diff mbox series

ubsan: Don't -fsanitize=null instrument __seg_fs/gs pointers [PR111736]

Message ID Zf07jfdjTLaF2+Wd@tucnak
State New
Headers show
Series ubsan: Don't -fsanitize=null instrument __seg_fs/gs pointers [PR111736] | expand

Commit Message

Jakub Jelinek March 22, 2024, 8:04 a.m. UTC 
Hi!

On x86 and avr some address spaces allow 0 pointers (on avr actually
even generic as, but libsanitizer isn't ported to it and
I'm not convinced we should completely kill -fsanitize=null in that
case).
The following patch makes sure those aren't diagnosed for -fsanitize=null,
though they are still sanitized for -fsanitize=alignment.

Bootstrapped/regtested on x86_64-linux and i686-linux, ok for trunk?

2024-03-22  Jakub Jelinek  <jakub@redhat.com>

	PR sanitizer/111736
	* ubsan.cc (ubsan_expand_null_ifn, instrument_mem_ref): Avoid
	SANITIZE_NULL instrumentation for non-generic address spaces
	for which targetm.addr_space.zero_address_valid (as) is true.

	* gcc.dg/ubsan/pr111736.c: New test.


	Jakub

Comments

Richard Biener March 22, 2024, 8:08 a.m. UTC | #1 
On Fri, 22 Mar 2024, Jakub Jelinek wrote:

> Hi!
> 
> On x86 and avr some address spaces allow 0 pointers (on avr actually
> even generic as, but libsanitizer isn't ported to it and
> I'm not convinced we should completely kill -fsanitize=null in that
> case).
> The following patch makes sure those aren't diagnosed for -fsanitize=null,
> though they are still sanitized for -fsanitize=alignment.
> 
> Bootstrapped/regtested on x86_64-linux and i686-linux, ok for trunk?

OK.

> 2024-03-22  Jakub Jelinek  <jakub@redhat.com>
> 
> 	PR sanitizer/111736
> 	* ubsan.cc (ubsan_expand_null_ifn, instrument_mem_ref): Avoid
> 	SANITIZE_NULL instrumentation for non-generic address spaces
> 	for which targetm.addr_space.zero_address_valid (as) is true.
> 
> 	* gcc.dg/ubsan/pr111736.c: New test.
> 
> --- gcc/ubsan.cc.jj	2024-03-13 09:16:37.791885010 +0100
> +++ gcc/ubsan.cc	2024-03-22 08:11:50.093131678 +0100
> @@ -858,6 +858,13 @@ ubsan_expand_null_ifn (gimple_stmt_itera
>  	}
>      }
>    check_null = sanitize_flags_p (SANITIZE_NULL);
> +  if (check_null && POINTER_TYPE_P (TREE_TYPE (ptr)))
> +    {
> +      addr_space_t as = TYPE_ADDR_SPACE (TREE_TYPE (TREE_TYPE (ptr)));
> +      if (!ADDR_SPACE_GENERIC_P (as)
> +	  && targetm.addr_space.zero_address_valid (as))
> +	check_null = false;
> +    }
>  
>    if (check_align == NULL_TREE && !check_null)
>      {
> @@ -1447,8 +1454,15 @@ instrument_mem_ref (tree mem, tree base,
>        if (align <= 1)
>  	align = 0;
>      }
> -  if (align == 0 && !sanitize_flags_p (SANITIZE_NULL))
> -    return;
> +  if (align == 0)
> +    {
> +      if (!sanitize_flags_p (SANITIZE_NULL))
> +	return;
> +      addr_space_t as = TYPE_ADDR_SPACE (TREE_TYPE (base));
> +      if (!ADDR_SPACE_GENERIC_P (as)
> +	  && targetm.addr_space.zero_address_valid (as))
> +	return;
> +    }
>    tree t = TREE_OPERAND (base, 0);
>    if (!POINTER_TYPE_P (TREE_TYPE (t)))
>      return;
> --- gcc/testsuite/gcc.dg/ubsan/pr111736.c.jj	2024-03-21 13:50:49.482348296 +0100
> +++ gcc/testsuite/gcc.dg/ubsan/pr111736.c	2024-03-21 13:53:33.789091054 +0100
> @@ -0,0 +1,23 @@
> +/* PR sanitizer/111736 */
> +/* { dg-do compile { target i?86-*-* x86_64-*-* } } */
> +/* { dg-options "-fsanitize=null,alignment -fdump-tree-optimized -ffat-lto-objects" } */
> +/* { dg-final { scan-tree-dump-times "__ubsan_handle_type_mismatch" 1 "optimized" } } */
> +/* { dg-final { scan-tree-dump-not "p_\[0-9]*.D. \[=!]= 0" "optimized" } } */
> +
> +#ifdef __x86_64__
> +#define SEG __seg_fs
> +#else
> +#define SEG __seg_gs
> +#endif
> +
> +int
> +foo (int SEG *p, int *q)
> +{
> +  return *p;
> +}
> +
> +__attribute__((no_sanitize("alignment"))) int
> +bar (int SEG *p, int *q)
> +{
> +  return *p;
> +}
> 
> 	Jakub
> 
>
diff mbox series

