diff options
| -rw-r--r-- | builtin.c | 73 | ||||
| -rw-r--r-- | flow.c | 17 | ||||
| -rw-r--r-- | linearize.c | 63 | ||||
| -rw-r--r-- | linearize.h | 2 | ||||
| -rw-r--r-- | ptrlist.h | 4 | ||||
| -rw-r--r-- | validation/builtin-objsize-dyn.c | 22 | ||||
| -rw-r--r-- | validation/builtin-objsize0.c | 25 | ||||
| -rw-r--r-- | validation/builtin-objsize1.c | 21 | ||||
| -rw-r--r-- | validation/linear/asm-out0.c | 25 | ||||
| -rw-r--r-- | validation/mem2reg/asm-reload0.c | 14 |
10 files changed, 241 insertions, 25 deletions
@@ -454,6 +454,77 @@ static struct symbol_op atomic_op = { }; +/// +// expand __builtin_object_size() +// +// :note: type 1 and type 3 are not supported because the +// needed information isn't available after evaluation. +static int expand_object_size(struct expression *expr, int cost) +{ + struct expression *arg = first_expression(expr->args); + int type = get_expression_value_silent(ptr_list_nth(expr->args, 1)); + unsigned long val = -1, off = 0; + + while (arg) { + switch (arg->type) { + case EXPR_IMPLIED_CAST: + case EXPR_CAST: + // ignore those + arg = arg->cast_expression; + continue; + case EXPR_BINOP: + // a constant add is (maybe) an offset + if (!arg->right || arg->op != '+' || arg->right->type != EXPR_VALUE) + break; + off += arg->right->value; + arg = arg->left; + continue; + case EXPR_PREOP: + // a deref is just intermediate variable + // and so the offset needs to be zeroed. + if (arg->op == '*') { + arg = arg->unop; + off = 0; + switch (arg->type) { + case EXPR_SYMBOL: + arg = arg->symbol->initializer; + continue; + default: + break; + } + } + break; + case EXPR_SYMBOL: + // the symbol we're looking after + val = bits_to_bytes(arg->symbol->bit_size); + break; + case EXPR_CALL: + // use alloc_size() attribute but only after linearization. + return UNSAFE; + default: + break; + } + break; + } + + if (val == -1) + val = (type & 2) ? 0 : val; + else if (type & 1) + return UNSAFE; + else + val -= off; + + expr->flags |= CEF_SET_ICE; + expr->type = EXPR_VALUE; + expr->value = val; + expr->taint = 0; + return 0; +} + +static struct symbol_op object_size_op = { + .expand = expand_object_size, +}; + /* * Builtin functions */ @@ -598,7 +669,7 @@ static const struct builtin_fn builtins_common[] = { { "__builtin_nan", &double_ctype, 0, { &const_string_ctype }}, { "__builtin_nanf", &float_ctype, 0, { &const_string_ctype }}, { "__builtin_nanl", &ldouble_ctype, 0, { &const_string_ctype }}, - { "__builtin_object_size", size_t_ctype, 0, { &const_ptr_ctype, &int_ctype }}, + { "__builtin_object_size", size_t_ctype, 0, { &const_ptr_ctype, &int_ctype }, .op = &object_size_op}, { "__builtin_parity", &int_ctype, 0, { &uint_ctype }, .op = &parity_op }, { "__builtin_parityl", &int_ctype, 0, { &ulong_ctype }, .op = &parity_op }, { "__builtin_parityll", &int_ctype, 0, { &ullong_ctype }, .op = &parity_op }, @@ -490,12 +490,21 @@ static inline int distinct_symbols(pseudo_t a, pseudo_t b) */ int dominates(pseudo_t pseudo, struct instruction *insn, struct instruction *dom, int local) { - int opcode = dom->opcode; - - if (opcode == OP_CALL || opcode == OP_ENTRY) + switch (dom->opcode) { + case OP_CALL: case OP_ENTRY: return local ? 