From patchwork Fri Nov 29 18:26:52 2019
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Wilco Dijkstra <Wilco.Dijkstra@arm.com>
X-Patchwork-Id: 1202561
Return-Path: 
 <gcc-patches-return-514889-incoming=patchwork.ozlabs.org@gcc.gnu.org>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized)
	smtp.mailfrom=gcc.gnu.org (client-ip=209.132.180.131;
	helo=sourceware.org;
	envelope-from=gcc-patches-return-514889-incoming=patchwork.ozlabs.org@gcc.gnu.org;
	receiver=<UNKNOWN>)
Authentication-Results: ozlabs.org;
	dmarc=none (p=none dis=none) header.from=arm.com
Authentication-Results: ozlabs.org; dkim=pass (1024-bit key;
	unprotected) header.d=gcc.gnu.org header.i=@gcc.gnu.org
	header.b="H/kCeNju";
	dkim=fail reason="signature verification failed" (1024-bit key;
	unprotected) header.d=armh.onmicrosoft.com
	header.i=@armh.onmicrosoft.com header.b="n1d16Tun";
	dkim=fail reason="signature verification failed" (1024-bit key)
	header.d=armh.onmicrosoft.com header.i=@armh.onmicrosoft.com
	header.b="n1d16Tun"; dkim-atps=neutral
Received: from sourceware.org (server1.sourceware.org [209.132.180.131])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256
	bits)) (No client certificate requested)
	by ozlabs.org (Postfix) with ESMTPS id 47PjfB4xfnz9sP4
	for <incoming@patchwork.ozlabs.org>;
	Sat, 30 Nov 2019 05:27:13 +1100 (AEDT)
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gcc.gnu.org; h=list-id
	:list-unsubscribe:list-archive:list-post:list-help:sender:from
	:to:subject:date:message-id:content-type
	:content-transfer-encoding:mime-version; q=dns; s=default; b=Pc/
	mwS9RV18ozDGkpgRp6bioAqt1fPxv9Iv1Ak+MspoK58wUZNZzz2786hFeCZtM7UD
	dnGYZ4O3sGebfkJoON02jc1R1hIDfcN3Mc+DjeIIIrFGGw7L0JQDL97dqYZqHcL3
	a/0FJqT8lls8SpmAPqCCR+BqnQ+MQuvRNgdYZVms=
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=gcc.gnu.org; h=list-id
	:list-unsubscribe:list-archive:list-post:list-help:sender:from
	:to:subject:date:message-id:content-type
	:content-transfer-encoding:mime-version; s=default; bh=j6somcjkF
	MCV81grVMF46X845O8=; b=H/kCeNjuAz7Teik4GO1dsU95YIubjinh1rT+agUfK
	aNiiaNPoP3//CsHICQzzbGMGYjtsO8gwNfwumbH5VGnHo0F3/jHqR+XlwLd7gQtL
	TpDifw90gdDSWkUl7GkAe7FnP9+aFQ5l+2NflvWGZHsggsbk4YCipp9vS0o5cThR
	lg=
Received: (qmail 91952 invoked by alias); 29 Nov 2019 18:27:05 -0000
Mailing-List: contact gcc-patches-help@gcc.gnu.org; run by ezmlm
Precedence: bulk
List-Id: <gcc-patches.gcc.gnu.org>
List-Unsubscribe: 
 <mailto:gcc-patches-unsubscribe-incoming=patchwork.ozlabs.org@gcc.gnu.org>
List-Archive: <http://gcc.gnu.org/ml/gcc-patches/>
List-Post: <mailto:gcc-patches@gcc.gnu.org>
List-Help: <mailto:gcc-patches-help@gcc.gnu.org>
Sender: gcc-patches-owner@gcc.gnu.org
Delivered-To: mailing list gcc-patches@gcc.gnu.org
Received: (qmail 91938 invoked by uid 89); 29 Nov 2019 18:27:05 -0000
Authentication-Results: sourceware.org; auth=none
X-Spam-SWARE-Status: No, score=-12.1 required=5.0 tests=AWL, BAYES_00,
	FORGED_SPF_HELO, GIT_PATCH_2, GIT_PATCH_3, KAM_SHORT,
	RCVD_IN_DNSWL_NONE, SPF_HELO_PASS,
	UNPARSEABLE_RELAY autolearn=ham version=3.3.1 spammy=
X-HELO: EUR04-HE1-obe.outbound.protection.outlook.com
Received: from mail-eopbgr70085.outbound.protection.outlook.com (HELO
	EUR04-HE1-obe.outbound.protection.outlook.com) (40.107.7.85)
	by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with
