[LLVMbugs] [Bug 69] New: C frontend crashes on some programs with lots of types.
bugzilla-daemon at zion.cs.uiuc.edu
bugzilla-daemon at zion.cs.uiuc.edu
Wed Oct 29 12:54:14 PST 2003
http://llvm.cs.uiuc.edu/bugs/show_bug.cgi?id=69
Summary: C frontend crashes on some programs with lots of types.
Product: tools
Version: 1.0
Platform: PC
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P2
Component: llvm-gcc
AssignedTo: sabre at nondot.org
ReportedBy: sabre at nondot.org
The C front-end type hashtable can expand unexpectedly, which invalidates our
pointer into it. This is bad, here's a fix:
------------------ 8< -------------------------
$ diff -u llvm-types.c~ llvm-types.c
--- llvm-types.c~ 2003-10-21 16:27:09.000000000 -0500
+++ llvm-types.c 2003-10-29 14:52:48.000000000 -0600
@@ -923,7 +923,7 @@
case UNION_TYPE: {
tree Field = TYPE_FIELDS(type);
- StructTableEntry **HTEP;
+ StructTableEntry **HTEP, *HTE;
unsigned MaxSize = 0, MaxAlign = 0;
llvm_type *ElementType = 0;
@@ -983,9 +983,9 @@
/* Add the new structure type to the hash table of created structure types.
*/
- *HTEP = xmalloc(sizeof(StructTableEntry)); /* Fill in the entry... */
- (*HTEP)->TreeDecl = type;
- (*HTEP)->LLVMTy = Result;
+ HTE = *HTEP = xmalloc(sizeof(StructTableEntry)); /* Fill in the entry... */
+ HTE->TreeDecl = type;
+ HTE->LLVMTy = Result;
while (Field) {
switch (TREE_CODE(Field)) {
@@ -1078,14 +1078,14 @@
}
Result->Elements[0] = ElementType;
- return ((*HTEP)->LLVMTy = llvm_type_get_cannonical_version(Result));
+ return (HTE->LLVMTy = llvm_type_get_cannonical_version(Result));
}
case RECORD_TYPE: {
tree BaseTypes = TYPE_BINFO(type) ? BINFO_BASETYPES(TYPE_BINFO(type)) : 0;
tree Field = TYPE_FIELDS(type);
unsigned Idx, Size;
- StructTableEntry **HTEP;
+ StructTableEntry **HTEP, *HTE;
llvm_type *StructElements[200]; /* FIXME: Fixed size buffers are bad. */
unsigned ElementOffsets[200];
unsigned ElementAlignments[200];
@@ -1136,9 +1136,10 @@
(TREE_INT_CST_LOW(TYPE_SIZE(type))+7)/8);
/* Add the new structure type to the hash table of created structure types.
*/
- *HTEP = xmalloc(sizeof(StructTableEntry)); /* Fill in the entry... */
- (*HTEP)->TreeDecl = type;
- (*HTEP)->LLVMTy = Result;
+ HTE = *HTEP = xmalloc(sizeof(StructTableEntry)); /* Fill in the entry... */
+ assert(HTE && "xmalloc returned null!");
+ HTE->TreeDecl = type;
+ HTE->LLVMTy = Result;
if (TYPE_NAME(type)) { /* Set the name of the structure. */
const char *Name;
@@ -1222,7 +1223,8 @@
(int)TREE_INT_CST_LOW(TYPE_SIZE(type))/8,
(int)TYPE_ALIGN(type)/8);
#endif
- return ((*HTEP)->LLVMTy = llvm_type_get_cannonical_version(Result));
+
+ return (HTE->LLVMTy = llvm_type_get_cannonical_version(Result));
}
case VOID_TYPE: return VoidTy;
case BOOLEAN_TYPE: return BoolTy;
------------------ 8< -------------------------
This was caused by a gigantic testcase submitted by Vipin Gokhale, so there is
no testcase checked in.
-Chris
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
More information about the llvm-bugs
mailing list