gcc/sanopt.c

   1 /* Optimize and expand sanitizer functions.
   2    Copyright (C) 2014 Free Software Foundation, Inc.
   3    Contributed by Marek Polacek <polacek@redhat.com>
   4
   5 This file is part of GCC.
   6
   7 GCC is free software; you can redistribute it and/or modify it under
   8 the terms of the GNU General Public License as published by the Free
   9 Software Foundation; either version 3, or (at your option) any later
  10 version.
  11
  12 GCC is distributed in the hope that it will be useful, but WITHOUT ANY
  13 WARRANTY; without even the implied warranty of MERCHANTABILITY or
  14 FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  15 for more details.
  16
  17 You should have received a copy of the GNU General Public License
  18 along with GCC; see the file COPYING3.  If not see
  19 <http://www.gnu.org/licenses/>.  */
  20
  21 #include "config.h"
  22 #include "system.h"
  23 #include "coretypes.h"
  24 #include "tree.h"
  25 #include "hash-table.h"
  26 #include "predict.h"
  27 #include "vec.h"
  28 #include "hashtab.h"
  29 #include "hash-set.h"
  30 #include "tm.h"
  31 #include "hard-reg-set.h"
  32 #include "function.h"
  33 #include "dominance.h"
  34 #include "cfg.h"
  35 #include "basic-block.h"
  36 #include "tree-ssa-alias.h"
  37 #include "internal-fn.h"
  38 #include "gimple-expr.h"
  39 #include "is-a.h"
  40 #include "gimple.h"
  41 #include "gimplify.h"
  42 #include "gimple-iterator.h"
  43 #include "hash-map.h"
  44 #include "plugin-api.h"
  45 #include "tree-pass.h"
  46 #include "asan.h"
  47 #include "gimple-pretty-print.h"
  48 #include "tm_p.h"
  49 #include "langhooks.h"
  50 #include "ubsan.h"
  51 #include "params.h"
  52
  53
  54 /* This is used to carry information about basic blocks.  It is
  55    attached to the AUX field of the standard CFG block.  */
  56
  57 struct sanopt_info
  58 {
  59   /* True if this BB has been visited.  */
  60   bool visited_p;
  61 };
  62
  63 /* This is used to carry various hash maps and variables used
  64    in sanopt_optimize_walker.  */
  65
  66 struct sanopt_ctx
  67 {
  68   /* This map maps a pointer (the first argument of UBSAN_NULL) to
  69      a vector of UBSAN_NULL call statements that check this pointer.  */
  70   hash_map<tree, auto_vec<gimple> > null_check_map;
  71
  72   /* Number of IFN_ASAN_CHECK statements.  */
  73   int asan_num_accesses;
  74 };
  75
  76
  77 /* Try to optimize away redundant UBSAN_NULL checks.
  78
  79    We walk blocks in the CFG via a depth first search of the dominator
  80    tree; we push unique UBSAN_NULL statements into a vector in the
  81    NULL_CHECK_MAP as we enter the blocks.  When leaving a block, we
  82    mark the block as visited; then when checking the statements in the
  83    vector, we ignore statements that are coming from already visited
  84    blocks, because these cannot dominate anything anymore.
  85    CTX is a sanopt context.  */
  86
  87 static void
  88 sanopt_optimize_walker (basic_block bb, struct sanopt_ctx *ctx)
  89 {
  90   basic_block son;
  91   gimple_stmt_iterator gsi;
  92
  93   for (gsi = gsi_start_bb (bb); !gsi_end_p (gsi);)
  94     {
  95       gimple stmt = gsi_stmt (gsi);
  96       bool remove = false;
  97
  98       if (is_gimple_call (stmt)
  99           && gimple_call_internal_p (stmt))
 100         switch (gimple_call_internal_fn (stmt))
 101           {
 102           case IFN_UBSAN_NULL:
 103             {
 104               gcc_assert (gimple_call_num_args (stmt) == 3);
 105               tree ptr = gimple_call_arg (stmt, 0);
 106               tree cur_align = gimple_call_arg (stmt, 2);
 107               gcc_assert (TREE_CODE (cur_align) == INTEGER_CST);
 108
 109               auto_vec<gimple> &v = ctx->null_check_map.get_or_insert (ptr);
 110               if (v.is_empty ())
 111                 /* For this PTR we don't have any UBSAN_NULL stmts
 112                    recorded, so there's nothing to optimize yet.  */
 113                 v.safe_push (stmt);
 114               else
 115                 {
 116                   /* We already have recorded a UBSAN_NULL check
 117                      for this pointer.  Perhaps we can drop this one.
