From: Julian Seward <jseward@acm.org>
Date: Fri, 5 Aug 2016 17:22:21 +0000 (+0000)
Subject: Fix completely bogus array indexing introduced in r15927 -- how did this
X-Git-Tag: svn/VALGRIND_3_12_0~94
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=d1b3d1f1812aab93e100b5ed058cf9e020a6cf8e;p=thirdparty%2Fvalgrind.git

Fix completely bogus array indexing introduced in r15927 -- how did this
ever work?  Spotted by UBSAN.  Yay UBSAN!  Also update comments.


git-svn-id: svn://svn.valgrind.org/valgrind/trunk@15929
---

diff --git a/memcheck/mc_translate.c b/memcheck/mc_translate.c
index a009210786..d0a8c7730f 100644
--- a/memcheck/mc_translate.c
+++ b/memcheck/mc_translate.c
@@ -6612,35 +6612,35 @@ IRSB* MC_(instrument) ( VgCallbackClosure* closure,
 
    bz2-32
 
-   1   111,840 -> 1,702,810; ratio 15.2
-   2   111,840 -> 1,656,644; ratio 14.8
-   3   111,840 -> 1,650,457; ratio 14.7
-   4   111,840 -> 1,649,103; ratio 14.7
-   5   111,840 -> 1,648,655; ratio 14.7
-   6   111,840 -> 1,648,435; ratio 14.7
-   7   111,840 -> 1,648,304; ratio 14.7
-   8   111,840 -> 1,648,304; ratio 14.7
-   10  111,840 -> 1,648,171; ratio 14.7
-   12  111,840 -> 1,648,109  ratio 14.7
-   16  111,840 -> 1,647,947; ratio 14.7
-   32  111,840 -> 1,647,881; ratio 14.7
-   inf 111,840 -> 1,647,881; ratio 14.7
+   1   4,336 (112,212 -> 1,709,473; ratio 15.2)
+   2   4,336 (112,194 -> 1,669,895; ratio 14.9)
+   3   4,336 (112,194 -> 1,660,713; ratio 14.8)
+   4   4,336 (112,194 -> 1,658,555; ratio 14.8)
+   5   4,336 (112,194 -> 1,655,447; ratio 14.8)
+   6   4,336 (112,194 -> 1,655,101; ratio 14.8)
+   7   4,336 (112,194 -> 1,654,858; ratio 14.7)
+   8   4,336 (112,194 -> 1,654,810; ratio 14.7)
+   10  4,336 (112,194 -> 1,654,621; ratio 14.7)
+   12  4,336 (112,194 -> 1,654,678; ratio 14.7)
+   16  4,336 (112,194 -> 1,654,494; ratio 14.7)
+   32  4,336 (112,194 -> 1,654,602; ratio 14.7)
+   inf 4,336 (112,194 -> 1,654,602; ratio 14.7)
 
    bz2-64
 
-   1   106,628 -> 1,811,992; ratio 17.0
-   2   106,628 -> 1,797,805; ratio 16.9
-   3   106,628 -> 1,792,429; ratio 16.8
-   4   106,628 -> 1,791,037; ratio 16.8
-   5   106,628 -> 1,790,929; ratio 16.8
-   6   106,628 -> 1,790,810; ratio 16.8
-   7   106,628 -> 1,790,764; ratio 16.8
-   8   106,628 -> 1,790,764; ratio 16.8
-   10  106,628 -> 1,790,764; ratio 16.8
-   12  106,628 -> 1,790,764; ratio 16.8
-   16  106,628 -> 1,790,701; ratio 16.8
-   32  106,628 -> 1,790,671; ratio 16.8
-   inf 106,628 -> 1,790,671; ratio 16.8
+   1   4,113 (107,329 -> 1,822,171; ratio 17.0)
+   2   4,113 (107,329 -> 1,806,443; ratio 16.8)
+   3   4,113 (107,329 -> 1,803,967; ratio 16.8)
+   4   4,113 (107,329 -> 1,802,785; ratio 16.8)
+   5   4,113 (107,329 -> 1,802,412; ratio 16.8)
+   6   4,113 (107,329 -> 1,802,062; ratio 16.8)
+   7   4,113 (107,329 -> 1,801,976; ratio 16.8)
+   8   4,113 (107,329 -> 1,801,886; ratio 16.8)
+   10  4,113 (107,329 -> 1,801,653; ratio 16.8)
+   12  4,113 (107,329 -> 1,801,526; ratio 16.8)
+   16  4,113 (107,329 -> 1,801,298; ratio 16.8)
+   32  4,113 (107,329 -> 1,800,827; ratio 16.8)
+   inf 4,113 (107,329 -> 1,800,827; ratio 16.8)
 */
 
 /* Structs for recording which (helper, guard) pairs we have already
@@ -6734,7 +6734,7 @@ Bool check_or_add ( Pairs* tidyingEnv, IRExpr* guard, void* entry )
    tl_assert(i == n);
    if (n == N_TIDYING_PAIRS) {
       for (i = 1; i < N_TIDYING_PAIRS; i++) {
-         tidyingEnv[n-1] = tidyingEnv[n];
+         tidyingEnv->pairs[i-1] = tidyingEnv->pairs[i];
       }
       tidyingEnv->pairs[N_TIDYING_PAIRS-1].entry = entry;
       tidyingEnv->pairs[N_TIDYING_PAIRS-1].guard = guard;