	ESMTP; Fri, 29 Nov 2019 18:27:03 +0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com;
	s=selector2-armh-onmicrosoft-com;
	h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
	bh=s2Jh8RrX/q3iI08Ieo5bl5Ib5elZFyfZP1AAf5h6IAE=;
	b=n1d16TunjMv+ZozMpz9I49sPYpnGq0Sha9M0g2fBUEZQwv2ASdwTPpy+oNBiKUNNEE/YEHkfJZN7n2Z+xhAQA97/y+e3KJavrEr2S1G0mf24XB/yMkkAF+V7Rbz+qeOE9SS5vK1ltSGuwZMG4Zvwyw6/R0T3AoZJgaPG4dqIZ+Q=
Received: from AM6PR08CA0020.eurprd08.prod.outlook.com
	(2603:10a6:20b:b2::32) by AM0PR08MB4404.eurprd08.prod.outlook.com
	(2603:10a6:208:137::20) with Microsoft SMTP Server (version=TLS1_2,
	cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
	15.20.2495.21; Fri, 29 Nov 2019 18:27:00 +0000
Received: from VE1EUR03FT013.eop-EUR03.prod.protection.outlook.com
	(2a01:111:f400:7e09::203) by
	AM6PR08CA0020.outlook.office365.com (2603:10a6:20b:b2::32)
	with Microsoft SMTP Server (version=TLS1_2,
	cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
	15.20.2495.18 via Frontend Transport;
	Fri, 29 Nov 2019 18:27:00 +0000
Authentication-Results: spf=pass (sender IP is 63.35.35.123)
	smtp.mailfrom=arm.com; gcc.gnu.org;
	dkim=pass (signature was verified) header.d=armh.onmicrosoft.com;
	gcc.gnu.org;
	dmarc=bestguesspass action=none header.from=arm.com;
Received-SPF: Pass (protection.outlook.com: domain of arm.com designates
	63.35.35.123 as permitted sender)
	receiver=protection.outlook.com; client-ip=63.35.35.123;
	helo=64aa7808-outbound-1.mta.getcheckrecipient.com;
Received: from 64aa7808-outbound-1.mta.getcheckrecipient.com (63.35.35.123)
	by VE1EUR03FT013.mail.protection.outlook.com (10.152.19.37)
	with Microsoft SMTP Server (version=TLS1_2,
	cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
	15.20.2495.18 via Frontend Transport;
	Fri, 29 Nov 2019 18:26:59 +0000
Received: ("Tessian outbound d55de055a19b:v37");
	Fri, 29 Nov 2019 18:26:59 +0000
X-CheckRecipientChecked: true
X-CR-MTA-CID: e62b88bbae2ab515
X-CR-MTA-TID: 64aa7808
Received: from 91b6d8a7e47d.1	by
	64aa7808-outbound-1.mta.getcheckrecipient.com id
	0122362F-9A0C-4E9B-A2B2-205B44F4079F.1;
	Fri, 29 Nov 2019 18:26:53 +0000
Received: from EUR04-DB3-obe.outbound.protection.outlook.com by
	64aa7808-outbound-1.mta.getcheckrecipient.com with ESMTPS id
	91b6d8a7e47d.1 (version=TLSv1.2
	cipher=ECDHE-RSA-AES256-GCM-SHA384);
	Fri, 29 Nov 2019 18:26:53 +0000
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
	b=RuTVIZX/MBrRdpPYmdpXDXlo+05xHuMtQTiChs4BrVlIsRa5Vg2W8AMOxXrsolh3SoU0EaNSF1q4kGd09mcP4ukz++mtPeC2l0mUMiozz2UUjnpWkWESTLy5mBetmeXwatzYuhICec2P3xunb53G9bH5u5zQ6LgsxgI8fuEqNNC2fXmaqV/VdZTvyeO3YHdk1+LgQpblw47itPG9eacLPidoTF649Gx68gpWBqbNXAA9CMfNP5ns69vZFDblsc4Ou+hfYSl/LbCtgw8nNjnVyBro7UaDPpdP/0jvFgrCm+gdFyAXAGAqGCijLP6FCjwbT3ZSpM9j61fE1iCibS2K4Q==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
	s=arcselector9901;
	h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
	bh=s2Jh8RrX/q3iI08Ieo5bl5Ib5elZFyfZP1AAf5h6IAE=;
	b=XenJRjeOfek7ONtV7amtlJaozdIhVjKyHn0PhpVRn81dVMMz9gfwslwvlYU2zaCfbdb3Iwho8DPHx0zLjYQYXK4dCKWESEDDm/sVLzxuHbthUK3WaShmgtBRh6rDVvwGoM5BTz3Vs5/lS1G2GX/RBW5yih6QgOqN4g6+/dCXU5KUVL2F+W6w+Q3q/O/gq4MxPqwKweIGEx8PQAsOR9YthtmheMeHKFGChwqPjgtY16P+UOyxbkXEwTrc+1JovRkyleOsUdCqaZvxjJOiU6ZkOJcYagqHk/qIyUE3GjIisO+/voMK92a4pQI8Cs9dB3o4VOOUJwqVL8AmvV2jV96YNw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1;
