projects / gcc.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
re PR tree-optimization/63747 (icf mis-compares switch gimple)
[gcc.git] / gcc / sanopt.c
1 /* Optimize and expand sanitizer functions.
2 Copyright (C) 2014 Free Software Foundation, Inc.
3 Contributed by Marek Polacek <polacek@redhat.com>
4
5 This file is part of GCC.
6
7 GCC is free software; you can redistribute it and/or modify it under
8 the terms of the GNU General Public License as published by the Free
9 Software Foundation; either version 3, or (at your option) any later
10 version.
11
12 GCC is distributed in the hope that it will be useful, but WITHOUT ANY
13 WARRANTY; without even the implied warranty of MERCHANTABILITY or
14 FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
15 for more details.
16
17 You should have received a copy of the GNU General Public License
18 along with GCC; see the file COPYING3. If not see
19 <http://www.gnu.org/licenses/>. */
20
21 #include "config.h"
22 #include "system.h"
23 #include "coretypes.h"
24 #include "tree.h"
25 #include "hash-table.h"
26 #include "predict.h"
27 #include "vec.h"
28 #include "hashtab.h"
29 #include "hash-set.h"
30 #include "tm.h"
31 #include "hard-reg-set.h"
32 #include "function.h"
33 #include "dominance.h"
34 #include "cfg.h"
35 #include "basic-block.h"
36 #include "tree-ssa-alias.h"
37 #include "internal-fn.h"
38 #include "gimple-expr.h"
39 #include "is-a.h"
40 #include "gimple.h"
41 #include "gimplify.h"
42 #include "gimple-iterator.h"
43 #include "hash-map.h"
44 #include "plugin-api.h"
45 #include "tree-pass.h"
46 #include "asan.h"
47 #include "gimple-pretty-print.h"
48 #include "tm_p.h"
49 #include "langhooks.h"
50 #include "ubsan.h"
51 #include "params.h"
52
53
54 /* This is used to carry information about basic blocks. It is
55 attached to the AUX field of the standard CFG block. */
56
57 struct sanopt_info
58 {
59 /* True if this BB has been visited. */
60 bool visited_p;
61 };
62
63 /* This is used to carry various hash maps and variables used
64 in sanopt_optimize_walker. */
65
66 struct sanopt_ctx
67 {
68 /* This map maps a pointer (the first argument of UBSAN_NULL) to
69 a vector of UBSAN_NULL call statements that check this pointer. */
70 hash_map<tree, auto_vec<gimple> > null_check_map;
71
72 /* Number of IFN_ASAN_CHECK statements. */
73 int asan_num_accesses;
74 };
75
76
77 /* Try to optimize away redundant UBSAN_NULL checks.
78
79 We walk blocks in the CFG via a depth first search of the dominator
80 tree; we push unique UBSAN_NULL statements into a vector in the
81 NULL_CHECK_MAP as we enter the blocks. When leaving a block, we
82 mark the block as visited; then when checking the statements in the
83 vector, we ignore statements that are coming from already visited
84 blocks, because these cannot dominate anything anymore.
85 CTX is a sanopt context. */
86
87 static void
88 sanopt_optimize_walker (basic_block bb, struct sanopt_ctx *ctx)
89 {
90 basic_block son;
91 gimple_stmt_iterator gsi;
92
93 for (gsi = gsi_start_bb (bb); !gsi_end_p (gsi);)
94 {
95 gimple stmt = gsi_stmt (gsi);
96 bool remove = false;
97
98 if (is_gimple_call (stmt)
99 && gimple_call_internal_p (stmt))
100 switch (gimple_call_internal_fn (stmt))
101 {
102 case IFN_UBSAN_NULL:
103 {
104 gcc_assert (gimple_call_num_args (stmt) == 3);
105 tree ptr = gimple_call_arg (stmt, 0);
106 tree cur_align = gimple_call_arg (stmt, 2);
107 gcc_assert (TREE_CODE (cur_align) == INTEGER_CST);
108
109 auto_vec<gimple> &v = ctx->null_check_map.get_or_insert (ptr);
110 if (v.is_empty ())
111 /* For this PTR we don't have any UBSAN_NULL stmts
112 recorded, so there's nothing to optimize yet. */
113 v.safe_push (stmt);
114 else
115 {
116 /* We already have recorded a UBSAN_NULL check
117 for this pointer. Perhaps we can drop this one.
