ASAN: clear DECL_NOT_GIMPLE_REG_P.

PR sanitizer/95033 PR sanitizer/95051 * sanopt.c (sanitize_rewrite_addressable_params): Clear DECL_NOT_GIMPLE_REG_P for argument. PR sanitizer/95033 PR sanitizer/95051 * g++.dg/asan/function-argument-4.C: New test. * gcc.dg/asan/pr95033.c: New test. * gcc.dg/asan/pr95051.c: New test.
2025-03-19 01:40:39 +08:00 · 2020-05-12 10:23:09 +02:00 · 2020-05-12 10:23:09 +02:00 · 6b41920bd5
commit 6b41920bd5
parent 99b0c9ec47
6 changed files with 77 additions and 0 deletions
--- a/gcc/ChangeLog
+++ b/gcc/ChangeLog
@ -1,3 +1,10 @@
+2020-05-12  Martin Liska  <mliska@suse.cz>
+
+	PR sanitizer/95033
+	PR sanitizer/95051
+	* sanopt.c (sanitize_rewrite_addressable_params):
+	Clear DECL_NOT_GIMPLE_REG_P for argument.
+
 2020-05-12  Richard Sandiford  <richard.sandiford@arm.com>

 	PR tree-optimization/94980
--- a/gcc/sanopt.c
+++ b/gcc/sanopt.c
@ -1158,6 +1158,7 @@ sanitize_rewrite_addressable_params (function *fun)
 	  && TREE_CODE (TYPE_SIZE (type)) == INTEGER_CST)
 	{
 	  TREE_ADDRESSABLE (arg) = 0;
+	  DECL_NOT_GIMPLE_REG_P (arg) = 0;
 	  /* The parameter is no longer addressable.  */
 	  has_any_addressable_param = true;

--- a/gcc/testsuite/ChangeLog
+++ b/gcc/testsuite/ChangeLog
@ -1,3 +1,11 @@
+2020-05-12  Martin Liska  <mliska@suse.cz>
+
+	PR sanitizer/95033
+	PR sanitizer/95051
+	* g++.dg/asan/function-argument-4.C: New test.
+	* gcc.dg/asan/pr95033.c: New test.
+	* gcc.dg/asan/pr95051.c: New test.
+
 2020-05-12  Jakub Jelinek  <jakub@redhat.com>

 	PR c++/95063
--- a/gcc/testsuite/g++.dg/asan/function-argument-4.C
+++ b/gcc/testsuite/g++.dg/asan/function-argument-4.C
@ -0,0 +1,26 @@
+// { dg-do run }
+// { dg-shouldfail "asan" }
+
+#include <complex.h>
+
+static __attribute__ ((noinline)) long double
+goo (long double _Complex *a)
+{
+  return crealf(*(volatile _Complex long double *)a);
+}
+
+__attribute__ ((noinline)) float
+foo (float _Complex arg)
+{
+  return goo ((long double _Complex *)&arg);
+}
+
+int
+main ()
+{
+  return foo (3 + 2 * I);
+}
+
+// { dg-output "ERROR: AddressSanitizer: stack-buffer-overflow on address.*(\n|\r\n|\r)" }
+// { dg-output "READ of size \[0-9\]* at.*" }
+// { dg-output ".*'arg' \\(line 13\\) <== Memory access at offset \[0-9\]* partially overflows this variable.*" }
--- a/gcc/testsuite/gcc.dg/asan/pr95033.c
+++ b/gcc/testsuite/gcc.dg/asan/pr95033.c
@ -0,0 +1,13 @@
+/* PR sanitizer/95033 */
+/* { dg-do compile } */
+/* { dg-options "-fsanitize=address" } */
+
+struct a
+{
+  int b;
+};
+
+struct a c(_Complex d)
+{
+  return *(struct a *)&d;
+}
--- a/gcc/testsuite/gcc.dg/asan/pr95051.c
+++ b/gcc/testsuite/gcc.dg/asan/pr95051.c
@ -0,0 +1,22 @@
+/* PR sanitizer/95051 */
+/* { dg-do compile } */
+/* { dg-options "-fsanitize=kernel-address --param=asan-stack=1 -O2" } */
+
+struct a {
+  struct {
+    struct {
+      int b;
+    } c;
+  };
+};
+struct d {
+  struct {
+    int e;
+  } f;
+}
+
+g(int h) {
+  struct a *i;
+  struct d *j = (struct d*)&h;
+  i->c.b = j->f.e;
+}