> Am 07.05.2024 um 17:54 schrieb Jakub Jelinek <ja...@redhat.com>:
>
> Hi!
>
> In r9-5742 we've started allowing to inline always_inline functions into
> functions which have disabled e.g. address sanitization even when the
> always_inline function is implicitly from command line options sanitized.
>
> This mostly works fine because most of the asan instrumentation is done only
> late after ipa, but as the following testcase the .ASAN_MARK ifn calls
> gimplifier adds can result in ICEs.
>
> Fixed by dropping those during inlining, similarly to how we drop
> .TSAN_FUNC_EXIT calls.
>
> Bootstrapped/regtested on x86_64-linux and i686-linux, ok for trunk?
Ok
Richard
> 2024-05-07 Jakub Jelinek <ja...@redhat.com>
>
> PR sanitizer/114956
> * tree-inline.cc: Include asan.h.
> (copy_bb): Remove also .ASAN_MARK calls if id->dst_fn has asan/hwasan
> sanitization disabled.
>
> * gcc.dg/asan/pr114956.c: New test.
>
> --- gcc/tree-inline.cc.jj 2024-05-03 09:44:21.199055899 +0200
> +++ gcc/tree-inline.cc 2024-05-06 10:45:37.231349328 +0200
> @@ -65,6 +65,7 @@ along with GCC; see the file COPYING3.
> #include "symbol-summary.h"
> #include "symtab-thunks.h"
> #include "symtab-clones.h"
> +#include "asan.h"
>
> /* I'm not real happy about this, but we need to handle gimple and
> non-gimple trees. */
> @@ -2226,13 +2227,26 @@ copy_bb (copy_body_data *id, basic_block
> }
> else if (call_stmt
> && id->call_stmt
> - && gimple_call_internal_p (stmt)
> - && gimple_call_internal_fn (stmt) == IFN_TSAN_FUNC_EXIT)
> - {
> - /* Drop TSAN_FUNC_EXIT () internal calls during inlining. */
> - gsi_remove (©_gsi, false);
> - continue;
> - }
> + && gimple_call_internal_p (stmt))
> + switch (gimple_call_internal_fn (stmt))
> + {
> + case IFN_TSAN_FUNC_EXIT:
> + /* Drop .TSAN_FUNC_EXIT () internal calls during inlining. */
> + gsi_remove (©_gsi, false);
> + continue;
> + case IFN_ASAN_MARK:
> + /* Drop .ASAN_MARK internal calls during inlining into
> + no_sanitize functions. */
> + if (!sanitize_flags_p (SANITIZE_ADDRESS, id->dst_fn)
> + && !sanitize_flags_p (SANITIZE_HWADDRESS, id->dst_fn))
> + {
> + gsi_remove (©_gsi, false);
> + continue;
> + }
> + break;
> + default:
> + break;
> + }
>
> /* Statements produced by inlining can be unfolded, especially
> when we constant propagated some operands. We can't fold
> --- gcc/testsuite/gcc.dg/asan/pr114956.c.jj 2024-05-06 10:54:52.601892840
> +0200
> +++ gcc/testsuite/gcc.dg/asan/pr114956.c 2024-05-06 10:54:33.920143734
> +0200
> @@ -0,0 +1,26 @@
> +/* PR sanitizer/114956 */
> +/* { dg-do compile } */
> +/* { dg-options "-O2 -fsanitize=address,null" } */
> +
> +int **a;
> +void qux (int *);
> +
> +__attribute__((always_inline)) static inline int *
> +foo (void)
> +{
> + int b[1];
> + qux (b);
> + return a[1];
> +}
> +
> +__attribute__((no_sanitize_address)) void
> +bar (void)
> +{
> + *a = foo ();
> +}
> +
> +void
> +baz (void)
> +{
> + bar ();
> +}
>
> Jakub
>
