This is the mail archive of the
gcc-patches@gcc.gnu.org
mailing list for the GCC project.
[PATCH] Optimize BIT_AND_EXPRs for UBSAN_OBJECT_SIZE
- From: Marek Polacek <polacek at redhat dot com>
- To: GCC Patches <gcc-patches at gcc dot gnu dot org>, Jakub Jelinek <jakub at redhat dot com>
- Date: Mon, 3 Nov 2014 21:47:05 +0100
- Subject: [PATCH] Optimize BIT_AND_EXPRs for UBSAN_OBJECT_SIZE
- Authentication-results: sourceware.org; auth=none
We don't emit UBSAN_BOUNDS checks in case we can at compile-time
prove that the array access is fine. Also if we have [i & CST],
where CST is <= bound_of_the_array, we know we're fine as well.
But we don't have similar BIT_AND_EXPR check for UBSAN_OBJECT_SIZE
which is what this patch attempts to add.
(This is unrelated to the UBSAN_NULL optimization I posted earlier
today.)
Bootstrap-ubsan/regtest passed on x86_64-linux, ok for trunk?
2014-11-03 Marek Polacek <polacek@redhat.com>
* ubsan.c (instrument_object_size): Optimize [x & CST] array accesses.
testsuite/
* c-c++-common/ubsan/object-size-10.c: New test.
diff --git gcc/testsuite/c-c++-common/ubsan/object-size-10.c gcc/testsuite/c-c++-common/ubsan/object-size-10.c
index e69de29..ebc8582 100644
--- gcc/testsuite/c-c++-common/ubsan/object-size-10.c
+++ gcc/testsuite/c-c++-common/ubsan/object-size-10.c
@@ -0,0 +1,79 @@
+/* { dg-do run } */
+/* { dg-skip-if "" { *-*-* } { "*" } { "-O2" } } */
+/* { dg-options "-fsanitize=undefined" } */
+
+static char a[128];
+static int b[128];
+
+__attribute__ ((noinline, noclone)) int
+fn1 (int i)
+{
+ asm ("");
+ return a[i & 127];
+}
+
+__attribute__ ((noinline, noclone)) int
+fn2 (int i)
+{
+ asm ("");
+ return a[i & 128];
+}
+
+/* { dg-output "index 128 out of bounds for type 'char \\\[128\\\]'\[^\n\r]*(\n|\r\n|\r)" } */
+/* { dg-output "\[^\n\r]*load of address \[^\n\r]* with insufficient space for an object of type 'char'\[^\n\r]*(\n|\r\n|\r)" } */
+/* { dg-output "\[^\n\r]*note: pointer points here\[^\n\r]*(\n|\r\n|\r)" } */
+/* { dg-output "\[^\n\r]*\[^\n\r]*(\n|\r\n|\r)" } */
+/* { dg-output "\[^\n\r]*\\^\[^\n\r]*(\n|\r\n|\r)" } */
+
+__attribute__ ((noinline, noclone)) int
+fn3 (int i)
+{
+ asm ("");
+ return b[i & 127];
+}
+
+__attribute__ ((noinline, noclone)) int
+fn4 (int i)
+{
+ asm ("");
+ return b[i & 128];
+}
+
+/* { dg-output "\[^\n\r]*index 128 out of bounds for type 'int \\\[128\\\]'\[^\n\r]*(\n|\r\n|\r)" } */
+/* { dg-output "\[^\n\r]*load of address \[^\n\r]* with insufficient space for an object of type 'int'\[^\n\r]*(\n|\r\n|\r)" } */
+/* { dg-output "\[^\n\r]*note: pointer points here\[^\n\r]*(\n|\r\n|\r)" } */
+/* { dg-output "\[^\n\r]*\[^\n\r]*(\n|\r\n|\r)" } */
+/* { dg-output "\[^\n\r]*\\^\[^\n\r]*(\n|\r\n|\r)" } */
+
+__attribute__ ((noinline, noclone)) int
+fn5 (int i, int j)
+{
+ asm ("");
+ return b[i & j];
+}
+
+/* { dg-output "\[^\n\r]*index 128 out of bounds for type 'int \\\[128\\\]'\[^\n\r]*(\n|\r\n|\r)" } */
+/* { dg-output "\[^\n\r]*load of address \[^\n\r]* with insufficient space for an object of type 'int'\[^\n\r]*(\n|\r\n|\r)" } */
+/* { dg-output "\[^\n\r]*note: pointer points here\[^\n\r]*(\n|\r\n|\r)" } */
+/* { dg-output "\[^\n\r]*\[^\n\r]*(\n|\r\n|\r)" } */
+/* { dg-output "\[^\n\r]*\\^\[^\n\r]*(\n|\r\n|\r)" } */
+
+__attribute__ ((noinline, noclone)) int
+fn6 (int i)
+{
+ asm ("");
+ return b[i & 0];
+}
+
+int
+main (void)
+{
+ fn1 (128);
+ fn2 (128);
+ fn3 (128);
+ fn4 (128);
+ fn5 (128, 127);
+ fn5 (128, 128);
+ fn6 (128);
+ return 0;
+}
diff --git gcc/ubsan.c gcc/ubsan.c
index ed2fc54..41cf546 100644
--- gcc/ubsan.c
+++ gcc/ubsan.c
@@ -1438,6 +1438,7 @@ instrument_object_size (gimple_stmt_iterator *gsi, bool is_lhs)
location_t loc = gimple_location (stmt);
tree t = is_lhs ? gimple_get_lhs (stmt) : gimple_assign_rhs1 (stmt);
tree type;
+ tree index = NULL_TREE;
HOST_WIDE_INT size_in_bytes;
type = TREE_TYPE (t);
@@ -1456,6 +1457,8 @@ instrument_object_size (gimple_stmt_iterator *gsi, bool is_lhs)
}
break;
case ARRAY_REF:
+ index = TREE_OPERAND (t, 1);
+ break;
case INDIRECT_REF:
case MEM_REF:
case VAR_DECL:
@@ -1537,6 +1540,24 @@ instrument_object_size (gimple_stmt_iterator *gsi, bool is_lhs)
&& tree_int_cst_le (t, sizet))
return;
+ if (index != NULL_TREE
+ && TREE_CODE (index) == SSA_NAME
+ && TREE_CODE (sizet) == INTEGER_CST)
+ {
+ gimple def = SSA_NAME_DEF_STMT (index);
+ if (is_gimple_assign (def)
+ && gimple_assign_rhs_code (def) == BIT_AND_EXPR
+ && TREE_CODE (gimple_assign_rhs2 (def)) == INTEGER_CST)
+ {
+ tree cst = gimple_assign_rhs2 (def);
+ tree sz = fold_build2 (EXACT_DIV_EXPR, sizetype, sizet,
+ TYPE_SIZE_UNIT (type));
+ if (tree_int_cst_sgn (cst) >= 0
+ && tree_int_cst_lt (cst, sz))
+ return;
+ }
+ }
+
/* Nope. Emit the check. */
t = force_gimple_operand_gsi (gsi, t, true, NULL_TREE, true,
GSI_SAME_STMT);
Marek