https://bugs.linaro.org/show_bug.cgi?id=2910
Bill Fischofer <bill.fischo...@linaro.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |bill.fischo...@linaro.org
--- Comment #2 from Bill Fischofer <bill.fischo...@linaro.org> ---
The original defines a struct that consists of a uint8_t that will be followed
by some compiler-inserted pad bytes followed by a union of size void *. But
elsewhere in the code it appears that the entire struct assumes it's of size
sifeof(odp_buffer_t). See, for example, this questionable cast in
cache_buffer_init():
static void
cache_init_buffer(odp_buffer_t buffer, cache_type_t type, uint32_t size)
{
int i = 0;
void *addr = odp_buffer_addr(buffer);
memset(addr, 0, size);
if (type == CACHE_TYPE_SUBTREE) {
prefix_entry_t *entry = (prefix_entry_t *)addr;
for (i = 0; i < ENTRY_NUM_SUBTREE; i++, entry++)
entry->nexthop = ODP_BUFFER_INVALID;
} else if (type == CACHE_TYPE_TRIE) {
trie_node_t *node = (trie_node_t *)addr;
node->buffer = buffer;
node->nexthop = ODP_BUFFER_INVALID;
}
}
which is addressing off the end of addr. I suspect the correct typedef should
read:
typedef union {
odp_buffer_t nexthop;
void *ptr;
uint8_t u8;
#if ODP_BYTE_ORDER == ODP_BIG_ENDIAN
uint8_t child : 1;
uint8_t cidr : 7;
#else
uint8_t cidr : 7;
uint8_t child : 1;
#endif
} prefix_entry_t;
which is simply establishing an overlay on a void * and trying to do some bit
stuffing to indicate different node types.
--
You are receiving this mail because:
You are on the CC list for the bug.
You are the assignee for the bug.
