From patchwork Thu Feb 22 09:06:32 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jakub Jelinek X-Patchwork-Id: 204626 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:7300:aa16:b0:108:e6aa:91d0 with SMTP id by22csp124082dyb; Thu, 22 Feb 2024 01:07:34 -0800 (PST) X-Forwarded-Encrypted: i=3; AJvYcCX4O7NgAhYh2dO5T/uFlIAFP7t/4+xVFZzMqQA2ozdHkwE+qEchQF0Sf/UIagN1XEQnw9pzqSZekPwWKifJrszKU/nNiA== X-Google-Smtp-Source: AGHT+IEeCLUddVQ9V4lngkLtHJpqP7CHRq7L6yeX4LFhbuK6SRBSp2gyCq+s1vy99EavpOchJscb X-Received: by 2002:a1f:6603:0:b0:4c9:98f8:83d7 with SMTP id a3-20020a1f6603000000b004c998f883d7mr11017480vkc.0.1708592853915; Thu, 22 Feb 2024 01:07:33 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1708592853; cv=pass; d=google.com; s=arc-20160816; b=hVD6mu2BJ8AA4W8vjn9JRs2QNWFbuonDbkJYVHGqvc1LehBfXYOqYNSyHxmPpRXTMg selKsPch8vKB6MSXnl45IOsI4gzBG6gc1HCoT41tWPIV+MqhdOW4yf+nCchJdIg/V36I Tz+6/kK0gfKOQrRzFU4rAscGwrq7BpeT9LWnF3jGJSpixrrkdY3jyFFCPJK7YiWktDTq vNfVoU0MoME2iSS9v8+u6RzI8Vowfh1wXrHwSIwoOIRXB+rJ5cA2Ysq2A2IrGok1WVko hYP+DE8oCz4psHnHYudQRXp2IH1t8ejpLbbySXT7IPf3iv8ERRXflrVx7DeDRrultwrf d2PQ== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=errors-to:reply-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-disposition :mime-version:message-id:subject:cc:to:from:date:dkim-signature :arc-filter:dmarc-filter:delivered-to; bh=LIAn3/Ea5X0qlqMX0bTXfUuRv32gU07jw9b9yFjScyE=; fh=NlqF7H6cLS6SgmAhsbIFJmnhAZ1wSEhSwbeqvRjIFRE=; b=FQe5U1ohn6yi30kTUzk51Dz1X7L1UUWXprh7QDO87205Wo80tQn4nZFtIeyqNzy22k gpUMozvRTuVwf+Ra80Emb4zGLTW9nQqJCHxaHnjepLx4j4Ksamys9RRp33reVDuyO1T3 wh059RMa9GWnCTxDzV2XyYzMencsEMMXL+tmDT4RqBdKFbnbKqz50yqTMnkaJueXW/zX FUuXmlewpAb5mDLTqnHkgLqo7ZezvpHYmPU4YWsx/54YAzSnwSuOcbKfMIfjulxTxXZM tqnMgnA4V5vapOrKWICUYTwsUtnuhVT5fTICw0o+DOwTV16GMTx7jwRoizPJaM9M2HYm oMKg==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=SKNY2cVR; arc=pass (i=1); spf=pass (google.com: domain of gcc-patches-bounces+ouuuleilei=gmail.com@gcc.gnu.org designates 8.43.85.97 as permitted sender) smtp.mailfrom="gcc-patches-bounces+ouuuleilei=gmail.com@gcc.gnu.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: from server2.sourceware.org (server2.sourceware.org. [8.43.85.97]) by mx.google.com with ESMTPS id q6-20020a05621419e600b0068f0da24fd3si12442999qvc.180.2024.02.22.01.07.33 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 22 Feb 2024 01:07:33 -0800 (PST) Received-SPF: pass (google.com: domain of gcc-patches-bounces+ouuuleilei=gmail.com@gcc.gnu.org designates 8.43.85.97 as permitted sender) client-ip=8.43.85.97; Authentication-Results: mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=SKNY2cVR; arc=pass (i=1); spf=pass (google.com: domain of gcc-patches-bounces+ouuuleilei=gmail.com@gcc.gnu.org designates 8.43.85.97 as permitted sender) smtp.mailfrom="gcc-patches-bounces+ouuuleilei=gmail.com@gcc.gnu.