From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <SRS0=1PXw=K7=redhat.com=jakub@sourceware.org>
Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124])
	by sourceware.org (Postfix) with ESMTPS id 8345E3858D33
	for <gcc-patches@gcc.gnu.org>; Mon, 25 Mar 2024 12:51:39 +0000 (GMT)
DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 8345E3858D33
Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=redhat.com
Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=redhat.com
ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 8345E3858D33
Authentication-Results: server2.sourceware.org; arc=none smtp.remote-ip=170.10.129.124
ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1711371101; cv=none;
	b=TX2aVEHt6bc11DWTrZ8RGYrSg/B0QBXgWMM74wMqOv3C+aTQV4kXV+EY/O8j4x5EDtD5WjkyxKMUoV0BqvrzcZlyWO3oOvM6ixJBhpTTBT1gs/cEatQGR/aPZQY2tWSbZypk0Kfn2PzsE/YRfK5o+UbOtIth5RnGv1RQ2TSxgWU=
ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key;
	t=1711371101; c=relaxed/simple;
	bh=0FSCLE85nIw+n+I3WFCX9popGhsCclW/BwIFIck3Q+s=;
	h=DKIM-Signature:Date:From:To:Subject:Message-ID:MIME-Version; b=ZkqmgLDx4gUULyDv+93yqM5p6EFAgAUPP75X5pzpz587N7VXHjQxb7+6ELwL0mSclRhD1akniTjNwkA33jaRaKxzkssdBcoWJ+YL+A/SB09KcT3bNxQxVC6yiR+yQ3CdrR3QNu2oQu3rU1xvm1Q8op6qUIlAZNbsYDO6wXkqiXs=
ARC-Authentication-Results: i=1; server2.sourceware.org
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
	s=mimecast20190719; t=1711371099;
	h=from:from:reply-to:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:cc:mime-version:mime-version:
	 content-type:content-type:in-reply-to:in-reply-to:  references:references;
	bh=aKPl/Tg6PS/F/10x9I7AGJHrOAtY1dO8Zw7vPS5+MtE=;
	b=X0byR4C/8F4LyQApg+VWpj9gi7s5/B4qIWKvfEFQNKsdyXRTUqn4uicQPiwQ6asj59BO/E
	FTtvc3L2XL/NRh+OkzrK1lj/0kKySYjh6RbDzoY32kELikSTmpCXNoqi+Qf6KVP3jOCpfn
	Fm1yYxQJ5OhnpSc98xz9K52qON3vJds=
Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com
 [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id
 us-mta-361-brY9jLzqOcijeA7lr1nbuQ-1; Mon, 25 Mar 2024 08:51:37 -0400
X-MC-Unique: brY9jLzqOcijeA7lr1nbuQ-1
Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.rdu2.redhat.com [10.11.54.2])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256)
	(No client certificate requested)
	by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 79FEC101A56C;
	Mon, 25 Mar 2024 12:51:37 +0000 (UTC)
Received: from tucnak.zalov.cz (unknown [10.39.192.57])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id EF1FD40C6DAE;
	Mon, 25 Mar 2024 12:51:36 +0000 (UTC)
Received: from tucnak.zalov.cz (localhost [127.0.0.1])
	by tucnak.zalov.cz (8.17.1/8.17.1) with ESMTPS id 42PCpENg282375
	(version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384 bits=256 verify=NOT);
	Mon, 25 Mar 2024 13:51:14 +0100
Received: (from jakub@localhost)
	by tucnak.zalov.cz (8.17.1/8.17.1/Submit) id 42PCpDw3282374;
	Mon, 25 Mar 2024 13:51:13 +0100
Date: Mon, 25 Mar 2024 13:51:12 +0100
From: Jakub Jelinek <jakub@redhat.com>
To: liuhongt <hongtao.liu@intel.com>
Cc: gcc-patches@gcc.gnu.org, crazylht@gmail.com, hjl.tools@gmail.com
Subject: Re: [PATCH] sanitizer: [PR110027] Align asan_vec[0] to MAX (alignb,
 ASAN_RED_ZONE_SIZE)
Message-ID: <ZgFzQLtmPffEK+93@tucnak>
Reply-To: Jakub Jelinek <jakub@redhat.com>
References: <20240312115759.4067084-1-hongtao.liu@intel.com>
MIME-Version: 1.0
In-Reply-To: <20240312115759.4067084-1-hongtao.liu@intel.com>
X-Scanned-By: MIMEDefang 3.4.1 on 10.11.54.2
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
X-Spam-Status: No, score=-9.4 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,GIT_PATCH_0,RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H4,RCVD_IN_MSPIKE_WL,SPF_HELO_NONE,SPF_NONE,TXREP autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org
List-Id: <gcc-patches.gcc.gnu.org>

