgi?id=28277
[Bug libstdc++/28277] __builtin_alloca with no limit in libstdc++
--- Comment #13 from paolo at gcc dot gnu dot org 2006-10-09 18:04 --- Subject: Bug 28277 Author: paolo Date: Mon Oct 9 18:04:18 2006 New Revision: 117581 URL: http://gcc.gnu.org/viewcvs?root=gccview=revrev=117581 Log: 2006-10-09 Paolo Carlini [EMAIL PROTECTED] PR libstdc++/28277 (partial: __add_grouping) * include/bits/locale_facets.tcc (__add_grouping(_CharT*, _CharT, const char*, size_t, const _CharT*, const _CharT*)): Rewrite in non-recursive form. Modified: trunk/libstdc++-v3/ChangeLog trunk/libstdc++-v3/include/bits/locale_facets.tcc -- http://gcc.gnu.org/bugzilla/show_bug.cgi?id=28277
[Bug libstdc++/28277] __builtin_alloca with no limit in libstdc++
--- Comment #11 from paolo at gcc dot gnu dot org 2006-10-08 01:13 --- Subject: Bug 28277 Author: paolo Date: Sun Oct 8 01:13:03 2006 New Revision: 117549 URL: http://gcc.gnu.org/viewcvs?root=gccview=revrev=117549 Log: 2006-10-07 Paolo Carlini [EMAIL PROTECTED] PR libstdc++/28277 (partial: money_get bits) * include/bits/locale_facets.tcc (money_get::do_get(iter_type, iter_type, bool, ios_base, ios_base::iostate, string_type)): Avoid __builtin_alloca with no limit, do the work in place. Modified: trunk/libstdc++-v3/ChangeLog trunk/libstdc++-v3/include/bits/locale_facets.tcc -- http://gcc.gnu.org/bugzilla/show_bug.cgi?id=28277
[Bug libstdc++/28277] __builtin_alloca with no limit in libstdc++
--- Comment #10 from paolo at gcc dot gnu dot org 2006-07-16 15:39 --- Subject: Bug 28277 Author: paolo Date: Sun Jul 16 15:38:59 2006 New Revision: 115501 URL: http://gcc.gnu.org/viewcvs?root=gccview=revrev=115501 Log: 2006-07-16 Paolo Carlini [EMAIL PROTECTED] PR libstdc++/28277 (partial: valarray bits) * include/std/std_valarray.h (valarray::shift(int), valarray::cshift(int)): Avoid __builtin_alloca with no limit, do the work in place. * testsuite/26_numerics/valarray/28277.cc: New. Added: trunk/libstdc++-v3/testsuite/26_numerics/valarray/28277.cc Modified: trunk/libstdc++-v3/ChangeLog trunk/libstdc++-v3/include/std/std_valarray.h -- http://gcc.gnu.org/bugzilla/show_bug.cgi?id=28277
[Bug libstdc++/28277] __builtin_alloca with no limit in libstdc++
--- Comment #9 from paolo at gcc dot gnu dot org 2006-07-15 20:30 --- Subject: Bug 28277 Author: paolo Date: Sat Jul 15 20:30:50 2006 New Revision: 115485 URL: http://gcc.gnu.org/viewcvs?root=gccview=revrev=115485 Log: 2006-07-15 Paolo Carlini [EMAIL PROTECTED] PR libstdc++/28277 (partial: ostream bits 1) * include/bits/ostream.tcc (operator(basic_ostream_CharT, const char*)): Avoid __builtin_alloca with no limit in the widening. * testsuite/27_io/basic_ostream/inserters_character/wchar_t/ 28277-1.cc: New. Added: trunk/libstdc++-v3/testsuite/27_io/basic_ostream/inserters_character/wchar_t/28277-1.cc Modified: trunk/libstdc++-v3/ChangeLog trunk/libstdc++-v3/include/bits/ostream.tcc -- http://gcc.gnu.org/bugzilla/show_bug.cgi?id=28277
[Bug libstdc++/28277] __builtin_alloca with no limit in libstdc++
--- Comment #8 from paolo at gcc dot gnu dot org 2006-07-11 11:21 --- Subject: Bug 28277 Author: paolo Date: Tue Jul 11 11:21:38 2006 New Revision: 115332 URL: http://gcc.gnu.org/viewcvs?root=gccview=revrev=115332 Log: 2006-07-11 Paolo Carlini [EMAIL PROTECTED] PR libstdc++/28277 (partial: collate bits) * include/bits/locale_facets.tcc (collate::do_transform( const _CharT*, const _CharT*)): Avoid __builtin_alloca with no limit; also avoid multiple calls (in a loop). * testsuite/22_locale/collate/transform/char/28277.cc: New. * testsuite/22_locale/collate/transform/wchar_t/28277.cc: Likewise. Added: trunk/libstdc++-v3/testsuite/22_locale/collate/transform/char/28277.cc trunk/libstdc++-v3/testsuite/22_locale/collate/transform/wchar_t/28277.cc Modified: trunk/libstdc++-v3/ChangeLog trunk/libstdc++-v3/include/bits/locale_facets.tcc -- http://gcc.gnu.org/bugzilla/show_bug.cgi?id=28277
[Bug libstdc++/28277] __builtin_alloca with no limit in libstdc++
-- pcarlini at suse dot de changed: What|Removed |Added AssignedTo|unassigned at gcc dot gnu |pcarlini at suse dot de |dot org | Status|NEW |ASSIGNED http://gcc.gnu.org/bugzilla/show_bug.cgi?id=28277
[Bug libstdc++/28277] __builtin_alloca with no limit in libstdc++
--- Comment #1 from pcarlini at suse dot de 2006-07-05 21:47 --- (In reply to comment #0) These have data-dependent sizes with no obvious limit, which does not mix well with threads and small stacks. I suppose you are going to provide additional details... -- http://gcc.gnu.org/bugzilla/show_bug.cgi?id=28277
[Bug libstdc++/28277] __builtin_alloca with no limit in libstdc++
--- Comment #2 from mec at google dot com 2006-07-05 22:20 ---
Sure, here is a test program for versa_string:
// Copyright 2006, Google Inc. All rights reserved.
