On Fri, 22 Mar 2024, Jakub Jelinek wrote: > Hi! > > On x86 and avr some address spaces allow 0 pointers (on avr actually > even generic as, but libsanitizer isn't ported to it and > I'm not convinced we should completely kill -fsanitize=null in that > case). > The following patch makes sure those aren't diagnosed for -fsanitize=null, > though they are still sanitized for -fsanitize=alignment. > > Bootstrapped/regtested on x86_64-linux and i686-linux, ok for trunk?
OK. > 2024-03-22 Jakub Jelinek <ja...@redhat.com> > > PR sanitizer/111736 > * ubsan.cc (ubsan_expand_null_ifn, instrument_mem_ref): Avoid > SANITIZE_NULL instrumentation for non-generic address spaces > for which targetm.addr_space.zero_address_valid (as) is true. > > * gcc.dg/ubsan/pr111736.c: New test. > > --- gcc/ubsan.cc.jj 2024-03-13 09:16:37.791885010 +0100 > +++ gcc/ubsan.cc 2024-03-22 08:11:50.093131678 +0100 > @@ -858,6 +858,13 @@ ubsan_expand_null_ifn (gimple_stmt_itera > } > } > check_null = sanitize_flags_p (SANITIZE_NULL); > + if (check_null && POINTER_TYPE_P (TREE_TYPE (ptr))) > + { > + addr_space_t as = TYPE_ADDR_SPACE (TREE_TYPE (TREE_TYPE (ptr))); > + if (!ADDR_SPACE_GENERIC_P (as) > + && targetm.addr_space.zero_address_valid (as)) > + check_null = false; > + } > > if (check_align == NULL_TREE && !check_null) > { > @@ -1447,8 +1454,15 @@ instrument_mem_ref (tree mem, tree base, > if (align <= 1) > align = 0; > } > - if (align == 0 && !sanitize_flags_p (SANITIZE_NULL)) > - return; > + if (align == 0) > + { > + if (!sanitize_flags_p (SANITIZE_NULL)) > + return; > + addr_space_t as = TYPE_ADDR_SPACE (TREE_TYPE (base)); > + if (!ADDR_SPACE_GENERIC_P (as) > + && targetm.addr_space.zero_address_valid (as)) > + return; > + } > tree t = TREE_OPERAND (base, 0); > if (!POINTER_TYPE_P (TREE_TYPE (t))) > return; > --- gcc/testsuite/gcc.dg/ubsan/pr111736.c.jj 2024-03-21 13:50:49.482348296 > +0100 > +++ gcc/testsuite/gcc.dg/ubsan/pr111736.c 2024-03-21 13:53:33.789091054 > +0100 > @@ -0,0 +1,23 @@ > +/* PR sanitizer/111736 */ > +/* { dg-do compile { target i?86-*-* x86_64-*-* } } */ > +/* { dg-options "-fsanitize=null,alignment -fdump-tree-optimized > -ffat-lto-objects" } */ > +/* { dg-final { scan-tree-dump-times "__ubsan_handle_type_mismatch" 1 > "optimized" } } */ > +/* { dg-final { scan-tree-dump-not "p_\[0-9]*.D. \[=!]= 0" "optimized" } } */ > + > +#ifdef __x86_64__ > +#define SEG __seg_fs > +#else > +#define SEG __seg_gs > +#endif > + > +int > +foo (int SEG *p, int *q) > +{ > + return *p; > +} > + > +__attribute__((no_sanitize("alignment"))) int > +bar (int SEG *p, int *q) > +{ > + return *p; > +} > > Jakub > > -- Richard Biener <rguent...@suse.de> SUSE Software Solutions Germany GmbH, Frankenstrasse 146, 90461 Nuernberg, Germany; GF: Ivo Totev, Andrew McDonald, Werner Knoblich; (HRB 36809, AG Nuernberg)