From patchwork Mon Oct 22 14:59:39 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bernd Edlinger X-Patchwork-Id: 987774 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=gcc.gnu.org (client-ip=209.132.180.131; helo=sourceware.org; envelope-from=gcc-patches-return-488036-incoming=patchwork.ozlabs.org@gcc.gnu.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=hotmail.de Authentication-Results: ozlabs.org; dkim=pass (1024-bit key; unprotected) header.d=gcc.gnu.org header.i=@gcc.gnu.org header.b="uZOoI+hC"; dkim-atps=neutral Received: from sourceware.org (server1.sourceware.org [209.132.180.131]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 42f06y59QYz9s7T for ; Tue, 23 Oct 2018 01:59:54 +1100 (AEDT) DomainKey-Signature: a=rsa-sha1; c=nofws; d=gcc.gnu.org; h=list-id :list-unsubscribe:list-archive:list-post:list-help:sender:from :to:subject:date:message-id:content-type:mime-version; q=dns; s= default; b=UJ9eTF/NvjFNPYVZgzNwzv8HggPmJi3oqKstUHPExCH+hepci41/7 L2bCvNhdS0t6IN0Bi2ChiE1JeGQ4a7JNdMUglGlTIUMdWGAt0+P+sL24Jim+mDyp BBedmnhz/BNx/U35jDR45xFRqJo18Nb5EdAbzk7enLEnsUpz65vyQA= DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=gcc.gnu.org; h=list-id :list-unsubscribe:list-archive:list-post:list-help:sender:from :to:subject:date:message-id:content-type:mime-version; s= default; bh=TI5l7BBkproupcilq9lTT1BYmUc=; b=uZOoI+hC0iu3I8/Cwq8g u7j5kdfoZrlaafV323MwWBqcrOtSf0biPRpb0bAQYDykj7KzC7wowWFwVeiM+9d7 35kEpgHxvmeLzMw3Ipbu6+ZOTOGnrgeaIEniEsMzYqdjiCUlMkOApPljnVjjX1nq lO7CJfDbESsSBzh4sS/Juyk= Received: (qmail 18849 invoked by alias); 22 Oct 2018 14:59:45 -0000 Mailing-List: contact gcc-patches-help@gcc.gnu.org; run by ezmlm Precedence: bulk List-Id: List-Unsubscribe: List-Archive: List-Post: List-Help: Sender: gcc-patches-owner@gcc.gnu.org Delivered-To: mailing list gcc-patches@gcc.gnu.org Received: (qmail 17752 invoked by uid 89); 22 Oct 2018 14:59:44 -0000 Authentication-Results: sourceware.org; auth=none X-Spam-SWARE-Status: No, score=-11.1 required=5.0 tests=AWL, BAYES_00, FREEMAIL_FROM, GIT_PATCH_2, GIT_PATCH_3, KAM_NUMSUBJECT, RCVD_IN_DNSWL_NONE, SPF_HELO_PASS, SPF_PASS autolearn=ham version=3.3.2 spammy=H*c:HHH X-HELO: EUR02-VE1-obe.outbound.protection.outlook.com Received: from mail-oln040092069074.outbound.protection.outlook.com (HELO EUR02-VE1-obe.outbound.protection.outlook.com) (40.92.69.74) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with ESMTP; Mon, 22 Oct 2018 14:59:42 +0000 Received: from AM5EUR02FT060.eop-EUR02.prod.protection.outlook.com (10.152.8.56) by AM5EUR02HT242.eop-EUR02.prod.protection.outlook.com (10.152.9.56) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.20.1273.13; Mon, 22 Oct 2018 14:59:39 +0000 Received: from VI1PR0701MB2862.eurprd07.prod.outlook.com (10.152.8.52) by AM5EUR02FT060.mail.protection.outlook.com (10.152.9.179) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.20.1273.13 via Frontend Transport; Mon, 22 Oct 2018 14:59:39 +0000 Received: from VI1PR0701MB2862.eurprd07.prod.outlook.com ([fe80::e101:f381:524b:7739]) by VI1PR0701MB2862.eurprd07.prod.outlook.com ([fe80::e101:f381:524b:7739%6]) with mapi id 15.20.1273.014; Mon, 22 Oct 2018 14:59:39 +0000 From: Bernd Edlinger To: "gcc-patches@gcc.gnu.org" , Jeff Law Subject: [PATCH] Fix PR 87672 Date: Mon, 22 Oct 2018 14:59:39 +0000 Message-ID: MIME-Version: 1.0 Hi! This fixes an ICE which was exposed by a previous patch of mine, and a wrong transformation from strcat_chk => strcpy_chk, which fails to adjust the object size, thus allowing too much memory to be accessed. Bootstrapped and reg-tested on x86_64-pc-linux-gnu. Is it OK for trunk? Thanks Bernd. gcc: 2018-10-22 Bernd Edlinger PR tree-optimization/87672 * gimple-fold.c (gimple_fold_builtin_stxcpy_chk): Gimplify. * tree-ssa-strlen.c (handle_builtin_strcat): Adjust object size. testsuite: 2018-08-26 Bernd Edlinger PR tree-optimization/87672 * gcc.dg/pr87672.c: New test. diff -Npur gcc/gimple-fold.c gcc/gimple-fold.c --- gcc/gimple-fold.c 2018-10-21 20:46:25.000000000 +0200 +++ gcc/gimple-fold.c 2018-10-22 08:36:19.347227227 +0200 @@ -2715,6 +2715,7 @@ gimple_fold_builtin_stxcpy_chk (gimple_s return false; gimple_seq stmts = NULL; + len = force_gimple_operand (len, &stmts, true, NULL_TREE); len = gimple_convert (&stmts, loc, size_type_node, len); len = gimple_build (&stmts, loc, PLUS_EXPR, size_type_node, len, build_int_cst (size_type_node, 1)); diff -Npur gcc/tree-ssa-strlen.c gcc/tree-ssa-strlen.c --- gcc/tree-ssa-strlen.c 2018-10-21 20:46:25.000000000 +0200 +++ gcc/tree-ssa-strlen.c 2018-10-22 12:45:58.167144749 +0200 @@ -2605,12 +2605,19 @@ handle_builtin_strcat (enum built_in_fun if (endptr) dst = fold_convert_loc (loc, TREE_TYPE (dst), unshare_expr (endptr)); else - dst = fold_build2_loc (loc, POINTER_PLUS_EXPR, - TREE_TYPE (dst), unshare_expr (dst), + dst = fold_build2_loc (loc, POINTER_PLUS_EXPR, TREE_TYPE (dst), dst, fold_convert_loc (loc, sizetype, unshare_expr (dstlen))); dst = force_gimple_operand_gsi (gsi, dst, true, NULL_TREE, true, GSI_SAME_STMT); + if (objsz) + { + objsz = fold_build2_loc (loc, MINUS_EXPR, TREE_TYPE (objsz), objsz, + fold_convert_loc (loc, TREE_TYPE (objsz), + unshare_expr (dstlen))); + objsz = force_gimple_operand_gsi (gsi, objsz, true, NULL_TREE, true, + GSI_SAME_STMT); + } if (dump_file && (dump_flags & TDF_DETAILS) != 0) { fprintf (dump_file, "Optimizing: "); diff -Npur gcc/testsuite/gcc.dg/pr87672.c gcc/testsuite/gcc.dg/pr87672.c --- gcc/testsuite/gcc.dg/pr87672.c 1970-01-01 01:00:00.000000000 +0100 +++ gcc/testsuite/gcc.dg/pr87672.c 2018-10-22 11:27:27.260549463 +0200 @@ -0,0 +1,11 @@ +/* { dg-do compile } */ +/* { dg-options "-O2 -fdump-tree-optimized" } */ + +char buf[40]; +void test (int x) +{ + __builtin_strcpy (buf, "test"); + __builtin___strcat_chk (buf, "postfix" + x, sizeof (buf)); +} + +/* { dg-final { scan-tree-dump "memcpy_chk.*, 36\\)" "optimized" } } */