[Bug sanitizer/81715] asan-stack=1 redzone allocation is too inflexible
jakub at gcc dot gnu.org
gcc-bugzilla@gcc.gnu.org
Wed Sep 20 12:17:00 GMT 2017
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=81715
--- Comment #11 from Jakub Jelinek <jakub at gcc dot gnu.org> ---
(In reply to Arnd Bergmann from comment #10)
> As far as I can tell, gcc doesn't merge stack slots that came from inline
> functions, as in comment 1, or this example:
>
> void baz (int *, int *, int *, int *, int *, int *);
> static inline void foo (int a, int b, int c, int d, int e, int f)
> {
> baz (&a, &b, &c, &d, &e, &f);
> }
> void
> bar (int a, int b, int c, int d, int e, int f)
> {
> foo (a, b, c, d, e, f);
> foo (a, b, c, d, e, f);
> foo (a, b, c, d, e, f);
> foo (a, b, c, d, e, f);
> foo (a, b, c, d, e, f);
> foo (a, b, c, d, e, f);
> foo (a, b, c, d, e, f);
> foo (a, b, c, d, e, f);
> }
>
> The frame sizes I see here are
>
> gcc-8 -O2: 192 bytes
> gcc-8 -O2 -fsanitize=address: 3120 bytes
> gcc-8 -O2 -fsanitize=kernel-address: 192 bytes
> gcc-8 -O2 -fsanitize=address asan-stack=0: 192 bytes
> gcc-8 -O2 -fsanitize=kernel-address asan-stack=1: 3120 bytes
> clang -O2: 72 bytes
> clang -O2 -fsanitize=address: 88 bytes
> clang -O2 -fsanitize=kernel-address: 888 bytes
> clang -O2 -fsanitize=address asan-stack=0: 104 bytes
> clang -O2 -fsanitize=kernel-address asan-stack=0: 104 bytes
>
> (note: clang -fsanitize=kernel-address defaults to asan-stack=1, while gcc
> defaults to asan-stack=0. gcc-5 and gcc-8 have identical output).
That is unrelated to sanitization, we don't merge them with just -O2 either.
We do handle:
void baz (int *, int *, int *, int *, int *, int *);
static inline void foo (int a, int b, int c, int d, int e, int f)
{
int a2 = a, b2 = b, c2 = c, d2 = d, e2 = e, f2 = f;
baz (&a2, &b2, &c2, &d2, &e2, &f2);
}
void
bar (int a, int b, int c, int d, int e, int f)
{
foo (a, b, c, d, e, f);
foo (a, b, c, d, e, f);
foo (a, b, c, d, e, f);
foo (a, b, c, d, e, f);
foo (a, b, c, d, e, f);
foo (a, b, c, d, e, f);
foo (a, b, c, d, e, f);
foo (a, b, c, d, e, f);
}
though; the problem is that while for this testcase we have CLOBBER stmts for
the addressable variables, when inlining a function which has addressable
arguments the inliner doesn't add CLOBBER stmts for the arguments turned into
variables. Let me fix that.
More information about the Gcc-bugs
mailing list