118 But only if this check doesn't specify stricter
119 alignment. */
120 while (!v.is_empty ())
121 {
122 gimple g = v.last ();
123 /* Remove statements for BBs that have been
124 already processed. */
125 sanopt_info *si = (sanopt_info *) gimple_bb (g)->aux;
126 if (si->visited_p)
127 v.pop ();
128 else
129 {
130 /* At this point we shouldn't have any statements
131 that aren't dominating the current BB. */
132 tree align = gimple_call_arg (g, 2);
133 int kind = tree_to_shwi (gimple_call_arg (g, 1));
134 /* If this is a NULL pointer check where we had segv
135 anyway, we can remove it. */
136 if (integer_zerop (align)
137 && (kind == UBSAN_LOAD_OF
138 || kind == UBSAN_STORE_OF
139 || kind == UBSAN_MEMBER_ACCESS))
140 remove = true;
141 /* Otherwise remove the check in non-recovering
142 mode, or if the stmts have same location. */
143 else if (integer_zerop (align))
144 remove = !(flag_sanitize_recover & SANITIZE_NULL)
145 || flag_sanitize_undefined_trap_on_error
146 || gimple_location (g)
147 == gimple_location (stmt);
148 else if (tree_int_cst_le (cur_align, align))
149 remove = !(flag_sanitize_recover
150 & SANITIZE_ALIGNMENT)
151 || flag_sanitize_undefined_trap_on_error
152 || gimple_location (g)
153 == gimple_location (stmt);
154 if (!remove && gimple_bb (g) == gimple_bb (stmt)
155 && tree_int_cst_compare (cur_align, align) == 0)
156 v.pop ();
157 break;
158 }
159 }
160
161 if (remove)
162 {
163 /* Drop this check. */
164 if (dump_file && (dump_flags & TDF_DETAILS))
165 {
166 fprintf (dump_file, "Optimizing out\n ");
167 print_gimple_stmt (dump_file, stmt, 0,
168 dump_flags);
169 fprintf (dump_file, "\n");
170 }
171 gsi_remove (&gsi, true);
172 }
173 else
174 v.safe_push (stmt);
175 }
176 }
177 case IFN_ASAN_CHECK:
178 ctx->asan_num_accesses++;
179 break;
180 default:
181 break;
182 }
183
184 /* If we were able to remove the current statement, gsi_remove
185 already pointed us to the next statement. */
186 if (!remove)
187 gsi_next (&gsi);
188 }
189
190 for (son = first_dom_son (CDI_DOMINATORS, bb);
191 son;
192 son = next_dom_son (CDI_DOMINATORS, son))
193 sanopt_optimize_walker (son, ctx);
194
195 /* We're leaving this BB, so mark it to that effect. */
196 sanopt_info *info = (sanopt_info *) bb->aux;
197 info->visited_p = true;
198 }
199
200 /* Try to remove redundant sanitizer checks in function FUN. */
201
202 static int
203 sanopt_optimize (function *fun)
204 {
205 struct sanopt_ctx ctx;
206 ctx.asan_num_accesses = 0;
207
208 /* Set up block info for each basic block. */
209 alloc_aux_for_blocks (sizeof (sanopt_info));
210
211 /* We're going to do a dominator walk, so ensure that we have
212 dominance information. */
213 calculate_dominance_info (CDI_DOMINATORS);
214
215 /* Recursively walk the dominator tree optimizing away
216 redundant checks. */
217 sanopt_optimize_walker (ENTRY_BLOCK_PTR_FOR_FN (fun), &ctx);
218