Patch

--- gcc/ubsan.cc.jj	2024-03-13 09:16:37.791885010 +0100
+++ gcc/ubsan.cc	2024-03-22 08:11:50.093131678 +0100
@@ -858,6 +858,13 @@  ubsan_expand_null_ifn (gimple_stmt_itera
 	}
     }
   check_null = sanitize_flags_p (SANITIZE_NULL);
+  if (check_null && POINTER_TYPE_P (TREE_TYPE (ptr)))
+    {
+      addr_space_t as = TYPE_ADDR_SPACE (TREE_TYPE (TREE_TYPE (ptr)));
+      if (!ADDR_SPACE_GENERIC_P (as)
+	  && targetm.addr_space.zero_address_valid (as))
+	check_null = false;
+    }
 
   if (check_align == NULL_TREE && !check_null)
     {
@@ -1447,8 +1454,15 @@  instrument_mem_ref (tree mem, tree base,
       if (align <= 1)
 	align = 0;
     }
-  if (align == 0 && !sanitize_flags_p (SANITIZE_NULL))
-    return;
+  if (align == 0)
+    {
+      if (!sanitize_flags_p (SANITIZE_NULL))
+	return;
+      addr_space_t as = TYPE_ADDR_SPACE (TREE_TYPE (base));
+      if (!ADDR_SPACE_GENERIC_P (as)
+	  && targetm.addr_space.zero_address_valid (as))
+	return;
+    }
   tree t = TREE_OPERAND (base, 0);
   if (!POINTER_TYPE_P (TREE_TYPE (t)))
     return;
--- gcc/testsuite/gcc.dg/ubsan/pr111736.c.jj	2024-03-21 13:50:49.482348296 +0100
+++ gcc/testsuite/gcc.dg/ubsan/pr111736.c	2024-03-21 13:53:33.789091054 +0100
@@ -0,0 +1,23 @@ 
+/* PR sanitizer/111736 */
+/* { dg-do compile { target i?86-*-* x86_64-*-* } } */
+/* { dg-options "-fsanitize=null,alignment -fdump-tree-optimized -ffat-lto-objects" } */
+/* { dg-final { scan-tree-dump-times "__ubsan_handle_type_mismatch" 1 "optimized" } } */
+/* { dg-final { scan-tree-dump-not "p_\[0-9]*.D. \[=!]= 0" "optimized" } } */
+
+#ifdef __x86_64__
+#define SEG __seg_fs
+#else
+#define SEG __seg_gs
+#endif
+
+int
+foo (int SEG *p, int *q)
+{
+  return *p;
+}
+
+__attribute__((no_sanitize("alignment"))) int
+bar (int SEG *p, int *q)
+{
+  return *p;
+}