Bug 69 – C frontend crashes on some programs with lots of types.

First Last Prev Next No search results available

Details

Summary:

C frontend crashes on some programs with lots of types.

Bug#:	69
Product:	tools
Component:	llvm-gcc
Status:	RESOLVED
Resolution:	FIXED

Hardware:	PC
OS:	Linux
Version:	1.0
Priority:	P2
Severity:	normal
Target Milestone:	1.1

URL:

Keywords:

compile-fail

Depends on:

Blocks:

Show dependency tree - Show dependency graph

People

Reporter:	Chris Lattner <sabre@nondot.org>
Assigned To:	Chris Lattner <sabre@nondot.org>

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note

You need to log in before you can comment on or make changes to this bug.

Related actions

Description:	Opened: 2003-10-29 14:54

The C front-end type hashtable can expand unexpectedly, which invalidates our
pointer into it.  This is bad, here's a fix:

------------------ 8< -------------------------
$ diff -u llvm-types.c~ llvm-types.c
--- llvm-types.c~       2003-10-21 16:27:09.000000000 -0500
+++ llvm-types.c        2003-10-29 14:52:48.000000000 -0600
@@ -923,7 +923,7 @@
 
   case UNION_TYPE: {
     tree Field = TYPE_FIELDS(type);
-    StructTableEntry **HTEP;
+    StructTableEntry **HTEP, *HTE;
     unsigned MaxSize = 0, MaxAlign = 0;
     llvm_type *ElementType = 0;
 
@@ -983,9 +983,9 @@
 
     /* Add the new structure type to the hash table of created structure types.
      */
-    *HTEP = xmalloc(sizeof(StructTableEntry));      /* Fill in the entry... */
-    (*HTEP)->TreeDecl = type;
-    (*HTEP)->LLVMTy = Result;
+    HTE = *HTEP = xmalloc(sizeof(StructTableEntry));  /* Fill in the entry... */
+    HTE->TreeDecl = type;
+    HTE->LLVMTy = Result;
 
     while (Field) {
       switch (TREE_CODE(Field)) {
@@ -1078,14 +1078,14 @@
     }
 
     Result->Elements[0] = ElementType;
-    return ((*HTEP)->LLVMTy = llvm_type_get_cannonical_version(Result));
+    return (HTE->LLVMTy = llvm_type_get_cannonical_version(Result));
   }
 
   case RECORD_TYPE: {
     tree BaseTypes = TYPE_BINFO(type) ? BINFO_BASETYPES(TYPE_BINFO(type)) : 0;
     tree Field = TYPE_FIELDS(type);
     unsigned Idx, Size;
-    StructTableEntry **HTEP;
+    StructTableEntry **HTEP, *HTE;
     llvm_type *StructElements[200];  /* FIXME: Fixed size buffers are bad. */
     unsigned ElementOffsets[200];
     unsigned ElementAlignments[200];
@@ -1136,9 +1136,10 @@
                                      (TREE_INT_CST_LOW(TYPE_SIZE(type))+7)/8);
     /* Add the new structure type to the hash table of created structure types.
      */
-    *HTEP = xmalloc(sizeof(StructTableEntry));      /* Fill in the entry... */
-    (*HTEP)->TreeDecl = type;
-    (*HTEP)->LLVMTy = Result;
+    HTE = *HTEP = xmalloc(sizeof(StructTableEntry)); /* Fill in the entry... */
+    assert(HTE && "xmalloc returned null!");
+    HTE->TreeDecl = type;
+    HTE->LLVMTy = Result;
 
     if (TYPE_NAME(type)) { /* Set the name of the structure. */
       const char *Name;
@@ -1222,7 +1223,8 @@
             (int)TREE_INT_CST_LOW(TYPE_SIZE(type))/8,
             (int)TYPE_ALIGN(type)/8);
 #endif
-    return ((*HTEP)->LLVMTy = llvm_type_get_cannonical_version(Result));
+
+    return (HTE->LLVMTy = llvm_type_get_cannonical_version(Result));
   }
   case VOID_TYPE:        return VoidTy;
   case BOOLEAN_TYPE:     return BoolTy;
------------------ 8< -------------------------

This was caused by a gigantic testcase submitted by Vipin Gokhale, so there is
no testcase checked in.

-Chris

------- Comment #1 From Chris Lattner 2003-10-29 14:54:47 -------

Like I said this is now fixed.

First Last Prev Next No search results available