[CHKP] Fix for PR79990
Hi,
The patch below attempts to fix the PR. I checked that it did not
break any of mpx.exp tests, but I did not run the full testing yet.
Would like to know whether this approach is generally correct or not.
The issue is that we have the hard reg vector variable:
typedef int U __attribute__ ((vector_size (16)));
register U u asm("xmm0");
and chkp tries to instrument access to it:
return u[i];
by doing that:
__bound_tmp.0_4 = __builtin_ia32_bndmk (&u, 16);
However, you cannot take an address of a register variable (in fact if
you do that, the compiler will give you "address of register variable
āuā requested" error), so expand, sensibly, gives an ICE on on &u
here. I believe that if there is no pointers, pointer bounds checker
shouldn't get involved into that business. What do you think?
diff --git a/gcc/tree-chkp.c b/gcc/tree-chkp.c
index 75caf83..e39ec9a 100644
--- a/gcc/tree-chkp.c
+++ b/gcc/tree-chkp.c
@@ -3383,6 +3383,7 @@ chkp_parse_array_and_component_ref (tree node, tree *ptr,
tree comp_to_narrow = NULL_TREE;
tree last_comp = NULL_TREE;
bool array_ref_found = false;
+ bool is_register_var = false;
tree *nodes;
tree var;
int len;
@@ -3440,6 +3441,9 @@ chkp_parse_array_and_component_ref (tree node, tree *ptr,
|| TREE_CODE (var) == STRING_CST
|| TREE_CODE (var) == SSA_NAME);
+ if (VAR_P (var) && DECL_HARD_REGISTER (var))
+ is_register_var = true;
+
*ptr = chkp_build_addr_expr (var);
}
@@ -3455,7 +3459,11 @@ chkp_parse_array_and_component_ref (tree node, tree *ptr,
if (TREE_CODE (var) == ARRAY_REF)
{
- *safe = false;
+ // Mark it as unsafe, unless the array being accessed
+ // has been explicitly placed on a register: in this
+ // case we cannot take a pointer of this variable,
+ // so we don't instrument the access.
+ *safe = is_register_var;
array_ref_found = true;
if (flag_chkp_narrow_bounds
&& !flag_chkp_narrow_to_innermost_arrray
@@ -4001,6 +4009,19 @@ chkp_process_stmt (gimple_stmt_iterator *iter, tree node,
bool bitfield;
tree elt;
+ {
+ // We don't instrument accesses to arrays that
+ // are explicitely assigned to hard registers.
+ HOST_WIDE_INT bitsize, bitpos;
+ tree base, offset;
+ machine_mode mode;
+ int unsignedp, reversep, volatilep = 0;
+ base = get_inner_reference (node, &bitsize, &bitpos, &offset, &mode,
+ &unsignedp, &reversep, &volatilep);
+ if (VAR_P (base) && DECL_HARD_REGISTER (base))
+ safe = true;
+ }
+
if (safe)
{
/* We are not going to generate any checks, so do not
diff --git a/gcc/testsuite/gcc.target/i386/mpx/pr79990.c
b/gcc/testsuite/gcc.target/i386/mpx/pr79990.c
new file mode 100644
index 000..a27734d
--- /dev/null
+++ b/gcc/testsuite/gcc.target/i386/mpx/pr79990.c
@@ -0,0 +1,18 @@
+/* { dg-do compile } */
+/* { dg-options "-fcheck-pointer-bounds -mmpx" } */
+
+typedef int U __attribute__ ((vector_size (16)));
+
+int
+foo (int i)
+{
+#if __SSE2__
+ register
+#endif
+U u
+#if __SSE2__
+ asm ("xmm0")
+#endif
+ ;
+ return u[i];
+}
regards,
Alexander
Re: [CHKP] Fix for PR79990
2017-04-20 12:27 GMT+03:00 Alexander Ivchenko :
> Thanks for correcting the usage of get_base_address. I fixed that.
> Plus addressed the comment about the avoiding the usage of
> chkp_find_bounds.
>
>
> gcc/testsuite/ChangeLog:
>
> 2017-04-20 Alexander Ivchenko
>
> * gcc.target/i386/mpx/hard-reg-2-lbv.c: New test.
> * gcc.target/i386/mpx/hard-reg-2-nov.c: New test.
> * gcc.target/i386/mpx/hard-reg-2-ubv.c: New test.
> * gcc.target/i386/mpx/hard-reg-3-1-lbv.c: New test.
> * gcc.target/i386/mpx/hard-reg-3-1-nov.c: New test.
> * gcc.target/i386/mpx/hard-reg-3-1-ubv.c: New test.
> * gcc.target/i386/mpx/hard-reg-3-2-lbv.c: New test.
> * gcc.target/i386/mpx/hard-reg-3-2-nov.c: New test.
> * gcc.target/i386/mpx/hard-reg-3-2-ubv.c: New test.
> * gcc.target/i386/mpx/hard-reg-3-lbv.c: New test.
> * gcc.target/i386/mpx/hard-reg-3-nov.c: New test.
> * gcc.target/i386/mpx/hard-reg-3-ubv.c: New test.
> * gcc.target/i386/mpx/hard-reg-4-lbv.c: New test.
> * gcc.target/i386/mpx/hard-reg-4-nov.c: New test.
> * gcc.target/i386/mpx/hard-reg-4-ubv.c: New test.
> * gcc.target/i386/mpx/hard-reg-5-1-lbv.c: New test.
> * gcc.target/i386/mpx/hard-reg-5-1-nov.c: New test.
> * gcc.target/i386/mpx/hard-reg-5-1-ubv.c: New test.
> * gcc.target/i386/mpx/hard-reg-5-2-lbv.c: New test.
> * gcc.target/i386/mpx/hard-reg-5-2-nov.c: New test.
> * gcc.target/i386/mpx/hard-reg-5-2-ubv.c: New test.
> * gcc.target/i386/mpx/hard-reg-6-lbv.c: New test.
> * gcc.target/i386/mpx/hard-reg-6-nov.c: New test.
> * gcc.target/i386/mpx/hard-reg-6-ubv.c: New test.
>
> gcc/ChangeLog:
>
> 2017-04-20 Alexander Ivchenko
>
> * tree-chkp.c (chkp_get_hard_register_var_fake_base_address):
> New function to provide a base address for
> chkp_get_hard_register_fake_addr_expr.
> (chkp_get_hard_register_fake_addr_expr): New function to build
> fake address expression for an expr that resides on a hard
> register.
> (chkp_build_addr_expr): Add checks for hard reg cases.
> (chkp_parse_array_and_component_ref): Create/find bounds if the
> var resides on a hard reg.
>
>
> I already had a testcases for struct with a pointer - "hard-reg-4-*".
> Here is the instrumentation of the foo function:
>
> __attribute__((chkp instrumented))
> foo.chkp (int i)
> {
> __bounds_type __bound_tmp.1;
> register struct S2 b __asm__ (*xmm0);
> int k;
> int * _1;
> long unsigned int _2;
> long unsigned int _3;
> int * _4;
> int * _5;
> int _11;
> int * _18;
>
>[0.00%]:
> __bound_tmp.1_17 = __chkp_zero_bounds;
> __bound_tmp.1_14 = __builtin_ia32_bndmk (&k, 4);
> __bound_tmp.1_13 = __builtin_ia32_bndmk (-2147483648B, 16);
>
>[0.00%]:
>
>[0.00%]:
> k = 5;
> b.f3 = &k;
> __builtin_ia32_bndstx (&k, __bound_tmp.1_14, -2147483648B);
> _1 = b.f3;
> __bound_tmp.1_15 = __builtin_ia32_bndldx (-2147483648B, _1);
> _2 = (long unsigned int) i_9(D);
> _3 = _2 * 4;
> _4 = _1 + _3;
> b.f3 = _4;
> __builtin_ia32_bndstx (_4, __bound_tmp.1_15, -2147483648B);
> _5 = b.f3;
> __bound_tmp.1_16 = __builtin_ia32_bndldx (-2147483648B, _5);
> __builtin_ia32_bndcl (_5, __bound_tmp.1_16);
> _18 = _5 + 3;
> __builtin_ia32_bndcu (_18, __bound_tmp.1_16);
> _11 = *_5;
> k ={v} {CLOBBER};
> return _11;
>
> }
>
> Which is the most suspicious one, because we have ldx and stx. I'm not
> sure whether this is OK.
It is not OK because single entry in BT may be used by multiple hardreg
variables. There is a code in chkp_find_bounds_1 to use zero bounds in
case we load bounds from register var. I believe here we should do the
same. In chkp_find_bounds_1 at ARRAY_REF/COMPONENT_REF
case check if addr is register var and use zero bounds.
