| Message ID | ZjpOmfbhOtGFDvwH@tucnak |
|---|---|
| State | New |
| Headers | show |
| Series | tree-inline: Remove .ASAN_MARK calls when inlining functions into no_sanitize callers [PR114956] | expand |
> Am 07.05.2024 um 17:54 schrieb Jakub Jelinek <jakub@redhat.com>: > > Hi! > > In r9-5742 we've started allowing to inline always_inline functions into > functions which have disabled e.g. address sanitization even when the > always_inline function is implicitly from command line options sanitized. > > This mostly works fine because most of the asan instrumentation is done only > late after ipa, but as the following testcase the .ASAN_MARK ifn calls > gimplifier adds can result in ICEs. > > Fixed by dropping those during inlining, similarly to how we drop > .TSAN_FUNC_EXIT calls. > > Bootstrapped/regtested on x86_64-linux and i686-linux, ok for trunk? Ok Richard > 2024-05-07 Jakub Jelinek <jakub@redhat.com> > > PR sanitizer/114956 > * tree-inline.cc: Include asan.h. > (copy_bb): Remove also .ASAN_MARK calls if id->dst_fn has asan/hwasan > sanitization disabled. > > * gcc.dg/asan/pr114956.c: New test. > > --- gcc/tree-inline.cc.jj 2024-05-03 09:44:21.199055899 +0200 > +++ gcc/tree-inline.cc 2024-05-06 10:45:37.231349328 +0200 > @@ -65,6 +65,7 @@ along with GCC; see the file COPYING3. > #include "symbol-summary.h" > #include "symtab-thunks.h" > #include "symtab-clones.h" > +#include "asan.h" > > /* I'm not real happy about this, but we need to handle gimple and > non-gimple trees. */ > @@ -2226,13 +2227,26 @@ copy_bb (copy_body_data *id, basic_block > } > else if (call_stmt > && id->call_stmt > - && gimple_call_internal_p (stmt) > - && gimple_call_internal_fn (stmt) == IFN_TSAN_FUNC_EXIT) > - { > - /* Drop TSAN_FUNC_EXIT () internal calls during inlining. */ > - gsi_remove (©_gsi, false); > - continue; > - } > + && gimple_call_internal_p (stmt)) > + switch (gimple_call_internal_fn (stmt)) > + { > + case IFN_TSAN_FUNC_EXIT: > + /* Drop .TSAN_FUNC_EXIT () internal calls during inlining. */ > + gsi_remove (©_gsi, false); > + continue; > + case IFN_ASAN_MARK: > + /* Drop .ASAN_MARK internal calls during inlining into > + no_sanitize functions. */ > + if (!sanitize_flags_p (SANITIZE_ADDRESS, id->dst_fn) > + && !sanitize_flags_p (SANITIZE_HWADDRESS, id->dst_fn)) > + { > + gsi_remove (©_gsi, false); > + continue; > + } > + break; > + default: > + break; > + } > > /* Statements produced by inlining can be unfolded, especially > when we constant propagated some operands. We can't fold > --- gcc/testsuite/gcc.dg/asan/pr114956.c.jj 2024-05-06 10:54:52.601892840 +0200 > +++ gcc/testsuite/gcc.dg/asan/pr114956.c 2024-05-06 10:54:33.920143734 +0200 > @@ -0,0 +1,26 @@ > +/* PR sanitizer/114956 */ > +/* { dg-do compile } */ > +/* { dg-options "-O2 -fsanitize=address,null" } */ > + > +int **a; > +void qux (int *); > + > +__attribute__((always_inline)) static inline int * > +foo (void) > +{ > + int b[1]; > + qux (b); > + return a[1]; > +} > + > +__attribute__((no_sanitize_address)) void > +bar (void) > +{ > + *a = foo (); > +} > + > +void > +baz (void) > +{ > + bar (); > +} > > Jakub >
--- gcc/tree-inline.cc.jj 2024-05-03 09:44:21.199055899 +0200 +++ gcc/tree-inline.cc 2024-05-06 10:45:37.231349328 +0200 @@ -65,6 +65,7 @@ along with GCC; see the file COPYING3. #include "symbol-summary.h" #include "symtab-thunks.h" #include "symtab-clones.h" +#include "asan.h" /* I'm not real happy about this, but we need to handle gimple and non-gimple trees. */ @@ -2226,13 +2227,26 @@ copy_bb (copy_body_data *id, basic_block } else if (call_stmt && id->call_stmt - && gimple_call_internal_p (stmt) - && gimple_call_internal_fn (stmt) == IFN_TSAN_FUNC_EXIT) - { - /* Drop TSAN_FUNC_EXIT () internal calls during inlining. */ - gsi_remove (©_gsi, false); - continue; - } + && gimple_call_internal_p (stmt)) + switch (gimple_call_internal_fn (stmt)) + { + case IFN_TSAN_FUNC_EXIT: + /* Drop .TSAN_FUNC_EXIT () internal calls during inlining. */ + gsi_remove (©_gsi, false); + continue; + case IFN_ASAN_MARK: + /* Drop .ASAN_MARK internal calls during inlining into + no_sanitize functions. */ + if (!sanitize_flags_p (SANITIZE_ADDRESS, id->dst_fn) + && !sanitize_flags_p (SANITIZE_HWADDRESS, id->dst_fn)) + { + gsi_remove (©_gsi, false); + continue; + } + break; + default: + break; + } /* Statements produced by inlining can be unfolded, especially when we constant propagated some operands. We can't fold --- gcc/testsuite/gcc.dg/asan/pr114956.c.jj 2024-05-06 10:54:52.601892840 +0200 +++ gcc/testsuite/gcc.dg/asan/pr114956.c 2024-05-06 10:54:33.920143734 +0200 @@ -0,0 +1,26 @@ +/* PR sanitizer/114956 */ +/* { dg-do compile } */ +/* { dg-options "-O2 -fsanitize=address,null" } */ + +int **a; +void qux (int *); + +__attribute__((always_inline)) static inline int * +foo (void) +{ + int b[1]; + qux (b); + return a[1]; +} + +__attribute__((no_sanitize_address)) void +bar (void) +{ + *a = foo (); +} + +void +baz (void) +{ + bar (); +}