-f{no-sanitize,{,no-}sanitize-recover}=all support

Message ID	20150105220238.GC1667@tucnak.redhat.com
State	New
Headers	show Return-Path: <gcc-patches-return-388350-incoming=patchwork.ozlabs.org@gcc.gnu.org> DomainKey-Signature: a=rsa-sha1; c=nofws; d=gcc.gnu.org; h=list-id :list-unsubscribe:list-archive:list-post:list-help:sender:date :from:to:cc:subject:message-id:reply-to:references:mime-version :content-type:in-reply-to; q=dns; s=default; b=h908Rn9mnOqUmMa+1 4F26XpLNVN8gR1uS5/NhBWLw2hOfHvO2+8faF8E/suu8REYoyE+o9Jd0aXwFoyMD UOUqReiSyVNk1sZT8SUsoVh0GpuqvwkTgFwYKZXrLIRud5MSjgMrR27YOQ0mo3ev nj700fysbWFyMKbfD65UtmLKb0= Mailing-List: contact gcc-patches-help@gcc.gnu.org; run by ezmlm Precedence: bulk Sender: gcc-patches-owner@gcc.gnu.org Date: Mon, 5 Jan 2015 23:02:38 +0100 From: Jakub Jelinek <jakub@redhat.com> To: Jeff Law <law@redhat.com> Cc: Richard Biener <rguenther@suse.de>, Dodji Seketeli <dseketel@redhat.com>, Alexey Samsonov <samsonov@google.com>, Yury Gribov <y.gribov@samsung.com>, Marek Polacek <polacek@redhat.com>, GCC Patches <gcc-patches@gcc.gnu.org>, Dmitry Vyukov <dvyukov@google.com>, Konstantin Serebryany <konstantin.s.serebryany@gmail.com> Subject: Re: [PATCH] -f{no-sanitize,{,no-}sanitize-recover}=all support Message-ID: <20150105220238.GC1667@tucnak.redhat.com> Reply-To: Jakub Jelinek <jakub@redhat.com> References: <20141118064740.GE1745@tucnak.redhat.com> <CAGSYnCNGEXq=D76sF26G1tP6nKiMkKaC1FJm9KL1svojzXG-vA@mail.gmail.com> <20141118075317.GF1745@tucnak.redhat.com> <CAGSYnCPW9igmQL_GLoAVc0Jq0vrytHjLvDY8X98kYkZ4=UNEMg@mail.gmail.com> <CAGSYnCPYyyWseiJh00f3whDok1gEF39fvxKDUvAB3q-s=8kWpg@mail.gmail.com> <20141219080718.GS1667@tucnak.redhat.com> <CAGSYnCNLoU0p3FGDwb6mMAAOWFz2Te1m7wmWD94PhcADsQs9rQ@mail.gmail.com> <20150105165853.GT1667@tucnak.redhat.com> <54AAF4EA.2060208@redhat.com> <20150105214037.GB1667@tucnak.redhat.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20150105214037.GB1667@tucnak.redhat.com> User-Agent: Mutt/1.5.23 (2014-03-12)

Message ID

20150105220238.GC1667@tucnak.redhat.com

State

New

Headers

DomainKey-Signature: a=rsa-sha1; c=nofws; d=gcc.gnu.org; h=list-id
	:list-unsubscribe:list-archive:list-post:list-help:sender:date
	:from:to:cc:subject:message-id:reply-to:references:mime-version
	:content-type:in-reply-to; q=dns; s=default; b=h908Rn9mnOqUmMa+1
	4F26XpLNVN8gR1uS5/NhBWLw2hOfHvO2+8faF8E/suu8REYoyE+o9Jd0aXwFoyMD
	UOUqReiSyVNk1sZT8SUsoVh0GpuqvwkTgFwYKZXrLIRud5MSjgMrR27YOQ0mo3ev
	nj700fysbWFyMKbfD65UtmLKb0=
Mailing-List: contact gcc-patches-help@gcc.gnu.org; run by ezmlm
Precedence: bulk
Sender: gcc-patches-owner@gcc.gnu.org
Date: Mon, 5 Jan 2015 23:02:38 +0100
From: Jakub Jelinek <jakub@redhat.com>
To: Jeff Law <law@redhat.com>
Cc: Richard Biener <rguenther@suse.de>, Dodji Seketeli <dseketel@redhat.com>,
	Alexey Samsonov <samsonov@google.com>,
	Yury Gribov <y.gribov@samsung.com>, Marek Polacek <polacek@redhat.com>,
	GCC Patches <gcc-patches@gcc.gnu.org>,
	Dmitry Vyukov <dvyukov@google.com>,
	Konstantin Serebryany <konstantin.s.serebryany@gmail.com>
Subject: Re: [PATCH] -f{no-sanitize,{,no-}sanitize-recover}=all support
Message-ID: <20150105220238.GC1667@tucnak.redhat.com>
Reply-To: Jakub Jelinek <jakub@redhat.com>
References: <20141118064740.GE1745@tucnak.redhat.com>
	<CAGSYnCNGEXq=D76sF26G1tP6nKiMkKaC1FJm9KL1svojzXG-vA@mail.gmail.com>
	<20141118075317.GF1745@tucnak.redhat.com>
	<CAGSYnCPW9igmQL_GLoAVc0Jq0vrytHjLvDY8X98kYkZ4=UNEMg@mail.gmail.com>
	<CAGSYnCPYyyWseiJh00f3whDok1gEF39fvxKDUvAB3q-s=8kWpg@mail.gmail.com>
	<20141219080718.GS1667@tucnak.redhat.com>
	<CAGSYnCNLoU0p3FGDwb6mMAAOWFz2Te1m7wmWD94PhcADsQs9rQ@mail.gmail.com>
	<20150105165853.GT1667@tucnak.redhat.com>
	<54AAF4EA.2060208@redhat.com>
	<20150105214037.GB1667@tucnak.redhat.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20150105214037.GB1667@tucnak.redhat.com>
User-Agent: Mutt/1.5.23 (2014-03-12)

