[gcc/devel/omp/gcc-10] libstdc++: Fix incorrect size calculation in PMR resource (PR 94906)

Wed Jun 10 10:29:22 GMT 2020

https://gcc.gnu.org/g:dc103060c18656affaecfdd57faa4e0237dadcd3

commit dc103060c18656affaecfdd57faa4e0237dadcd3
Author: Jonathan Wakely <jwakely@redhat.com>
Date:   Tue May 12 09:54:44 2020 +0100

    libstdc++: Fix incorrect size calculation in PMR resource  (PR 94906)
    
    Calculating the size of a chunk being returned to the upstream allocator
    was done with a 32-bit type, so it wrapped if the chunk was 4GB or
    larger.
    
    I don't know how to test this without allocating 4GB, so there's no test
    in the testsuite. It has been tested manually of course.
    
    Backport from mainline
    2020-05-04  Jonathan Wakely  <jwakely@redhat.com>
    
            PR libstdc++/94906
            * src/c++17/memory_resource.cc
            (monotonic_buffer_resource::_Chunk::release): Use size_t for shift
            operands.

Diff:
---
 libstdc++-v3/ChangeLog                    | 8 ++++++++
 libstdc++-v3/src/c++17/memory_resource.cc | 4 ++--
 2 files changed, 10 insertions(+), 2 deletions(-)

diff --git a/libstdc++-v3/ChangeLog b/libstdc++-v3/ChangeLog
index b37c19ace3b..d9c2ecf1ed4 100644
--- a/libstdc++-v3/ChangeLog
+++ b/libstdc++-v3/ChangeLog
@@ -1,5 +1,13 @@
 2020-05-12  Jonathan Wakely  <jwakely@redhat.com>
 
+	Backport from mainline
+	2020-05-04  Jonathan Wakely  <jwakely@redhat.com>
+
+	PR libstdc++/94906
+	* src/c++17/memory_resource.cc
+	(monotonic_buffer_resource::_Chunk::release): Use size_t for shift
+	operands.
+
 	Backport from mainline
 	2020-05-03  Jonathan Wakely  <jwakely@redhat.com>
 
diff --git a/libstdc++-v3/src/c++17/memory_resource.cc b/libstdc++-v3/src/c++17/memory_resource.cc
index 56a87844da0..70c39881fa1 100644
--- a/libstdc++-v3/src/c++17/memory_resource.cc
+++ b/libstdc++-v3/src/c++17/memory_resource.cc
@@ -228,8 +228,8 @@ namespace pmr
 	  if (__ch->_M_canary != (__ch->_M_size | __ch->_M_align))
 	    return; // buffer overflow detected!
 
-	  size_t __size = (1u << __ch->_M_size);
-	  size_t __align = (1u << __ch->_M_align);
+	  size_t __size = (size_t)1 << __ch->_M_size;
+	  size_t __align = (size_t)1 << __ch->_M_align;
 	  void* __start = (char*)(__ch + 1) - __size;
 	  __r->deallocate(__start, __size, __align);
 	}
