This is the mail archive of the
gcc-patches@gcc.gnu.org
mailing list for the GCC project.
[PATCH][IRA] Avoid undefined behavior in ira_allocno_object_iter_cond
- From: Richard Guenther <rguenther at suse dot de>
- To: gcc-patches at gcc dot gnu dot org
- Cc: vmakarov at redhat dot com
- Date: Thu, 19 Apr 2012 14:14:42 +0200 (CEST)
- Subject: [PATCH][IRA] Avoid undefined behavior in ira_allocno_object_iter_cond
This gave me headaches debugging a VRP "miscompile" of ira-build.c.
Number of iteration analysis concluded that the allocno object
iterators do not iterate because it sees accesses to ->objects[n]
for a loop i = 0; i < n; ++i. This is because
ira_allocno_object_iter_cond was written in a very fancy way,
optimizing the number of source lines (appearantly).
Fixed as follows.
A bootstrap & regtest is currently running (together with the
alleged VRP modification). I will commit this if it succeeds.
Richard.
2012-04-19 Richard Guenther <rguenther@suse.de>
* ira-int.h (ira_allocno_object_iter_cond): Avoid out-of-bound
array access.
Index: gcc/ira-int.h
===================================================================
--- gcc/ira-int.h (revision 186584)
+++ gcc/ira-int.h (working copy)
@@ -1138,8 +1138,13 @@ static inline bool
ira_allocno_object_iter_cond (ira_allocno_object_iterator *i, ira_allocno_t a,
ira_object_t *o)
{
- *o = ALLOCNO_OBJECT (a, i->n);
- return i->n++ < ALLOCNO_NUM_OBJECTS (a);
+ int n = i->n++;
+ if (n < ALLOCNO_NUM_OBJECTS (a))
+ {
+ *o = ALLOCNO_OBJECT (a, n);
+ return true;
+ }
+ return false;
}
/* Loop over all objects associated with allocno A. In each