Commit Message

Jakub Jelinek Jan. 5, 2015, 10:02 p.m. UTC

On Mon, Jan 05, 2015 at 10:40:37PM +0100, Jakub Jelinek wrote:
> > Are there any doc updates that need to happen as a result of this patch?
> > Patch itself is fine for the trunk, just want to make sure the doc side is
> > good too.
> 
> You're right, I'll add documentation tomorrow and repost the patch.

Make that tonight ;), here it is.  I also found a bug in the
-fsanitize=float-cast-overflow documentation and -f{,no-}sanitize-recover
and fixed that too to much the implementation.

Ok?

2015-01-05  Jakub Jelinek  <jakub@redhat.com>

	* opts.c (common_handle_option): Add support for
	-fno-sanitize=all and -f{,no-}sanitize-recover=all.
	* doc/invoke.texi: Document -fno-sanitize=all,
	-f{,no-}sanitize-recover=all.  Document that
	-fsanitize=float-cast-overflow is not enabled
	by -fsanitize=undefined.  Fix up documentation
	of -f{,no-}sanitize-recover.

	* c-c++-common/asan/sanitize-all-1.c: New test.
	* c-c++-common/ubsan/sanitize-all-1.c: New test.
	* c-c++-common/ubsan/sanitize-all-2.c: New test.
	* c-c++-common/ubsan/sanitize-all-3.c: New test.
	* c-c++-common/ubsan/sanitize-all-4.c: New test.



	Jakub

Comments

Dodji Seketeli Jan. 6, 2015, 9 a.m. UTC | #1

Jakub Jelinek <jakub@redhat.com> writes:

> On Mon, Jan 05, 2015 at 10:40:37PM +0100, Jakub Jelinek wrote:
>> > Are there any doc updates that need to happen as a result of this patch?
>> > Patch itself is fine for the trunk, just want to make sure the doc side is
>> > good too.
>> 
>> You're right, I'll add documentation tomorrow and repost the patch.
>
> Make that tonight ;), here it is.  I also found a bug in the
> -fsanitize=float-cast-overflow documentation and -f{,no-}sanitize-recover
> and fixed that too to much the implementation.
>
> Ok?

[...]

>
> 2015-01-05  Jakub Jelinek  <jakub@redhat.com>
>
> 	* opts.c (common_handle_option): Add support for
> 	-fno-sanitize=all and -f{,no-}sanitize-recover=all.
> 	* doc/invoke.texi: Document -fno-sanitize=all,
> 	-f{,no-}sanitize-recover=all.  Document that
> 	-fsanitize=float-cast-overflow is not enabled
> 	by -fsanitize=undefined.  Fix up documentation
> 	of -f{,no-}sanitize-recover.
>
> 	* c-c++-common/asan/sanitize-all-1.c: New test.
> 	* c-c++-common/ubsan/sanitize-all-1.c: New test.
> 	* c-c++-common/ubsan/sanitize-all-2.c: New test.
> 	* c-c++-common/ubsan/sanitize-all-3.c: New test.
> 	* c-c++-common/ubsan/sanitize-all-4.c: New test.

This is OK.  Thanks!