On Tue, Mar 12, 2024 at 07:57:59PM +0800, liuhongt wrote:
> if alignb > ASAN_RED_ZONE_SIZE and offset[0] is not multiple of
> alignb. (base_align_bias - base_offset) may not aligned to alignb, and
> caused segement fault.
> 
> Bootstrapped and regtested on x86_64-linux-gnu{-m32,}.
> Ok for trunk and backport to GCC13?
> 
> gcc/ChangeLog:
> 
> 	PR sanitizer/110027
> 	* cfgexpand.cc (expand_stack_vars): Align frame offset to
> 	MAX (alignb, ASAN_RED_ZONE_SIZE).
> 
> gcc/testsuite/ChangeLog:
> 
> 	* g++.dg/asan/pr110027.C: New test.
> ---
>  gcc/cfgexpand.cc                     |  2 +-
>  gcc/testsuite/g++.dg/asan/pr110027.C | 20 ++++++++++++++++++++
>  2 files changed, 21 insertions(+), 1 deletion(-)
>  create mode 100644 gcc/testsuite/g++.dg/asan/pr110027.C
> 
> diff --git a/gcc/cfgexpand.cc b/gcc/cfgexpand.cc
> index 0de299c62e3..92062378d8e 100644
> --- a/gcc/cfgexpand.cc
> +++ b/gcc/cfgexpand.cc
> @@ -1214,7 +1214,7 @@ expand_stack_vars (bool (*pred) (size_t), class stack_vars_data *data)
>  	    {
>  	      if (data->asan_vec.is_empty ())
>  		{
> -		  align_frame_offset (ASAN_RED_ZONE_SIZE);
> +		  align_frame_offset (MAX (alignb, ASAN_RED_ZONE_SIZE));
>  		  prev_offset = frame_offset.to_constant ();
>  		}
>  	      prev_offset = align_base (prev_offset,

This doesn't look correct to me.
The above is done just once for the first var partition.  And
var partitions are sorted by stack_var_cmp, which puts > MAX_SUPPORTED_STACK_ALIGNMENT
alignment vars first (that should be none on x86, the above is quite huge
alignment), then on size decreasing and only after that on alignment
decreasing.

So, try to add some other variable with larger size and smaller alignment
to the frame (and make sure it isn't optimized away).

alignb above is the alignment of the first partition's var, if
align_frame_offset really needs to depend on the var alignment, it probably
should be the maximum alignment of all the vars with alignment
alignb * BITS_PER_UNIT <= MAX_SUPPORTED_STACK_ALIGNMENT

> diff --git a/gcc/testsuite/g++.dg/asan/pr110027.C b/gcc/testsuite/g++.dg/asan/pr110027.C
> new file mode 100644
> index 00000000000..0067781bc89
> --- /dev/null
> +++ b/gcc/testsuite/g++.dg/asan/pr110027.C
> @@ -0,0 +1,20 @@
> +/* PR sanitizer/110027 */
> +/* { dg-do run } */
> +/* { dg-require-effective-target avx512f_runtime } */
> +/* { dg-options "-std=gnu++23 -mavx512f -fsanitize=address -O0 -g -fstack-protector-strong" } */
> +
> +#include <cstddef>
> +#include <cstdint>
> +
> +template <ptrdiff_t W, typename T>
> +using Vec [[gnu::vector_size(W * sizeof(T))]] = T;
> +
> +auto foo() {
> +  Vec<8, int64_t> ret{};
> +  return ret;
> +}
> +
> +int main() {
> +  foo();
> +  return 0;
> +}
> -- 
> 2.31.1

	Jakub