From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: by sourceware.org (Postfix, from userid 2140) id 0FB873858C5E; Tue, 10 Oct 2023 04:14:28 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 0FB873858C5E DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gcc.gnu.org; s=default; t=1696911268; bh=PquW0nxXi3MCCd4nqQyPxxeK7UKqGMJx41cZvrGEjGE=; h=From:To:Subject:Date:From; b=tfyzzU/RzpIQnfnFZIx49ZkTJlOhe2z8OdX7W2oPCmGfAq69L3VoD1xD4+VlQH6LW zvgyJxgUKyqeGV2qSCLcQY1mfVAAO076K5TZN150TQtLK8Wvf3DMUjC9Wp8R5FpK+N F4R0uccDRBubwVViFIapL8V/40K4Ep1235uQgUXE= Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: Alexandre Oliva To: gcc-cvs@gcc.gnu.org Subject: [gcc(refs/users/aoliva/heads/testme)] hardcfr: check excess visited bits X-Act-Checkin: gcc X-Git-Author: Alexandre Oliva X-Git-Refname: refs/users/aoliva/heads/testme X-Git-Oldrev: d969d4f1a661803800e9b50d7f9ca0472aaa934a X-Git-Newrev: c16b8011e0035cee5024749ccf326456f0ab464f Message-Id: <20231010041428.0FB873858C5E@sourceware.org> Date: Tue, 10 Oct 2023 04:14:28 +0000 (GMT) List-Id: https://gcc.gnu.org/g:c16b8011e0035cee5024749ccf326456f0ab464f commit c16b8011e0035cee5024749ccf326456f0ab464f Author: Alexandre Oliva Date: Sat Oct 7 01:01:22 2023 -0300 hardcfr: check excess visited bits Diff: --- gcc/gimple-harden-control-flow.cc | 8 +++++- libgcc/hardcfr.c | 51 +++++++++++++++++++++++++++------------ 2 files changed, 43 insertions(+), 16 deletions(-) diff --git a/gcc/gimple-harden-control-flow.cc b/gcc/gimple-harden-control-flow.cc index 05878c97843..5c28fd07f33 100644 --- a/gcc/gimple-harden-control-flow.cc +++ b/gcc/gimple-harden-control-flow.cc @@ -493,7 +493,13 @@ class rt_bb_visited if (bitp) { unsigned bit = idx % vword_bits; - if (BITS_BIG_ENDIAN) + /* We don't need to adjust shifts to follow native bit + endianness here, all of our uses of the CFG and visited + bitmaps, whether at compile or runtime, are shifted bits on + full words. This adjustment here would require a + corresponding adjustment at runtime, which would be nothing + but undesirable overhead for us. */ + if (0 /* && BITS_BIG_ENDIAN */) bit = vword_bits - bit - 1; wide_int wbit = wi::set_bit_in_zero (bit, vword_bits); *bitp = wide_int_to_tree (vword_type, wbit); diff --git a/libgcc/hardcfr.c b/libgcc/hardcfr.c index 55f6b995f2f..7496095b866 100644 --- a/libgcc/hardcfr.c +++ b/libgcc/hardcfr.c @@ -32,7 +32,7 @@ see the files COPYING3 and COPYING.RUNTIME respectively. If not, see /* This should be kept in sync with gcc/gimple-harden-control-flow.cc. */ #if __CHAR_BIT__ >= 28 # define VWORDmode __QI__ -#elif __CHHAR_BIT__ >= 14 +#elif __CHAR_BIT__ >= 14 # define VWORDmode __HI__ #else # define VWORDmode __SI__ @@ -81,6 +81,19 @@ visited_p (size_t const block, vword const *const visited) return (w & mask) != 0; } +/* Check whether any VISITED bits that would correspond to blocks after BLOCKS + are set. */ +static inline bool +excess_bits_set_p (size_t const blocks, vword const *const visited) +{ + vword mask; + size_t wordidx; + block2mask (blocks - 1, &mask, &wordidx); + mask = -mask - mask; + vword w = visited[wordidx]; + return (w & mask) != 0; +} + /* Read and consume a mask from **CFG_IT. (Consume meaning advancing the iterator to the next word). If the mask is zero, return FALSE. Otherwise, also read and consume an index, and set *MASK and/or *WORDIDX, whichever are @@ -195,38 +208,43 @@ __hardcfr_debug_cfg (size_t const blocks, */ static inline void __hardcfr_check_fail (size_t const blocks ATTRIBUTE_UNUSED, - vword const *const visited, + vword const *const visited ATTRIBUTE_UNUSED, vword const *const cfg ATTRIBUTE_UNUSED, size_t const block ATTRIBUTE_UNUSED, int const part ATTRIBUTE_UNUSED, void const *const caller ATTRIBUTE_UNUSED) { #if HARDCFR_VERBOSE_FAIL - static const char *parts[] = { "preds", "succs" }; + static const char *parts[] = { "preds", "succs", "no excess" }; vword mask; size_t wordidx; block2mask (block, &mask, &wordidx); + if (part == 2) + mask = -mask - mask; __builtin_printf ("hardcfr fail at %p block %lu (%lu/0x%lx), expected %s:", caller, (unsigned long)block, (unsigned long)wordidx, (unsigned long)mask, parts[part]); - /* Skip data for previous blocks. */ - vword const *cfg_it = cfg; - for (size_t i = block; i--; ) + if (part != 2) { - consume_seq (&cfg_it); - consume_seq (&cfg_it); - } - for (size_t i = part; i--; ) - consume_seq (&cfg_it); + /* Skip data for previous blocks. */ + vword const *cfg_it = cfg; + for (size_t i = block; i--; ) + { + consume_seq (&cfg_it); + consume_seq (&cfg_it); + } + for (size_t i = part; i--; ) + consume_seq (&cfg_it); - while (next_pair (&cfg_it, &mask, &wordidx)) - __builtin_printf (" (%lu/0x%lx)", - (unsigned long)wordidx, (unsigned long)mask); + while (next_pair (&cfg_it, &mask, &wordidx)) + __builtin_printf (" (%lu/0x%lx)", + (unsigned long)wordidx, (unsigned long)mask); + } __builtin_printf ("\nvisited:"); - block2mask (blocks, &mask, &wordidx); + block2mask (blocks - 1, &mask, &wordidx); for (size_t i = 0; i <= wordidx; i++) __builtin_printf (" (%lu/0x%lx)", (unsigned long)i, (unsigned long)visited[i]); @@ -276,4 +294,7 @@ __hardcfr_check (size_t const blocks, __builtin_return_address (0)); } } + if (excess_bits_set_p (blocks, visited)) + __hardcfr_check_fail (blocks, visited, cfg, blocks - 1, 2, + __builtin_return_address (0)); }