From patchwork Thu Aug 5 07:11:31 2010 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Uros Bizjak X-Patchwork-Id: 60927 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from sourceware.org (server1.sourceware.org [209.132.180.131]) by ozlabs.org (Postfix) with SMTP id 85F65B70B4 for ; Thu, 5 Aug 2010 17:11:47 +1000 (EST) Received: (qmail 1844 invoked by alias); 5 Aug 2010 07:11:42 -0000 Received: (qmail 1828 invoked by uid 22791); 5 Aug 2010 07:11:40 -0000 X-SWARE-Spam-Status: No, hits=-1.8 required=5.0 tests=AWL, BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, FREEMAIL_FROM, RCVD_IN_DNSWL_NONE, TW_ZJ, T_TO_NO_BRKTS_FREEMAIL X-Spam-Check-By: sourceware.org Received: from mail-qw0-f47.google.com (HELO mail-qw0-f47.google.com) (209.85.216.47) by sourceware.org (qpsmtpd/0.43rc1) with ESMTP; Thu, 05 Aug 2010 07:11:37 +0000 Received: by qwg8 with SMTP id 8so3835284qwg.20 for ; Thu, 05 Aug 2010 00:11:35 -0700 (PDT) MIME-Version: 1.0 Received: by 10.229.87.140 with SMTP id w12mr3190920qcl.125.1280992294142; Thu, 05 Aug 2010 00:11:34 -0700 (PDT) Received: by 10.229.35.4 with HTTP; Thu, 5 Aug 2010 00:11:31 -0700 (PDT) Date: Thu, 5 Aug 2010 09:11:31 +0200 Message-ID: Subject: [PATCH, i386]: Fix out-of-bound array access in i386.c From: Uros Bizjak To: gcc-patches@gcc.gnu.org Mailing-List: contact gcc-patches-help@gcc.gnu.org; run by ezmlm Precedence: bulk List-Id: List-Unsubscribe: List-Archive: List-Post: List-Help: Sender: gcc-patches-owner@gcc.gnu.org Delivered-To: mailing list gcc-patches@gcc.gnu.org Hello! Attached patch fixes out-of-bound array access, reported in [1], fixing the first item in: <../../gcc/config/i386/i386.c, (10253:10)> : Reason : The current index is greater than array size! <../../gcc/config/i386/i386.c, (16316:17)> : Op: -, Reason : Signed Subtraction Overflow, BINARY OPERATION: left (int32): 0 right (int32): -2147483648 <../../gcc/config/i386/i386.c, (16362:18)> : Op: -, Reason : Signed Subtraction Overflow, BINARY OPERATION: left (int32): 0 right (int32): -2147483648 <../../gcc/config/i386/i386.c, (16473:11)> : Op: -, Reason : Signed Subtraction Overflow, UNARY OPERATION: right (int32): -2147483648 2010-08-05 Uros Bizjak * config/i386/i386.c (ix86_decompose_address): Check for SI_REG using REGNO of base_reg directly. As seen from the patch, quite interesting way of checking for SI_REG regno ;) Patch was tested on x86_64-linux-gnu, committed to mainline SVN. BTW: The other three failures are all in ix86_expand_int_movcc, where: HOST_WIDE_INT ct = INTVAL (operands[2]); HOST_WIDE_INT cf = INTVAL (operands[3]); HOST_WIDE_INT diff; diff = ct - cf; ... diff = -diff; I don't know what is the proper way to fix these. Any hints? Uros. [1] http://gcc.gnu.org/ml/gcc/2010-08/msg00039.html Index: i386.c =================================================================== --- i386.c (revision 162897) +++ i386.c (working copy) @@ -10417,8 +10417,7 @@ ix86_decompose_address (rtx addr, struct to test cfun for being non-NULL. */ if (TARGET_K6 && cfun && optimize_function_for_speed_p (cfun) && base_reg && !index_reg && !disp - && REG_P (base_reg) - && REGNO_REG_CLASS (REGNO (base_reg)) == SIREG) + && REG_P (base_reg) && REGNO (base_reg) == SI_REG) disp = const0_rtx; /* Special case: encode reg+reg instead of reg*2. */