This is the mail archive of the
gcc-patches@gcc.gnu.org
mailing list for the GCC project.
Re: [PATCH] Fix PR middle-end/37669
- From: Jakub Jelinek <jakub at redhat dot com>
- To: Adam Nemet <anemet at caviumnetworks dot com>
- Cc: gcc-patches at gcc dot gnu dot org
- Date: Mon, 20 Oct 2008 22:08:43 +0200
- Subject: Re: [PATCH] Fix PR middle-end/37669
- References: <18684.58242.906331.908972@foo.home>
- Reply-to: Jakub Jelinek <jakub at redhat dot com>
On Mon, Oct 20, 2008 at 01:01:06PM -0700, Adam Nemet wrote:
> As I said in the bug:
>
> I think the problem is that in
>
> ccp_fold_builtin():
> 2502 memset (val, 0, sizeof (val));
> 2503 for (i = 0; i < nargs; i++)
> 2504 {
> 2505 if ((arg_mask >> i) & 1)
> 2506 {
> 2507 a = gimple_call_arg (stmt, i);
> 2508 bitmap_clear (visited);
> 2509 if (!get_maxval_strlen (a, &val[i], visited, type))
> 2510 val[i] = NULL_TREE;
>
> arg_mask is an int and in the testcase nargs is 35 (the number of args to
> snprintf). Therefore the result of the shift can be undefined. As a result
> we address out of the val array on the stack that is allocated with three
> entries.
>
> I changed to run the above loop until the highest bit in arg_mask is reached.
See my comment in bugzilla, I think this is an overkill, we should just
remove the loop which might have been useful when we had to iterate through
the arguments, but isn't any longer. The only values of arg_mask are
1, 2 and 4 and val array has 3 elements anyway, so if you want to keep the
loop, you could at least use i < nargs && i < 3, which is cheaper than
floor_log2.
Jakub