Thanks,
Ilya
>
> Here is the chkp dump for foo function of newly added hard-reg-6* case:
>
> __attribute__((chkp instrumented))
> foo.chkp (int i, int * kp1, __bounds_type __chkp_bounds_of_kp1)
> {
> __bounds_type __bound_tmp.1;
> int D.2873;
> register struct S2 b __asm__ (*xmm0);
> int k2;
> int * _1;
> long unsigned int _2;
> long unsigned int _3;
> int * _4;
> int * _5;
> int _13;
> int * _31;
>
>[0.00%]:
> __bound_tmp.1_22 = __builtin_ia32_bndmk (&k2, 4);
> __bound_tmp.1_17 = __chkp_zero_bounds;
> __bound_tmp.1_15 = __builtin_ia32_bndmk (-2147483648B, 16);
>
>[0.00%]:
>
>[0.00%]:
> k2 = 5;
> __bound_tmp.1_16 = __builtin_ia32_bndmk (-2147483648B, 16);
> __bound_tmp.1_18 = __builtin_ia32_bndint (__bound_tmp.1_16,
> __bound_tmp.1_15);
> __builtin_ia32_bndcl (-2147483648B, __bound_tmp.1_18);
> __builtin_ia32_bndcu (-2147483641B, __bound_tmp.1_18);
> b.f[0] = kp1_8(D);
> __builtin_ia32_bndstx (kp1_8(D), __chkp_bounds_of_kp1_19(D), -2147483648B);
> __bound_tmp.1_20 = __builtin_ia32_bndmk (-2147483648B, 16);
> __bound_tmp.1_21 = __builtin_ia32_bndint
Re: [CHKP] Fix for PR79990
Something like that?
diff --git a/gcc/tree-chkp.c b/gcc/tree-chkp.c
index 3ef73a9..3fb76bc 100644
--- a/gcc/tree-chkp.c
+++ b/gcc/tree-chkp.c
@@ -3700,6 +3700,11 @@ chkp_find_bounds_1 (tree ptr, tree ptr_src,
gimple_stmt_iterator *iter)
case ARRAY_REF:
case COMPONENT_REF:
addr = get_base_address (ptr_src);
+ if (VAR_P (addr) && DECL_HARD_REGISTER (addr))
+ {
+ bounds = chkp_get_zero_bounds ();
+ break;
+ }
if (DECL_P (addr)
|| TREE_CODE (addr) == MEM_REF
|| TREE_CODE (addr) == TARGET_MEM_REF)
Here is the tree-chkp dump of the same function after this change:
__attribute__((chkp instrumented))
foo.chkp (int i)
{
__bounds_type __bound_tmp.1;
register struct S2 b __asm__ (*xmm0);
int k;
int * _1;
long unsigned int _2;
long unsigned int _3;
int * _4;
int * _5;
int _11;
[0.00%]:
__bound_tmp.1_15 = __chkp_zero_bounds;
__bound_tmp.1_14 = __builtin_ia32_bndmk (&k, 4);
__bound_tmp.1_13 = __builtin_ia32_bndmk (-2147483648B, 16);
[0.00%]:
[0.00%]:
k = 5;
b.f3 = &k;
__builtin_ia32_bndstx (&k, __bound_tmp.1_14, -2147483648B);
_1 = b.f3;
_2 = (long unsigned int) i_9(D);
_3 = _2 * 4;
_4 = _1 + _3;
b.f3 = _4;
__builtin_ia32_bndstx (_4, __bound_tmp.1_15, -2147483648B);
_5 = b.f3;
_11 = *_5;
k ={v} {CLOBBER};
return _11;
}
Doesn't work.. let me look a little deeper.
Alexander
2017-04-20 19:17 GMT+02:00 Ilya Enkovich :
> 2017-04-20 12:27 GMT+03:00 Alexander Ivchenko :
>> Thanks for correcting the usage of get_base_address. I fixed that.
>> Plus addressed the comment about the avoiding the usage of
>> chkp_find_bounds.
>>
>>
>> gcc/testsuite/ChangeLog:
>>
>> 2017-04-20 Alexander Ivchenko
>>
>> * gcc.target/i386/mpx/hard-reg-2-lbv.c: New test.
>> * gcc.target/i386/mpx/hard-reg-2-nov.c: New test.
>> * gcc.target/i386/mpx/hard-reg-2-ubv.c: New test.
>> * gcc.target/i386/mpx/hard-reg-3-1-lbv.c: New test.
>> * gcc.target/i386/mpx/hard-reg-3-1-nov.c: New test.
>> * gcc.target/i386/mpx/hard-reg-3-1-ubv.c: New test.
>> * gcc.target/i386/mpx/hard-reg-3-2-lbv.c: New test.
>> * gcc.target/i386/mpx/hard-reg-3-2-nov.c: New test.
>> * gcc.target/i386/mpx/hard-reg-3-2-ubv.c: New test.
>> * gcc.target/i386/mpx/hard-reg-3-lbv.c: New test.
>> * gcc.target/i386/mpx/hard-reg-3-nov.c: New test.
>> * gcc.target/i386/mpx/hard-reg-3-ubv.c: New test.
>> * gcc.target/i386/mpx/hard-reg-4-lbv.c: New test.
>> * gcc.target/i386/mpx/hard-reg-4-nov.c: New test.
>> * gcc.target/i386/mpx/hard-reg-4-ubv.c: New test.
>> * gcc.target/i386/mpx/hard-reg-5-1-lbv.c: New test.
>> * gcc.target/i386/mpx/hard-reg-5-1-nov.c: New test.
>> * gcc.target/i386/mpx/hard-reg-5-1-ubv.c: New test.
>> * gcc.target/i386/mpx/hard-reg-5-2-lbv.c: New test.
>> * gcc.target/i386/mpx/hard-reg-5-2-nov.c: New test.
>> * gcc.target/i386/mpx/hard-reg-5-2-ubv.c: New test.
>> * gcc.target/i386/mpx/hard-reg-6-lbv.c: New test.
>> * gcc.target/i386/mpx/hard-reg-6-nov.c: New test.
>> * gcc.target/i386/mpx/hard-reg-6-ubv.c: New test.
>>
>> gcc/ChangeLog:
>>
>> 2017-04-20 Alexander Ivchenko
>>
>> * tree-chkp.c (chkp_get_hard_register_var_fake_base_address):
>> New function to provide a base address for
>> chkp_get_hard_register_fake_addr_expr.
>> (chkp_get_hard_register_fake_addr_expr): New function to build
>> fake address expression for an expr that resides on a hard
>> register.
>> (chkp_build_addr_expr): Add checks for hard reg cases.
>> (chkp_parse_array_and_component_ref): Create/find bounds if the
>> var resides on a hard reg.
>>
>>
>> I already had a testcases for struct with a pointer - "hard-reg-4-*".
>> Here is the instrumentation of the foo function:
>>
>> __attribute__((chkp instrumented))
>> foo.chkp (int i)
>> {
>> __bounds_type __bound_tmp.1;
>> register struct S2 b __asm__ (*xmm0);
>> int k;
>> int * _1;
>> long unsigned int _2;
>> long unsigned int _3;
>> int * _4;
>> int * _5;
>> int _11;
>> int * _18;
>>
>>[0.00%]:
>> __bound_tmp.1_17 = __chkp_zero_bounds;
>> __bound_tmp.1_14 = __builtin_ia32_bndmk (&k, 4);
>> __bound_tmp.1_13 = __builtin_ia32_bndmk (-2147483648B, 16);
>>
>>[0.00%]:
>>
>>[0.00%]:
>> k = 5;
>> b.f3 = &k;
>> __builtin_ia32_bndstx (&k, __bound_tmp.1_14, -2147483648B);
>> _1 = b.f3;
>> __bound_tmp.1_15 = __builtin_ia32_bndldx (-2147483648B, _1);
>> _2 = (long unsigned int) i_9(D);
>> _3 = _2 * 4;
>> _4 = _1 + _3;
>> b.f3 = _4;
>> __builtin_ia32_bndstx (_4, __bound_tmp.1_15, -2147483648B);
>> _5 = b.f3;
>> __bound_tmp.1_16 = __builtin_ia32_bndldx (-2147483648B, _5);
>> __builtin_ia32_bndcl (_5, __bound_tmp.1_16);
>> _18 = _5 + 3;
>> __builtin_ia32_bndcu (_18, __bound_tmp.1_16);
>> _11 = *_5;
>> k ={v} {CLOBBER};
>> return _11;
Re: [CHKP] Fix for PR79990
Hi,
Here is the latest version of the patch with all comments addressed:
gcc/ChangeLog:
2017-05-09 Alexander Ivchenko
* tree-chkp.c (chkp_get_hard_register_var_fake_base_address):
New function.
(chkp_get_hard_register_fake_addr_expr): Ditto.
(chkp_build_addr_expr): Add check for hard reg case.
(chkp_parse_array_and_component_ref): Ditto.
(chkp_find_bounds_1): Ditto.
(chkp_process_stmt): Don't generate bounds store for
hard reg case.
gcc/testsuite/ChangeLog:
2017-05-09 Alexander Ivchenko
* gcc.target/i386/mpx/hard-reg-2-lbv.c: New test.
