Breakage in expand_end_case

Bernd Schmidt
Mon Mar 13 06:10:00 GMT 2000

This shows up as a failure to compile kernel/sys.c in linux-2.3.37 (probably
all other versions as well).  Kenner modified one of the comparisons to use
compare_tree_int, but didn't preserve the effect of a cast to unsigned that
used to be there.  Later we use the value in RANGE as number of elements
to allocate with alloca, with fairly disastrous results for the stack

Kenner, can you go back to that patch and verify that the same problem
doesn't occur in other places as well?


	* stmt.c (expand_end_case): RANGE may be signed, and when checking
	whether it is too large we must also verify that it isn't negative.

Index: stmt.c
RCS file: /cvs/gcc/egcs/gcc/stmt.c,v
retrieving revision 1.128
diff -c -p -r1.128 stmt.c
*** stmt.c	2000/03/07 11:41:19	1.128
--- stmt.c	2000/03/13 14:02:42
*************** expand_end_case (orig_index)
*** 5402,5407 ****
--- 5402,5410 ----
        else if (count < CASE_VALUES_THRESHOLD
  	       || compare_tree_int (range, 10 * count) > 0
+ 	       /* RANGE may be signed, and really large ranges will show up
+ 		  as negative numbers.  */
+ 	       || compare_tree_int (range, 0) < 0
  	       || flag_pic

More information about the Gcc-patches mailing list