From patchwork Mon Nov 11 22:38:44 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Martin Sebor X-Patchwork-Id: 1193168 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=gcc.gnu.org (client-ip=209.132.180.131; helo=sourceware.org; envelope-from=gcc-patches-return-513008-incoming=patchwork.ozlabs.org@gcc.gnu.org; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=gmail.com Authentication-Results: ozlabs.org; dkim=pass (1024-bit key; unprotected) header.d=gcc.gnu.org header.i=@gcc.gnu.org header.b="EZzBgJkp"; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b="AQVXnudV"; dkim-atps=neutral Received: from sourceware.org (server1.sourceware.org [209.132.180.131]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 47Bm4x3BZxz9sP3 for ; Tue, 12 Nov 2019 09:38:57 +1100 (AEDT) DomainKey-Signature: a=rsa-sha1; c=nofws; d=gcc.gnu.org; h=list-id :list-unsubscribe:list-archive:list-post:list-help:sender:to :from:subject:message-id:date:mime-version:content-type; q=dns; s=default; b=iAumQFbwHIlWXw9++SZ40YI6ePXsAEZ1l4tA51O0/QtdXdiEGz yStNmpxicREk02lOdYrT0tErRt1CmP41Ho/bnlnjB6ZqKzThuEmVDfyK07OaNCOi NWIYYzX2+6k5a05i6BHxu7sa42Yd00bsHcSHiZ6Z5DJZv98s86soUSVPU= DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=gcc.gnu.org; h=list-id :list-unsubscribe:list-archive:list-post:list-help:sender:to :from:subject:message-id:date:mime-version:content-type; s= default; bh=dxYebjKTqcKNn1HrMQolo6YmgZU=; b=EZzBgJkpzI4lXMsaMXKG NocH8x9cvZ00MaPWkQH+jxzZxam7fnOeWZesZSsVrugTNskqm8b2LejJgctcohiX sdsJKFVsIgdV//eY41iD65Asl8KDpqKy8MZPXaqgBDFVhWCGPdbCGDDU/jyg/pI+ 60x6TL4E9hVwx4aN9GGE++4= Received: (qmail 13687 invoked by alias); 11 Nov 2019 22:38:50 -0000 Mailing-List: contact gcc-patches-help@gcc.gnu.org; run by ezmlm Precedence: bulk List-Id: List-Unsubscribe: List-Archive: List-Post: List-Help: Sender: gcc-patches-owner@gcc.gnu.org Delivered-To: mailing list gcc-patches@gcc.gnu.org Received: (qmail 13678 invoked by uid 89); 11 Nov 2019 22:38:49 -0000 Authentication-Results: sourceware.org; auth=none X-Spam-SWARE-Status: No, score=-11.7 required=5.0 tests=AWL, BAYES_00, FREEMAIL_FROM, GIT_PATCH_2, GIT_PATCH_3, KAM_ASCII_DIVIDERS, RCVD_IN_DNSWL_NONE, SPF_PASS autolearn=ham version=3.3.1 spammy= X-HELO: mail-yw1-f48.google.com Received: from mail-yw1-f48.google.com (HELO mail-yw1-f48.google.com) (209.85.161.48) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with ESMTP; Mon, 11 Nov 2019 22:38:48 +0000 Received: by mail-yw1-f48.google.com with SMTP id i2so5755376ywg.13 for ; Mon, 11 Nov 2019 14:38:47 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=to:from:subject:message-id:date:user-agent:mime-version :content-language; bh=xGEpVc79Orh6u2xYu+Lzzy78Q4+9KANr0eyPPbiFsIc=; b=AQVXnudVrTe+Dg/Mt6c46u+uOBy0dvDkf9lyF7ptfszbPGDYJYGpK3mLTZuKrRDI3J BhI+vn+H1vRzzW4WBpJRfAZSzh7zXtYxMKH54NH2Qm2wcx3TCb73g8VEo5nChCGSEhJQ XwwA6nfB94N7mpvvFVWaCQ2ysqBlCBT9FURoTeBMDgS4C2dz6CmiKa3NBiQxijdsf03O Azx3AQDCeRJVCZgeoaDrFY0WoZ0G8p84zzIS7MFlS8dT1EIN5wg/t6uiilgYeQrh+shN ou71TxzgfZDyg6Ug7/9ybhWY1T4/+3vGhHw86b4KJE4jVie7VgTDiOO2iqyXxsuYZXoq Gecw== Received: from [192.168.0.41] (97-118-98-145.hlrn.qwest.net. [97.118.98.145]) by smtp.gmail.com with ESMTPSA id z139sm10163290ywz.32.2019.11.11.14.38.44 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Mon, 11 Nov 2019 14:38:45 -0800 (PST) To: gcc-patches , Richard Biener From: Martin Sebor Subject: [PATCH] errno can't alias locals (PR 92412) Message-ID: <5311b2b4-3822-1996-5f80-e4afa2ea51f7@gmail.com> Date: Mon, 11 Nov 2019 15:38:44 -0700 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.6.1 MIME-Version: 1.0 X-IsSubscribed: yes The conditional in default_ref_may_alias_errno has the function return true even for local variables, implying that locals must be assumed not to have been changed across calls to errno-setting functions like malloc. This leads to both worse code and also false negatives