This is the mail archive of the
gcc-patches@gcc.gnu.org
mailing list for the GCC project.
C++ PATCH: obstack leakage -> segfault
- To: egcs-patches at egcs dot cygnus dot com
- Subject: C++ PATCH: obstack leakage -> segfault
- From: Nathan Sidwell <nathan at acm dot org>
- Date: Wed, 26 May 1999 10:38:02 +0100
- Organization: University of Bristol
- Reply-To: nathan at compsci dot bristol dot ac dot uk
Hi,
I fell over a bug with array types where the type was allocated on the
permanent obstack and the TYPE_DOMAIN on a temporary one. When the the type was
copied to permanent, nothing changed and the compiler segfaulted later as the
domain got trashed. I attach an example which kills i686-pc-linux-gnu but not
sparc-sun-solaris2.6.
I attach a patch to complete_array_type (decl.c) which makes sure the domain is
placed in the permanent obstack, if anything it's being attached to is.
(Perhaps it should always be placed on the permanent obstack?)
The 2.95 branch has the same flaw (and segfaults on sparc-sun-solaris2.6). I
recommend that be fixed too.
May I install it?
nathan
--
Dr Nathan Sidwell :: Computer Science Department :: Bristol University
I have seen the death of PhotoShop -- it is called GIMP
nathan@acm.org http://www.cs.bris.ac.uk/~nathan/ nathan@cs.bris.ac.uk
typedef void (*Fptr)();
inline void NotUsed(Fptr) throw()
{
return;
}
void Fn(Fptr const &);
template<class T> inline Fptr Foo(T const *)
{
return &T::FnValue;
}
template<class T> inline Fptr Bar()
{
return Foo((T const *)0);
}
template<class T> inline Fptr Quux(T const *const &)
{
return Bar<T>();
}
template<class T> inline Fptr Quux(T const &objRef)
{
return Quux(&objRef);
}
template<class T, unsigned I> void FnArray ()
{}
template<class T, unsigned I> inline Fptr Foo(T const (*)[I])
{
return &FnArray<T,I>;
}
int main(int, char *[])
{
static int attribList[] = {2, 1, 0};
Fn(Quux(attribList));
return 0;
}
1999-05-26 Nathan Sidwell <nathan@acm.org>
* decl.c (complete_array_type): Make sure the domain is
permanent, if its attached to anything permanent.
Index: egcs/gcc/cp/decl.c
===================================================================
RCS file: /egcs/carton/cvsfiles/egcs/gcc/cp/decl.c,v
retrieving revision 1.363
diff -c -3 -p -r1.363 decl.c
*** decl.c 1999/05/24 00:46:47 1.363
--- decl.c 1999/05/26 09:33:59
*************** complete_array_type (type, initial_value
*** 8597,8617 ****
if (maxindex)
{
tree itype;
- TYPE_DOMAIN (type) = build_index_type (maxindex);
- if (! TREE_TYPE (maxindex))
- TREE_TYPE (maxindex) = TYPE_DOMAIN (type);
if (initial_value)
itype = TREE_TYPE (initial_value);
else
itype = NULL;
if (itype && !TYPE_DOMAIN (itype))
! TYPE_DOMAIN (itype) = TYPE_DOMAIN (type);
/* The type of the main variant should never be used for arrays
of different sizes. It should only ever be completed with the
size of the array. */
if (! TYPE_DOMAIN (TYPE_MAIN_VARIANT (type)))
! TYPE_DOMAIN (TYPE_MAIN_VARIANT (type)) = TYPE_DOMAIN (type);
}
/* Lay out the type now that we can get the real answer. */
--- 8597,8626 ----
if (maxindex)
{
tree itype;
+ tree domain;
if (initial_value)
itype = TREE_TYPE (initial_value);
else
itype = NULL;
+ domain = build_index_type (maxindex);
+ if (TREE_PERMANENT (type)
+ || (!TREE_TYPE (maxindex) && TREE_PERMANENT (maxindex))
+ || (itype && !TYPE_DOMAIN (itype) && TREE_PERMANENT (itype))
+ || (!TYPE_DOMAIN (TYPE_MAIN_VARIANT (type))
+ && TREE_PERMANENT (TYPE_MAIN_VARIANT (type))))
+ domain = copy_to_permanent (domain);
+ TYPE_DOMAIN (type) = domain;
+
+ if (! TREE_TYPE (maxindex))
+ TREE_TYPE (maxindex) = domain;
if (itype && !TYPE_DOMAIN (itype))
! TYPE_DOMAIN (itype) = domain;
/* The type of the main variant should never be used for arrays
of different sizes. It should only ever be completed with the
size of the array. */
if (! TYPE_DOMAIN (TYPE_MAIN_VARIANT (type)))
! TYPE_DOMAIN (TYPE_MAIN_VARIANT (type)) = domain;
}
/* Lay out the type now that we can get the real answer. */