New failures related to recent developments
nisse at lysator.liu.se
Tue Feb 28 11:15:06 CET 2012
Torbjorn Granlund <tg at gmplib.org> writes:
> This is a (partial?) patch. It seems to fix the present problem.
> + rp = MPZ_REALLOC (r, an + 1);
> + ap = a->_mp_d;
> + bp = b->_mp_d;
> if (an < bn)
> MPN_PTR_SWAP (ap, an, bp, bn);
> cy = mpn_add (rp, ap, an, bp, bn);
> rp[an] = cy;
I think this fix to mpz_abs_add is almost right, but the realloc must
use a size MAX(an, bn) + 1. Maybe it ought to be reorganized a bit,
eliminating the ap, bp pointers and the swapping. Something like
rn = GMP_MAX (an, bn);
rp = MPZ_REALLOC (r, rn + 1);
if (an < bn)
cy = mpn_add (rp, b->_mp_d, bn, a->_mp_d, an);
cy = mpn_add (rp, a->_mp_d, an, b->_mp_d, bn);
if (cy > 0)
rp[rn++] = cy;
Will you commit these fixes, or do you want me to do that?
I have found the same four direct MPZ_REALLOC problems when reviewing
the code: mpz_abs_add, mpz_and, mpz_ior and mpz_xor. Then I have loooked
for functions which use cached pointers over a call to a function using
MPZ_REALLOC. But I didn't find any problems of that type.
There are couple of additional pointers cached over an MPZ_REALLOC of a
temporary, but that shouldn't be a problem since the temporary never
overlaps anything else.
Niels Möller. PGP-encrypted email is preferred. Keyid C0B98E26.
Internet email is subject to wholesale government surveillance.
More information about the gmp-devel