--- gcc/opts.c.jj	2015-01-05 19:52:17.151813267 +0100
+++ gcc/opts.c	2015-01-05 22:48:11.738814380 +0100
@@ -1588,6 +1588,7 @@  common_handle_option (struct gcc_options
 		sizeof "returns-nonnull-attribute" - 1 },
 	      { "object-size", SANITIZE_OBJECT_SIZE,
 		sizeof "object-size" - 1 },
+	      { "all", ~0, sizeof "all" - 1 },
 	      { NULL, 0, 0 }
 	    };
 	    const char *comma;
@@ -1611,7 +1612,15 @@  common_handle_option (struct gcc_options
 		  && memcmp (p, spec[i].name, len) == 0)
 		{
 		  /* Handle both -fsanitize and -fno-sanitize cases.  */
-		  if (value)
+		  if (value && spec[i].flag == ~0U)
+		    {
+		      if (code == OPT_fsanitize_)
+			error_at (loc, "-fsanitize=all option is not valid");
+		      else
+			*flag |= ~(SANITIZE_USER_ADDRESS | SANITIZE_THREAD
+				   | SANITIZE_LEAK);
+		    }
+		  else if (value)
 		    *flag |= spec[i].flag;
 		  else
 		    *flag &= ~spec[i].flag;
--- gcc/doc/invoke.texi.jj	2015-01-05 22:44:36.000000000 +0100
+++ gcc/doc/invoke.texi	2015-01-05 22:58:23.600292158 +0100
@@ -5683,6 +5683,8 @@  be a legitimate way of obtaining infinit
 @opindex fsanitize=float-cast-overflow
 This option enables floating-point type to integer conversion checking.
 We check that the result of the conversion does not overflow.
+Unlike other similar options, @option{-fsanitize=float-cast-overflow} is
+not enabled by @option{-fsanitize=undefined}.
 This option does not work well with @code{FE_INVALID} exceptions enabled.
 
 @item -fsanitize=nonnull-attribute
@@ -5718,6 +5720,13 @@  While @option{-ftrapv} causes traps for
 @option{-fsanitize=undefined} gives a diagnostic message.
 This currently works only for the C family of languages.
 
+@item -fno-sanitize=all
+@opindex fno-sanitize=all
+
+This option disables all previously enabled sanitizers.
+@option{-fsanitize=all} is not allowed, as some sanitizers cannot be used
+together.
+
 @item -fasan-shadow-offset=@var{number}
 @opindex fasan-shadow-offset
 This option forces GCC to use custom shadow offset in AddressSanitizer checks.
@@ -5741,11 +5750,14 @@  Currently this feature only works for @o
 except for @option{-fsanitize=unreachable} and @option{-fsanitize=return}),
 @option{-fsanitize=float-cast-overflow}, @option{-fsanitize=float-divide-by-zero} and
 @option{-fsanitize=kernel-address}.  For these sanitizers error recovery is turned on by default.
+@option{-fsanitize-recover=all} and @option{-fno-sanitize-recover=all} is also
+accepted, the former enables recovery for all sanitizers that support it,
+the latter disables recovery for all sanitizers that support it.
 
 Syntax without explicit @var{opts} parameter is deprecated.  It is equivalent to
-@option{-fsanitize-recover=undefined,float-cast-overflow,float-divide-by-zero,kernel-address}.
+@option{-fsanitize-recover=undefined,float-cast-overflow,float-divide-by-zero}.
 Similarly @option{-fno-sanitize-recover} is equivalent to
-@option{-fno-sanitize-recover=undefined,float-cast-overflow,float-divide-by-zero,kernel-address}.
+@option{-fno-sanitize-recover=undefined,float-cast-overflow,float-divide-by-zero}.
 
