From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <uros@sourceware.org>
Received: by sourceware.org (Postfix, from userid 1363)
	id 7E2F33849AF3; Wed, 24 Apr 2024 14:39:58 +0000 (GMT)
DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 7E2F33849AF3
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gcc.gnu.org;
	s=default; t=1713969598;
	bh=T5EScQ7jVWNnzYyNyLVyJhd3VVaxmUcWKMbQvs5S10c=;
	h=From:To:Subject:Date:From;
	b=wCuHZPP67Ft9HeiAvrvxoMH3C9416Oe5cjbijIXQiAGUHmqXw9BLtQxS0Zu99pjbu
	 3T5F0xaLe/XlCiRFFBdwx9Z2Ri4ibdBP4sZNoXt0Fld9wzNeI1N2eEY54pVJDmxNQO
	 ZsOBajBVCCQoSY/TTH1ut/+XWhBG5ED6BbLLMmSY=
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="utf-8"
From: Uros Bizjak <uros@gcc.gnu.org>
To: gcc-cvs@gcc.gnu.org
Subject: [gcc r11-11351] ubsan: Don't -fsanitize=null instrument __seg_fs/gs
 pointers [PR111736]
X-Act-Checkin: gcc
X-Git-Author: Jakub Jelinek <jakub@redhat.com>
X-Git-Refname: refs/heads/releases/gcc-11
X-Git-Oldrev: b4e1aee01a2fa617cf74ab04cf0ab574761aaaea
X-Git-Newrev: 624c3bb9ff762f196852dc77233610d1cdf7d7be
Message-Id: <20240424143958.7E2F33849AF3@sourceware.org>
Date: Wed, 24 Apr 2024 14:39:58 +0000 (GMT)
List-Id: <gcc-cvs.sourceware.org>

https://gcc.gnu.org/g:624c3bb9ff762f196852dc77233610d1cdf7d7be

commit r11-11351-g624c3bb9ff762f196852dc77233610d1cdf7d7be
Author: Jakub Jelinek <jakub@redhat.com>
Date:   Fri Mar 22 09:23:44 2024 +0100

    ubsan: Don't -fsanitize=null instrument __seg_fs/gs pointers [PR111736]
    
    On x86 and avr some address spaces allow 0 pointers (on avr actually
    even generic as, but libsanitizer isn't ported to it and
    I'm not convinced we should completely kill -fsanitize=null in that
    case).
    The following patch makes sure those aren't diagnosed for -fsanitize=null,
    though they are still sanitized for -fsanitize=alignment.
    
    2024-03-22  Jakub Jelinek  <jakub@redhat.com>
    
    gcc/ChangeLog:
    
            PR sanitizer/111736
            * ubsan.c (ubsan_expand_null_ifn, instrument_mem_ref): Avoid
            SANITIZE_NULL instrumentation for non-generic address spaces
            for which targetm.addr_space.zero_address_valid (as) is true.
    
    gcc/testsuite/ChangeLog:
    
            * gcc.dg/ubsan/pr111736.c: New test.
    
    (cherry picked from commit ddd4a3ca87410886b039cc225907b4f6e650082e)

Diff:
---
 gcc/testsuite/gcc.dg/ubsan/pr111736.c | 23 +++++++++++++++++++++++
 gcc/ubsan.c                           | 19 +++++++++++++++++--
 2 files changed, 40 insertions(+), 2 deletions(-)

diff --git a/gcc/testsuite/gcc.dg/ubsan/pr111736.c b/gcc/testsuite/gcc.dg/ubsan/pr111736.c
new file mode 100644
index 00000000000..359b31828f0
--- /dev/null
+++ b/gcc/testsuite/gcc.dg/ubsan/pr111736.c
@@ -0,0 +1,23 @@
+/* PR sanitizer/111736 */
+/* { dg-do compile { target i?86-*-* x86_64-*-* } } */
+/* { dg-options "-fsanitize=null,alignment -fdump-tree-optimized -ffat-lto-objects" } */
+/* { dg-final { scan-tree-dump-times "__ubsan_handle_type_mismatch" 1 "optimized" } } */
+/* { dg-final { scan-tree-dump-not "p_\[0-9]*.D. \[=!]= 0" "optimized" } } */
+
+#ifdef __x86_64__
+#define SEG __seg_fs
+#else
+#define SEG __seg_gs
+#endif
+
+int
+foo (int SEG *p, int *q)
+{
+  return *p;
+}
+
+__attribute__((no_sanitize("alignment"))) int
+bar (int SEG *p, int *q)
+{
+  return *p;
+}
diff --git a/gcc/ubsan.c b/gcc/ubsan.c
index 04e8c1552a7..2b12651b440 100644
--- a/gcc/ubsan.c
+++ b/gcc/ubsan.c
@@ -49,6 +49,7 @@ along with GCC; see the file COPYING3.  If not see
 #include "tree-cfg.h"
 #include "gimple-fold.h"
 #include "varasm.h"
+#include "target.h"
 
 /* Map from a tree to a VAR_DECL tree.  */
 
@@ -784,6 +785,13 @@ ubsan_expand_null_ifn (gimple_stmt_iterator *gsip)
 	}
     }
   check_null = sanitize_flags_p (SANITIZE_NULL);
+  if (check_null && POINTER_TYPE_P (TREE_TYPE (ptr)))
+    {
+      addr_space_t as = TYPE_ADDR_SPACE (TREE_TYPE (TREE_TYPE (ptr)));
+      if (!ADDR_SPACE_GENERIC_P (as)
+	  && targetm.addr_space.zero_address_valid (as))
+	check_null = false;
+    }
 
   if (check_align == NULL_TREE && !check_null)
     {
@@ -1375,8 +1383,15 @@ instrument_mem_ref (tree mem, tree base, gimple_stmt_iterator *iter,
       if (align <= 1)
 	align = 0;
     }
-  if (align == 0 && !sanitize_flags_p (SANITIZE_NULL))
-    return;
+  if (align == 0)
+    {
+      if (!sanitize_flags_p (SANITIZE_NULL))
+	return;
+      addr_space_t as = TYPE_ADDR_SPACE (TREE_TYPE (base));
+      if (!ADDR_SPACE_GENERIC_P (as)
+	  && targetm.addr_space.zero_address_valid (as))
+	return;
+    }
   tree t = TREE_OPERAND (base, 0);
   if (!POINTER_TYPE_P (TREE_TYPE (t)))
     return;