This is the mail archive of the gcc-patches@gcc.gnu.org mailing list for the GCC project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: [PATCH][IRA] Avoid undefined behavior in ira_allocno_object_iter_cond

On 04/19/2012 08:14 AM, Richard Guenther wrote: 
This gave me headaches debugging a VRP "miscompile" of ira-build.c.
Number of iteration analysis concluded that the allocno object
iterators do not iterate because it sees accesses to ->objects[n]
for a loop i = 0; i<  n; ++i.  This is because
ira_allocno_object_iter_cond was written in a very fancy way,
optimizing the number of source lines (appearantly).

Fixed as follows.

A bootstrap&  regtest is currently running (together with the
alleged VRP modification).  I will commit this if it succeeds.


Thanks, Richard.

2012-04-19 Richard Guenther<rguenther@suse.de>

	* ira-int.h (ira_allocno_object_iter_cond): Avoid out-of-bound
	array access.

Index: gcc/ira-int.h
===================================================================
--- gcc/ira-int.h	(revision 186584)
+++ gcc/ira-int.h	(working copy)
@@ -1138,8 +1138,13 @@ static inline bool
  ira_allocno_object_iter_cond (ira_allocno_object_iterator *i, ira_allocno_t a,
  			      ira_object_t *o)
  {
-  *o = ALLOCNO_OBJECT (a, i->n);
-  return i->n++<  ALLOCNO_NUM_OBJECTS (a);
+  int n = i->n++;
+  if (n<  ALLOCNO_NUM_OBJECTS (a))
+    {
+      *o = ALLOCNO_OBJECT (a, n);
+      return true;
+    }
+  return false;
  }

/* Loop over all objects associated with allocno A. In each

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]