From: Chong Yidong <cyd@stupidchicken.com>
To: emacs-devel@gnu.org
Cc: 2844@emacsbugs.donarmstrong.com
Subject: bug#2844: infinite loop in boyer_moore()
Date: Thu, 02 Apr 2009 18:26:38 -0400 [thread overview]
Message-ID: <87eiwaheu9.fsf__37918.8632978641$1238712406$gmane$org@cyd.mit.edu> (raw)
> Gnus has been entering infinite loops for me while splitting mail.
> Today I got a chance to look into it. The problem is in
> boyer_moore(), in search.c:
> /* Use signed comparison if appropriate
> to make cursor+infinity sure to be > p_limit.
> Assuming that the buffer lies in a range of addresses
> that are all "positive" (as ints) or all "negative",
> either kind of comparison will work as long
> as we don't step by infinity. So pick the kind
> that works when we do step by infinity. */
> if ((EMACS_INT) (p_limit + infinity) > (EMACS_INT) p_limit)
> while ((EMACS_INT) cursor <= (EMACS_INT) p_limit)
> cursor += BM_tab[*cursor];
> else
> while ((EMACS_UINT) cursor <= (EMACS_UINT) p_limit)
> cursor += BM_tab[*cursor];
> it takes the signed (EMACS_INT) loop, but that fails because cursor is
> (unsigned char *) 0x7fffc440, whereas p_limit is (unsigned char *)
> 0x80001260.
> infinity, computed earlier in that function, is 0x37dac21, but I don't
> see how a positive value would have helped. It seems to me that we
> have to check that we won't be crossing this boundary starting at
> cursor rather than p_limit, or maybe both. I haven't thought much
> about it.
Checking with cursor as well as p_limit sounds about right to be, but I
am far from familiar with this part of the code. Does anyone one this
list have an opinion?
next reply other threads:[~2009-04-02 22:26 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-04-02 22:26 Chong Yidong [this message]
-- strict thread matches above, loose matches on Subject: below --
2009-04-02 22:26 infinite loop in boyer_moore() Chong Yidong
2009-04-16 4:51 ` Chong Yidong
2009-04-16 9:32 ` bug#2844: " Andreas Schwab
2009-04-16 4:51 ` Chong Yidong
2009-03-27 3:05 Alexandre Oliva
2009-04-02 7:49 ` Andreas Schwab
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='87eiwaheu9.fsf__37918.8632978641$1238712406$gmane$org@cyd.mit.edu' \
--to=cyd@stupidchicken.com \
--cc=2844@emacsbugs.donarmstrong.com \
--cc=emacs-devel@gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this external index
https://git.savannah.gnu.org/cgit/emacs.git
https://git.savannah.gnu.org/cgit/emacs/org-mode.git
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.