// Author: [EMAIL PROTECTED] (Michael Chastain)
//
// Test operator(ostream, const versa_string)
#include ext/vstring.h
#include iostream
int main() {
__gnu_cxx::__versa_string
char, std::char_traitschar, std::allocatorchar
s(Hello world);
std::cout s std::endl;
std::cout.width(60);
std::cout s std::endl;
std::cout.width(6000);
std::cout s std::endl;
std::cout.width(6000);
std::cout s std::endl;
return 0;
}
This program allocates 60 million bytes on the stack in the last output
statement.
--
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=28277
Re: [Bug libstdc++/28277] __builtin_alloca with no limit in libstdc++
std::cout.width(6000); This program allocates 60 million bytes on the stack in the last output statement. You get what you deserve really. If there are checks then it will be slow. -- Pinski
[Bug libstdc++/28277] __builtin_alloca with no limit in libstdc++
--- Comment #3 from pinskia at physics dot uc dot edu 2006-07-05 22:27 --- Subject: Re: __builtin_alloca with no limit in libstdc++ std::cout.width(6000); This program allocates 60 million bytes on the stack in the last output statement. You get what you deserve really. If there are checks then it will be slow. -- Pinski -- http://gcc.gnu.org/bugzilla/show_bug.cgi?id=28277
[Bug libstdc++/28277] __builtin_alloca with no limit in libstdc++
--- Comment #4 from pcarlini at suse dot de 2006-07-05 22:32 --- (In reply to comment #2) Sure, here is a test program for versa_string: Ok, the stack thing is rather straightforward but of course we should first dig the archives and find when and why, **a lot** of time ago, such uses have been considered appropriate (the pattern in versa_string is just copied over from completely similar patterns used elsewhere, obviously). I believe we can work on it, *very* careful with memory leaks, most likely GCC 4.3 material. Please explain in better detail the threads point, however. -- http://gcc.gnu.org/bugzilla/show_bug.cgi?id=28277
[Bug libstdc++/28277] __builtin_alloca with no limit in libstdc++
--- Comment #5 from mec at google dot com 2006-07-05 22:43 --- The threads point is just a basic stack size issue: threads on linux have a fixed size which is often smaller than the main stack size limit. With an output width of 60 million, it's easy to see a failure, even on a main stack. hollerith:~/exp-string-width$ ulimit -Ss 8192 hollerith:~/exp-string-width$ /home/mec/gcc-4.2-20060624/install/bin/g++ z1.cc hollerith:~/exp-string-width$ a.out /dev/null Segmentation fault I agree, this would be best fixed, carefully, in mainline, and then flow into releases in the fullness of time. -- http://gcc.gnu.org/bugzilla/show_bug.cgi?id=28277
[Bug libstdc++/28277] __builtin_alloca with no limit in libstdc++
--- Comment #6 from pcarlini at suse dot de 2006-07-05 22:48 --- (In reply to comment #5) The threads point is just a basic stack size issue: threads on linux have a fixed size which is often smaller than the main stack size limit. Ok then. With an output width of 60 million, it's easy to see a failure, even on a main stack. hollerith:~/exp-string-width$ ulimit -Ss 8192 hollerith:~/exp-string-width$ /home/mec/gcc-4.2-20060624/install/bin/g++ z1.cc hollerith:~/exp-string-width$ a.out /dev/null Segmentation fault Note, in general, I guess we are often going to fail anyway (at least for some of the pointed out uses) only, throwing a bad_alloc exception instead of seg-faulting, I hope that is acceptable... -- http://gcc.gnu.org/bugzilla/show_bug.cgi?id=28277
[Bug libstdc++/28277] __builtin_alloca with no limit in libstdc++
-- pcarlini at suse dot de changed: What|Removed |Added AssignedTo|unassigned at gcc dot gnu |pcarlini at suse dot de |dot org | Severity|normal |enhancement Status|UNCONFIRMED |ASSIGNED Ever Confirmed|0 |1 Last reconfirmed|-00-00 00:00:00 |2006-07-05 23:00:09 date|| http://gcc.gnu.org/bugzilla/show_bug.cgi?id=28277
[Bug libstdc++/28277] __builtin_alloca with no limit in libstdc++
-- pcarlini at suse dot de changed: What|Removed |Added AssignedTo|pcarlini at suse dot de |unassigned at gcc dot gnu ||dot org Status|ASSIGNED|NEW http://gcc.gnu.org/bugzilla/show_bug.cgi?id=28277
[Bug libstdc++/28277] __builtin_alloca with no limit in libstdc++
--- Comment #7 from pcarlini at suse dot de 2006-07-05 23:17 --- Humm, at least the various instances of the problem related to padding seem simple to fix, by just doing the I/O as part of the padding itself - it's *the last* stage of the processing anyway... -- http://gcc.gnu.org/bugzilla/show_bug.cgi?id=28277
