From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 12331 invoked by alias); 2 Sep 2015 13:25:25 -0000 Mailing-List: contact gcc-patches-help@gcc.gnu.org; run by ezmlm Precedence: bulk List-Id: List-Archive: List-Post: List-Help: Sender: gcc-patches-owner@gcc.gnu.org Received: (qmail 12314 invoked by uid 89); 2 Sep 2015 13:25:24 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-2.0 required=5.0 tests=AWL,BAYES_00,FREEMAIL_FROM,RCVD_IN_DNSWL_LOW,SPF_PASS autolearn=ham version=3.3.2 X-HELO: mail-yk0-f169.google.com Received: from mail-yk0-f169.google.com (HELO mail-yk0-f169.google.com) (209.85.160.169) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with (AES128-GCM-SHA256 encrypted) ESMTPS; Wed, 02 Sep 2015 13:25:22 +0000 Received: by ykcf206 with SMTP id f206so9017966ykc.3 for ; Wed, 02 Sep 2015 06:25:20 -0700 (PDT) MIME-Version: 1.0 X-Received: by 10.13.244.134 with SMTP id d128mr33563956ywf.27.1441200320850; Wed, 02 Sep 2015 06:25:20 -0700 (PDT) Received: by 10.37.93.136 with HTTP; Wed, 2 Sep 2015 06:25:20 -0700 (PDT) In-Reply-To: References: <20150901143909.GB55610@msticlxl57.ims.intel.com> Date: Wed, 02 Sep 2015 13:25:00 -0000 Message-ID: Subject: Re: [PATCH, PR67405, committed] Avoid NULL pointer dereference From: Richard Biener To: Ilya Enkovich Cc: GCC Patches Content-Type: text/plain; charset=UTF-8 X-IsSubscribed: yes X-SW-Source: 2015-09/txt/msg00152.txt.bz2 On Wed, Sep 2, 2015 at 2:51 PM, Ilya Enkovich wrote: > 2015-09-02 15:35 GMT+03:00 Richard Biener : >> On Tue, Sep 1, 2015 at 5:03 PM, Ilya Enkovich wrote: >>> Hi, >>> >>> This fixes an ICE by adding a NULL check. Bootstrapped and regtested for x86_64-unknown-linux-gnu. Applied to trunk. Does this need to be ported to gcc-5-branch? >>> >>> Thanks, >>> Ilya >>> -- >>> gcc/ >>> >>> 2015-09-01 Ilya Enkovich >>> >>> PR target/67405 >>> * tree-chkp.c (chkp_find_bound_slots_1): Add NULL check. >>> >>> gcc/testsuite/ >>> >>> 2015-09-01 Ilya Enkovich >>> >>> PR target/67405 >>> * g++.dg/pr67405.C: New test. >>> >>> >>> diff --git a/gcc/testsuite/g++.dg/pr67405.C b/gcc/testsuite/g++.dg/pr67405.C >>> new file mode 100644 >>> index 0000000..5055921 >>> --- /dev/null >>> +++ b/gcc/testsuite/g++.dg/pr67405.C >>> @@ -0,0 +1,11 @@ >>> +// { dg-do compile } >>> + >>> +struct S >>> +{ >>> + S f; // { dg-error "incomplete type" } >>> +}; >>> + >>> +void >>> +fn1 (S p1) >>> +{ >>> +} >>> diff --git a/gcc/tree-chkp.c b/gcc/tree-chkp.c >>> index 8c1b48c..2489abb 100644 >>> --- a/gcc/tree-chkp.c >>> +++ b/gcc/tree-chkp.c >>> @@ -1667,8 +1667,9 @@ chkp_find_bound_slots_1 (const_tree type, bitmap have_bound, >>> for (field = TYPE_FIELDS (type); field; field = DECL_CHAIN (field)) >>> if (TREE_CODE (field) == FIELD_DECL) >>> { >>> - HOST_WIDE_INT field_offs >>> - = TREE_INT_CST_LOW (DECL_FIELD_BIT_OFFSET (field)); >>> + HOST_WIDE_INT field_offs = 0; >>> + if (DECL_FIELD_BIT_OFFSET (field)) >> >> DECL_FIELD_BIT_OFFSET should be never NULL. Whoever created that >> FIELD_DECL created an invalid one. > > I'll check where this decl comes from. Is there a proper checker to > add a NULL test for DECL_FIELD_BIT_OFFSET BTW?. The type verifier Honza added recently I guess. Richard. > Thanks, > Ilya > >> >> Richard. >> >>> + field_offs += TREE_INT_CST_LOW (DECL_FIELD_BIT_OFFSET (field)); >>> if (DECL_FIELD_OFFSET (field)) >>> field_offs += TREE_INT_CST_LOW (DECL_FIELD_OFFSET (field)) * 8; >>> chkp_find_bound_slots_1 (TREE_TYPE (field), have_bound,