Hello!
The current sparse crashes on this program:
static int x;
static inline void foo(void)
{
if (x)
x = 1;
}
static void bar(void)
{
foo();
}
static typeof(bar) quux;
The crash happens in linearize_compound_statement(), and I believe that
the reason is incorrect access to phi_node->phi_list without making sure
that phi_node->opcode is OP_PHI. When processing the above program,
phi_node->phi_list can be OP_INLINED_CALL.
I understand very little in sparse code, and I have no idea what kind of
fallback is needed when phi_node->opcode is not OP_PHI.
But this patch fixes the crash:
diff --git a/linearize.c b/linearize.c
index 8a68f05..ff4f3b6 100644
--- a/linearize.c
+++ b/linearize.c
@@ -1633,7 +1633,7 @@ static pseudo_t linearize_compound_statement(struct entrypoint *ep, struct state
struct basic_block *bb = add_label(ep, ret);
struct instruction *phi_node = first_instruction(bb->insns);
- if (!phi_node)
+ if (!phi_node || phi_node->opcode != OP_PHI)
return pseudo;
if (pseudo_list_size(phi_node->phi_list)==1) {
--
Regards,
Pavel Roskin
--
To unsubscribe from this list: send the line "unsubscribe linux-sparse" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