	spf=pass smtp.mailfrom=arm.com;
	dmarc=pass action=none header.from=arm.com;
	dkim=pass header.d=arm.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com;
	s=selector2-armh-onmicrosoft-com;
	h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
	bh=s2Jh8RrX/q3iI08Ieo5bl5Ib5elZFyfZP1AAf5h6IAE=;
	b=n1d16TunjMv+ZozMpz9I49sPYpnGq0Sha9M0g2fBUEZQwv2ASdwTPpy+oNBiKUNNEE/YEHkfJZN7n2Z+xhAQA97/y+e3KJavrEr2S1G0mf24XB/yMkkAF+V7Rbz+qeOE9SS5vK1ltSGuwZMG4Zvwyw6/R0T3AoZJgaPG4dqIZ+Q=
Received: from VI1PR0801MB2127.eurprd08.prod.outlook.com (10.168.62.22) by
	VI1PR0801MB2125.eurprd08.prod.outlook.com (10.168.67.151)
	with Microsoft SMTP Server (version=TLS1_2,
	cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
	15.20.2495.21; Fri, 29 Nov 2019 18:26:52 +0000
Received: from VI1PR0801MB2127.eurprd08.prod.outlook.com
	([fe80::2077:6fd9:244d:8d16]) by
	VI1PR0801MB2127.eurprd08.prod.outlook.com
	([fe80::2077:6fd9:244d:8d16%6]) with mapi id 15.20.2495.014;
	Fri, 29 Nov 2019 18:26:52 +0000
From: Wilco Dijkstra <Wilco.Dijkstra@arm.com>
To: GCC Patches <gcc-patches@gcc.gnu.org>
Subject: [COMMITTED][GCC8] Backport driver/89014 Use-after-free in aarch64
	-march=native
Date: Fri, 29 Nov 2019 18:26:52 +0000
Message-ID: 
 <VI1PR0801MB21273BEF6DE6EFFEE6DE474283460@VI1PR0801MB2127.eurprd08.prod.outlook.com>
Authentication-Results-Original: spf=none (sender IP is )
	smtp.mailfrom=Wilco.Dijkstra@arm.com;
x-checkrecipientrouted: true
x-ms-oob-tlc-oobclassifiers: OLM:8273;OLM:8273;
X-Forefront-Antispam-Report-Untrusted: SFV:NSPM;
	SFS:(10009020)(4636009)(346002)(39860400002)(376002)(396003)(136003)(366004)(189003)(199004)(54534003)(7736002)(99286004)(6436002)(6306002)(9686003)(55016002)(66446008)(64756008)(66556008)(66476007)(305945005)(86362001)(74316002)(66946007)(76116006)(6916009)(316002)(33656002)(26005)(71190400001)(14454004)(966005)(71200400001)(256004)(186003)(52536014)(81156014)(8676002)(81166006)(8936002)(478600001)(25786009)(19627235002)(5660300002)(102836004)(6506007)(2906002)(3846002)(7696005)(6116002)(14444005)(66066001);
	DIR:OUT; SFP:1101; SCL:1; SRVR:VI1PR0801MB2125;
	H:VI1PR0801MB2127.eurprd08.prod.outlook.com; FPR:; SPF:None;
	LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: arm.com does not designate
	permitted sender hosts)
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Untrusted: BCL:0;
X-Microsoft-Antispam-Message-Info-Original: 
 2nG81y503dmZxmkXr4xsb8QMiOX97uc5vL9Rf8oqCfMk/Y9c0twrGVxy28Sc4hegMkUI3SJI4+ciPGpfWwnzQX8/4CKapbw+HRQY/P75C9gFKmOoFCVHDimVXMUoqXK6/elkHr8PVCsu124I8BOsPNlEktt/pqw9UuL5SoR6j/HmIWj0sFqGDu4tUh4CpCL+mKB1x96W0w0C8Ci9XbdVdaDzJCr9FYb176ndBK/jFBIGVE9KBoDJ5dpmpvxM1/uPGA5gJHrRUrAN4zKIZ43ISmkEUtXRFoVS2Mtw2rDRW3Yum/QvK3/Fp/J0Gn4G6tpYvBMFuKU3/jKkX/PX0jjeySFcjxj2Bt2xAQP4gN8KrPOgNDMCXegE+1M2GoBeQGp+/abWD8UAu84LyIUQ4xwHg53sRQOgelYC/lONvWlaEXsV3ELeYd4j9abSkhkrrJtmZSfk+9Q8UN6y7EK0yQT6PEV0e5txdWm2KSM+sIUM6z4=
x-ms-exchange-transport-forked: True
MIME-Version: 1.0
Original-Authentication-Results: spf=none (sender IP is )
	smtp.mailfrom=Wilco.Dijkstra@arm.com;
X-MS-Exchange-Transport-CrossTenantHeadersStripped: 
 VE1EUR03FT013.eop-EUR03.prod.protection.outlook.com
X-MS-Office365-Filtering-Correlation-Id-Prvs: 
 a258ecfa-43c2-41cc-e87f-08d774f9b4dd

