[Bug sanitizer/81715] asan-stack=1 redzone allocation is too inflexible

jakub at gcc dot gnu.org gcc-bugzilla@gcc.gnu.org
Wed Sep 20 12:17:00 GMT 2017 

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=81715

--- Comment #11 from Jakub Jelinek <jakub at gcc dot gnu.org> ---
(In reply to Arnd Bergmann from comment #10)
> As far as I can tell, gcc doesn't merge stack slots that came from inline
> functions, as in comment 1, or this example:
> 
> void baz (int *, int *, int *, int *, int *, int *);
> static inline void foo (int a, int b, int c, int d, int e, int f)
> {
>     baz (&a, &b, &c, &d, &e, &f);
> }
> void
> bar (int a, int b, int c, int d, int e, int f)
> {
>     foo (a, b, c, d, e, f);
>     foo (a, b, c, d, e, f);
>     foo (a, b, c, d, e, f);
>     foo (a, b, c, d, e, f);
>     foo (a, b, c, d, e, f);
>     foo (a, b, c, d, e, f);
>     foo (a, b, c, d, e, f);
>     foo (a, b, c, d, e, f);
> }
> 
> The frame sizes I see here are
> 
> gcc-8 -O2:                                            192 bytes
> gcc-8 -O2 -fsanitize=address:                        3120 bytes
> gcc-8 -O2 -fsanitize=kernel-address:                  192 bytes
> gcc-8 -O2 -fsanitize=address asan-stack=0:            192 bytes
> gcc-8 -O2 -fsanitize=kernel-address asan-stack=1:    3120 bytes
> clang -O2:                                             72 bytes
> clang -O2 -fsanitize=address:                          88 bytes
> clang -O2 -fsanitize=kernel-address:                  888 bytes
> clang -O2 -fsanitize=address asan-stack=0:            104 bytes
> clang -O2 -fsanitize=kernel-address asan-stack=0:     104 bytes
> 
> (note: clang -fsanitize=kernel-address defaults to asan-stack=1, while gcc
> defaults to asan-stack=0. gcc-5 and gcc-8 have identical output).

That is unrelated to sanitization, we don't merge them with just -O2 either.
We do handle:
void baz (int *, int *, int *, int *, int *, int *);
static inline void foo (int a, int b, int c, int d, int e, int f)
{
    int a2 = a, b2 = b, c2 = c, d2 = d, e2 = e, f2 = f;
    baz (&a2, &b2, &c2, &d2, &e2, &f2);
}
void
bar (int a, int b, int c, int d, int e, int f)
{
    foo (a, b, c, d, e, f);
    foo (a, b, c, d, e, f);
    foo (a, b, c, d, e, f);
    foo (a, b, c, d, e, f);
    foo (a, b, c, d, e, f);
    foo (a, b, c, d, e, f);
    foo (a, b, c, d, e, f);
    foo (a, b, c, d, e, f);
}
though; the problem is that while for this testcase we have CLOBBER stmts for
the addressable variables, when inlining a function which has addressable
arguments the inliner doesn't add CLOBBER stmts for the arguments turned into
variables.  Let me fix that.

More information about the Gcc-bugs mailing list