* gcc.target/i386/mpx/hard-reg-2-nov.c: New test.
* gcc.target/i386/mpx/hard-reg-2-ubv.c: New test.
* gcc.target/i386/mpx/hard-reg-3-1-lbv.c: New test.
* gcc.target/i386/mpx/hard-reg-3-1-nov.c: New test.
* gcc.target/i386/mpx/hard-reg-3-1-ubv.c: New test.
* gcc.target/i386/mpx/hard-reg-3-2-lbv.c: New test.
* gcc.target/i386/mpx/hard-reg-3-2-nov.c: New test.
* gcc.target/i386/mpx/hard-reg-3-2-ubv.c: New test.
* gcc.target/i386/mpx/hard-reg-3-lbv.c: New test.
* gcc.target/i386/mpx/hard-reg-3-nov.c: New test.
* gcc.target/i386/mpx/hard-reg-3-ubv.c: New test.
* gcc.target/i386/mpx/hard-reg-4-1-lbv.c: New test.
* gcc.target/i386/mpx/hard-reg-4-1-nov.c: New test.
* gcc.target/i386/mpx/hard-reg-4-1-ubv.c: New test.
* gcc.target/i386/mpx/hard-reg-4-2-lbv.c: New test.
* gcc.target/i386/mpx/hard-reg-4-2-nov.c: New test.
* gcc.target/i386/mpx/hard-reg-4-2-ubv.c: New test.
diff --git a/gcc/testsuite/gcc.target/i386/mpx/hard-reg-2-lbv.c
b/gcc/testsuite/gcc.target/i386/mpx/hard-reg-2-lbv.c
new file mode 100644
index 000..319e1ec
--- /dev/null
+++ b/gcc/testsuite/gcc.target/i386/mpx/hard-reg-2-lbv.c
@@ -0,0 +1,21 @@
+/* { dg-do run } */
+/* { dg-shouldfail "bounds violation" } */
+/* { dg-options "-fcheck-pointer-bounds -mmpx" } */
+
+
+#define SHOULDFAIL
+
+#include "mpx-check.h"
+
+typedef int v16 __attribute__((vector_size(16)));
+
+int foo(int i) {
+ register v16 u asm("xmm0");
+ return u[i];
+}
+
+int mpx_test (int argc, const char **argv)
+{
+ printf ("%d\n", foo (-1));
+ return 0;
+}
diff --git a/gcc/testsuite/gcc.target/i386/mpx/hard-reg-2-nov.c
b/gcc/testsuite/gcc.target/i386/mpx/hard-reg-2-nov.c
new file mode 100644
index 000..3c6d39a
--- /dev/null
+++ b/gcc/testsuite/gcc.target/i386/mpx/hard-reg-2-nov.c
@@ -0,0 +1,18 @@
+/* { dg-do run } */
+/* { dg-options "-fcheck-pointer-bounds -mmpx" } */
+
+#include "mpx-check.h"
+
+typedef int v16 __attribute__((vector_size(16)));
+
+int foo (int i) {
+ register v16 u asm ("xmm0");
+ return u[i];
+}
+
+int mpx_test (int argc, const char **argv)
+{
+ printf ("%d\n", foo (3));
+ printf ("%d\n", foo (0));
+ return 0;
+}
diff --git a/gcc/testsuite/gcc.target/i386/mpx/hard-reg-2-ubv.c
b/gcc/testsuite/gcc.target/i386/mpx/hard-reg-2-ubv.c
new file mode 100644
index 000..7fe76c4
--- /dev/null
+++ b/gcc/testsuite/gcc.target/i386/mpx/hard-reg-2-ubv.c
@@ -0,0 +1,21 @@
+/* { dg-do run } */
+/* { dg-shouldfail "bounds violation" } */
+/* { dg-options "-fcheck-pointer-bounds -mmpx" } */
+
+
+#define SHOULDFAIL
+
+#include "mpx-check.h"
+
+typedef int v16 __attribute__((vector_size(16)));
+
+int foo (int i) {
+ register v16 u asm ("xmm0");
+ return u[i];
+}
+
+int mpx_test (int argc, const char **argv)
+{
+ printf ("%d\n", foo (5));
+ return 0;
+}
diff --git a/gcc/testsuite/gcc.target/i386/mpx/hard-reg-3-1-lbv.c
b/gcc/testsuite/gcc.target/i386/mpx/hard-reg-3-1-lbv.c
new file mode 100644
index 000..7e4451f
--- /dev/null
+++ b/gcc/testsuite/gcc.target/i386/mpx/hard-reg-3-1-lbv.c
@@ -0,0 +1,33 @@
+/* { dg-do run } */
+/* { dg-shouldfail "bounds violation" } */
+/* { dg-options "-fcheck-pointer-bounds -mmpx" } */
+
+
+#define SHOULDFAIL
+
+#include "mpx-check.h"
+
+typedef int v8 __attribute__ ((vector_size (8)));
+
+struct S1
+{
+ v8 s1f;
+};
+
+struct S2
+{
+ struct S1 s2f1;
+ v8 s2f2;
+};
+
+int foo_s2f1 (int i)
+{
+ register struct S2 b asm ("xmm0");
+ return b.s2f1.s1f[i];
+}
+
+int mpx_test (int argc, const char **argv)
+{
+ printf ("%d\n", foo_s2f1 (-1));
+ return 0;
+}
diff --git a/gcc/testsuite/gcc.target/i386/mpx/hard-reg-3-1-nov.c
b/gcc/testsuite/gcc.target/i386/mpx/hard-reg-3-1-nov.c
new file mode 100644
index 000..73bd7fb
--- /dev/null
+++ b/gcc/testsuite/gcc.target/i386/mpx/hard-reg-3-1-nov.c
@@ -0,0 +1,30 @@
+/* { dg-do run } */
+/* { dg-options "-fcheck-pointer-bounds -mmpx" } */
+
+
+#include "mpx-check.h"
+
+typedef int v8 __attribute__ ((vector_size (8)));
+
+struct S1
+{
+ v8 s1f;
+};
+
+struct S2
+{
+ struct S1 s2f1;
+ v8 s2f2;
+};
+
+int foo_s2f1 (int i)
+{
+ register struct S2 b asm ("xmm0");
+ return b.s2f1.s1f[i];
+}
+
+int mpx_test (int argc, const char **argv)
+{
+ printf ("%d\n", foo_s2f1 (0));
+ return 0;
+}
diff --git a/gcc/testsuite/gcc.target/i386/mpx/hard-reg-3-1-ubv.c
b/gcc/
Re: [CHKP] Fix for PR79990
2017-05-09 16:29 GMT+03:00 Alexander Ivchenko :
> Hi,
>
> Here is the latest version of the patch with all comments addressed:
>
> gcc/ChangeLog:
>
> 2017-05-09 Alexander Ivchenko
>
> * tree-chkp.c (chkp_get_hard_register_var_fake_base_address):
> New function.
> (chkp_get_hard_register_fake_addr_expr): Ditto.
> (chkp_build_addr_expr): Add check for hard reg case.
> (chkp_parse_array_and_component_ref): Ditto.
> (chkp_find_bounds_1): Ditto.
> (chkp_process_stmt): Don't generate bounds store for
> hard reg case.
>
>
> gcc/testsuite/ChangeLog:
>
> 2017-05-09 Alexander Ivchenko
>
> * gcc.target/i386/mpx/hard-reg-2-lbv.c: New test.
> * gcc.target/i386/mpx/hard-reg-2-nov.c: New test.
> * gcc.target/i386/mpx/hard-reg-2-ubv.c: New test.
> * gcc.target/i386/mpx/hard-reg-3-1-lbv.c: New test.
> * gcc.target/i386/mpx/hard-reg-3-1-nov.c: New test.
> * gcc.target/i386/mpx/hard-reg-3-1-ubv.c: New test.
> * gcc.target/i386/mpx/hard-reg-3-2-lbv.c: New test.
> * gcc.target/i386/mpx/hard-reg-3-2-nov.c: New test.
> * gcc.target/i386/mpx/hard-reg-3-2-ubv.c: New test.
> * gcc.target/i386/mpx/hard-reg-3-lbv.c: New test.
> * gcc.target/i386/mpx/hard-reg-3-nov.c: New test.
> * gcc.target/i386/mpx/hard-reg-3-ubv.c: New test.
> * gcc.target/i386/mpx/hard-reg-4-1-lbv.c: New test.
> * gcc.target/i386/mpx/hard-reg-4-1-nov.c: New test.
> * gcc.target/i386/mpx/hard-reg-4-1-ubv.c: New test.
> * gcc.target/i386/mpx/hard-reg-4-2-lbv.c: New test.
> * gcc.target/i386/mpx/hard-reg-4-2-nov.c: New test.
> * gcc.target/i386/mpx/hard-reg-4-2-ubv.c: New test.
