libstdc++: Fix incorrect size calculation in PMR resource (PR 94906)

Calculating the size of a chunk being returned to the upstream allocator
was done with a 32-bit type, so it wrapped if the chunk was 4GB or
larger.

I don't know how to test this without allocating 4GB, so there's no test
in the testsuite. It has been tested manually with allocations sizes and
alignments exceeding 4GB.

	PR libstdc++/94906
	* src/c++17/memory_resource.cc
	(monotonic_buffer_resource::_Chunk::release): Use size_t for shift
	operands.

diff --git a/libstdc++-v3/ChangeLog b/libstdc++-v3/ChangeLog
index 739ab9eeb290a3d2ad0cabfa34778ede96b3bba1..9cc811c884feb8fe1a7ddb3c8d5cf7c5f6fc8d8c 100644 (file)
--- a/libstdc++-v3/ChangeLog
+++ b/libstdc++-v3/ChangeLog
@@ -1,3 +1,10 @@
+2020-05-04  Jonathan Wakely  <jwakely@redhat.com>
+
+       PR libstdc++/94906
+       * src/c++17/memory_resource.cc
+       (monotonic_buffer_resource::_Chunk::release): Use size_t for shift
+       operands.
+
 2020-05-04  Nathan Sidwell  <nathan@acm.org>
 
        PR libstdc++/94747

diff --git a/libstdc++-v3/src/c++17/memory_resource.cc b/libstdc++-v3/src/c++17/memory_resource.cc
index 1acab19e306047ab19b2e375951e5869c12d8426..95352b2353780da158b3715989526bc100ae1614 100644 (file)
--- a/libstdc++-v3/src/c++17/memory_resource.cc
+++ b/libstdc++-v3/src/c++17/memory_resource.cc
@@ -228,8 +228,8 @@ namespace pmr
          if (__ch->_M_canary != (__ch->_M_size | __ch->_M_align))
            return; // buffer overflow detected!
 
-         size_t __size = (1u << __ch->_M_size);
-         size_t __align = (1u << __ch->_M_align);
+         size_t __size = (size_t)1 << __ch->_M_size;
+         size_t __align = (size_t)1 << __ch->_M_align;
          void* __start = (char*)(__ch + 1) - __size;
          __r->deallocate(__start, __size, __align);
        }