|
From: Madhu M. K. <mm...@ya...> - 2005-05-24 09:46:01
|
Loop overrun occurs as the i+1 value is being processed. A code path exists
where i can be uninitialized but incremented (line 1082).
--- valgrind.orig/massif/ms_main.c 2005-05-21 00:31:59.000000000 -0700
+++ valgrind/massif/ms_main.c 2005-05-24 01:51:01.953652251 -0700
@@ -930,7 +930,7 @@
jp = 0;
FIND_CENSUS(1, j);
FIND_CENSUS(j+1, jn);
- while (jn < MAX_N_CENSI) {
+ while (jn < MAX_N_CENSI - 1) {
Int timespan = censi[jn].ms_time - censi[jp].ms_time;
sk_assert(timespan >= 0);
if (timespan < min_span) {
@@ -982,7 +982,7 @@
static UInt ms_next_census = 0; // zero allows startup census
Int ms_time, ms_time_since_prev;
- Int i, K;
+ Int i = 0, K;
Census* census;
VGP_PUSHCC(VgpCensus);
Cheerio,
M
Madhu M Kurup /* Nemo Me Impune Lacessit */ mmk at yahoo-inc dt com
|