in the strlen pass' detection of buffer overflow across such calls. The attached patch constrains the conditional to only consider external declarations. Tested on x86_64-linux. Martin PR tree-optimization/92412 - excessive errno aliasing assumption defeats optimization gcc/ChangeLog: PR tree-optimization/92412 * targhooks.c (default_ref_may_alias_errno): Errono can only alias extern variables. gcc/testsuite/ChangeLog: PR tree-optimization/92412 * gcc.dg/strlenopt-91.c: New test. Index: gcc/targhooks.c =================================================================== --- gcc/targhooks.c (revision 278066) +++ gcc/targhooks.c (working copy) @@ -1415,9 +1415,11 @@ default_ref_may_alias_errno (ao_ref *ref) if (TYPE_UNSIGNED (TREE_TYPE (base)) || TYPE_MODE (TREE_TYPE (base)) != TYPE_MODE (integer_type_node)) return false; - /* The default implementation assumes an errno location - declaration is never defined in the current compilation unit. */ + /* The default implementation assumes an errno location declaration + is never defined in the current compilation unit and may not be + aliased by a local variable. */ if (DECL_P (base) + && DECL_EXTERNAL (base) && !TREE_STATIC (base)) return true; else if (TREE_CODE (base) == MEM_REF Index: gcc/testsuite/gcc.dg/strlenopt-91.c =================================================================== --- gcc/testsuite/gcc.dg/strlenopt-91.c (nonexistent) +++ gcc/testsuite/gcc.dg/strlenopt-91.c (working copy) @@ -0,0 +1,124 @@ +/* PR tree-optimization/92412 - excessive errno aliasing assumption defeats + optimization + { dg-do compile } + { dg-options "-O1 -Wall -fdump-tree-optimized" } */ + +typedef __SIZE_TYPE__ size_t; + +extern void* alloca (size_t); +extern void* calloc (size_t, size_t); +extern void* malloc (size_t); + +extern const char exta[4]; +static char stata[] = "123"; + +void sink (const void*, ...); + +#define T(ptr, alloc) do { \ + const char *p = ptr; \ + if (p[0] != '1' || p[1] != '2' || p[2] != '3' || p[3] != '\0' \ + || __builtin_strlen (p) != 3) \ + return; \ + \ + void *q = alloc; \ + __builtin_strcpy (q, p); \ + \ + if (p[0] != '1' || p[1] != '2' || p[2] != '3' || p[3] != '\0' \ + || __builtin_strlen (p) != 3 \ + || __builtin_strlen (q) != 3) \ + __builtin_abort (); \ + \ + sink (p, q); \ + } while (0) + + +void alloca_test_local (unsigned n) +{ + char loca[] = "123"; + T (loca, alloca (n)); +} + +void alloca_test_extern_const (unsigned n) +{ + T (exta, alloca (n)); +} + +void alloca_test_static (unsigned n) +{ + T (stata, alloca (n)); +} + + +// Verify fix for PR tree-optimization/92412. +void calloc_test_local (unsigned m, unsigned n) +{ + char loca[] = "123"; + T (loca, calloc (m, n)); +} + +void calloc_test_extern_const (unsigned m, unsigned n) +{ + T (exta, calloc (m, n)); +} + +void calloc_test_static (unsigned m, unsigned n) +{ + T (stata, calloc (m, n)); +} + + +// Verify fix for PR tree-optimization/92412. +void malloc_test_local (unsigned n) +{ + char loca[] = "123"; + T (loca, malloc (n)); +} + +void malloc_test_extern_const (unsigned n) +{ + T (exta, malloc (n)); +} + +void malloc_test_static (unsigned n) +{ + T (stata, malloc (n)); +} + + +#undef T +#define T(ptr, n) do { \ + const char *p = ptr; \ + if (p[0] != '1' || p[1] != '2' || p[2] != '3' || p[3] != '\0' \ + || __builtin_strlen (p) != 3) \ + return; \ + \ + char vla[n]; \ + char *q = vla; \ + __builtin_strcpy (q, p); \ + \ + if (p[0] != '1' || p[1] != '2' || p[2] != '3' || p[3] != '\0' \ + || __builtin_strlen (p) != 3 \ + || __builtin_strlen (q) != 3) \ + __builtin_abort (); \ + \ + sink (p, vla); \ + } while (0) + + +void vla_test_local (unsigned n) +{ + char loca[] = "123"; + T (loca, n); +} + +void vla_test_extern_const (unsigned n) +{ + T (exta, n); +} + +void vla_test_static (unsigned n) +{ + T (stata, n); +} + +/* { dg-final { scan-tree-dump-not "abort" "optimized" } } */