This is the mail archive of the
mailing list for the GCC project.
avoid null ptr deref in cselib_record_sets
- From: Alexandre Oliva <aoliva at redhat dot com>
- To: gcc-patches at gcc dot gnu dot org
- Date: Wed, 05 Dec 2018 04:50:19 -0200
- Subject: avoid null ptr deref in cselib_record_sets
Jeff Law tells me h8300-elf fails gcc.c-torture/compile/pr49029.c
with -O2 -g -mint32 -mh. This patch fixes it.
The problem is that strict low part handling in cselib_record_sets
assumes src_elt is not NULL. That src_elt is taken from a strict low
part set, but it won't always have a src_elt to begin with. In this
case, it's because src is a volatile MEM; we don't record values for
Although we could fix the problem by testing for a NULL src_elt before
creating the zero extends corresponding to strict low part sets of
formerly const0_rtx REGs, there's no point in recording the additional
set that we won't be able to use anyway.
We could still record that the whole register has a zero-extend of
the value stored in the narrower-mode strict low part of the register,
but is that of any use? I guess not, but if we find otherwise, we can
change that later.
Jeff tested this with a cross compiler to h8300-elf, and several other
native and cross toolchains IIUC. I'm regstrapping it myself on i686-
and x86_64-linux-gnu. Ok to install?
* cselib.c (cselib_record_sets): Skip strict low part sets
with NULL src_elt.
gcc/cselib.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/gcc/cselib.c b/gcc/cselib.c
index 6d3a4078c689..4a68439455fd 100644
@@ -2616,6 +2616,7 @@ cselib_record_sets (rtx_insn *insn)
preserves the upper bits that di:SI=zero_extend(flags:CCNO<=0). */
if (dest != orig
+ && sets[i].src_elt
&& REG_P (dest)
&& HARD_REGISTER_P (dest)
Alexandre Oliva, freedom fighter https://FSFLA.org/blogs/lxo
Be the change, be Free! FSF Latin America board member
GNU Toolchain Engineer Free Software Evangelist
Hay que enGNUrecerse, pero sin perder la terGNUra jamás-GNUChe