|
From: <sv...@va...> - 2005-05-24 21:28:58
|
Author: njn
Date: 2005-05-24 22:28:54 +0100 (Tue, 24 May 2005)
New Revision: 3800
Modified:
trunk/massif/ms_main.c
Log:
Fix error found by Madhu Kurup:
Loop overrun occurs as the i+1 value is being processed. A code path
exists where i can be uninitialized but incremented (line 1082). =20
Modified: trunk/massif/ms_main.c
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
--- trunk/massif/ms_main.c 2005-05-24 20:07:20 UTC (rev 3799)
+++ trunk/massif/ms_main.c 2005-05-24 21:28:54 UTC (rev 3800)
@@ -923,7 +923,7 @@
=20
// Sets j to the index of the first not-yet-removed census at or afte=
r i
#define FIND_CENSUS(i, j) \
- for (j =3D i; -1 =3D=3D censi[j].ms_time; j++) { }
+ for (j =3D i; j < MAX_N_CENSI && -1 =3D=3D censi[j].ms_time; j++) =
{ }
=20
for (i =3D 2; i < MAX_N_CENSI; i +=3D 2) {
// Find the censi representing the smallest timespan. The timespa=
n
@@ -989,7 +989,6 @@
static UInt ms_next_census =3D 0; // zero allows startup census
=20
Int ms_time, ms_time_since_prev;
- Int i, K;
Census* census;
=20
VGP_PUSHCC(VgpCensus);
@@ -1010,6 +1009,7 @@
=20
// Heap: snapshot the K most significant XTrees -------------------
if (clo_heap) {
+ Int i, K;
K =3D ( alloc_xpt->n_children < MAX_SNAPSHOTS=20
? alloc_xpt->n_children
: MAX_SNAPSHOTS); // max out
@@ -1086,7 +1086,6 @@
census->stacks_space =3D sigstacks_space;
// slightly abusing this function
VG_(first_matching_thread_stack)( count_stack_size, &census->stack=
s_space );
- i++;
}
=20
// Finish, update interval if necessary -----------------------------
|