This is the mail archive of the
gcc-patches@gcc.gnu.org
mailing list for the GCC project.
Re: [PATCH] Fix ubsan handling of BIND_EXPR (PR sanitizer/71498)
- From: Marek Polacek <polacek at redhat dot com>
- To: Jakub Jelinek <jakub at redhat dot com>
- Cc: "Joseph S. Myers" <joseph at codesourcery dot com>, Jason Merrill <jason at redhat dot com>, gcc-patches at gcc dot gnu dot org
- Date: Mon, 13 Jun 2016 22:41:40 +0200
- Subject: Re: [PATCH] Fix ubsan handling of BIND_EXPR (PR sanitizer/71498)
- Authentication-results: sourceware.org; auth=none
- References: <20160613183943 dot GV7387 at tucnak dot redhat dot com>
On Mon, Jun 13, 2016 at 08:39:43PM +0200, Jakub Jelinek wrote:
> Hi!
>
> As has been discussed in the original -fsanitize=bounds submission,
> walk_tree for BIND_EXPR walks the body and
> DECL_INITIAL/DECL_SIZE/DECL_SIZE_UNIT of all the BIND_EXPR_VARS.
> For -fsanitize=bounds instrumentation, we want to avoid walking DECL_INITIAL
> of TREE_STATIC vars, so should set *walk_subtrees to 0 and walk it all
> ourselves. But, what the committed code actually does is that for
> BIND_EXPRs that contain no TREE_STATIC vars, it walks
> DECL_INITIAL/DECL_SIZE/DECL_SIZE_UNIT of all the BIND_EXPR_VARS, and then
> walks subtrees normally, which means walking the body (good) and all the
> DECL_INITIAL/DECL_SIZE/DECL_SIZE_UNIT exprs again (waste of time, we use
> hash_set for duplicates, so just inefficiency).
> But, if any TREE_STATIC vars appears, we set *walk_subtrees to 0 and
> forget to walk the body (the primary bug).
Ouch :(.
> Fixed thusly, bootstrapped/regtested on x86_64-linux and i686-linux, ok for
> trunk?
Ok, thanks.
Marek