>
>
> diff --git a/gcc/testsuite/gcc.target/i386/mpx/hard-reg-2-lbv.c
> b/gcc/testsuite/gcc.target/i386/mpx/hard-reg-2-lbv.c
> new file mode 100644
> index 000..319e1ec
> --- /dev/null
> +++ b/gcc/testsuite/gcc.target/i386/mpx/hard-reg-2-lbv.c
> @@ -0,0 +1,21 @@
> +/* { dg-do run } */
> +/* { dg-shouldfail "bounds violation" } */
> +/* { dg-options "-fcheck-pointer-bounds -mmpx" } */
> +
> +
> +#define SHOULDFAIL
> +
> +#include "mpx-check.h"
> +
> +typedef int v16 __attribute__((vector_size(16)));
> +
> +int foo(int i) {
> + register v16 u asm("xmm0");
> + return u[i];
> +}
> +
> +int mpx_test (int argc, const char **argv)
> +{
> + printf ("%d\n", foo (-1));
> + return 0;
> +}
> diff --git a/gcc/testsuite/gcc.target/i386/mpx/hard-reg-2-nov.c
> b/gcc/testsuite/gcc.target/i386/mpx/hard-reg-2-nov.c
> new file mode 100644
> index 000..3c6d39a
> --- /dev/null
> +++ b/gcc/testsuite/gcc.target/i386/mpx/hard-reg-2-nov.c
> @@ -0,0 +1,18 @@
> +/* { dg-do run } */
> +/* { dg-options "-fcheck-pointer-bounds -mmpx" } */
> +
> +#include "mpx-check.h"
> +
> +typedef int v16 __attribute__((vector_size(16)));
> +
> +int foo (int i) {
> + register v16 u asm ("xmm0");
> + return u[i];
> +}
> +
> +int mpx_test (int argc, const char **argv)
> +{
> + printf ("%d\n", foo (3));
> + printf ("%d\n", foo (0));
> + return 0;
> +}
> diff --git a/gcc/testsuite/gcc.target/i386/mpx/hard-reg-2-ubv.c
> b/gcc/testsuite/gcc.target/i386/mpx/hard-reg-2-ubv.c
> new file mode 100644
> index 000..7fe76c4
> --- /dev/null
> +++ b/gcc/testsuite/gcc.target/i386/mpx/hard-reg-2-ubv.c
> @@ -0,0 +1,21 @@
> +/* { dg-do run } */
> +/* { dg-shouldfail "bounds violation" } */
> +/* { dg-options "-fcheck-pointer-bounds -mmpx" } */
> +
> +
> +#define SHOULDFAIL
> +
> +#include "mpx-check.h"
> +
> +typedef int v16 __attribute__((vector_size(16)));
> +
> +int foo (int i) {
> + register v16 u asm ("xmm0");
> + return u[i];
> +}
> +
> +int mpx_test (int argc, const char **argv)
> +{
> + printf ("%d\n", foo (5));
> + return 0;
> +}
> diff --git a/gcc/testsuite/gcc.target/i386/mpx/hard-reg-3-1-lbv.c
> b/gcc/testsuite/gcc.target/i386/mpx/hard-reg-3-1-lbv.c
> new file mode 100644
> index 000..7e4451f
> --- /dev/null
> +++ b/gcc/testsuite/gcc.target/i386/mpx/hard-reg-3-1-lbv.c
> @@ -0,0 +1,33 @@
> +/* { dg-do run } */
> +/* { dg-shouldfail "bounds violation" } */
> +/* { dg-options "-fcheck-pointer-bounds -mmpx" } */
> +
> +
> +#define SHOULDFAIL
> +
> +#include "mpx-check.h"
> +
> +typedef int v8 __attribute__ ((vector_size (8)));
> +
> +struct S1
> +{
> + v8 s1f;
> +};
> +
> +struct S2
> +{
> + struct S1 s2f1;
> + v8 s2f2;
> +};
> +
> +int foo_s2f1 (int i)
> +{
> + register struct S2 b asm ("xmm0");
> + return b.s2f1.s1f[i];
> +}
> +
> +int mpx_test (int argc, const char **argv)
> +{
> + printf ("%d\n", foo_s2f1 (-1));
> + return 0;
> +}
> diff --git a/gcc/testsuite/gcc.target/i386/mpx/hard-reg-3-1-nov.c
> b/gcc/testsuite/gcc.target/i386/mpx/hard-reg-3-1-nov.c
> new file mode 100644
> index 000..73bd7fb
> --- /dev/null
> +++ b/gcc/testsuite/gcc.target/i386/mpx/hard-reg-3-1-nov.c
> @@ -0,0 +1,30 @@
> +/* { dg-do run } */
> +/* { dg-options "-fcheck-pointer-bounds -mmpx" } */
> +
> +
> +#include "mpx-check.h"
> +
> +type
Re: [CHKP] Fix for PR79990
2017-03-23 17:18 GMT+03:00 Alexander Ivchenko :
> Hi,
>
> The patch below attempts to fix the PR. I checked that it did not
> break any of mpx.exp tests, but I did not run the full testing yet.
> Would like to know whether this approach is generally correct or not.
>
> The issue is that we have the hard reg vector variable:
>
> typedef int U __attribute__ ((vector_size (16)));
> register U u asm("xmm0");
>
> and chkp tries to instrument access to it:
>
> return u[i];
>
> by doing that:
>
> __bound_tmp.0_4 = __builtin_ia32_bndmk (&u, 16);
>
> However, you cannot take an address of a register variable (in fact if
> you do that, the compiler will give you "address of register variable
> āuā requested" error), so expand, sensibly, gives an ICE on on &u
> here. I believe that if there is no pointers, pointer bounds checker
> shouldn't get involved into that business. What do you think?
Hi!
I think with this patch I can call foo with any index and thus access
some random stack slot. The first thing we should answer is 'do we
want to catch array index overflows in such cases'? If we want to (and
this looks reasonable thing to do because it prevents invalid memory
accesses) then this patch doesn't resolve the problem.
I'm not sure it can affect the patch, but please consider more complex
cases. E.g.:
typedef int v8 __attribute__ ((vector_size(8)));
struct U {
v8 a;
v8 b;
};
int
foo (int i)
{
register struct U u asm ("xmm0");
return u.b[i];
}
One way to catch overflow in such cases might be to use some fake
pointer value (e.g. 0) for such not addressible variable. This fake value
would be used as base for memory access and as lower bound. I don't
see other cases except array_ref overflow check where such value
might be used. So this fake value will not be passed somewhere and
will not be stored to Bounds Table.
Thanks,
Ilya
>
>
>
>
> diff --git a/gcc/tree-chkp.c b/gcc/tree-chkp.c
> index 75caf83..e39ec9a 100644
> --- a/gcc/tree-chkp.c
> +++ b/gcc/tree-chkp.c
> @@ -3383,6 +3383,7 @@ chkp_parse_array_and_component_ref (tree node, tree
> *ptr,
>tree comp_to_narrow = NULL_TREE;
>tree last_comp = NULL_TREE;
>bool array_ref_found = false;
> + bool is_register_var = false;
>tree *nodes;
>tree var;
>int len;
> @@ -3440,6 +3441,9 @@ chkp_parse_array_and_component_ref (tree node, tree
> *ptr,
> || TREE_CODE (var) == STRING_CST
> || TREE_CODE (var) == SSA_NAME);
>
> + if (VAR_P (var) && DECL_HARD_REGISTER (var))
> + is_register_var = true;
> +
>*ptr = chkp_build_addr_expr (var);
> }
>
> @@ -3455,7 +3459,11 @@ chkp_parse_array_and_component_ref (tree node, tree
> *ptr,
>
>if (TREE_CODE (var) == ARRAY_REF)
> {
> - *safe = false;
> + // Mark it as unsafe, unless the array being accessed
> + // has been explicitly placed on a register: in this
> + // case we cannot take a pointer of this variable,
> + // so we don't instrument the access.
> + *safe = is_register_var;
> array_ref_found = true;
> if (flag_chkp_narrow_bounds
> && !flag_chkp_narrow_to_innermost_arrray
> @@ -4001,6 +4009,19 @@ chkp_process_stmt (gimple_stmt_iterator *iter, tree
> node,
> bool bitfield;
> tree elt;
>
> + {
> + // We don't instrument accesses to arrays that
> + // are explicitely assigned to hard registers.
