Bill Allombert on Wed, 14 Oct 2009 17:22:40 +0200


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: Static analyzer run


On Thu, Sep 17, 2009 at 12:00:36PM +0200, Karim Belabas wrote:
> A note on this one: the old code was actually "not completely incorrect"
> since a,b are non-recursive objects of bounded size, a priori less
> than 100 times the stack space used up in a the 2 loop iterations during
> which they must survive. A simple avma = av would have been fine (and
> better).
> 
> This technique of using for a very limited time an object that has just
> been reclaimed by the garbage collector is not infrequent in our code,
> and mandatorily flagged with a /* HACK */ comment. It saves a little
> time by avoiding an actual gerepile.

But it is actually unsafe: for example Fp_mul()
INLINE GEN
Fp_mul(GEN a, GEN b, GEN m)
{
  pari_sp av=avma;
  GEN p; /*HACK: assume modii use <=lg(p)+(lg(m)<<1) space*/
  (void)new_chunk(lg(a)+lg(b)+(lg(m)<<1));
  p = mulii(a,b);
  avma = av; <^C> return modii(p,m);
}

Assume the user press ^C just after 'avma = av;' and before 'return
modii(p,m);'and do some computation in the breakloop before continuing. The
computation will destroy the part of the stack below avma and modii() will
fail.

Cheers,
Bill.