219 free_aux_for_blocks ();
220
221 return ctx.asan_num_accesses;
222 }
223
224 /* Perform optimization of sanitize functions. */
225
226 namespace {
227
228 const pass_data pass_data_sanopt =
229 {
230 GIMPLE_PASS, /* type */
231 "sanopt", /* name */
232 OPTGROUP_NONE, /* optinfo_flags */
233 TV_NONE, /* tv_id */
234 ( PROP_ssa | PROP_cfg | PROP_gimple_leh ), /* properties_required */
235 0, /* properties_provided */
236 0, /* properties_destroyed */
237 0, /* todo_flags_start */
238 TODO_update_ssa, /* todo_flags_finish */
239 };
240
241 class pass_sanopt : public gimple_opt_pass
242 {
243 public:
244 pass_sanopt (gcc::context *ctxt)
245 : gimple_opt_pass (pass_data_sanopt, ctxt)
246 {}
247
248 /* opt_pass methods: */
249 virtual bool gate (function *) { return flag_sanitize; }
250 virtual unsigned int execute (function *);
251
252 }; // class pass_sanopt
253
254 unsigned int
255 pass_sanopt::execute (function *fun)
256 {
257 basic_block bb;
258 int asan_num_accesses = 0;
259
260 /* Try to remove redundant checks. */
261 if (optimize
262 && (flag_sanitize & (SANITIZE_NULL | SANITIZE_ALIGNMENT)))
263 asan_num_accesses = sanopt_optimize (fun);
264 else if (flag_sanitize & SANITIZE_ADDRESS)
265 {
266 gimple_stmt_iterator gsi;
267 FOR_EACH_BB_FN (bb, fun)
268 for (gsi = gsi_start_bb (bb); !gsi_end_p (gsi); gsi_next (&gsi))
269 {
270 gimple stmt = gsi_stmt (gsi);
271 if (is_gimple_call (stmt) && gimple_call_internal_p (stmt)
272 && gimple_call_internal_fn (stmt) == IFN_ASAN_CHECK)
273 ++asan_num_accesses;
274 }
275 }
276
277 bool use_calls = ASAN_INSTRUMENTATION_WITH_CALL_THRESHOLD < INT_MAX
278 && asan_num_accesses >= ASAN_INSTRUMENTATION_WITH_CALL_THRESHOLD;
279
280 FOR_EACH_BB_FN (bb, fun)
281 {
282 gimple_stmt_iterator gsi;
283 for (gsi = gsi_start_bb (bb); !gsi_end_p (gsi); )
284 {
285 gimple stmt = gsi_stmt (gsi);
286 bool no_next = false;
287
288 if (!is_gimple_call (stmt))
289 {
290 gsi_next (&gsi);
291 continue;
292 }
293
294 if (gimple_call_internal_p (stmt))
295 {
296 enum internal_fn ifn = gimple_call_internal_fn (stmt);
297 switch (ifn)
298 {
299 case IFN_UBSAN_NULL:
300 no_next = ubsan_expand_null_ifn (&gsi);
301 break;
302 case IFN_UBSAN_BOUNDS:
303 no_next = ubsan_expand_bounds_ifn (&gsi);
304 break;
305 case IFN_UBSAN_OBJECT_SIZE:
306 no_next = ubsan_expand_objsize_ifn (&gsi);
307 break;
308 case IFN_ASAN_CHECK:
309 no_next = asan_expand_check_ifn (&gsi, use_calls);
310 break;
311 default:
312 break;
313 }
314 }
315
316 if (dump_file && (dump_flags & TDF_DETAILS))
317 {
318 fprintf (dump_file, "Expanded\n ");
319 print_gimple_stmt (dump_file, stmt, 0, dump_flags);
320 fprintf (dump_file, "\n");
321 }
322
323 if (!no_next)
324 gsi_next (&gsi);
325 }
326 }
327 return 0;
328 }
329
330 } // anon namespace
331
332 gimple_opt_pass *
333 make_pass_sanopt (gcc::context *ctxt)
334 {
335 return new pass_sanopt (ctxt);
336 }