> + HOST_WIDE_INT bitsize, bitpos;
> + tree base, offset;
> + machine_mode mode;
> + int unsignedp, reversep, volatilep = 0;
> + base = get_inner_reference (node, &bitsize, &bitpos, &offset, &mode,
> + &unsignedp, &reversep, &volatilep);
> + if (VAR_P (base) && DECL_HARD_REGISTER (base))
> + safe = true;
> + }
> +
> if (safe)
> {
> /* We are not going to generate any checks, so do not
>
> diff --git a/gcc/testsuite/gcc.target/i386/mpx/pr79990.c
> b/gcc/testsuite/gcc.target/i386/mpx/pr79990.c
> new file mode 100644
> index 000..a27734d
> --- /dev/null
> +++ b/gcc/testsuite/gcc.target/i386/mpx/pr79990.c
> @@ -0,0 +1,18 @@
> +/* { dg-do compile } */
> +/* { dg-options "-fcheck-pointer-bounds -mmpx" } */
> +
> +typedef int U __attribute__ ((vector_size (16)));
> +
> +int
> +foo (int i)
> +{
> +#if __SSE2__
> + register
> +#endif
> +U u
> +#if __SSE2__
> + asm ("xmm0")
> +#endif
> + ;
> + return u[i];
> +}
>
> regards,
> Alexander
Re: [CHKP] Fix for PR79990
Hi,
Here is the patch that roughly follows your idea.
Some comments:
- There are more cases than array_ref overflow. We need to take care
of component_ref and both underflows/overflows are possible
- I could not make it work with "0" as a fake address, because then
catching lower bounds violation is getting hard at O2 and above. E.g.
consider this:
0x004005f8 <+8>: bndmk 0x7(%rax),%bnd0
0x004005fd <+13>:mov$0x400734,%edi
=> 0x00400602 <+18>:bndcl 0xfffc,%bnd0
(gdb) p $bnd0
$1 = {lbound = 0x0, ubound = 0x7} : size 8
0x0040060b <+27>:callq 0x400500
- bndcu is removed as not necessary and underflowed access is not
caught. I used another fake value for lower bound address, which is
2^(bitness - 1)
- hard-reg-3-[1,2]* tests fail with ICE right now because of PR80270.
I will mark them as XFAIL if the patch is approved and the mentioned
bug is not fixed
diff --git a/gcc/testsuite/gcc.target/i386/mpx/hard-reg-2-lbv.c
b/gcc/testsuite/gcc.target/i386/mpx/hard-reg-2-lbv.c
new file mode 100644
index 000..319e1ec
--- /dev/null
+++ b/gcc/testsuite/gcc.target/i386/mpx/hard-reg-2-lbv.c
@@ -0,0 +1,21 @@
+/* { dg-do run } */
+/* { dg-shouldfail "bounds violation" } */
+/* { dg-options "-fcheck-pointer-bounds -mmpx" } */
+
+
+#define SHOULDFAIL
+
+#include "mpx-check.h"
+
+typedef int v16 __attribute__((vector_size(16)));
+
+int foo(int i) {
+ register v16 u asm("xmm0");
+ return u[i];
+}
+
+int mpx_test (int argc, const char **argv)
+{
+ printf ("%d\n", foo (-1));
+ return 0;
+}
diff --git a/gcc/testsuite/gcc.target/i386/mpx/hard-reg-2-nov.c
b/gcc/testsuite/gcc.target/i386/mpx/hard-reg-2-nov.c
new file mode 100644
index 000..3c6d39a
--- /dev/null
+++ b/gcc/testsuite/gcc.target/i386/mpx/hard-reg-2-nov.c
@@ -0,0 +1,18 @@
+/* { dg-do run } */
+/* { dg-options "-fcheck-pointer-bounds -mmpx" } */
+
+#include "mpx-check.h"
+
+typedef int v16 __attribute__((vector_size(16)));
+
+int foo (int i) {
+ register v16 u asm ("xmm0");
+ return u[i];
+}
+
+int mpx_test (int argc, const char **argv)
+{
+ printf ("%d\n", foo (3));
+ printf ("%d\n", foo (0));
+ return 0;
+}
diff --git a/gcc/testsuite/gcc.target/i386/mpx/hard-reg-2-ubv.c
b/gcc/testsuite/gcc.target/i386/mpx/hard-reg-2-ubv.c
new file mode 100644
index 000..7fe76c4
--- /dev/null
+++ b/gcc/testsuite/gcc.target/i386/mpx/hard-reg-2-ubv.c
@@ -0,0 +1,21 @@
+/* { dg-do run } */
+/* { dg-shouldfail "bounds violation" } */
+/* { dg-options "-fcheck-pointer-bounds -mmpx" } */
+
+
+#define SHOULDFAIL
+
+#include "mpx-check.h"
+
+typedef int v16 __attribute__((vector_size(16)));
+
+int foo (int i) {
+ register v16 u asm ("xmm0");
+ return u[i];
+}
+
+int mpx_test (int argc, const char **argv)
+{
+ printf ("%d\n", foo (5));
+ return 0;
+}
diff --git a/gcc/testsuite/gcc.target/i386/mpx/hard-reg-3-1-lbv.c
b/gcc/testsuite/gcc.target/i386/mpx/hard-reg-3-1-lbv.c
new file mode 100644
index 000..7e4451f
--- /dev/null
+++ b/gcc/testsuite/gcc.target/i386/mpx/hard-reg-3-1-lbv.c
@@ -0,0 +1,33 @@
+/* { dg-do run } */
+/* { dg-shouldfail "bounds violation" } */
+/* { dg-options "-fcheck-pointer-bounds -mmpx" } */
+
+
+#define SHOULDFAIL
+
+#include "mpx-check.h"
+
+typedef int v8 __attribute__ ((vector_size (8)));
+
+struct S1
+{
+ v8 s1f;
+};
+
+struct S2
+{
+ struct S1 s2f1;
+ v8 s2f2;
+};
+
+int foo_s2f1 (int i)
+{
+ register struct S2 b asm ("xmm0");
+ return b.s2f1.s1f[i];
+}
+
+int mpx_test (int argc, const char **argv)
+{
+ printf ("%d\n", foo_s2f1 (-1));
+ return 0;
+}
diff --git a/gcc/testsuite/gcc.target/i386/mpx/hard-reg-3-1-nov.c
b/gcc/testsuite/gcc.target/i386/mpx/hard-reg-3-1-nov.c
new file mode 100644
index 000..73bd7fb
--- /dev/null
+++ b/gcc/testsuite/gcc.target/i386/mpx/hard-reg-3-1-nov.c
@@ -0,0 +1,30 @@
+/* { dg-do run } */
+/* { dg-options "-fcheck-pointer-bounds -mmpx" } */
+
+
+#include "mpx-check.h"
+
+typedef int v8 __attribute__ ((vector_size (8)));
+
+struct S1
+{
+ v8 s1f;
+};
+
+struct S2
+{
+ struct S1 s2f1;
+ v8 s2f2;
+};
+
+int foo_s2f1 (int i)
+{
+ register struct S2 b asm ("xmm0");
+ return b.s2f1.s1f[i];
+}
+
+int mpx_test (int argc, const char **argv)
+{
+ printf ("%d\n", foo_s2f1 (0));
+ return 0;
+}
diff --git a/gcc/testsuite/gcc.target/i386/mpx/hard-reg-3-1-ubv.c
b/gcc/testsuite/gcc.target/i386/mpx/hard-reg-3-1-ubv.c
new file mode 100644
index 000..166b6b9
--- /dev/null
+++ b/gcc/testsuite/gcc.target/i386/mpx/hard-reg-3-1-ubv.c
@@ -0,0 +1,33 @@
+/* { dg-do run } */
+/* { dg-shouldfail "bounds violation" } */
+/* { dg-options "-fcheck-pointer-bounds -mmpx" } */
+
+
+#define SHOULDFAIL
+
+#include "mpx-check.h"
+
+typedef int v8 __attribute__ ((vector_size (8)));
+
+struct S1
+{
+ v8 s1f;
+};
+
+struct S2
+{
+ struct S1 s2f1;
+ v8 s2f2;
+};
+
+int foo_s2f1 (int i)
+{
+ register struct S2 b asm ("xmm0");
+ return b.s2f1.s1f[i];
+}
+
+int mpx_test (int argc, const char **argv)
+{
+ printf ("%d\n", foo_s2f
Re: [CHKP] Fix for PR79990
2017-04-02 23:52 GMT+03:00 Alexander Ivchenko :
> Hi,
>
> Here is the patch that roughly follows your idea.
> Some comments:
>
> - There are more cases than array_ref overflow. We need to take care
> of component_ref and both underflows/overflows are possible
> - I could not make it work with "0" as a fake address, because then
> catching lower bounds violation is getting hard at O2 and above. E.g.
> consider this:
>
>0x004005f8 <+8>: bndmk 0x7(%rax),%bnd0
>0x004005fd <+13>:mov$0x400734,%edi
> => 0x00400602 <+18>:bndcl 0xfffc,%bnd0
> (gdb) p $bnd0
> $1 = {lbound = 0x0, ubound = 0x7} : size 8
> 0x0040060b <+27>:callq 0x400500
>
> - bndcu is removed as not necessary and underflowed access is not
> caught. I used another fake value for lower bound address, which is
> 2^(bitness - 1)
Hi,
Looks like CHKP optimizations don't let us catch cases when pointer
arithmetc overflows. Using any fake value doesn't guarantee you don't
have overflow.
This overoptimization is definately a separate issue. It should be easy
to write a test where usage of a huge index in array causes
uncought bounds violation because of removed bndcl/bndcu. You should
file a bug for that.