 @item -fsanitize-undefined-trap-on-error
 @opindex fsanitize-undefined-trap-on-error
--- gcc/testsuite/c-c++-common/asan/sanitize-all-1.c.jj	2015-01-05 22:48:11.739814363 +0100
+++ gcc/testsuite/c-c++-common/asan/sanitize-all-1.c	2015-01-05 22:48:11.739814363 +0100
@@ -0,0 +1,12 @@ 
+/* { dg-do compile } */
+/* { dg-options "-fno-sanitize=all" } */
+
+volatile int ten = 10;
+
+int main() {
+  volatile char x[10];
+  x[ten];
+  return 0;
+}
+
+/* { dg-final { scan-assembler-not "__asan_load" } } */
--- gcc/testsuite/c-c++-common/ubsan/sanitize-all-1.c.jj	2015-01-05 22:48:11.739814363 +0100
+++ gcc/testsuite/c-c++-common/ubsan/sanitize-all-1.c	2015-01-05 22:48:11.739814363 +0100
@@ -0,0 +1,8 @@ 
+/* Test -f*sanitize*=all */
+/* { dg-do compile } */
+/* { dg-skip-if "" { *-*-* } { "*" } { "-O2" } } */
+/* { dg-options "-fsanitize=all" } */
+
+int i;
+
+/* { dg-error "-fsanitize=all option is not valid" "" { target *-*-* } 0 } */
--- gcc/testsuite/c-c++-common/ubsan/sanitize-all-2.c.jj	2015-01-05 22:48:11.739814363 +0100
+++ gcc/testsuite/c-c++-common/ubsan/sanitize-all-2.c	2015-01-05 22:48:11.739814363 +0100
@@ -0,0 +1,41 @@ 
+/* Test -f*sanitize*=all */
+/* { dg-do run } */
+/* { dg-skip-if "" { *-*-* } { "*" } { "-O2" } } */
+/* { dg-skip-if "" { *-*-* } { "-flto -fno-fat-lto-objects" } } */
+/* { dg-options "-fsanitize=undefined,float-cast-overflow,float-divide-by-zero -fno-sanitize=all -fdump-tree-optimized" } */
+
+int a[4];
+
+int
+f1 (int x, int y, int z)
+{
+  return a[x] + (1 << y) + (100 / z);
+}
+
+char *
+f2 (int x)
+{
+  char *p = (char *) __builtin_calloc (64, 1);
+  p[x] = 3;
+  return p;
+}
+
+int
+f3 (int x, int *y, double z, double w)
+{
+  int a[*y];
+  if (x)
+    __builtin_unreachable ();
+  asm volatile ("" : : "r" (&a[0]));
+  return z / w;
+}
+
+int
+main ()
+{
+  return 0;
+}
+
+/* { dg-final { scan-tree-dump-not "__ubsan_" "optimized" } } */
+/* { dg-final { scan-tree-dump-not "UBSAN_CHECK_" "optimized" } } */
+/* { dg-final { cleanup-tree-dump "optimized" } } */
--- gcc/testsuite/c-c++-common/ubsan/sanitize-all-3.c.jj	2015-01-05 22:48:11.740814345 +0100
+++ gcc/testsuite/c-c++-common/ubsan/sanitize-all-3.c	2015-01-05 22:48:11.740814345 +0100
@@ -0,0 +1,42 @@ 
+/* Test -f*sanitize*=all */
+/* { dg-do run } */
+/* { dg-skip-if "" { *-*-* } { "*" } { "-O2" } } */
+/* { dg-skip-if "" { *-*-* } { "-flto -fno-fat-lto-objects" } } */
+/* { dg-options "-fsanitize=undefined -fsanitize-recover=all -fdump-tree-optimized" } */
+
+int a[4];
+
+int
+f1 (int x, int y, int z)
+{
+  return a[x] + (1 << y) + (100 / z);
+}
+
+char *
+f2 (int x)
+{
+  char *p = (char *) __builtin_calloc (64, 1);
+  p[x] = 3;
+  return p;
+}
+
+int
+f3 (int x, int *y, double z, double w)
+{
+  int a[*y];
+  if (x)
+    __builtin_unreachable ();
+  asm volatile ("" : : "r" (&a[0]));
+  return z / w;
+}
+
+int
+main ()
+{
+  return 0;
+}
+
+/* { dg-final { scan-tree-dump "__ubsan_" "optimized" } } */
+/* { dg-final { scan-tree-dump-not "__ubsan_\[a-z_\]*_abort" "optimized" } } */
+/* { dg-final { scan-tree-dump "UBSAN_CHECK_" "optimized" } } */
+/* { dg-final { cleanup-tree-dump "optimized" } } */
--- gcc/testsuite/c-c++-common/ubsan/sanitize-all-4.c.jj	2015-01-05 22:48:11.740814345 +0100
+++ gcc/testsuite/c-c++-common/ubsan/sanitize-all-4.c	2015-01-05 22:48:11.740814345 +0100
@@ -0,0 +1,42 @@ 
+/* Test -f*sanitize*=all */
+/* { dg-do run } */
+/* { dg-skip-if "" { *-*-* } { "*" } { "-O2" } } */
+/* { dg-skip-if "" { *-*-* } { "-flto -fno-fat-lto-objects" } } */
+/* { dg-options "-fsanitize=undefined -fno-sanitize-recover=all -fdump-tree-optimized" } */
+
+int a[4];
+
+int
+f1 (int x, int y, int z)
+{
+  return a[x] + (1 << y) + (100 / z);
+}
+
+char *
+f2 (int x)
+{
+  char *p = (char *) __builtin_calloc (64, 1);
+  p[x] = 3;
+  return p;
+}
+
+int
+f3 (int x, int *y, double z, double w)
+{
+  int a[*y];
+  if (x)
+    __builtin_unreachable ();
+  asm volatile ("" : : "r" (&a[0]));
+  return z / w;
+}
+
+int
+main ()
+{
+  return 0;
+}
+
+/* { dg-final { scan-tree-dump "__ubsan_\[a-z_\]*_abort" "optimized" } } */
+/* { dg-final { scan-tree-dump-not "__ubsan_\[a-z_\]*\[^et\] " "optimized" } } */
+/* { dg-final { scan-tree-dump "UBSAN_CHECK_" "optimized" } } */
+/* { dg-final { cleanup-tree-dump "optimized" } } */