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id 9C2D83858C42 for ; Thu, 22 Feb 2024 09:07:33 +0000 (GMT) X-Original-To: gcc-patches@gcc.gnu.org Delivered-To: gcc-patches@gcc.gnu.org Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by sourceware.org (Postfix) with ESMTPS id 53F5C3858D1E for ; Thu, 22 Feb 2024 09:06:40 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 53F5C3858D1E Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=redhat.com Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=redhat.com ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 53F5C3858D1E Authentication-Results: server2.sourceware.org; arc=none smtp.remote-ip=170.10.133.124 ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1708592810; cv=none; b=lZxExQV5KiOIiX6lwmxYug0HVJSLs+eY2fAVy954QMw6tuyfQOnD7RyzcUc/2td9m1OGEGiUq72mfFseGg7V/rXWYuOUuCVPttIpcpocQvHzfJjhnQtBeWwIdSKH4EO7IvtQ9XT4TNlqoxtquUUBqJ4M19lSuEkq5UCb0Fnj89s= ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1708592810; c=relaxed/simple; bh=pOAxD84jXKko4RMK7YDgoSZtUi/F1g81ix8sWnzI5iI=; h=DKIM-Signature:Date:From:To:Subject:Message-ID:MIME-Version; b=jV8VTCm+lmKTmqWaO+Sxajad4/kEKbdN8P3o9dXAlqfgab/LSFKD5Vm7oxprJHiutqTyMcUeIS0Ih2PWNoGg3XcHBu36FCY4f2eLw9LHFIod01B4Pj9k2lD5qifn2+nCW0yRqFEaBi9aXYRcTuRWy/4yvFJinhWoJu+FKoNXk98= ARC-Authentication-Results: i=1; server2.sourceware.org DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1708592799; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type; bh=LIAn3/Ea5X0qlqMX0bTXfUuRv32gU07jw9b9yFjScyE=; b=SKNY2cVRSOBm/3yFIGU7yWMYGa2hOkU9liOIgoA7zAAy8PnI6gedEezUZ6s0URi4HRMsab ZR/L8V6j3aAiQmnpw2Fs4gIva/d1T/cSpTOi8fMKIlcpBBPl3GpGgLABvvA4GCjrYAts4o gcp6gLXSXjYGT4orEvkQLfVk00HIDeY= Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-510-YAMKm9d4OjKLwpC0XfEcQg-1; Thu, 22 Feb 2024 04:06:36 -0500 X-MC-Unique: YAMKm9d4OjKLwpC0XfEcQg-1 Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 194CD83B828; Thu, 22 Feb 2024 09:06:36 +0000 (UTC) Received: from tucnak.zalov.cz (unknown [10.39.192.8]) by smtp.corp.redhat.com (Postfix) with ESMTPS id D1D651121337; Thu, 22 Feb 2024 09:06:35 +0000 (UTC) Received: from tucnak.zalov.cz (localhost [127.0.0.1]) by tucnak.zalov.cz (8.17.1/8.17.1) with ESMTPS id 41M96XWQ2145888 (version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384 bits=256 verify=NOT); Thu, 22 Feb 2024 10:06:33 +0100 Received: (from jakub@localhost) by tucnak.zalov.cz (8.17.1/8.17.1/Submit) id 41M96WZa2145887; Thu, 22 Feb 2024 10:06:32 +0100 Date: Thu, 22 Feb 2024 10:06:32 +0100 From: Jakub Jelinek To: Jan Hubicka Cc: gcc-patches@gcc.gnu.org Subject: [PATCH] profile-count: Don't dump through a temporary buffer [PR111960] Message-ID: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.4.1 on 10.11.54.3 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Disposition: inline X-Spam-Status: No, score=-3.4 required=5.0 tests=BAYES_00, DKIMWL_WL_HIGH, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H4, RCVD_IN_MSPIKE_WL, SPF_HELO_NONE, SPF_NONE, TXREP, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: gcc-patches@gcc.gnu.org X-Mailman-Version: 2.1.30 Precedence: list List-Id: Gcc-patches mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: Jakub Jelinek Errors-To: gcc-patches-bounces+ouuuleilei=gmail.com@gcc.gnu.