If we don't try to work around overflow issues in this patch then using 0
should be more efficient because it allows you to always use bndcu only
(you just can't violate zero lower bound).
BTW please don't forget ChangeLogs for your patches.
>
> - hard-reg-3-[1,2]* tests fail with ICE right now because of PR80270.
> I will mark them as XFAIL if the patch is approved and the mentioned
> bug is not fixed
>
>
> diff --git a/gcc/testsuite/gcc.target/i386/mpx/hard-reg-2-lbv.c
> b/gcc/testsuite/gcc.target/i386/mpx/hard-reg-2-lbv.c
> new file mode 100644
> index 000..319e1ec
> --- /dev/null
> +++ b/gcc/testsuite/gcc.target/i386/mpx/hard-reg-2-lbv.c
> @@ -0,0 +1,21 @@
> +/* { dg-do run } */
> +/* { dg-shouldfail "bounds violation" } */
> +/* { dg-options "-fcheck-pointer-bounds -mmpx" } */
> +
> +
> +#define SHOULDFAIL
> +
> +#include "mpx-check.h"
> +
> +typedef int v16 __attribute__((vector_size(16)));
> +
> +int foo(int i) {
> + register v16 u asm("xmm0");
> + return u[i];
> +}
> +
> +int mpx_test (int argc, const char **argv)
> +{
> + printf ("%d\n", foo (-1));
> + return 0;
> +}
> diff --git a/gcc/testsuite/gcc.target/i386/mpx/hard-reg-2-nov.c
> b/gcc/testsuite/gcc.target/i386/mpx/hard-reg-2-nov.c
> new file mode 100644
> index 000..3c6d39a
> --- /dev/null
> +++ b/gcc/testsuite/gcc.target/i386/mpx/hard-reg-2-nov.c
> @@ -0,0 +1,18 @@
> +/* { dg-do run } */
> +/* { dg-options "-fcheck-pointer-bounds -mmpx" } */
> +
> +#include "mpx-check.h"
> +
> +typedef int v16 __attribute__((vector_size(16)));
> +
> +int foo (int i) {
> + register v16 u asm ("xmm0");
> + return u[i];
> +}
> +
> +int mpx_test (int argc, const char **argv)
> +{
> + printf ("%d\n", foo (3));
> + printf ("%d\n", foo (0));
> + return 0;
> +}
> diff --git a/gcc/testsuite/gcc.target/i386/mpx/hard-reg-2-ubv.c
> b/gcc/testsuite/gcc.target/i386/mpx/hard-reg-2-ubv.c
> new file mode 100644
> index 000..7fe76c4
> --- /dev/null
> +++ b/gcc/testsuite/gcc.target/i386/mpx/hard-reg-2-ubv.c
> @@ -0,0 +1,21 @@
> +/* { dg-do run } */
> +/* { dg-shouldfail "bounds violation" } */
> +/* { dg-options "-fcheck-pointer-bounds -mmpx" } */
> +
> +
> +#define SHOULDFAIL
> +
> +#include "mpx-check.h"
> +
> +typedef int v16 __attribute__((vector_size(16)));
> +
> +int foo (int i) {
> + register v16 u asm ("xmm0");
> + return u[i];
> +}
> +
> +int mpx_test (int argc, const char **argv)
> +{
> + printf ("%d\n", foo (5));
> + return 0;
> +}
> diff --git a/gcc/testsuite/gcc.target/i386/mpx/hard-reg-3-1-lbv.c
> b/gcc/testsuite/gcc.target/i386/mpx/hard-reg-3-1-lbv.c
> new file mode 100644
> index 000..7e4451f
> --- /dev/null
> +++ b/gcc/testsuite/gcc.target/i386/mpx/hard-reg-3-1-lbv.c
> @@ -0,0 +1,33 @@
> +/* { dg-do run } */
> +/* { dg-shouldfail "bounds violation" } */
> +/* { dg-options "-fcheck-pointer-bounds -mmpx" } */
> +
> +
> +#define SHOULDFAIL
> +
> +#include "mpx-check.h"
> +
> +typedef int v8 __attribute__ ((vector_size (8)));
> +
> +struct S1
> +{
> + v8 s1f;
> +};
> +
> +struct S2
> +{
> + struct S1 s2f1;
> + v8 s2f2;
> +};
> +
> +int foo_s2f1 (int i)
> +{
> + register struct S2 b asm ("xmm0");
> + return b.s2f1.s1f[i];
> +}
> +
> +int mpx_test (int argc, const char **argv)
> +{
> + printf ("%d\n", foo_s2f1 (-1));
> + return 0;
> +}
> diff --git a/gcc/testsuite/gcc.target/i386/mpx/hard-reg-3-1-nov.c
> b/gcc/testsuite/gcc.target/i386/mpx/hard-reg-3-1-nov.c
> new file mode 100644
> index 000..73bd7fb
> --- /dev/null
> +++ b/gcc/testsuite/gcc.target/i386/mpx/hard-reg-3-1-nov.c
> @@ -0,0 +1,30 @@
> +/* { dg-do run } */
> +/* { dg-options "-fcheck-pointer-bounds -mmpx" } */
> +
> +
> +#include "mpx-check.h"
> +
> +typedef int v8 __attribute__ ((vector_size (8)));
> +
> +s
Re: [CHKP] Fix for PR79990
Hi,
Thanks for the comments, that was a good idea to place all the logic inside
of chkp_build_addr_expr function. I followed it and here is what I got:
gcc/testsuite/ChangeLog:
2017-04-19 Alexander Ivchenko
* gcc.target/i386/mpx/hard-reg-2-lbv.c: New test.
* gcc.target/i386/mpx/hard-reg-2-nov.c: New test.
* gcc.target/i386/mpx/hard-reg-2-ubv.c: New test.
* gcc.target/i386/mpx/hard-reg-3-1-lbv.c: New test.
* gcc.target/i386/mpx/hard-reg-3-1-nov.c: New test.
* gcc.target/i386/mpx/hard-reg-3-1-ubv.c: New test.
* gcc.target/i386/mpx/hard-reg-3-2-lbv.c: New test.
* gcc.target/i386/mpx/hard-reg-3-2-nov.c: New test.
* gcc.target/i386/mpx/hard-reg-3-2-ubv.c: New test.
* gcc.target/i386/mpx/hard-reg-3-lbv.c: New test.
* gcc.target/i386/mpx/hard-reg-3-nov.c: New test.
* gcc.target/i386/mpx/hard-reg-3-ubv.c: New test.
* gcc.target/i386/mpx/hard-reg-4-lbv.c: New test.
* gcc.target/i386/mpx/hard-reg-4-nov.c: New test.
* gcc.target/i386/mpx/hard-reg-4-ubv.c: New test.
* gcc.target/i386/mpx/hard-reg-5-1-lbv.c: New test.
* gcc.target/i386/mpx/hard-reg-5-1-nov.c: New test.
* gcc.target/i386/mpx/hard-reg-5-1-ubv.c: New test.
* gcc.target/i386/mpx/hard-reg-5-2-lbv.c: New test.
* gcc.target/i386/mpx/hard-reg-5-2-nov.c: New test.
* gcc.target/i386/mpx/hard-reg-5-2-ubv.c: New test.
gcc/ChangeLog:
2017-04-19 Alexander Ivchenko
* tree-chkp.c (chkp_get_hard_register_var_fake_base_address):
New function to provide a base address for.
chkp_get_hard_register_fake_addr_expr
(chkp_get_hard_register_fake_addr_expr): New function to build
fake address expression for an expr that resides on a hard
register.
(chkp_build_addr_expr): Add checks for hard reg cases.
(chkp_parse_array_and_component_ref): Create/find bounds if the
var resides on a hard reg.
(chkp_find_bounds_1): Check for hard register cases.
