From patchwork Thu Apr 27 12:10:40 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Richard Biener X-Patchwork-Id: 88226 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:b0ea:0:b0:3b6:4342:cba0 with SMTP id b10csp219718vqo; Thu, 27 Apr 2023 05:11:27 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ7SSV/if7az/M14izOBvBLZ7470U4FyOPTIcl1Mr0sxlxMsgoCRYuuW6dvZueQBoKJEy4jk X-Received: by 2002:a17:907:d09:b0:94a:88aa:93b3 with SMTP id gn9-20020a1709070d0900b0094a88aa93b3mr1787960ejc.44.1682597487209; Thu, 27 Apr 2023 05:11:27 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1682597487; cv=none; d=google.com; s=arc-20160816; b=T+wSCnZS4f6JpDiZ6DckKgA3JXJ/+91cjJWcyYvxrm/5ktIwJ7KhIsFFSBtNQ3UDNw WU92GMtPiOn58usJcfYyXzb+uDzgLa5c+estwcxEO74+opPx0ddHfVqqz3rauVLI4sMm 2DhQmBAO6H2bVS3VDXU4ypptMh1oTB6NQ+VLb2lsQ+RFHarQZ6RihKc5ju709SVbnU8K oWUa0Y2S8MsGeI6qb4jVykkyBQEZkWhX0yZCB6y4n0SaJuqYyxiaU5chvLeXkEE8doik Px3XSy69S8T3vcqhgfTl3EKdZigel9qygMXDKbUQHn+jmkVxWf4sl8dJrohT7VzDmZeL ZUqQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=message-id:sender:errors-to:reply-to:from:list-subscribe:list-help :list-post:list-archive:list-unsubscribe:list-id:precedence :mime-version:user-agent:subject:cc:to:date:dmarc-filter :delivered-to:dkim-signature:dkim-filter; bh=z0/4TOlDpc6qFE0xmd1ojQJK8PGLj75XK4xKaTJ0/4I=; b=t0Pt18BG6wTO5hJBhXefNGvWrNC41ACZClXU8Kwd3Gay3Ee8EGJ+NFyqheMgKj3sJv uLVxXnrNYHZSnFvbSy0HB/mWtBqWbBpfInHP48Hnf/XPYpf+BfY3qnL3WFJ3JImpEBCu Rzh9tPYJTp7oseXzUUZxtgPzGhEK+sFACCuL2PYK8FSHN/7wR+cNNaPDhHugMNuhGaV7 mt1kuOmSp46P20QyhCGaMvRxZEaPxw1LbDup9rS6g5Wo8y5WzPkfLcro6/SiR/tEtO5u dYuausfW2wy1osHbGKYZ+9tLnMB7Su+s2Acz55/kSXJcMoIlHpEE2K2pw+H9mZ9OebrP fPug== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gcc.gnu.org header.s=default header.b=ia4wcZWy; spf=pass (google.com: domain of gcc-patches-bounces+ouuuleilei=gmail.com@gcc.gnu.org designates 2620:52:3:1:0:246e:9693:128c as permitted sender) smtp.mailfrom="gcc-patches-bounces+ouuuleilei=gmail.com@gcc.gnu.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=gnu.org Received: from sourceware.org (server2.sourceware.org. [2620:52:3:1:0:246e:9693:128c]) by mx.google.com with ESMTPS id r6-20020aa7d146000000b00506bb1cb2e9si13584638edo.184.2023.04.27.05.11.26 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 27 Apr 2023 05:11:27 -0700 (PDT) Received-SPF: pass (google.com: domain of gcc-patches-bounces+ouuuleilei=gmail.com@gcc.gnu.org designates 2620:52:3:1:0:246e:9693:128c as permitted sender) client-ip=2620:52:3:1:0:246e:9693:128c; Authentication-Results: mx.google.com; dkim=pass header.i=@gcc.gnu.org header.s=default header.b=ia4wcZWy; spf=pass (google.com: domain of gcc-patches-bounces+ouuuleilei=gmail.com@gcc.gnu.org designates 2620:52:3:1:0:246e:9693:128c as permitted sender) smtp.mailfrom="gcc-patches-bounces+ouuuleilei=gmail.com@gcc.gnu.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=gnu.org Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id CEB753858C66 for ; Thu, 27 Apr 2023 12:11:25 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org CEB753858C66 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gcc.gnu.org; s=default; t=1682597485; bh=z0/4TOlDpc6qFE0xmd1ojQJK8PGLj75XK4xKaTJ0/4I=; h=Date:To:cc:Subject:List-Id:List-Unsubscribe:List-Archive: List-Post:List-Help:List-Subscribe:From:Reply-To:From; b=ia4wcZWy3EbGjbZZkkW9Fr8MTN9XvVH3IDBPqV2WeeIFpmzaUQhtMgvCgkNxvYXch Fgf5YruXAIpxt5evc7t31rgw9pQneTfGAKvAAJa8LTEKdU8unueFxGwnFLChjFLQ/F ftHZOKeCBkHy+nr7zaEQVS9Dz2fVI2S4KV5RtTKQ= X-Original-To: gcc-patches@gcc.gnu.org Delivered-To: