This is the mail archive of the gcc-bugs@gcc.gnu.org mailing list for the GCC project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

[Bug libstdc++/42261] New: infinite recursion from string(string::size_type(6), string::size_type('f'))

Attempting to construct a string from two size_type parameters causes infinite
recursion.  Test code, badstring.cc:

#include <string>
using namespace std;
int main() {
    string s(string::size_type(6), string::size_type('f'));
}

Compiled with:
g++ -O2 -o badstring badstring.cc

Loops infinitely when called.  If compiled with -O0, segfaults when it runs out
of stack.

Analysis:

It appears that this ctor is used (with _InputIterator being string::size_type)

  template<typename _CharT, typename _Traits, typename _Alloc>
    template<typename _InputIterator>
    basic_string<_CharT, _Traits, _Alloc>::
    basic_string(_InputIterator __beg, _InputIterator __end, const _Alloc& __a)
    : _M_dataplus(_S_construct(__beg, __end, __a), __a)
    { }

This leads to an infinite recursion between these two methods:

      // _GLIBCXX_RESOLVE_LIB_DEFECTS
      // 438. Ambiguity in the "do the right thing" clause
      template<class _Integer>
        static _CharT*
        _S_construct_aux(_Integer __beg, _Integer __end,
                         const _Alloc& __a, __true_type)
        { return _S_construct(static_cast<size_type>(__beg), __end, __a); }

      template<class _InIterator>
        static _CharT*
        _S_construct(_InIterator __beg, _InIterator __end, const _Alloc& __a)
        {
          typedef typename std::__is_integer<_InIterator>::__type _Integral;
          return _S_construct_aux(__beg, __end, __a, _Integral());
        }

The infinite recursion also happens with GCC 4.3.2.  GCC 4.1.3 constructs a
string containing "ffffff".

I'm not familiar enough with the standard to know whether GCC 4.1.3 is correct,
or whether 4.3.2 and 4.4.1 are (or whether neither behaviour is right), but
generating an infinite loop for seemingly innocent looking code seems
unhelpful.

FWIW, the Comeau online compiler accepts the code, but I can't tell how it
interprets it.


-- 
           Summary: infinite recursion from string(string::size_type(6),
                    string::size_type('f'))
           Product: gcc
           Version: 4.4.1
            Status: UNCONFIRMED
          Severity: normal
          Priority: P3
         Component: libstdc++
        AssignedTo: unassigned at gcc dot gnu dot org
        ReportedBy: olly at survex dot com
 GCC build triplet: x86_64-unknown-linux-gnu
  GCC host triplet: x86_64-unknown-linux-gnu
GCC target triplet: x86_64-unknown-linux-gnu


http://gcc.gnu.org/bugzilla/show_bug.cgi?id=42261
Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]