And the patch itself:
diff --git a/gcc/testsuite/gcc.target/i386/mpx/hard-reg-2-lbv.c
b/gcc/testsuite/gcc.target/i386/mpx/hard-reg-2-lbv.c
new file mode 100644
index 000..319e1ec
--- /dev/null
+++ b/gcc/testsuite/gcc.target/i386/mpx/hard-reg-2-lbv.c
@@ -0,0 +1,21 @@
+/* { dg-do run } */
+/* { dg-shouldfail "bounds violation" } */
+/* { dg-options "-fcheck-pointer-bounds -mmpx" } */
+
+
+#define SHOULDFAIL
+
+#include "mpx-check.h"
+
+typedef int v16 __attribute__((vector_size(16)));
+
+int foo(int i) {
+ register v16 u asm("xmm0");
+ return u[i];
+}
+
+int mpx_test (int argc, const char **argv)
+{
+ printf ("%d\n", foo (-1));
+ return 0;
+}
diff --git a/gcc/testsuite/gcc.target/i386/mpx/hard-reg-2-nov.c
b/gcc/testsuite/gcc.target/i386/mpx/hard-reg-2-nov.c
new file mode 100644
index 000..3c6d39a
--- /dev/null
+++ b/gcc/testsuite/gcc.target/i386/mpx/hard-reg-2-nov.c
@@ -0,0 +1,18 @@
+/* { dg-do run } */
+/* { dg-options "-fcheck-pointer-bounds -mmpx" } */
+
+#include "mpx-check.h"
+
+typedef int v16 __attribute__((vector_size(16)));
+
+int foo (int i) {
+ register v16 u asm ("xmm0");
+ return u[i];
+}
+
+int mpx_test (int argc, const char **argv)
+{
+ printf ("%d\n", foo (3));
+ printf ("%d\n", foo (0));
+ return 0;
+}
diff --git a/gcc/testsuite/gcc.target/i386/mpx/hard-reg-2-ubv.c
b/gcc/testsuite/gcc.target/i386/mpx/hard-reg-2-ubv.c
new file mode 100644
index 000..7fe76c4
--- /dev/null
+++ b/gcc/testsuite/gcc.target/i386/mpx/hard-reg-2-ubv.c
@@ -0,0 +1,21 @@
+/* { dg-do run } */
+/* { dg-shouldfail "bounds violation" } */
+/* { dg-options "-fcheck-pointer-bounds -mmpx" } */
+
+
+#define SHOULDFAIL
+
+#include "mpx-check.h"
+
+typedef int v16 __attribute__((vector_size(16)));
+
+int foo (int i) {
+ register v16 u asm ("xmm0");
+ return u[i];
+}
+
+int mpx_test (int argc, const char **argv)
+{
+ printf ("%d\n", foo (5));
+ return 0;
+}
diff --git a/gcc/testsuite/gcc.target/i386/mpx/hard-reg-3-1-lbv.c
b/gcc/testsuite/gcc.target/i386/mpx/hard-reg-3-1-lbv.c
new file mode 100644
index 000..7e4451f
--- /dev/null
+++ b/gcc/testsuite/gcc.target/i386/mpx/hard-reg-3-1-lbv.c
@@ -0,0 +1,33 @@
+/* { dg-do run } */
+/* { dg-shouldfail "bounds violation" } */
+/* { dg-options "-fcheck-pointer-bounds -mmpx" } */
+
+
+#define SHOULDFAIL
+
+#include "mpx-check.h"
+
+typedef int v8 __attribute__ ((vector_size (8)));
+
+struct S1
+{
+ v8 s1f;
+};
+
+struct S2
+{
+ struct S1 s2f1;
+ v8 s2f2;
+};
+
+int foo_s2f1 (int i)
+{
+ register struct S2 b asm ("xmm0");
+ return b.s2f1.s1f[i];
+}
+
+int mpx_test (int argc, const char **argv)
+{
+ printf ("%d\n", foo_s2f1 (-1));
+ return 0;
+}
diff --git a/gcc/testsuite/gcc.target/i386/mpx/hard-reg-3-1-nov.c
b/gcc/testsuite/gcc.target/i386/mpx/hard-reg-3-1-nov.c
new file mode 100644
index 000..73bd7fb
--- /dev/null
+++ b/gcc/testsuite/gcc.target/i386/mpx/hard-reg-3-1-nov.c
@@ -0,0 +1,30 @@
+/* { dg-do run } */
+/* { dg-options "-fcheck-pointer-bounds -mmpx" } */
+
Re: [CHKP] Fix for PR79990
Thanks for correcting the usage of get_base_address. I fixed that.
Plus addressed the comment about the avoiding the usage of
chkp_find_bounds.
gcc/testsuite/ChangeLog:
2017-04-20 Alexander Ivchenko
* gcc.target/i386/mpx/hard-reg-2-lbv.c: New test.
* gcc.target/i386/mpx/hard-reg-2-nov.c: New test.
* gcc.target/i386/mpx/hard-reg-2-ubv.c: New test.
* gcc.target/i386/mpx/hard-reg-3-1-lbv.c: New test.
* gcc.target/i386/mpx/hard-reg-3-1-nov.c: New test.
* gcc.target/i386/mpx/hard-reg-3-1-ubv.c: New test.
* gcc.target/i386/mpx/hard-reg-3-2-lbv.c: New test.
* gcc.target/i386/mpx/hard-reg-3-2-nov.c: New test.
* gcc.target/i386/mpx/hard-reg-3-2-ubv.c: New test.
* gcc.target/i386/mpx/hard-reg-3-lbv.c: New test.
* gcc.target/i386/mpx/hard-reg-3-nov.c: New test.
* gcc.target/i386/mpx/hard-reg-3-ubv.c: New test.
* gcc.target/i386/mpx/hard-reg-4-lbv.c: New test.
* gcc.target/i386/mpx/hard-reg-4-nov.c: New test.
* gcc.target/i386/mpx/hard-reg-4-ubv.c: New test.
* gcc.target/i386/mpx/hard-reg-5-1-lbv.c: New test.
* gcc.target/i386/mpx/hard-reg-5-1-nov.c: New test.
* gcc.target/i386/mpx/hard-reg-5-1-ubv.c: New test.
* gcc.target/i386/mpx/hard-reg-5-2-lbv.c: New test.
* gcc.target/i386/mpx/hard-reg-5-2-nov.c: New test.
* gcc.target/i386/mpx/hard-reg-5-2-ubv.c: New test.
* gcc.target/i386/mpx/hard-reg-6-lbv.c: New test.
* gcc.target/i386/mpx/hard-reg-6-nov.c: New test.
* gcc.target/i386/mpx/hard-reg-6-ubv.c: New test.
gcc/ChangeLog:
2017-04-20 Alexander Ivchenko
* tree-chkp.c (chkp_get_hard_register_var_fake_base_address):
New function to provide a base address for
chkp_get_hard_register_fake_addr_expr.
(chkp_get_hard_register_fake_addr_expr): New function to build
fake address expression for an expr that resides on a hard
register.
(chkp_build_addr_expr): Add checks for hard reg cases.
(chkp_parse_array_and_component_ref): Create/find bounds if the
var resides on a hard reg.
I already had a testcases for struct with a pointer - "hard-reg-4-*".
Here is the instrumentation of the foo function:
__attribute__((chkp instrumented))
foo.chkp (int i)
{
__bounds_type __bound_tmp.1;
register struct S2 b __asm__ (*xmm0);
int k;
int * _1;
long unsigned int _2;
long unsigned int _3;
int * _4;
int * _5;
int _11;
int * _18;
[0.00%]:
__bound_tmp.1_17 = __chkp_zero_bounds;
__bound_tmp.1_14 = __builtin_ia32_bndmk (&k, 4);
__bound_tmp.1_13 = __builtin_ia32_bndmk (-2147483648B, 16);
[0.00%]:
[0.00%]:
k = 5;
b.f3 = &k;
__builtin_ia32_bndstx (&k, __bound_tmp.1_14, -2147483648B);
_1 = b.f3;
__bound_tmp.1_15 = __builtin_ia32_bndldx (-2147483648B, _1);
_2 = (long unsigned int) i_9(D);
_3 = _2 * 4;
_4 = _1 + _3;
b.f3 = _4;
__builtin_ia32_bndstx (_4, __bound_tmp.1_15, -2147483648B);
_5 = b.f3;
__bound_tmp.1_16 = __builtin_ia32_bndldx (-2147483648B, _5);
__builtin_ia32_bndcl (_5, __bound_tmp.1_16);
_18 = _5 + 3;
__builtin_ia32_bndcu (_18, __bound_tmp.1_16);
_11 = *_5;
k ={v} {CLOBBER};
return _11;
}
Which is the most suspicious one, because we have ldx and stx. I'm not
sure whether this is OK.