0 : -1; - if (opcode != OP_LOAD && opcode != OP_STORE) + case OP_LOAD: case OP_STORE: + break; + case OP_ASM: + if (dom->clobber_memory) + return -1; + if (dom->output_memory) + return -1; + return 0; + default: return 0; + } + if (dom->src != pseudo) { if (local) return 0; diff --git a/linearize.c b/linearize.c index 7a6f745f..0c9b0e59 100644 --- a/linearize.c +++ b/linearize.c @@ -2127,43 +2127,55 @@ static pseudo_t linearize_range(struct entrypoint *ep, struct statement *stmt) ALLOCATOR(asm_rules, "asm rules"); ALLOCATOR(asm_constraint, "asm constraints"); -static void add_asm_input(struct entrypoint *ep, struct instruction *insn, struct asm_operand *op) +static void add_asm_rule(struct instruction *insn, struct asm_constraint_list **list, struct asm_operand *op, pseudo_t pseudo) { - pseudo_t pseudo = linearize_expression(ep, op->expr); struct asm_constraint *rule = __alloc_asm_constraint(0); - + rule->is_memory = op->is_memory; rule->ident = op->name; rule->constraint = op->constraint ? op->constraint->string->data : ""; use_pseudo(insn, pseudo, &rule->pseudo); - add_ptr_list(&insn->asm_rules->inputs, rule); + add_ptr_list(list, rule); +} + +static void add_asm_input(struct entrypoint *ep, struct instruction *insn, struct asm_operand *op) +{ + pseudo_t pseudo = linearize_expression(ep, op->expr); + + add_asm_rule(insn, &insn->asm_rules->inputs, op, pseudo); +} + +static void add_asm_output_address(struct entrypoint *ep, struct instruction *insn, struct asm_operand *op) +{ + pseudo_t pseudo; + + if (!op->is_memory) + return; + + pseudo = linearize_expression(ep, op->expr); + add_asm_rule(insn, &insn->asm_rules->outputs, op, pseudo); + insn->output_memory = 1; } static void add_asm_output(struct entrypoint *ep, struct instruction *insn, struct asm_operand *op) { struct access_data ad = { NULL, }; pseudo_t pseudo; - struct asm_constraint *rule; - if (op->is_memory) { - pseudo = linearize_expression(ep, op->expr); - } else { - if (!linearize_address_gen(ep, op->expr, &ad)) - return; - pseudo = alloc_pseudo(insn); - linearize_store_gen(ep, pseudo, &ad); - } - rule = __alloc_asm_constraint(0); - rule->is_memory = op->is_memory; - rule->ident = op->name; - rule->constraint = op->constraint ? op->constraint->string->data : ""; - use_pseudo(insn, pseudo, &rule->pseudo); - add_ptr_list(&insn->asm_rules->outputs, rule); + if (op->is_memory) + return; + + if (!linearize_address_gen(ep, op->expr, &ad)) + return; + pseudo = alloc_pseudo(insn); + linearize_store_gen(ep, pseudo, &ad); + + add_asm_rule(insn, &insn->asm_rules->outputs, op, pseudo); } static pseudo_t linearize_asm_statement(struct entrypoint *ep, struct statement *stmt) { struct instruction *insn; - struct expression *expr; + struct expression *expr, *clob; struct asm_rules *rules; struct asm_operand *op; @@ -2183,6 +2195,11 @@ static pseudo_t linearize_asm_statement(struct entrypoint *ep, struct statement add_asm_input(ep, insn, op); } END_FOR_EACH_PTR(op); + /* ... and the addresses for memory outputs */ + FOR_EACH_PTR(stmt->asm_outputs, op) { + add_asm_output_address(ep, insn, op); + } END_FOR_EACH_PTR(op); + add_one_insn(ep, insn); /* Assign the outputs */ @@ -2190,6 +2207,12 @@ static pseudo_t linearize_asm_statement(struct entrypoint *ep, struct statement add_asm_output(ep, insn, op); } END_FOR_EACH_PTR(op); + /* and finally, look if it clobbers memory */ + FOR_EACH_PTR(stmt->asm_clobbers, clob) { + if (!strcmp(clob->string->data, "memory")) + insn->clobber_memory = 1; + } END_FOR_EACH_PTR(clob); + return VOID; } diff --git a/linearize.h b/linearize.h index a77e4b3e..01ee656c 100644 --- a/linearize.h +++ b/linearize.h @@ -150,6 +150,8 @@ struct instruction { struct /* asm */ { const char *string; struct