 118                      But only if this check doesn't specify stricter
 119                      alignment.  */
 120                   while (!v.is_empty ())
 121                     {
 122                       gimple g = v.last ();
 123                       /* Remove statements for BBs that have been
 124                          already processed.  */
 125                       sanopt_info *si = (sanopt_info *) gimple_bb (g)->aux;
 126                       if (si->visited_p)
 127                         v.pop ();
 128                       else
 129                         {
 130                           /* At this point we shouldn't have any statements
 131                              that aren't dominating the current BB.  */
 132                           tree align = gimple_call_arg (g, 2);
 133                           remove = tree_int_cst_le (cur_align, align);
 134                           break;
 135                         }
 136                     }
 137
 138                   if (remove)
 139                     {
 140                       /* Drop this check.  */
 141                       if (dump_file && (dump_flags & TDF_DETAILS))
 142                         {
 143                           fprintf (dump_file, "Optimizing out\n  ");
 144                           print_gimple_stmt (dump_file, stmt, 0,
 145                                              dump_flags);
 146                           fprintf (dump_file, "\n");
 147                         }
 148                       gsi_remove (&gsi, true);
 149                     }
 150                   else if (v.length () < 30)
 151                     v.safe_push (stmt);
 152                   }
 153             }
 154           case IFN_ASAN_CHECK:
 155             ctx->asan_num_accesses++;
 156             break;
 157           default:
 158             break;
 159           }
 160
 161       /* If we were able to remove the current statement, gsi_remove
 162          already pointed us to the next statement.  */
 163       if (!remove)
 164         gsi_next (&gsi);
 165     }
 166
 167   for (son = first_dom_son (CDI_DOMINATORS, bb);
 168        son;
 169        son = next_dom_son (CDI_DOMINATORS, son))
 170     sanopt_optimize_walker (son, ctx);
 171
 172   /* We're leaving this BB, so mark it to that effect.  */
 173   sanopt_info *info = (sanopt_info *) bb->aux;
 174   info->visited_p = true;
 175 }
 176
 177 /* Try to remove redundant sanitizer checks in function FUN.  */
 178
 179 static int
 180 sanopt_optimize (function *fun)
 181 {
 182   struct sanopt_ctx ctx;
 183   ctx.asan_num_accesses = 0;
 184
 185   /* Set up block info for each basic block.  */
 186   alloc_aux_for_blocks (sizeof (sanopt_info));
 187
 188   /* We're going to do a dominator walk, so ensure that we have
 189      dominance information.  */
 190   calculate_dominance_info (CDI_DOMINATORS);
 191
 192   /* Recursively walk the dominator tree optimizing away
 193      redundant checks.  */
 194   sanopt_optimize_walker (ENTRY_BLOCK_PTR_FOR_FN (fun), &ctx);
 195
 196   free_aux_for_blocks ();
 197
 198   return ctx.asan_num_accesses;
 199 }
 200
 201 /* Perform optimization of sanitize functions.  */
 202
 203 namespace {
 204
 205 const pass_data pass_data_sanopt =
 206 {
 207   GIMPLE_PASS, /* type */
 208   "sanopt", /* name */
 209   OPTGROUP_NONE, /* optinfo_flags */