Hi,

I've backported r268189 to GCC8:

aarch64: fix use-after-free in -march=native (PR driver/89014)

Running:
  $ valgrind ./xgcc -B. -c test.c -march=native
on aarch64 shows a use-after-free in host_detect_local_cpu due
to the std::string result of aarch64_get_extension_string_for_isa_flags
only living until immediately after a c_str call.

This leads to corrupt "-march=" values being passed to cc1.

This patch fixes the use-after-free, though it appears to also need
Tamar's patch here:
  https://gcc.gnu.org/ml/gcc-patches/2018-12/msg01302.html
in order to generate valid values for cc1.  This may have worked by
accident in the past, if the corrupt "-march=" value happened to be
0-terminated in the "right" place; with this patch it now appears
to reliably break without Tamar's patch.

	Backport from mainline
	2019-01-23  David Malcolm  <dmalcolm@redhat.com>

	PR driver/89014
	* config/aarch64/driver-aarch64.c (host_detect_local_cpu): Fix
	use-after-free of the result of
	aarch64_get_extension_string_for_isa_flags.

Modified:
    branches/gcc-8-branch/gcc/ChangeLog
    branches/gcc-8-branch/gcc/config/aarch64/driver-aarch64.c

--- branches/gcc-8-branch/gcc/config/aarch64/driver-aarch64.c	2019/11/29 15:02:35	278853
+++ branches/gcc-8-branch/gcc/config/aarch64/driver-aarch64.c	2019/11/29 17:22:30	278854
@@ -179,7 +179,6 @@
   unsigned int variants[2] = { ALL_VARIANTS, ALL_VARIANTS };
   unsigned int n_variants = 0;
   bool processed_exts = false;
-  const char *ext_string = "";
   unsigned long extension_flags = 0;
   unsigned long default_flags = 0;
 
@@ -357,11 +356,12 @@
   if (tune)
     return res;
 
-  ext_string
-    = aarch64_get_extension_string_for_isa_flags (extension_flags,
-						  default_flags).c_str ();
-
-  res = concat (res, ext_string, NULL);
+  {
+    std::string extension
+      = aarch64_get_extension_string_for_isa_flags (extension_flags,
+						    default_flags);
+    res = concat (res, extension.c_str (), NULL);
+  }
 
   return res;