From patchwork Fri Nov 4 09:17:31 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Martin_Li=C5=A1ka?= X-Patchwork-Id: 80790 Delivered-To: patch@linaro.org Received: by 10.140.97.247 with SMTP id m110csp1048986qge; Fri, 4 Nov 2016 02:18:23 -0700 (PDT) X-Received: by 10.99.212.69 with SMTP id i5mr20701467pgj.39.1478251103277; Fri, 04 Nov 2016 02:18:23 -0700 (PDT) Return-Path: Received: from sourceware.org (server1.sourceware.org. [209.132.180.131]) by mx.google.com with ESMTPS id v4si8848246paa.15.2016.11.04.02.18.22 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 04 Nov 2016 02:18:23 -0700 (PDT) Received-SPF: pass (google.com: domain of gcc-patches-return-440407-patch=linaro.org@gcc.gnu.org designates 209.132.180.131 as permitted sender) client-ip=209.132.180.131; Authentication-Results: mx.google.com; dkim=pass header.i=@gcc.gnu.org; spf=pass (google.com: domain of gcc-patches-return-440407-patch=linaro.org@gcc.gnu.org designates 209.132.180.131 as permitted sender) smtp.mailfrom=gcc-patches-return-440407-patch=linaro.org@gcc.gnu.org DomainKey-Signature: a=rsa-sha1; c=nofws; d=gcc.gnu.org; h=list-id :list-unsubscribe:list-archive:list-post:list-help:sender :subject:to:references:cc:from:message-id:date:mime-version :in-reply-to:content-type; q=dns; s=default; b=mQdoCgVpxbZw9y44a gwGc8v0fAichUbx6rQqXtVDN9Wb/PgB+qt7BT78knlbienCCuDQ6iEuXFMSdff5U MKDliPvMvK8IGBSxlZOfnPjpqBXHuReVY09OMvbSsSFZlN17KzZvtbmJzFdu+l/N gYNAJSbijyKmWXt6YEvrVOl2Kk= DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=gcc.gnu.org; h=list-id :list-unsubscribe:list-archive:list-post:list-help:sender :subject:to:references:cc:from:message-id:date:mime-version :in-reply-to:content-type; s=default; bh=RrUrL4V3PEqcJb7pvOyd60/ uqoc=; b=ckMbyfvQj6rVH9MElfqNv4sPqy3NCsPaVO3yFG+5YFTgZeN2GM3LDHn UwrIhXDjH/xNx3YwdJTngUhmE8UONjxNUq+H7JfAH7/QDg/VGKB4c5ZI/TTffGYG 39dG1bRdhYDhPu3saGSIefanXt0lOT720U1VWgUx4Po166+WcqwQ= Received: (qmail 51174 invoked by alias); 4 Nov 2016 09:17:47 -0000 Mailing-List: contact gcc-patches-help@gcc.gnu.org; run by ezmlm Precedence: bulk List-Id: List-Unsubscribe: List-Archive: List-Post: List-Help: Sender: gcc-patches-owner@gcc.gnu.org Delivered-To: mailing list gcc-patches@gcc.gnu.org Received: (qmail 51057 invoked by uid 89); 4 Nov 2016 09:17:45 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=0.8 required=5.0 tests=BAYES_50, SPF_PASS autolearn=ham version=3.3.2 spammy=Automatic, sk:compare, gsi, emission X-HELO: mx2.suse.de Received: from mx2.suse.de (HELO mx2.suse.de) (195.135.220.15) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with ESMTP; Fri, 04 Nov 2016 09:17:34 +0000 Received: from relay1.suse.de (charybdis-ext.suse.de [195.135.220.254]) by mx2.suse.de (Postfix) with ESMTP id 5CD65AB9B; Fri, 4 Nov 2016 09:17:32 +0000 (UTC) Subject: Re: [PATCH, RFC] Introduce -fsanitize=use-after-scope (v2) To: Jakub Jelinek References: <20161021142617.GG7282@tucnak.redhat.com> <3a109250-0440-7438-8e1f-7e5c6d8b6580@suse.cz> <20161027172358.GN3541@tucnak.redhat.com> <782727c2-9173-24ab-4e4c-07918dc16bf6@suse.cz> <20161101145350.GS3541@tucnak.redhat.com> <3f0181a4-e1b2-406f-7cf1-e63e9e9824fe@suse.cz> <20161102095926.GM3541@tucnak.redhat.com> <20161102101053.GN3541@tucnak.redhat.com> <20161102142028.GQ5939@redhat.com> <8ac49efe-83af-933b-2aa5-f4b22972fa6a@suse.cz> <20161102143511.GV3541@tucnak.redhat.com> Cc: Marek Polacek , GCC Patches From: =?UTF-8?Q?Martin_Li=c5=a1ka?