gcc-patches@gcc.gnu.org Received: from smtp-out1.suse.de (smtp-out1.suse.de [195.135.220.28]) by sourceware.org (Postfix) with ESMTPS id 5F6563858D37 for ; Thu, 27 Apr 2023 12:10:41 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 5F6563858D37 Received: from relay2.suse.de (relay2.suse.de [149.44.160.134]) by smtp-out1.suse.de (Postfix) with ESMTP id 8EA7121B01; Thu, 27 Apr 2023 12:10:40 +0000 (UTC) Received: from wotan.suse.de (wotan.suse.de [10.160.0.1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by relay2.suse.de (Postfix) with ESMTPS id 83FA82C141; Thu, 27 Apr 2023 12:10:40 +0000 (UTC) Date: Thu, 27 Apr 2023 12:10:40 +0000 (UTC) To: gcc-patches@gcc.gnu.org cc: Jakub Jelinek Subject: [PATCH] tree-optimization/109170 - bogus use-after-free with __builtin_expect User-Agent: Alpine 2.22 (LSU 394 2020-01-19) MIME-Version: 1.0 X-Spam-Status: No, score=-10.6 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, GIT_PATCH_0, MISSING_MID, SPF_HELO_NONE, SPF_PASS, TXREP, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: gcc-patches@gcc.gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Gcc-patches mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-Patchwork-Original-From: Richard Biener via Gcc-patches From: Richard Biener Reply-To: Richard Biener Errors-To: gcc-patches-bounces+ouuuleilei=gmail.com@gcc.gnu.org Sender: "Gcc-patches" Message-Id: <20230427121125.CEB753858C66@sourceware.org> X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1764331343098006574?= X-GMAIL-MSGID: =?utf-8?q?1764331343098006574?= The following generalizes the range-op for __builtin_expect by using the fnspec machinery. We've defered this to stage1 - bootstrapped and tested on x86_64-unknown-linux-gnu. OK? Thanks, Richard. PR tree-optimization/109170 * gimple-range-op.cc (gimple_range_op_handler::maybe_builtin_call): Handle __builtin_expect and similar via cfn_pass_through_arg1 and inspecting the calls fnspec. * builtins.cc (builtin_fnspec): Handle BUILT_IN_EXPECT and BUILT_IN_EXPECT_WITH_PROBABILITY. --- gcc/builtins.cc | 2 ++ gcc/gimple-range-op.cc | 19 +++++++++++-------- 2 files changed, 13 insertions(+), 8 deletions(-) diff --git a/gcc/builtins.cc b/gcc/builtins.cc index 878596c240a..bd07873a80e 100644 --- a/gcc/builtins.cc +++ b/gcc/builtins.cc @@ -11718,6 +11718,8 @@ builtin_fnspec (tree callee) case BUILT_IN_RETURN_ADDRESS: return ".c"; case BUILT_IN_ASSUME_ALIGNED: + case BUILT_IN_EXPECT: + case BUILT_IN_EXPECT_WITH_PROBABILITY: return "1cX "; /* But posix_memalign stores a pointer into the memory pointed to by its first argument. */ diff --git a/gcc/gimple-range-op.cc b/gcc/gimple-range-op.cc index f7409e35a99..04e27d6aa05 100644 --- a/gcc/gimple-range-op.cc +++ b/gcc/gimple-range-op.cc @@ -43,6 +43,7 @@ along with GCC; see the file COPYING3. If not see #include "range.h" #include "value-query.h" #include "gimple-range.h" +#include "attr-fnspec.h" // Given stmt S, fill VEC, up to VEC_SIZE elements, with relevant ssa-names // on the statement. For efficiency, it is an error to not pass in enough @@ -984,14 +985,16 @@ gimple_range_op_handler::maybe_builtin_call () m_int = &op_cfn_parity; break; - case CFN_BUILT_IN_EXPECT: - case CFN_BUILT_IN_EXPECT_WITH_PROBABILITY: - m_valid = true; - m_op1 = gimple_call_arg (call, 0); - m_int = &op_cfn_pass_through_arg1; - break; - default: - break; + { + unsigned arg; + if (gimple_call_fnspec (call).returns_arg (&arg) && arg == 0) + { + m_valid = true; + m_op1 = gimple_call_arg (call, 0); + m_int = &op_cfn_pass_through_arg1; + } + break; + } } }