From patchwork Tue May 21 20:55:51 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jakub Jelinek X-Patchwork-Id: 1937540 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=pass (1024-bit key; unprotected) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256 header.s=mimecast20190719 header.b=jBOGT2+4; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=gcc.gnu.org (client-ip=8.43.85.97; helo=server2.sourceware.org; envelope-from=gcc-patches-bounces+incoming=patchwork.ozlabs.org@gcc.gnu.org; receiver=patchwork.ozlabs.org) Received: from server2.sourceware.org (server2.sourceware.org [8.43.85.97]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4VkRYd4Y3Jz1ydW for ; Wed, 22 May 2024 06:56:19 +1000 (AEST) Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id 2D7FB3858C60 for ; Tue, 21 May 2024 20:56:17 +0000 (GMT) X-Original-To: gcc-patches@gcc.gnu.org Delivered-To: gcc-patches@gcc.gnu.org Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by sourceware.org (Postfix) with ESMTPS id 438A63858D1E for ; Tue, 21 May 2024 20:55:56 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 438A63858D1E Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=redhat.com Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=redhat.com ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 438A63858D1E Authentication-Results: server2.sourceware.org; arc=none smtp.remote-ip=170.10.129.124 ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1716324961; cv=none; b=bHieMXaQf/UaPT48skURnmdHm4u3awXzpACv1r49q+eDyyxtOXep55ZvfD8e+WNbMFXrZ43CJsGzULkqYyEdVG+/fuC10hcsy+5J4D5RbMHkkr/VWozS/a3z8uWC3bST5Oq1LbckseksGVDOwZWDtUIbVDiwmTaFsTyb956qB9o= ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1716324961; c=relaxed/simple; bh=QWuGyqoe/mCdqm4e6kA5PiSpoB8VASWf2t/YkH7mU+o=; h=DKIM-Signature:Date:From:To:Subject:Message-ID:MIME-Version; b=YOgxzpYwSwNetDfv0lPMRYH0NtPLyGDWLmHUj/Algf1LkriDzw/9O1zz2v5VpBACwa9xEIqxui6wn4/ipvzwYAF/pUvwwmxm6vRjBfR7T3Rn2LFR7Ujv2lbV9ahps3PdT7LDoN5fXX871SrvSriswqFm+YkIcNijaeaw7bG1xa0= ARC-Authentication-Results: i=1; server2.sourceware.org DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1716324955; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type; bh=OZoNhPWodjf4svwq1YFwpFXG1uE9QBsCQKyP3lUXqr8=; b=jBOGT2+4jYPXdabe+0GqdtuUljJRoseoLy88KNMAGsJ29Cz63t74OtLelClo1X6Bh4oTmX hLBMsJc4b/8U8v5C9aTrLUdfuN2dFjpcip30XPESyXFXROGjc6I1YrFtklAvAteHa4hU40 AA/zJXMeOfU8jeZooS6zhTyRqigjfMQ= Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-635-ryRu_eTHORKOGS25CObg5w-1; Tue, 21 May 2024 16:55:53 -0400 X-MC-Unique: ryRu_eTHORKOGS25CObg5w-1 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id A6407101A52C; Tue, 21 May 2024 20:55:53 +0000 (UTC) Received: from tucnak.zalov.cz (unknown [10.45.224.7]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 6B107200B22C; Tue, 21 May 2024 20:55:53 +0000 (UTC) Received: from tucnak.zalov.cz (localhost [127.0.0.1]) by tucnak.zalov.cz (8.17.1/8.17.1) with ESMTPS id 44LKtpO72417437 (version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384 bits=256 verify=NOT); Tue, 21 May 2024 22:55:51 +0200 Received: (from jakub@localhost) by tucnak.zalov.cz (8.17.1/8.17.1/Submit) id 44LKtp7e2417436; Tue, 21 May 2024 22:55:51 +0200 Date: Tue, 21 May 2024 22:55:51 +0200 From: Jakub Jelinek To: Richard Biener Cc: gcc-patches@gcc.gnu.org Subject: [PATCH] ubsan: Use right address space for MEM_REF created for bool/enum sanitization [PR115172] Message-ID: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.4.1 on 10.11.54.6 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Disposition: inline X-Spam-Status: No, score=-3.4 required=5.0 tests=BAYES_00, DKIMWL_WL_HIGH, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H4, RCVD_IN_MSPIKE_WL, SPF_HELO_NONE, SPF_NONE, TXREP autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: gcc-patches@gcc.gnu.org X-Mailman-Version: 2.1.30 Precedence: list List-Id: Gcc-patches mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: Jakub Jelinek Errors-To: gcc-patches-bounces+incoming=patchwork.ozlabs.org@gcc.gnu.org Hi! The following testcase is miscompiled, because -fsanitize=bool,enum creates a MEM_REF without propagating there address space qualifiers, so what should be normally loaded using say %gs:/%fs: segment prefix isn't. Together with asan it then causes that load to be sanitized. Fixed thusly, bootstrapped/regtested on x86_64-linux and i686-linux, ok for trunk and release branches? 2024-05-21 Jakub Jelinek PR sanitizer/115172 * ubsan.cc (instrument_bool_enum_load): If rhs is not in generic address space, use qualified version of utype with the right address space. Formatting fix. * gcc.dg/asan/pr115172.c: New test. Jakub --- gcc/ubsan.cc.jj 2024-03-22 09:23:37.695296775 +0100 +++ gcc/ubsan.cc 2024-05-21 12:10:24.261454107 +0200 @@ -1776,13 +1776,17 @@ instrument_bool_enum_load (gimple_stmt_i || TREE_CODE (gimple_assign_lhs (stmt)) != SSA_NAME) return; + addr_space_t as = TYPE_ADDR_SPACE (TREE_TYPE (rhs)); + if (as != TYPE_ADDR_SPACE (utype)) + utype = build_qualified_type (utype, TYPE_QUALS (utype) + | ENCODE_QUAL_ADDR_SPACE (as)); bool ends_bb = stmt_ends_bb_p (stmt); location_t loc = gimple_location (stmt); tree lhs = gimple_assign_lhs (stmt); tree ptype = build_pointer_type (TREE_TYPE (rhs)); tree atype = reference_alias_ptr_type (rhs); gimple *g = gimple_build_assign (make_ssa_name (ptype), - build_fold_addr_expr (rhs)); + build_fold_addr_expr (rhs)); gimple_set_location (g, loc); gsi_insert_before (gsi, g, GSI_SAME_STMT); tree mem = build2 (MEM_REF, utype, gimple_assign_lhs (g), --- gcc/testsuite/gcc.dg/asan/pr115172.c.jj 2024-05-21 17:28:18.302815400 +0200 +++ gcc/testsuite/gcc.dg/asan/pr115172.c 2024-05-21 22:50:43.272753785 +0200 @@ -0,0 +1,20 @@ +/* PR sanitizer/115172 */ +/* { dg-do compile { target i?86-*-* x86_64-*-* } } */ +/* { dg-options "-O2 -fsanitize=address,bool -ffat-lto-objects -fdump-tree-asan1" } */ +/* { dg-final { scan-tree-dump-not "\.ASAN_CHECK " "asan1" } } */ + +#ifdef __x86_64__ +#define SEG __seg_gs +#else +#define SEG __seg_fs +#endif + +extern struct S { _Bool b; } s; +void bar (void); + +void +foo (void) +{ + if (*(volatile _Bool SEG *) (__UINTPTR_TYPE__) &s.b) + bar (); +}