From patchwork Wed Jul 19 00:22:56 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jonathan Wakely X-Patchwork-Id: 790687 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=gcc.gnu.org (client-ip=209.132.180.131; helo=sourceware.org; envelope-from=gcc-patches-return-458459-incoming=patchwork.ozlabs.org@gcc.gnu.org; receiver=) Authentication-Results: ozlabs.org; dkim=pass (1024-bit key; unprotected) header.d=gcc.gnu.org header.i=@gcc.gnu.org header.b="aUO2AQal"; dkim-atps=neutral Received: from sourceware.org (server1.sourceware.org [209.132.180.131]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 3xByRx50HKz9t16 for ; Wed, 19 Jul 2017 10:23:19 +1000 (AEST) DomainKey-Signature: a=rsa-sha1; c=nofws; d=gcc.gnu.org; h=list-id :list-unsubscribe:list-archive:list-post:list-help:sender:date :from:to:subject:message-id:references:mime-version:content-type :in-reply-to; q=dns; s=default; b=R76xpQ4asadIe2D1VV7E7VWiampLj9 KSe9EH2sDq7gRD9SSqzHNLpdFuQXRwUfwppJaQEQV7u4xLg0E1hrsWB+7yxwAAjK RUYix5jLjix7CzT83ynFVnNzCvi3Awy4MpfVvOh3ksm2dDoLjQDW4H0dsQVnIhSH NeM29P+zbBClQ= DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=gcc.gnu.org; h=list-id :list-unsubscribe:list-archive:list-post:list-help:sender:date :from:to:subject:message-id:references:mime-version:content-type :in-reply-to; s=default; bh=Yw+aB13nRMQuBL8142iqNenVN7I=; b=aUO2 AQalK8dlvQzwpqR3ID1OCcezTJXWsaAgZ7gHl6aOvbAqHi+O3L6IL5+FJWq8R2JS OUOFH0k3Zymdc33f+hfKjKkZ5LAL4R4TtwVxTmVySFv1bmfiPRXRRFqOH+XuB365 DK9SoUZGW5ycy7syZ+Ba348odoMPCljsgmqFXqc= Received: (qmail 12705 invoked by alias); 19 Jul 2017 00:23:01 -0000 Mailing-List: contact gcc-patches-help@gcc.gnu.org; run by ezmlm Precedence: bulk List-Id: List-Unsubscribe: List-Archive: List-Post: List-Help: Sender: gcc-patches-owner@gcc.gnu.org Delivered-To: mailing list gcc-patches@gcc.gnu.org Received: (qmail 12572 invoked by uid 89); 19 Jul 2017 00:23:00 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-26.9 required=5.0 tests=BAYES_00, GIT_PATCH_0, GIT_PATCH_1, GIT_PATCH_2, GIT_PATCH_3, RP_MATCHES_RCVD, SPF_HELO_PASS autolearn=ham version=3.3.2 spammy= X-Spam-User: qpsmtpd, 2 recipients X-HELO: mx1.redhat.com Received: from mx1.redhat.com (HELO mx1.redhat.com) (209.132.183.28) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with ESMTP; Wed, 19 Jul 2017 00:22:59 +0000 Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id AC7D27A160; Wed, 19 Jul 2017 00:22:57 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com AC7D27A160 Authentication-Results: ext-mx04.extmail.prod.ext.phx2.redhat.com; dmarc=none (p=none dis=none) header.from=redhat.com Authentication-Results: ext-mx04.extmail.prod.ext.phx2.redhat.com; spf=pass smtp.mailfrom=jwakely@redhat.com DKIM-Filter: OpenDKIM Filter v2.11.0 mx1.redhat.com AC7D27A160 Received: from localhost (unknown [10.33.36.81]) by smtp.corp.redhat.com (Postfix) with ESMTP id 480046031B; Wed, 19 Jul 2017 00:22:57 +0000 (UTC) Date: Wed, 19 Jul 2017 01:22:56 +0100 From: Jonathan Wakely To: libstdc++@gcc.gnu.org, gcc-patches@gcc.gnu.org Subject: Re: [PATCH] PR libstdc++/81395 fix crash when write follows large read Message-ID: <20170719002256.GD15340@redhat.com> References: <20170719001746.GA20726@redhat.com> MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: <20170719001746.GA20726@redhat.com> X-Clacks-Overhead: GNU Terry Pratchett User-Agent: Mutt/1.8.0 (2017-02-23) On 19/07/17 01:17 +0100, Jonathan Wakely wrote: >This fixes a crash that happens in std::filebuf when a large read >consumes the entire get area and is followed by a write, which is then >synced to the file by a call to overflow. > >The problem is that xsgetn calls _M_set_buffer(0) after reading from >the file (i.e. when in 'read' mode). As the comments on _M_set_buffer >say, an argument of 0 is used for 'write' mode. This causes the >filebuf to have an active put area while in 'read' mode, so that the >next write inserts straight into that put area, rather than performing >the required seek to leave 'read' mode. > >The next overflow then tries to leave 'read' mode by doing a seek, but >that then tries to flush the non-empty put area by calling overflow, >which goes into a loop until we overflow the stack. > >The solution is to simply remove the call to _M_set_buffer(0). It's >not needed because the buffers are already set up appropriately after >xsgetn has read from the file: there's no active putback, no put area, >and setg(eback(), egptr(), egptr()) has been called so there's nothing >available in the get area. All we need to do is set _M_reading = true >so that a following write knows it needs to perform a seek. > >The new testcase passes with GCC 4.5, so this is technically a >regression. However, I have a more demanding test that fails even with >GCC 4.5, so I don't think mixing reads and writes without intervening >seeks was ever working completely. I hope it is now. > >I spent a LOT of time checking the make check-performance results >before and after this patch (and with various other attempted fixes) >and any difference seemed to be noise. > > PR libstdc++/81395 > * include/bits/fstream.tcc (basic_filebuf::xsgetn): Don't set buffer > pointers for write mode after reading. > * testsuite/27_io/basic_filebuf/sgetn/char/81395.cc: New. The new test needs this dg-require so it doesn't FAIL on target boards with no file I/O, and the dg-do is redundant. Committed to trunk. commit e868d4e4a67faa9b889720b5fcdd10f5eb0f4fa8 Author: Jonathan Wakely Date: Wed Jul 19 01:19:20 2017 +0100 Use dg-require-fileio in new test * testsuite/27_io/basic_filebuf/sgetn/char/81395.cc: Add dg-require. diff --git a/libstdc++-v3/testsuite/27_io/basic_filebuf/sgetn/char/81395.cc b/libstdc++-v3/testsuite/27_io/basic_filebuf/sgetn/char/81395.cc index 4985628..ea8dbc1 100644 --- a/libstdc++-v3/testsuite/27_io/basic_filebuf/sgetn/char/81395.cc +++ b/libstdc++-v3/testsuite/27_io/basic_filebuf/sgetn/char/81395.cc @@ -15,7 +15,7 @@ // with this library; see the file COPYING3. If not see // . -// { dg-do run } +// { dg-require-fileio "" } // PR libstdc++/81395