From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gdb-patches-return-60581-listarch-gdb-patches=sources.redhat.com@sourceware.org>
Received: (qmail 3429 invoked by alias); 12 Dec 2008 15:58:29 -0000
Received: (qmail 3419 invoked by uid 22791); 12 Dec 2008 15:58:28 -0000
X-Spam-Check-By: sourceware.org
Received: from mel.act-europe.fr (HELO mel.act-europe.fr) (212.99.106.210)     by sourceware.org (qpsmtpd/0.43rc1) with ESMTP; Fri, 12 Dec 2008 15:57:53 +0000
Received: from localhost (localhost [127.0.0.1]) 	by filtered-smtp.eu.adacore.com (Postfix) with ESMTP id BF53029007F; 	Fri, 12 Dec 2008 16:57:50 +0100 (CET)
Received: from mel.act-europe.fr ([127.0.0.1]) 	by localhost (smtp.eu.adacore.com [127.0.0.1]) (amavisd-new, port 10024) 	with ESMTP id EkPjnj2EU3zT; Fri, 12 Dec 2008 16:57:50 +0100 (CET)
Received: from province.act-europe.fr (province.act-europe.fr [10.10.0.214]) 	by mel.act-europe.fr (Postfix) with ESMTP id 10E8F29007B; 	Fri, 12 Dec 2008 16:57:50 +0100 (CET)
Received: by province.act-europe.fr (Postfix, from userid 560) 	id F0AAE165B77; Fri, 12 Dec 2008 16:57:49 +0100 (CET)
Date: Fri, 12 Dec 2008 15:58:00 -0000
From: Jerome Guitton <guitton@adacore.com>
To: Joel Brobecker <brobecker@adacore.com>
Cc: gdb-patches@sourceware.org
Subject: Re: [RFA/Ada] guard against a malloc failure
Message-ID: <20081212155749.GA18970@adacore.com>
References: <20081127145701.GB3835@adacore.com> <20081209095142.GL3823@adacore.com>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="cvVnyQ+4j833TQvp"
Content-Disposition: inline
In-Reply-To: <20081209095142.GL3823@adacore.com>
User-Agent: Mutt/1.5.17 (2007-11-01)
Mailing-List: contact gdb-patches-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <gdb-patches.sourceware.org>
List-Subscribe: <mailto:gdb-patches-subscribe@sourceware.org>
List-Archive: <http://sourceware.org/ml/gdb-patches/>
List-Post: <mailto:gdb-patches@sourceware.org>
List-Help: <mailto:gdb-patches-help@sourceware.org>, <http://sourceware.org/ml/#faqs>
Sender: gdb-patches-owner@sourceware.org
X-SW-Source: 2008-12/txt/msg00227.txt.bz2


--cvVnyQ+4j833TQvp
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-length: 978

Joel Brobecker (brobecker@adacore.com):

> > 2008-11-27  Jerome Guitton  <guitton@adacore.com>
> > 
> > 	* ada-lang.c (ada_template_to_fixed_record_type_1): Check size
> >         of type to guard against a crash.
> 
> Jerome and I just discussed this patch today, and we think we may
> have a better solution. Standby...

Right. It is possible to rewrite ada_template_to_fixed_record_type_1
to avoid the crash; the discriminant value is allocated using the type
being built; the crash may happen when a bogus dynamic field is
included to this partial type. The trick is to allocate the value
before any of these dynamic fields is added to the partial type.  When
we encounter a dynamic field, all the discriminant fields have already
been added, so it should be fine.

Here is the new patch, tested on linux. OK to apply?

2008-12-12  Jerome Guitton  <guitton@adacore.com>

	* ada-lang.c (ada_template_to_fixed_record_type_1): Allocate dval
	before a dynamic field is added. 


--cvVnyQ+4j833TQvp
Content-Type: text/x-diff; charset=us-ascii
Content-Disposition: attachment; filename="ada-lang.c.diff"
Content-length: 1883

--- ada-lang.c.prev	2008-12-12 12:49:31.000000000 +0100
+++ ada-lang.c	2008-12-12 12:54:17.000000000 +0100
@@ -6831,7 +6831,7 @@ ada_template_to_fixed_record_type_1 (str
                                      int keep_dynamic_fields)
 {
   struct value *mark = value_mark ();
-  struct value *dval;
+  struct value *dval = dval0;
   struct type *rtype;
   int nfields, bit_len;
   int variant_field;
@@ -6882,10 +6882,17 @@ ada_template_to_fixed_record_type_1 (str
         }
       else if (is_dynamic_field (type, f))
         {
-          if (dval0 == NULL)
+          /* If dval is NULL, build it using the record type that we are
+             initializing. This takes advantage of the fact that the
+             discrimant fields should appear before any dynamic field;
+             so, at this point, the discriminant fields have already been
+             added to rtype. This property also assure that this dval will
+             be valid for the rest of the computation, no need to re-allocate
+             a new one for every dynamic field. Finally, as the value is
+             allocated before any  dynamic field has been added to the type,
+             we do not have to check its size before the allocation.  */
+          if (dval == NULL)
             dval = value_from_contents_and_address (rtype, valaddr, address);
-          else
-            dval = dval0;
 
           /* Get the fixed type of the field. Note that, in this case, we
              do not want to get the real type out of the tag: if the current
@@ -6931,10 +6938,8 @@ ada_template_to_fixed_record_type_1 (str
 
       off = TYPE_FIELD_BITPOS (rtype, variant_field);
 
-      if (dval0 == NULL)
+      if (dval == NULL)
         dval = value_from_contents_and_address (rtype, valaddr, address);
-      else
-        dval = dval0;
 
       branch_type =
         to_fixed_variant_branch_type

--cvVnyQ+4j833TQvp--