Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

VerilatedRestore::fill() - overrun possible due to incorrect looping #1013

Closed
veripoolbot opened this issue Dec 14, 2015 · 2 comments
Closed

VerilatedRestore::fill() - overrun possible due to incorrect looping #1013

veripoolbot opened this issue Dec 14, 2015 · 2 comments
Labels
area: wrong runtime result Issue involves an incorrect runtine result from Verilated model resolution: fixed Closed; fixed

Comments

@veripoolbot
Copy link
Contributor

Author Name: Jason McMullan (@ezrec)
Original Redmine Issue: 1013 from https://www.veripool.org
Original Date: 2015-12-14
Original Assignee: Jason McMullan (@ezrec)

I've had (on larger models) VerilatedRestore::fill() crash, as *sp was pointing outside of the allocated memory. Easily reproducible with valgrind.

The following patch appears to resolve the overrun issue for me:

diff --git a/include/verilated_save.cpp b/include/verilated_save.cpp
index 0807600..fcba60f 100644
--- a/include/verilated_save.cpp
+++ b/include/verilated_save.cpp
@@ -201,7 +201,7 @@ void VerilatedRestore::fill() {
      if (VL_UNLIKELY(!isOpen())) return;
      // Move remaining characters down to start of buffer.  (No memcpy, overlaps
      vluint8_t* rp = m_bufp;
-    for (vluint8_t* sp=m_cp; rp < m_endp;) *rp++ = *sp++;  // Overlaps
+    for (vluint8_t* sp=m_cp; sp < m_endp;) *rp++ = *sp++;  // Overlaps
      m_endp = m_bufp + (m_endp - m_cp);
      m_cp = m_bufp; // Reset buffer
      // Read into buffer starting at m_endp
@veripoolbot
Copy link
Contributor Author

Original Redmine Comment
Author Name: Wilson Snyder (@wsnyder)
Original Date: 2015-12-15T00:59:11Z

Great! Thanks for the patch.

Fixed in git towards 3.880.

@veripoolbot
Copy link
Contributor Author

Original Redmine Comment
Author Name: Wilson Snyder (@wsnyder)
Original Date: 2015-12-19T15:34:15Z

In 3.880.

@veripoolbot veripoolbot added area: wrong runtime result Issue involves an incorrect runtine result from Verilated model resolution: fixed Closed; fixed labels Dec 22, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
area: wrong runtime result Issue involves an incorrect runtine result from Verilated model resolution: fixed Closed; fixed
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@veripoolbot