Re: [PATCH] asan: Fix up error recovery for too large frames [PR107317]

Thu, 24 Nov 2022 02:21:34 -0800 

On Thu, 24 Nov 2022, Jakub Jelinek wrote:

> Hi!
> 
> asan_emit_stack_protection and functions it calls have various asserts that
> verify sanity of the stack protection instrumentation.  But, that
> verification can easily fail if we've diagnosed a frame offset overflow.
> asan_emit_stack_protection just emits some extra code in the prologue,
> if we've reported errors, we aren't producing assembly, so it doesn't
> really matter if we don't include the protection code, compilation
> is going to fail anyway.
> 
> Bootstrapped/regtested on x86_64-linux and i686-linux, ok for trunk?

OK.

> 2022-11-24  Jakub Jelinek  <ja...@redhat.com>
> 
>       PR middle-end/107317
>       * asan.cc: Include diagnostic-core.h.
>       (asan_emit_stack_protection): Return NULL early if seen_error ().
> 
>       * gcc.dg/asan/pr107317.c: New test.
> 
> --- gcc/asan.cc.jj    2022-06-28 13:03:30.613693889 +0200
> +++ gcc/asan.cc       2022-11-23 17:47:09.130332461 +0100
> @@ -64,6 +64,7 @@ along with GCC; see the file COPYING3.
>  #include "tree-inline.h"
>  #include "tree-ssa.h"
>  #include "tree-eh.h"
> +#include "diagnostic-core.h"
>  
>  /* AddressSanitizer finds out-of-bounds and use-after-free bugs
>     with <2x slowdown on average.
> @@ -1818,6 +1819,11 @@ asan_emit_stack_protection (rtx base, rt
>    tree str_cst, decl, id;
>    int use_after_return_class = -1;
>  
> +  /* Don't emit anything when doing error recovery, the assertions
> +     might fail e.g. if a function had a frame offset overflow.  */
> +  if (seen_error ())
> +    return NULL;
> +
>    if (shadow_ptr_types[0] == NULL_TREE)
>      asan_init_shadow_ptr_types ();
>  
> --- gcc/testsuite/gcc.dg/asan/pr107317.c.jj   2022-11-23 17:46:09.145219960 
> +0100
> +++ gcc/testsuite/gcc.dg/asan/pr107317.c      2022-11-23 17:49:45.148024097 
> +0100
> @@ -0,0 +1,13 @@
> +/* PR middle-end/107317 */
> +/* { dg-do compile { target ilp32 } } */
> +/* { dg-options "-fsanitize=address -ffat-lto-objects" } */
> +
> +void bar (float *, float *);
> +
> +void
> +foo (void)           /* { dg-error "exceeds maximum" } */
> +{
> +  float a[400000000];
> +  float b[200000000];
> +  bar (a, b);
> +}
> 
>       Jakub
> 
> 

-- 
Richard Biener <rguent...@suse.de>
SUSE Software Solutions Germany GmbH, Frankenstrasse 146, 90461 Nuernberg,
Germany; GF: Ivo Totev, Andrew Myers, Andrew McDonald, Boudien Moerman;
HRB 36809 (AG Nuernberg)

Reply via email to