ielr: fix crash on memory management

akimd · akimd · commit f6dd943633de · 2020-06-26T07:46:35.000+02:00
Reported by Dwight Guth. https://lists.gnu.org/r/bug-bison/2020-06/msg00037.html * src/AnnotationList.c (AnnotationList__computePredecessorAnnotations): Beware that SBITSET__FOR_EACH nests _two_ for-loops, so "break" does not actually break out of it. That was the only occurrence in the code. * src/Sbitset.h (SBITSET__FOR_EACH): Warn passersby.
diff --git a/THANKS b/THANKS
@@ -59,6 +59,7 @@ Di-an Jan                 dianj@freeshell.org
 Dick Streefland           dick.streefland@altium.nl
 Didier Godefroy           dg@ulysium.net
 Don Macpherson            donmac703@gmail.com
+Dwight Guth               dwight.guth@runtimeverification.com
 Efi Fogel                 efifogel@gmail.com
 Enrico Scholz             enrico.scholz@informatik.tu-chemnitz.de
 Eric Blake                ebb9@byu.net
diff --git a/src/AnnotationList.c b/src/AnnotationList.c
@@ -276,7 +276,8 @@ AnnotationList__computePredecessorAnnotations (
                         obstack_free (annotations_obstackp,
                                       annotation_node->contributions[ci]);
                         annotation_node->contributions[ci] = NULL;
-                        break;
+                        // "Break" out of SBITSET__FOR_EACH.
+                        goto after_sbitset__for_each;
                       }
                     else
                       {
@@ -309,6 +310,7 @@ AnnotationList__computePredecessorAnnotations (
                                     predecessor_item);
                   }
               }
+          after_sbitset__for_each:;
           }
           if (annotation_node->contributions[ci])
             {
diff --git a/src/Sbitset.h b/src/Sbitset.h
@@ -81,6 +81,8 @@ void Sbitset__fprint (Sbitset self, Sbitset__Index nbits, FILE *file);
       *ptr_self = *ptr_other1 | *ptr_other2;                            \
   } while (0)
 
+/* ATTENTION: there are *two* loops here, "break" and "continue" will
+   not apply to the whole loop, just the inner one.  */
 # define SBITSET__FOR_EACH(SELF, NBITS, ITER, INDEX)                    \
   for ((ITER) = (SELF); (ITER) < (SELF) + Sbitset__nbytes (NBITS); ++(ITER)) \
     if (*(ITER) != 0)                                                   \

-Original file line number
+Diff line change
 Dick Streefland           [email protected]
 Didier Godefroy           [email protected]
 Don Macpherson            [email protected]
 +Dwight Guth               [email protected]
 Efi Fogel                 [email protected]
 Enrico Scholz             [email protected]
 Eric Blake                [email protected]
Original file line number	Diff line number	Diff line change
`@@ -276,7 +276,8 @@ AnnotationList__computePredecessorAnnotations (`
`276`	`276`	`obstack_free (annotations_obstackp,`
`277`	`277`	`annotation_node->contributions[ci]);`
`278`	`278`	`annotation_node->contributions[ci] = NULL;`
`279`		`- break;`
	`279`	`+ // "Break" out of SBITSET__FOR_EACH.`
	`280`	`+ goto after_sbitset__for_each;`
`280`	`281`	`}`
`281`	`282`	`else`
`282`	`283`	`{`
`@@ -309,6 +310,7 @@ AnnotationList__computePredecessorAnnotations (`
`309`	`310`	`predecessor_item);`
`310`	`311`	`}`
`311`	`312`	`}`
	`313`	`+ after_sbitset__for_each:;`
`312`	`314`	`}`
`313`	`315`	`if (annotation_node->contributions[ci])`
`314`	`316`	`{`