Here is the chkp dump for foo function of newly added hard-reg-6* case:
__attribute__((chkp instrumented))
foo.chkp (int i, int * kp1, __bounds_type __chkp_bounds_of_kp1)
{
__bounds_type __bound_tmp.1;
int D.2873;
register struct S2 b __asm__ (*xmm0);
int k2;
int * _1;
long unsigned int _2;
long unsigned int _3;
int * _4;
int * _5;
int _13;
int * _31;
[0.00%]:
__bound_tmp.1_22 = __builtin_ia32_bndmk (&k2, 4);
__bound_tmp.1_17 = __chkp_zero_bounds;
__bound_tmp.1_15 = __builtin_ia32_bndmk (-2147483648B, 16);
[0.00%]:
[0.00%]:
k2 = 5;
__bound_tmp.1_16 = __builtin_ia32_bndmk (-2147483648B, 16);
__bound_tmp.1_18 = __builtin_ia32_bndint (__bound_tmp.1_16, __bound_tmp.1_15);
__builtin_ia32_bndcl (-2147483648B, __bound_tmp.1_18);
__builtin_ia32_bndcu (-2147483641B, __bound_tmp.1_18);
b.f[0] = kp1_8(D);
__builtin_ia32_bndstx (kp1_8(D), __chkp_bounds_of_kp1_19(D), -2147483648B);
__bound_tmp.1_20 = __builtin_ia32_bndmk (-2147483648B, 16);
__bound_tmp.1_21 = __builtin_ia32_bndint (__bound_tmp.1_20, __bound_tmp.1_15);
__builtin_ia32_bndcl (-2147483640B, __bound_tmp.1_21);
__builtin_ia32_bndcu (-2147483633B, __bound_tmp.1_21);
b.f[1] = &k2;
__builtin_ia32_bndstx (&k2, __bound_tmp.1_22, -2147483640B);
__bound_tmp.1_23 = __builtin_ia32_bndmk (-2147483648B, 16);
__bound_tmp.1_24 = __builtin_ia32_bndint (__bound_tmp.1_23, __bound_tmp.1_15);
__builtin_ia32_bndcl (-2147483648B, __bound_tmp.1_24);
__builtin_ia32_bndcu (-2147483641B, __bound_tmp.1_24);
_1 = b.f[0];
__bound_tmp.1_27 = __builtin_ia32_bndldx (-2147483648B, _1);
_2 = (long unsigned int) i_11(D);
_3 = _2 * 4;
_4 = _1 + _3;
__
[PATCH] Fix mpx testcases (Re: [CHKP] Fix for PR79990)
On Tue, May 09, 2017 at 03:29:40PM +0200, Alexander Ivchenko wrote:
> 2017-05-09 Alexander Ivchenko
>
> * gcc.target/i386/mpx/hard-reg-2-lbv.c: New test.
> * gcc.target/i386/mpx/hard-reg-2-nov.c: New test.
> * gcc.target/i386/mpx/hard-reg-2-ubv.c: New test.
These tests fail for me on i686, without -msse2 there is no
"xmm0" register one can use.
The following patch fixes it, tested on x86_64-linux and i686-linux,
ok for trunk?
2017-06-08 Jakub Jelinek
* gcc.target/i386/mpx/hard-reg-1-nov.c (mpx_test): Use "esp"
instead of "rsp" for -m32.
* gcc.target/i386/mpx/hard-reg-2-lbv.c: Require sse2_runtime effective
target, add -msse2 to dg-options.
* gcc.target/i386/mpx/hard-reg-2-nov.c: Likewise.
* gcc.target/i386/mpx/hard-reg-2-ubv.c: Likewise.
--- gcc/testsuite/gcc.target/i386/mpx/hard-reg-1-nov.c.jj 2015-03-10
16:56:41.0 +0100
+++ gcc/testsuite/gcc.target/i386/mpx/hard-reg-1-nov.c 2017-06-08
21:37:00.357993146 +0200
@@ -13,7 +13,11 @@ int rd (int *p, int i)
int mpx_test (int argc, const char **argv)
{
+#ifdef __x86_64__
register int *frame __asm__("rsp");
+#else
+ register int *frame __asm__("esp");
+#endif
rd (frame, 1);
return 0;
--- gcc/testsuite/gcc.target/i386/mpx/hard-reg-2-lbv.c.jj 2017-06-08
17:53:25.0 +0200
+++ gcc/testsuite/gcc.target/i386/mpx/hard-reg-2-lbv.c 2017-06-08
21:37:23.772718716 +0200
@@ -1,6 +1,6 @@
-/* { dg-do run } */
+/* { dg-do run { target sse2_runtime } } */
/* { dg-shouldfail "bounds violation" } */
-/* { dg-options "-fcheck-pointer-bounds -mmpx" } */
+/* { dg-options "-fcheck-pointer-bounds -mmpx -msse2" } */
#define SHOULDFAIL
--- gcc/testsuite/gcc.target/i386/mpx/hard-reg-2-nov.c.jj 2017-06-08
17:53:25.0 +0200
+++ gcc/testsuite/gcc.target/i386/mpx/hard-reg-2-nov.c 2017-06-08
21:37:35.517581062 +0200
@@ -1,5 +1,5 @@
-/* { dg-do run } */
-/* { dg-options "-fcheck-pointer-bounds -mmpx" } */
+/* { dg-do run { target sse2_runtime } } */
+/* { dg-options "-fcheck-pointer-bounds -mmpx -msse2" } */
#include "mpx-check.h"
--- gcc/testsuite/gcc.target/i386/mpx/hard-reg-2-ubv.c.jj 2017-06-08
17:53:25.0 +0200
+++ gcc/testsuite/gcc.target/i386/mpx/hard-reg-2-ubv.c 2017-06-08
21:37:49.910412372 +0200
@@ -1,6 +1,6 @@
-/* { dg-do run } */
+/* { dg-do run { target sse2_runtime } } */
/* { dg-shouldfail "bounds violation" } */
-/* { dg-options "-fcheck-pointer-bounds -mmpx" } */
+/* { dg-options "-fcheck-pointer-bounds -mmpx -msse2" } */
#define SHOULDFAIL
Jakub
Re: [PATCH] Fix mpx testcases (Re: [CHKP] Fix for PR79990)
2017-06-08 22:45 GMT+03:00 Jakub Jelinek :
> On Tue, May 09, 2017 at 03:29:40PM +0200, Alexander Ivchenko wrote:
>> 2017-05-09 Alexander Ivchenko
>>
>> * gcc.target/i386/mpx/hard-reg-2-lbv.c: New test.
>> * gcc.target/i386/mpx/hard-reg-2-nov.c: New test.
>> * gcc.target/i386/mpx/hard-reg-2-ubv.c: New test.
>
> These tests fail for me on i686, without -msse2 there is no
> "xmm0" register one can use.
>
> The following patch fixes it, tested on x86_64-linux and i686-linux,
> ok for trunk?
OK. Thanks for the fix.
Ilya
>
> 2017-06-08 Jakub Jelinek
>
> * gcc.target/i386/mpx/hard-reg-1-nov.c (mpx_test): Use "esp"
> instead of "rsp" for -m32.
> * gcc.target/i386/mpx/hard-reg-2-lbv.c: Require sse2_runtime effective
> target, add -msse2 to dg-options.
> * gcc.target/i386/mpx/hard-reg-2-nov.c: Likewise.
> * gcc.target/i386/mpx/hard-reg-2-ubv.c: Likewise.
>
> --- gcc/testsuite/gcc.target/i386/mpx/hard-reg-1-nov.c.jj 2015-03-10
> 16:56:41.0 +0100
> +++ gcc/testsuite/gcc.target/i386/mpx/hard-reg-1-nov.c 2017-06-08
> 21:37:00.357993146 +0200
> @@ -13,7 +13,11 @@ int rd (int *p, int i)
>
> int mpx_test (int argc, const char **argv)
> {
> +#ifdef __x86_64__
>register int *frame __asm__("rsp");
> +#else
> + register int *frame __asm__("esp");
> +#endif
>rd (frame, 1);
>
>return 0;
> --- gcc/testsuite/gcc.target/i386/mpx/hard-reg-2-lbv.c.jj 2017-06-08
> 17:53:25.0 +0200
> +++ gcc/testsuite/gcc.target/i386/mpx/hard-reg-2-lbv.c 2017-06-08
> 21:37:23.772718716 +0200
> @@ -1,6 +1,6 @@
> -/* { dg-do run } */
> +/* { dg-do run { target sse2_runtime } } */
> /* { dg-shouldfail "bounds violation" } */
> -/* { dg-options "-fcheck-pointer-bounds -mmpx" } */
> +/* { dg-options "-fcheck-pointer-bounds -mmpx -msse2" } */
>
>
> #define SHOULDFAIL
> --- gcc/testsuite/gcc.target/i386/mpx/hard-reg-2-nov.c.jj 2017-06-08
> 17:53:25.0 +0200
> +++ gcc/testsuite/gcc.target/i386/mpx/hard-reg-2-nov.c 2017-06-08
> 21:37:35.517581062 +0200
> @@ -1,5 +1,5 @@
> -/* { dg-do run } */
> -/* { dg-options "-fcheck-pointer-bounds -mmpx" } */
> +/* { dg-do run { target sse2_runtime } } */
> +/* { dg-options "-fcheck-pointer-bounds -mmpx -msse2" } */
>
> #include "mpx-check.h"
>
> --- gcc/testsuite/gcc.target/i386/mpx/hard-reg-2-ubv.c.jj 2017-06-08
> 17:53:25.0 +0200
> +++ gcc/testsuite/gcc.target/i386/mpx/hard-reg-2-ubv.c 2017-06-08
> 21:37:49.910412372 +0200
> @@ -1,6 +1,6 @@
> -/* { dg-do run } */
> +/* { dg-do run { target sse2_runtime } } */
> /* { dg-shouldfail "bounds violation" } */
> -/* { dg-options "-fcheck-pointer-bounds -mmpx" } */
> +/* { dg-options "-fcheck-pointer-bounds -mmpx -msse2" } */
>
>
> #define SHOULDFAIL
>
>
> Jakub
