Pre-4.0, vector had a bunch of nasty error cases when resizing overflowed a
size_t. Change 89377 fixed some of them. But
1) vector<bool>'s copy (yuck) of the relevant functions weren't updated
2) vector<bool>'s max_size is incorrect. currently it is set to the maximum
size_t. but because vector<bool>'s iterators aren't directly pointers, and the
iterator arithmetic takes ssize_t as arguments, it can't tolerate sizes that
don't fit in an ssize_t. because of the round up to the nearest word, the
correct max_size is SIZE_MAX rounded down to the nearest word.
3) if doubling a vector size exceeds max_size, the code will go ahead and ask
the allocator for it. It seems nicer to clamp the size to max_size, although a
bad_alloc is to be expected either way. I'd mostly argue that the vector code
should clamp at max_size to avoid relying on the allocator to range check
properly.
--
Summary: resizing bugs in std::vector
Product: gcc
Version: 4.1.2
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: libstdc++
AssignedTo: unassigned at gcc dot gnu dot org
ReportedBy: gcc at severeweblint dot org
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=31370
