From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from smtp-out2.suse.de (smtp-out2.suse.de [IPv6:2001:67c:2178:6::1d]) by sourceware.org (Postfix) with ESMTPS id 92B513858CDA for ; Tue, 28 Mar 2023 08:46:55 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 92B513858CDA Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=suse.de Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=suse.de Received: from relay2.suse.de (relay2.suse.de [149.44.160.134]) by smtp-out2.suse.de (Postfix) with ESMTP id AEE611F8A6; Tue, 28 Mar 2023 08:46:54 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.de; s=susede2_rsa; t=1679993214; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=AG7kecZASNFs3mxHGZuUwdiqWDFA58bDaVrttQcZstM=; b=TabuUda2ZKliHSQXt7rjduPHL1JucjImobxQlc9xJjCeIP+YPC/4ku8rgErtf3PW4Be6Gl w5y+V7g0Zc9KnM2xcgYixsT2tL17ze1jwSri5xTBr5qGy4eekkjjWaMe6NRr7TtFybHLHi ZLerYcYupZW5UC2IxzxnKhBVSq5jjD0= DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=suse.de; s=susede2_ed25519; t=1679993214; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=AG7kecZASNFs3mxHGZuUwdiqWDFA58bDaVrttQcZstM=; b=TvsDeKRiigoCz3+NilIBMuNDbEGfp8/DhWc0Ikw/1+H8KapbNfeUiP0PrbmFt1s+oR/dEC RBBCHQ53t5AbJ8Cg== Received: from wotan.suse.de (wotan.suse.de [10.160.0.1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by relay2.suse.de (Postfix) with ESMTPS id A1C322C141; Tue, 28 Mar 2023 08:46:54 +0000 (UTC) Date: Tue, 28 Mar 2023 08:46:54 +0000 (UTC) From: Richard Biener To: Jakub Jelinek cc: gcc-patches@gcc.gnu.org Subject: Re: [PATCH] sanopt: Return TODO_cleanup_cfg if any .{UB,HWA,A}SAN_* calls were lowered [PR106190] In-Reply-To: Message-ID: References: User-Agent: Alpine 2.22 (LSU 394 2020-01-19) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII X-Spam-Status: No, score=-5.0 required=5.0 tests=BAYES_00,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS,TXREP autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org List-Id: On Tue, 28 Mar 2023, Jakub Jelinek wrote: > Hi! > > The following testcase ICEs, because without optimization eh lowering > decides not to duplicate finally block of try/finally and so we end up > with variable guarded cleanup. The sanopt pass creates a cfg that ought > to be cleaned up (some IFN_UBSAN_* functions are lowered in this case with > constant conditions in gcond and when not allowing recovery some bbs which > end with noreturn calls actually have successor edges), but the cfg cleanup > is actually (it is -O0) done only during the optimized pass. We notice > there that the d[1][a] = 0; statement which has an EH edge is unreachable > (because ubsan would always abort on the out of bounds d[1] access), remove > the EH landing pad and block, but because that block just sets a variable > and jumps to another one which tests that variable and that one is reachable > from normal control flow, the __builtin_eh_pointer (1) later in there is > kept in the IL and we ICE during expansion of that statement because the > EH region has been removed. > > The following patch fixes it by doing the cfg cleanup already during > sanopt pass if we create something that might need it, while the EH > landing pad is then removed already during sanopt pass, there is ehcleanup > later and we don't ICE anymore. > > Bootstrapped/regtested on x86_64-linux and i686-linux, ok for trunk? OK. Richard. > 2023-03-28 Jakub Jelinek > > PR middle-end/106190 > * sanopt.cc (pass_sanopt::execute): Return TODO_cleanup_cfg if any > of the IFN_{UB,HWA,A}SAN_* internal fns are lowered. > > * gcc.dg/asan/pr106190.c: New test. > > --- gcc/sanopt.cc.jj 2023-02-15 09:23:27.832389821 +0100 > +++ gcc/sanopt.cc 2023-03-27 16:00:23.758621014 +0200 > @@ -1300,6 +1300,7 @@ pass_sanopt::execute (function *fun) > basic_block bb; > int asan_num_accesses = 0; > bool contains_asan_mark = false; > + int ret = 0; > > /* Try to remove redundant checks. */ > if (optimize > @@ -1352,6 +1353,7 @@ pass_sanopt::execute (function *fun) > if (gimple_call_internal_p (stmt)) > { > enum internal_fn ifn = gimple_call_internal_fn (stmt); > + int this_ret = TODO_cleanup_cfg; > switch (ifn) > { > case IFN_UBSAN_NULL: > @@ -1387,8 +1389,10 @@ pass_sanopt::execute (function *fun) > no_next = hwasan_expand_mark_ifn (&gsi); > break; > default: > + this_ret = 0; > break; > } > + ret |= this_ret; > } > else if (gimple_call_builtin_p (stmt, BUILT_IN_NORMAL)) > { > @@ -1418,7 +1422,7 @@ pass_sanopt::execute (function *fun) > if (need_commit_edge_insert) > gsi_commit_edge_inserts (); > > - return 0; > + return ret; > } > > } // anon namespace > --- gcc/testsuite/gcc.dg/asan/pr106190.c.jj 2023-03-27 16:50:15.685501029 +0200 > +++ gcc/testsuite/gcc.dg/asan/pr106190.c 2023-03-27 16:51:25.187499082 +0200 > @@ -0,0 +1,15 @@ > +/* PR middle-end/106190 */ > +/* { dg-do compile } */ > +/* { dg-options "-fnon-call-exceptions -fsanitize=address,undefined -fno-sanitize-recover=all" } */ > + > +int > +main () > +{ > + int a; > + int *b[1]; > + int c[10]; > + int d[1][1]; > + for (a = 0; a < 1; a++) > + d[1][a] = 0; > + return 0; > +} > > Jakub > > -- Richard Biener SUSE Software Solutions Germany GmbH, Frankenstrasse 146, 90461 Nuernberg, Germany; GF: Ivo Totev, Andrew Myers, Andrew McDonald, Boudien Moerman; HRB 36809 (AG Nuernberg)