Fix for loop.c

Andreas Jaeger aj@suse.de
Mon Jan 1 06:48:00 GMT 2001 

Compiling glibc with the current CVS I got a segmentation fault in
free because an address on the stack has been passed to free :-(

#0  0x400981ed in free () from /lib/libc.so.6
#1  0x818c93c in loop_movables_free (movables=0x83f1788) at /cvs/gcc/gcc/loop.c:2168
#2  0x8189c98 in scan_loop (loop=0x840a978, flags=0) at /cvs/gcc/gcc/loop.c:1062
#3  0x81897f4 in loop_optimize (f=0x402dab20, dumpfile=0x0, flags=0) at /cvs/gcc/gcc/loop.c:452
#4  0x8095e14 in rest_of_compilation (decl=0x4029cf00) at /cvs/gcc/gcc/toplev.c:3140
#5  0x8062d05 in c_expand_body (fndecl=0x4029cf00, nested_p=0) at /cvs/gcc/gcc/c-decl.c:6819
#6  0x80629f1 in finish_function (nested=0) at /cvs/gcc/gcc/c-decl.c:6740
#7  0x804a0a6 in yyparse_1 () at /usr/share/bison.simple:323
#8  0x8094c77 in compile_file (name=0x833bbac "gconv_open.c") at /cvs/gcc/gcc/toplev.c:2373
#9  0x80987f0 in main (argc=113, argv=0xbfffeddc) at /cvs/gcc/gcc/toplev.c:4859
#10 0x40042bff in __libc_start_main () from /lib/libc.so.6
(gdb) up
#1  0x818c93c in loop_movables_free (movables=0x83f1788) at /cvs/gcc/gcc/loop.c:2168
2168          free (m);
(gdb) p m
$30 = (struct movable *) 0xbff00000

The problem is that movables are allocated at one place with alloca in
scan_loop.c:
		  m = (struct movable *) alloca (sizeof (struct movable));

but then freed with free which is forbidden.  Since xmalloc is used
also in scan_loop, this looks like the way to go.

Here's a patch.

Ok to commit if it passes make bootstrap on i686-linux?

Andreas

2001-01-01  Andreas Jaeger  <aj@suse.de>

	* loop.c (scan_loop): Use xmalloc to allocate movables.

--- loop.c	Mon Jan  1 10:38:38 2001
+++ loop.c	Mon Jan  1 15:46:52 2001
@@ -909,7 +909,7 @@
 	      if (VARRAY_INT (regs->set_in_loop, regno) == 2)
 		{
 		  register struct movable *m;
-		  m = (struct movable *) alloca (sizeof (struct movable));
+		  m = (struct movable *) xmalloc (sizeof (struct movable));
 		  m->next = 0;
 		  m->insn = p;
 		  m->set_dest = SET_DEST (set);


-- 
 Andreas Jaeger
  SuSE Labs aj@suse.de
   private aj@arthur.inka.de
    http://www.suse.de/~aj

More information about the Gcc-patches mailing list