This is the mail archive of the
gcc-patches@gcc.gnu.org
mailing list for the GCC project.
[committed] Fix ICE in asan_clear_shadow (PR sanitizer/88291)
- From: Jakub Jelinek <jakub at redhat dot com>
- To: Martin Liška <mliska at suse dot cz>
- Cc: gcc-patches at gcc dot gnu dot org, arnd at linaro dot org
- Date: Sun, 2 Dec 2018 13:45:58 +0100
- Subject: [committed] Fix ICE in asan_clear_shadow (PR sanitizer/88291)
- References: <81ed697e-5dfb-be1a-cc3b-db93eb132b86@suse.cz> <20180925155325.GG8250@tucnak> <064bfab8-2d32-c1ba-7440-456d573347a8@suse.cz> <20181128114148.GY12380@tucnak> <9ecf5503-a919-1c1d-b88f-d049979848d8@suse.cz> <20181129151730.GM12380@tucnak> <2bbba0d0-e4a7-8d29-5f76-15da053cc786@suse.cz> <20181129164650.GQ12380@tucnak> <76d386fe-68a5-068c-111c-d3d5dc7a8b32@suse.cz> <20181201073641.GL12380@tucnak>
- Reply-to: Jakub Jelinek <jakub at redhat dot com>
Hi!
On Sat, Dec 01, 2018 at 08:36:41AM +0100, Jakub Jelinek wrote:
> I'm still seeing some regressions, ICEs like:
> FAIL: c-c++-common/asan/clone-test-1.c -O1 (internal compiler error)
> FAIL: c-c++-common/asan/clone-test-1.c -O1 (test for excess errors)
And here is a fix for that. It didn't trigger pretty much all the time
just because the assert in asan_clear_shadow has been added to an uncommon
spot, where clear_storage emits a libcall.
The patch makes sure that the offset is aligned to ASAN_RED_ZONE_SIZE
downward and size is padded up to make it a multiple of ASAN_RED_ZONE_SIZE
too. E.g. on x86_64-linux we can emit rep; stosl instead of rep; stosb
this way etc.
Bootstrapped/regtested on x86_64-linux, i686-linux, powerpc64{,-le}-linux,
committed to trunk to unbreak asan on powerpc64.
2018-12-02 Jakub Jelinek <jakub@redhat.com>
PR sanitizer/88291
* asan.c (asan_clear_shadow): Move assert that len is multiple of 4
to the start of the function.
(asan_emit_stack_protection): When emitting clearing sequence for
epilogue, align offset down to ASAN_RED_ZONE_SIZE granularity,
add last_size_aligned which is last_size padded to multiples of
ASAN_RED_ZONE_SIZE and emit asan_clear_shadow always on 4 byte
boundaries.
* c-c++-common/asan/pr88291.c: New test.
--- gcc/asan.c.jj 2018-12-01 08:31:30.000000000 +0100
+++ gcc/asan.c 2018-12-01 11:41:11.860166400 +0100
@@ -1165,6 +1165,7 @@ asan_clear_shadow (rtx shadow_mem, HOST_
rtx_code_label *top_label;
rtx end, addr, tmp;
+ gcc_assert ((len & 3) == 0);
start_sequence ();
clear_storage (shadow_mem, GEN_INT (len), BLOCK_OP_NORMAL);
insns = get_insns ();
@@ -1178,7 +1179,6 @@ asan_clear_shadow (rtx shadow_mem, HOST_
return;
}
- gcc_assert ((len & 3) == 0);
top_label = gen_label_rtx ();
addr = copy_to_mode_reg (Pmode, XEXP (shadow_mem, 0));
shadow_mem = adjust_automodify_address (shadow_mem, SImode, addr, 0);
@@ -1375,7 +1375,7 @@ asan_emit_stack_protection (rtx base, rt
HOST_WIDE_INT base_offset = offsets[length - 1];
HOST_WIDE_INT base_align_bias = 0, offset, prev_offset;
HOST_WIDE_INT asan_frame_size = offsets[0] - base_offset;
- HOST_WIDE_INT last_offset, last_size;
+ HOST_WIDE_INT last_offset, last_size, last_size_aligned;
int l;
unsigned char cur_shadow_byte = ASAN_STACK_MAGIC_LEFT;
tree str_cst, decl, id;
@@ -1628,20 +1628,23 @@ asan_emit_stack_protection (rtx base, rt
prev_offset = base_offset;
last_offset = base_offset;
last_size = 0;
+ last_size_aligned = 0;
for (l = length; l; l -= 2)
{
offset = base_offset + ((offsets[l - 1] - base_offset)
- & ~(ASAN_MIN_RED_ZONE_SIZE - HOST_WIDE_INT_1));
- if (last_offset + last_size != offset)
+ & ~(ASAN_RED_ZONE_SIZE - HOST_WIDE_INT_1));
+ if (last_offset + last_size_aligned < offset)
{
shadow_mem = adjust_address (shadow_mem, VOIDmode,
(last_offset - prev_offset)
>> ASAN_SHADOW_SHIFT);
prev_offset = last_offset;
- asan_clear_shadow (shadow_mem, last_size >> ASAN_SHADOW_SHIFT);
+ asan_clear_shadow (shadow_mem, last_size_aligned >> ASAN_SHADOW_SHIFT);
last_offset = offset;
last_size = 0;
}
+ else
+ last_size = offset - last_offset;
last_size += base_offset + ((offsets[l - 2] - base_offset)
& ~(ASAN_MIN_RED_ZONE_SIZE - HOST_WIDE_INT_1))
- offset;
@@ -1667,13 +1670,16 @@ asan_emit_stack_protection (rtx base, rt
last_size += size & ~(ASAN_MIN_RED_ZONE_SIZE - HOST_WIDE_INT_1);
}
}
+ last_size_aligned
+ = ((last_size + (ASAN_RED_ZONE_SIZE - HOST_WIDE_INT_1))
+ & ~(ASAN_RED_ZONE_SIZE - HOST_WIDE_INT_1));
}
- if (last_size)
+ if (last_size_aligned)
{
shadow_mem = adjust_address (shadow_mem, VOIDmode,
(last_offset - prev_offset)
>> ASAN_SHADOW_SHIFT);
- asan_clear_shadow (shadow_mem, last_size >> ASAN_SHADOW_SHIFT);
+ asan_clear_shadow (shadow_mem, last_size_aligned >> ASAN_SHADOW_SHIFT);
}
/* Clean-up set with instrumented stack variables. */
--- gcc/testsuite/c-c++-common/asan/pr88291.c.jj 2018-12-01 11:34:42.448549265 +0100
+++ gcc/testsuite/c-c++-common/asan/pr88291.c 2018-12-01 11:29:49.561348917 +0100
@@ -0,0 +1,14 @@
+/* PR sanitizer/88291 */
+/* { dg-do compile } */
+/* { dg-options "-fsanitize=address -Os" } */
+/* { dg-additional-options "-mstringop-strategy=libcall" { target i?86-*-* x86_64-*-* } } */
+
+void bar (void *, void *);
+
+void
+foo (void)
+{
+ int b;
+ char __attribute__((aligned(16))) a[(1 << 20) + 1];
+ bar (&a, &b);
+}
Jakub