asm_rules *asm_rules; + unsigned int clobber_memory:1; + unsigned int output_memory:1; }; }; }; @@ -73,6 +73,10 @@ extern void __free_ptr_list(struct ptr_list **); __free_ptr_list((struct ptr_list **)(list)); \ } while (0) +#define ptr_list_nth(lst, nth) ({ \ + struct ptr_list* head = (struct ptr_list*)(lst); \ + (__typeof__((lst)->list[0])) ptr_list_nth_entry(head, nth);\ + }) //////////////////////////////////////////////////////////////////////// // API diff --git a/validation/builtin-objsize-dyn.c b/validation/builtin-objsize-dyn.c new file mode 100644 index 00000000..276c9204 --- /dev/null +++ b/validation/builtin-objsize-dyn.c @@ -0,0 +1,22 @@ +void *alloc(unsigned long)__attribute__((alloc_size(1))); + +_Bool sta(void) +{ + void *ptr = alloc(4); + return __builtin_object_size(ptr, 0) == 4; +} + +_Bool dyn(unsigned long n) +{ + void *ptr = alloc(n); + return __builtin_object_size(ptr, 0) == n; +} + +/* + * check-name: builtin-objsize-dyn + * check-command: test-linearize -Wno-decl $file + * check-known-to-fail + * + * check-output-ignore + * check-output-returns: 1 + */ diff --git a/validation/builtin-objsize0.c b/validation/builtin-objsize0.c new file mode 100644 index 00000000..9aab2ddd --- /dev/null +++ b/validation/builtin-objsize0.c @@ -0,0 +1,25 @@ +#define bos(O, T) __builtin_object_size(O, T) + +struct s { + char arr[8]; + __INT32_TYPE__ i; + __INT32_TYPE__ padding; +}; + +static struct s s; +static char *p = &s.arr[1]; +static int *q = &s.i; + +int obj_int0(void) { return bos(&s.i, 0) == 8; } +int obj_arr0(void) { return bos(&s.arr[1], 0) == 15; } + +int ptr_int(struct s *p) { return bos(&p->i, 0) == -1; } +int ptr_arr(struct s *p) { return bos(&p->arr[1], 0) == -1; } + +/* + * check-name: builtin-objsize0 + * check-command: test-linearize -Wno-decl $file + * + * check-output-ignore + * check-output-returns: 1 + */ diff --git a/validation/builtin-objsize1.c b/validation/builtin-objsize1.c new file mode 100644 index 00000000..1f285fc5 --- /dev/null +++ b/validation/builtin-objsize1.c @@ -0,0 +1,21 @@ +#define bos(O, T) __builtin_object_size(O, T) + +struct s { + char arr[8]; + __INT32_TYPE__ i; + __INT32_TYPE__ padding; +}; + +static struct s s; + +int obj_int1(void) { return bos(&s.i, 1) == 4; } +int obj_arr1(void) { return bos(&s.arr[1], 1) == 7; } + +/* + * check-name: builtin-objsize1 + * check-command: test-linearize -Wno-decl $file + * check-known-to-fail + * + * check-output-ignore + * check-output-returns: 1 + */ diff --git a/validation/linear/asm-out0.c b/validation/linear/asm-out0.c new file mode 100644 index 00000000..8b0907b3 --- /dev/null +++ b/validation/linear/asm-out0.c @@ -0,0 +1,25 @@ +static void asm_out0(void) +{ + int mem; + asm volatile ("[%1] <= 0" : "=m" (mem)); +} + +/* + * check-name: asm-out0 + * check-command: test-linearize -m64 -fdump-ir $file + * + * check-output-start +asm_out0: +.L0: + <entry-point> + symaddr.64 %r1 <- mem + asm "[%1] <= 0" + out: "=m" (%r1) + br .L1 + +.L1: + ret + + + * check-output-end + */ diff --git a/validation/mem2reg/asm-reload0.c b/validation/mem2reg/asm-reload0.c new file mode 100644 index 00000000..ce1829e0 --- /dev/null +++ b/validation/mem2reg/asm-reload0.c @@ -0,0 +1,14 @@ +static int asm_reload(void) +{ + int mem = 0; + asm volatile ("[%1] <= 1" : "=m" (mem)); + return mem; +} + +/* + * check-name: asm-reload0 + * check-command: test-linearize $file + * + * check-output-ignore + * check-output-contains: load\\. + */ |