From: Bart Van Assche <bvanassche@acm.org>
Date: Sat, 25 Apr 2009 06:52:01 +0000 (+0000)
Subject: bm0_clear_range
X-Git-Tag: svn/VALGRIND_3_5_0~781
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=1c6edeee78e2c7191e1e830f48e869236c305594;p=thirdparty%2Fvalgrind.git

bm0_clear_range

git-svn-id: svn://svn.valgrind.org/valgrind/trunk@9624
---

diff --git a/drd/drd_bitmap.h b/drd/drd_bitmap.h
index 0043cdcad4..f47abba594 100644
--- a/drd/drd_bitmap.h
+++ b/drd/drd_bitmap.h
@@ -136,13 +136,20 @@ static __inline__ void bm0_clear_range(UWord* bm0,
                                        const Addr a1, const SizeT size)
 {
 #ifdef ENABLE_DRD_CONSISTENCY_CHECKS
-   tl_assert(a1 < ADDR0_COUNT);
-   tl_assert(size >= 0);
+   tl_assert(a1 <= ADDR0_COUNT);
    tl_assert(a1 + size <= ADDR0_COUNT);
    tl_assert(size == 0 || UWORD_MSB(a1) == UWORD_MSB(a1 + size - 1));
 #endif
-   bm0[a1 >> BITS_PER_BITS_PER_UWORD]
-      &= ~((((UWord)1 << size) - 1) << UWORD_LSB(a1));
+   /*
+    * Note: although the expression below yields a correct result even if 
+    * size == 0, do not touch bm0[] if size == 0 because this might otherwise
+    * cause an access of memory just past the end of the bm0[] array.
+    */
+   if (size > 0)
+   {
+      bm0[a1 >> BITS_PER_BITS_PER_UWORD]
+         &= ~((((UWord)1 << size) - 1) << UWORD_LSB(a1));
+   }
 }
 
 static __inline__ UWord bm0_is_set(const UWord* bm0, const Addr a)