 210   TV_NONE, /* tv_id */
 211   ( PROP_ssa | PROP_cfg | PROP_gimple_leh ), /* properties_required */
 212   0, /* properties_provided */
 213   0, /* properties_destroyed */
 214   0, /* todo_flags_start */
 215   TODO_update_ssa, /* todo_flags_finish */
 216 };
 217
 218 class pass_sanopt : public gimple_opt_pass
 219 {
 220 public:
 221   pass_sanopt (gcc::context *ctxt)
 222     : gimple_opt_pass (pass_data_sanopt, ctxt)
 223   {}
 224
 225   /* opt_pass methods: */
 226   virtual bool gate (function *) { return flag_sanitize; }
 227   virtual unsigned int execute (function *);
 228
 229 }; // class pass_sanopt
 230
 231 unsigned int
 232 pass_sanopt::execute (function *fun)
 233 {
 234   basic_block bb;
 235   int asan_num_accesses = 0;
 236
 237   /* Try to remove redundant checks.  */
 238   if (optimize
 239       && (flag_sanitize & (SANITIZE_NULL | SANITIZE_ALIGNMENT)))
 240     asan_num_accesses = sanopt_optimize (fun);
 241   else if (flag_sanitize & SANITIZE_ADDRESS)
 242     {
 243       gimple_stmt_iterator gsi;
 244       FOR_EACH_BB_FN (bb, fun)
 245         for (gsi = gsi_start_bb (bb); !gsi_end_p (gsi); gsi_next (&gsi))
 246           {
 247             gimple stmt = gsi_stmt (gsi);
 248             if (is_gimple_call (stmt) && gimple_call_internal_p (stmt)
 249                 && gimple_call_internal_fn (stmt) == IFN_ASAN_CHECK)
 250               ++asan_num_accesses;
 251           }
 252     }
 253
 254   bool use_calls = ASAN_INSTRUMENTATION_WITH_CALL_THRESHOLD < INT_MAX
 255     && asan_num_accesses >= ASAN_INSTRUMENTATION_WITH_CALL_THRESHOLD;
 256
 257   FOR_EACH_BB_FN (bb, fun)
 258     {
 259       gimple_stmt_iterator gsi;
 260       for (gsi = gsi_start_bb (bb); !gsi_end_p (gsi); )
 261         {
 262           gimple stmt = gsi_stmt (gsi);
 263           bool no_next = false;
 264
 265           if (!is_gimple_call (stmt))
 266             {
 267               gsi_next (&gsi);
 268               continue;
 269             }
 270
 271           if (gimple_call_internal_p (stmt))
 272             {
 273               enum internal_fn ifn = gimple_call_internal_fn (stmt);
 274               switch (ifn)
 275                 {
 276                 case IFN_UBSAN_NULL:
 277                   no_next = ubsan_expand_null_ifn (&gsi);
 278                   break;
 279                 case IFN_UBSAN_BOUNDS:
 280                   no_next = ubsan_expand_bounds_ifn (&gsi);
 281                   break;
 282                 case IFN_UBSAN_OBJECT_SIZE:
 283                   no_next = ubsan_expand_objsize_ifn (&gsi);
 284                   break;
 285                 case IFN_ASAN_CHECK:
 286                   no_next = asan_expand_check_ifn (&gsi, use_calls);
 287                   break;
 288                 default:
 289                   break;
 290                 }
 291             }
 292
 293           if (dump_file && (dump_flags & TDF_DETAILS))
 294             {
 295               fprintf (dump_file, "Expanded\n  ");
 296               print_gimple_stmt (dump_file, stmt, 0, dump_flags);
 297               fprintf (dump_file, "\n");
 298             }
 299
 300           if (!no_next)
 301             gsi_next (&gsi);
 302         }
 303     }
 304   return 0;
 305 }
 306
 307 } // anon namespace
 308
 309 gimple_opt_pass *
 310 make_pass_sanopt (gcc::context *ctxt)
 311 {
 312   return new pass_sanopt (ctxt);
 313 }