Fix nullptr access in true_regnum

Message ID	1413495200.31394.132.camel@yam-132-YW-E178-FTW
State	New
Headers	show Return-Path: <gcc-patches-return-380849-incoming=patchwork.ozlabs.org@gcc.gnu.org> DomainKey-Signature: a=rsa-sha1; c=nofws; d=gcc.gnu.org; h=list-id :list-unsubscribe:list-archive:list-post:list-help:sender :message-id:subject:from:to:date:content-type:mime-version; q= dns; s=default; b=SvTADyKO0QaxKehflCWC86navHP7YXq877Tx8fCWFvA+PO omJVdD+MAa9jgCjd5jlKR1ThlEcs7D8y1V9S4g1c49SXatYJa+SrIKQRKptdeYW1 Rc1+JYGXhPc7VP9Q62fUMwt0/SAql0+9bnxc1JEnzom4ETpRUxVhRnMxlUWaE= Mailing-List: contact gcc-patches-help@gcc.gnu.org; run by ezmlm Precedence: bulk Sender: gcc-patches-owner@gcc.gnu.org Message-ID: <1413495200.31394.132.camel@yam-132-YW-E178-FTW> Subject: Fix nullptr access in true_regnum From: Oleg Endo <oleg.endo@t-online.de> To: gcc-patches <gcc-patches@gcc.gnu.org> Date: Thu, 16 Oct 2014 23:33:20 +0200 Content-Type: multipart/mixed; boundary="=-Fm53IEGbwaWIxtD6kuCm" Mime-Version: 1.0

Message ID

1413495200.31394.132.camel@yam-132-YW-E178-FTW

State

New

Headers

DomainKey-Signature: a=rsa-sha1; c=nofws; d=gcc.gnu.org; h=list-id
	:list-unsubscribe:list-archive:list-post:list-help:sender
	:message-id:subject:from:to:date:content-type:mime-version; q=
	dns; s=default; b=SvTADyKO0QaxKehflCWC86navHP7YXq877Tx8fCWFvA+PO
	omJVdD+MAa9jgCjd5jlKR1ThlEcs7D8y1V9S4g1c49SXatYJa+SrIKQRKptdeYW1
	Rc1+JYGXhPc7VP9Q62fUMwt0/SAql0+9bnxc1JEnzom4ETpRUxVhRnMxlUWaE=
Mailing-List: contact gcc-patches-help@gcc.gnu.org; run by ezmlm
Precedence: bulk
Sender: gcc-patches-owner@gcc.gnu.org
Message-ID: <1413495200.31394.132.camel@yam-132-YW-E178-FTW>
Subject: Fix nullptr access in true_regnum
From: Oleg Endo <oleg.endo@t-online.de>
To: gcc-patches <gcc-patches@gcc.gnu.org>
Date: Thu, 16 Oct 2014 23:33:20 +0200
Content-Type: multipart/mixed; boundary="=-Fm53IEGbwaWIxtD6kuCm"
Mime-Version: 1.0

Commit Message

Oleg Endo Oct. 16, 2014, 9:33 p.m. UTC

Hi,

While working on some SH builtins I ran into the issue that the function
true_regnum in jump.c tries to access the reg_renumber array without
checking for nullptr.  The particular use case here is using true_regnum
in a predicate that is invoked during builtin function expansion in the
TARGET_EXPAND_BUILTIN function.  It seems that at that time reg_renumber
hasn't been initialized yet.  Adding the nullptr check fixes the issue.

OK for trunk?

Cheers,
Oleg

gcc/ChangeLog:
	* jump.c (true_regnum): Check that reg_renumber is not null
	before accessing it.

Comments

Jeff Law Oct. 16, 2014, 10:10 p.m. UTC | #1

On 10/16/14 15:33, Oleg Endo wrote:
> Hi,
>
> While working on some SH builtins I ran into the issue that the function
> true_regnum in jump.c tries to access the reg_renumber array without
> checking for nullptr.  The particular use case here is using true_regnum
> in a predicate that is invoked during builtin function expansion in the
> TARGET_EXPAND_BUILTIN function.  It seems that at that time reg_renumber
> hasn't been initialized yet.  Adding the nullptr check fixes the issue.
>
> OK for trunk?
>
> Cheers,
> Oleg
>
> gcc/ChangeLog:
> 	* jump.c (true_regnum): Check that reg_renumber is not null
> 	before accessing it.
You're not supposed to be using true_regnum prior to register 
allocation.  You're probably better off with a new predicate to handle 
this case.

jeff

Index: gcc/jump.c
===================================================================
--- gcc/jump.c	(revision 216350)
+++ gcc/jump.c	(working copy)
@@ -1908,7 +1908,8 @@ 
   if (REG_P (x))
     {
       if (REGNO (x) >= FIRST_PSEUDO_REGISTER
-	  && (lra_in_progress || reg_renumber[REGNO (x)] >= 0))
+	  && (lra_in_progress ||
+	      (reg_renumber != NULL && reg_renumber[REGNO (x)] >= 0)))
 	return reg_renumber[REGNO (x)];
       return REGNO (x);
     }

Fix nullptr access in true_regnum

Commit Message

Comments

Patch