= Message-ID: Date: Fri, 4 Nov 2016 10:17:31 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.4.0 MIME-Version: 1.0 In-Reply-To: <20161102143511.GV3541@tucnak.redhat.com> X-IsSubscribed: yes On 11/02/2016 03:35 PM, Jakub Jelinek wrote: > On Wed, Nov 02, 2016 at 03:27:42PM +0100, Martin Liška wrote: >>> So is there anything I should do wrt -Wswitch-unreachable? >>> >>> Marek >>> >> >> Probably not. I'm having a patch puts GIMPLE_SWITCH statement to a proper place >> in GIMPLE_BIND. Let's see whether such patch can bootstrap and survive regression >> tests. > > Please do that only for -fsanitize-use-after-scope, it will likely affect at > least for -O0 the debugging experience. For -O0 -fsanitize=address -fsanitize-use-after-scope > perhaps we could arrange for some extra stmt to have the locus of the > switch (where we still don't want the vars to appear in scope) and then > have no locus on the ASAN_MARK and actual GIMPLE_SWITCH or something > similar. > > Jakub > I'm sending patch where I put gimple switch statement to a place where all BIND_EXPR vars are unpoisoned. I'm sending diff to a previous version and new version of the patch. Patch can bootstrap on ppc64le-redhat-linux and survives regression tests. Apart from that, asan bootstrap successfully finished on x86_64-linux-gnu. Martin diff --git a/gcc/gimplify.c b/gcc/gimplify.c index 813777d..86ce793 100644 --- a/gcc/gimplify.c +++ b/gcc/gimplify.c @@ -1678,7 +1678,9 @@ warn_switch_unreachable_r (gimple_stmt_iterator *gsi_p, bool *handled_ops_p, worse location info. */ if (gimple_try_eval (stmt) == NULL) { - wi->info = stmt; + gimple_stmt_iterator *it = XNEW (gimple_stmt_iterator); + memcpy (it, gsi_p, sizeof (gimple_stmt_iterator)); + wi->info = it; return integer_zero_node; } /* Fall through. */ @@ -1689,9 +1691,18 @@ warn_switch_unreachable_r (gimple_stmt_iterator *gsi_p, bool *handled_ops_p, /* Walk the sub-statements. */ *handled_ops_p = false; break; + case GIMPLE_CALL: + if (gimple_call_internal_p (stmt, IFN_ASAN_MARK)) + { + *handled_ops_p = false; + break; + } + /* Fall through. */ default: /* Save the first "real" statement (not a decl/lexical scope/...). */ - wi->info = stmt; + gimple_stmt_iterator *it = XNEW (gimple_stmt_iterator); + memcpy (it, gsi_p, sizeof (gimple_stmt_iterator)); + wi->info = it; return integer_zero_node; } return NULL_TREE; @@ -1713,7 +1724,11 @@ maybe_warn_switch_unreachable (gimple_seq seq) struct walk_stmt_info wi; memset (&wi, 0, sizeof (wi)); walk_gimple_seq (seq, warn_switch_unreachable_r, NULL, &wi); - gimple *stmt = (gimple *) wi.info; + gimple *stmt = NULL; + gimple_stmt_iterator *gsi = (gimple_stmt_iterator *) wi.info; + if (gsi) + stmt = gsi_stmt (*gsi); + free (wi.info); if (stmt && gimple_code (stmt) != GIMPLE_LABEL) { @@ -1802,6 +1900,8 @@ collect_fallthrough_labels (gimple_stmt_iterator *gsi_p, if (find_label_entry (labels, label)) prev = gsi_stmt (*gsi_p); } + else if (gimple_call_internal_p (gsi_stmt (*gsi_p), IFN_ASAN_MARK)) + ; else prev = gsi_stmt (*gsi_p); gsi_next (gsi_p); @@ -2224,7 +2239,22 @@ gimplify_switch_expr (tree *expr_p, gimple_seq *pre_p) switch_stmt = gimple_build_switch (SWITCH_COND (switch_expr), default_case, labels); - gimplify_seq_add_stmt (pre_p, switch_stmt); + + if (asan_sanitize_use_after_scope ()) + { + struct walk_stmt_info wi; + memset (&wi, 0, sizeof (wi)); + walk_gimple_seq (switch_body_seq, warn_switch_unreachable_r, NULL, &wi); + gimple_stmt_iterator *it = (gimple_stmt_iterator *)wi.info; + if (gsi_stmt (*it) == switch_body_seq) + gimplify_seq_add_stmt (pre_p, switch_stmt); + else + gsi_insert_before_without_update (it, switch_stmt, GSI_SAME_STMT); + free (it); + } + else + gimplify_seq_add_stmt (pre_p, switch_stmt); + gimplify_seq_add_seq (pre_p, switch_body_seq); labels.release (); } diff --git a/gcc/tree-eh.c b/gcc/tree-eh.c index db72156..150b2ab 100644 --- a/gcc/tree-eh.c +++ b/gcc/tree-eh.c @@ -43,6 +43,7 @@ along with GCC; see the file COPYING3. If not see #include "langhooks.h" #include "cfgloop.h" #include "gimple-low.h" +#include "asan.h" /* In some instances a tree and a gimple need to be stored in a same table, i.e. in hash tables. This is a structure to do this. */ @@ -706,6 +707,9 @@ verify_norecord_switch_expr (struct leh_state *state, if (!tf) return; + if (asan_sanitize_use_after_scope ()) + return; + n = gimple_switch_num_labels (switch_expr); for (i = 0; i < n; ++i) -- 2.10.1