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1791589460136757033 X-GMAIL-MSGID: 1791589460136757033 Hi! The profile_count::dump (char *, struct function * = NULL) const; method has a single caller, the profile_count::dump (FILE *f, struct function *fun) const; method and for that going through a temporary buffer is just slower and opens doors for buffer overflows, which is exactly why this P1 was filed. The buffer size is 64 bytes, the previous maximum "%" PRId64 " (%s)" would print up to 61 bytes in there (19 bytes for arbitrary uint64_t:61 bitfield printed as signed, "estimated locally, globally 0 adjusted" i.e. 38 bytes longest %s and 4 other characters). Now, after the r14-2389 changes, it can be 19 + 38 plus 11 other characters + %.4f, which is worst case 309 chars before decimal point, decimal point and 4 digits after it, so total 382 bytes. So, either we could bump the buffer[64] to buffer[400], or the following patch just drops the indirection through buffer and prints it directly to stream. After all, having APIs which fill in some buffer without passing down the size of the buffer is just asking for buffer overflows over time. Bootstrapped/regtested on x86_64-linux and i686-linux, ok for trunk? Or do you want buffer[400]; instead? Or buffer[128]; and somehow prevent arbitrarily long doubles? Or add size_t next to char * arguments and use snprintf? Though, truncated messages would look ugly. 2024-02-22 Jakub Jelinek PR ipa/111960 * profile-count.h (profile_count::dump): Remove overload with char * first argument. * profile-count.cc (profile_count::dump): Change overload with char * first argument which uses sprintf into the overfload with FILE * first argument and use fprintf instead. Remove overload which wrapped it. Jakub --- gcc/profile-count.h.jj 2024-01-03 11:51:30.309748150 +0100 +++ gcc/profile-count.h 2024-02-21 21:04:22.338905728 +0100 @@ -1299,9 +1299,6 @@ public: /* Output THIS to F. */ void dump (FILE *f, struct function *fun = NULL) const; - /* Output THIS to BUFFER. */ - void dump (char *buffer, struct function *fun = NULL) const; - /* Print THIS to stderr. */ void debug () const; --- gcc/profile-count.cc.jj 2024-01-03 11:51:40.782602796 +0100 +++ gcc/profile-count.cc 2024-02-21 21:05:28.521994913 +0100 @@ -84,34 +84,24 @@ const char *profile_quality_display_name "precise" }; -/* Dump THIS to BUFFER. */ +/* Dump THIS to F. */ void -profile_count::dump (char *buffer, struct function *fun) const +profile_count::dump (FILE *f, struct function *fun) const { if (!initialized_p ()) - sprintf (buffer, "uninitialized"); + fprintf (f, "uninitialized"); else if (fun && initialized_p () && fun->cfg && ENTRY_BLOCK_PTR_FOR_FN (fun)->count.initialized_p ()) - sprintf (buffer, "%" PRId64 " (%s, freq %.4f)", m_val, + fprintf (f, "%" PRId64 " (%s, freq %.4f)", m_val, profile_quality_display_names[m_quality], to_sreal_scale (ENTRY_BLOCK_PTR_FOR_FN (fun)->count).to_double ()); else - sprintf (buffer, "%" PRId64 " (%s)", m_val, + fprintf (f, "%" PRId64 " (%s)", m_val, profile_quality_display_names[m_quality]); } -/* Dump THIS to F. */ - -void -profile_count::dump (FILE *f, struct function *fun) const -{ - char buffer[64]; - dump (buffer, fun); - fputs (buffer, f); -} - /* Dump THIS to stderr. */ void