From patchwork Fri Oct 31 23:40:16 2014 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: John David Anglin X-Patchwork-Id: 3532 Received: (qmail 7420 invoked by alias); 31 Oct 2014 23:40:38 -0000 Mailing-List: contact libc-alpha-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Unsubscribe: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: libc-alpha-owner@sourceware.org Delivered-To: mailing list libc-alpha@sourceware.org Received: (qmail 7407 invoked by uid 89); 31 Oct 2014 23:40:38 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-1.8 required=5.0 tests=AWL, BAYES_00, RCVD_IN_DNSWL_NONE, SPF_PASS autolearn=ham version=3.3.2 X-HELO: BLU004-OMC1S12.hotmail.com X-TMN: [yUDsfixe97l/0v+d4aQnDuvp8Vc+MsLC] Message-ID: CC: Roland McGrath , Carlos O'Donell , GNU C Library From: John David Anglin To: Aaro Koskinen In-Reply-To: <20141031223801.GA17511@drone.musicnaut.iki.fi> Subject: Re: [PATCH] hppa: avoid NULL dereference of sym_map in elf_machine_rela() MIME-Version: 1.0 (Apple Message framework v936) Date: Fri, 31 Oct 2014 19:40:16 -0400 References: <1414791231-30990-1-git-send-email-aaro.koskinen@iki.fi> <20141031214255.8FFB12C3ACC@topped-with-meat.com> <20141031223801.GA17511@drone.musicnaut.iki.fi> On 31-Oct-14, at 6:38 PM, Aaro Koskinen wrote: >> Rather, the right solution is probably to find (or add) some switch >> to GCC >> that changes what it emits from being a call to abort to be something >> different. It's possible that abort is OK and we just need to >> define an >> appropriately minimal abort in rtld. But it needs to be looked into. > > The other quick workaround I could find is -fno-delete-null-pointer- > checks. > > "[...] other optimization passes in GCC use this flag to control > global > dataflow analyses that eliminate useless checks for null pointers > [...]" This suggests that GCC deletes a null check that is useful. The attached patch implements a trap insn and __builtin_trap(). It generates a conditional trap (SIGFPE). Carlos has used another instruction that generates an illegal instruction trap. Dave --- John David Anglin dave.anglin@bell.net Index: config/pa/pa.md =================================================================== --- config/pa/pa.md (revision 216987) +++ config/pa/pa.md (working copy) @@ -123,7 +123,7 @@ ;; type "binary" insns have two input operands (1,2) and one output (0) (define_attr "type" - "move,unary,binary,shift,nullshift,compare,load,store,uncond_branch,branch,cbranch,fbranch,call,sibcall,dyncall,fpload,fpstore,fpalu,fpcc,fpmulsgl,fpmuldbl,fpdivsgl,fpdivdbl,fpsqrtsgl,fpsqrtdbl,multi,milli,sh_func_adrs,parallel_branch,fpstore_load,store_fpload" + "move,unary,binary,shift,nullshift,compare,load,store,uncond_branch,branch,cbranch,fbranch,call,sibcall,dyncall,fpload,fpstore,fpalu,fpcc,fpmulsgl,fpmuldbl,fpdivsgl,fpdivdbl,fpsqrtsgl,fpsqrtdbl,multi,milli,sh_func_adrs,parallel_branch,fpstore_load,store_fpload,trap" (const_string "binary")) (define_attr "pa_combine_type" @@ -175,7 +175,7 @@ ;; Disallow instructions which use the FPU since they will tie up the FPU ;; even if the instruction is nullified. (define_attr "in_nullified_branch_delay" "false,true" - (if_then_else (and (eq_attr "type" "!uncond_branch,branch,cbranch,fbranch,call,sibcall,dyncall,multi,milli,sh_func_adrs,fpcc,fpalu,fpmulsgl,fpmuldbl,fpdivsgl,fpdivdbl,fpsqrtsgl,fpsqrtdbl,parallel_branch") + (if_then_else (and (eq_attr "type" "!uncond_branch,branch,cbranch,fbranch,call,sibcall,dyncall,multi,milli,sh_func_adrs,fpcc,fpalu,fpmulsgl,fpmuldbl,fpdivsgl,fpdivdbl,fpsqrtsgl,fpsqrtdbl,parallel_branch,trap") (eq_attr "length" "4") (not (match_test "RTX_FRAME_RELATED_P (insn)"))) (const_string "true") @@ -183,7 +183,7 @@ ;; For calls and millicode calls. (define_attr "in_call_delay" "false,true" - (if_then_else (and (eq_attr "type" "!uncond_branch,branch,cbranch,fbranch,call,sibcall,dyncall,multi,milli,sh_func_adrs,parallel_branch") + (if_then_else (and (eq_attr "type" "!uncond_branch,branch,cbranch,fbranch,call,sibcall,dyncall,multi,milli,sh_func_adrs,parallel_branch,trap") (eq_attr "length" "4") (not (match_test "RTX_FRAME_RELATED_P (insn)"))) (const_string "true") @@ -5324,6 +5324,15 @@ [(set_attr "type" "binary,binary") (set_attr "length" "4,4")]) +;; Trap instructions. + +(define_insn "trap" + [(trap_if (const_int 1) (const_int 0))] + "" + "{addit|addi,tc},<> 1,%%r0,%%r0" + [(set_attr "type" "trap") + (set_attr "length" "4")]) + ;; Clobbering a "register_operand" instead of a match_scratch ;; in operand3 of millicode calls avoids spilling %r1 and ;; produces better code.