re PR sanitizer/77396 (address sanitizer crashes if all static global variables are optimized)

PR sanitizer/77396 * sanopt.c: Include gimple-ssa.h, tree-phinodes.h and ssa-iterators.h. (sanopt_optimize_walker): Optimize away __asan_before_dynamic_init (...) followed by __asan_after_dynamic_init () without intervening memory loads/stores. * ipa-pure-const.c (special_builtin_state): Handle BUILT_IN_ASAN_BEFORE_DYNAMIC_INIT and BUILT_IN_ASAN_AFTER_DYNAMIC_INIT. * decl2.c (do_static_initialization_or_destruction): Only call asan_dynamic_init_call if INITP is true. * g++.dg/asan/pr77396.C: New test. From-SVN: r239961

re PR sanitizer/77396 (address sanitizer crashes if all static global variables are optimized)
PR sanitizer/77396 * sanopt.c: Include gimple-ssa.h, tree-phinodes.h and ssa-iterators.h. (sanopt_optimize_walker): Optimize away __asan_before_dynamic_init (...) followed by __asan_after_dynamic_init () without intervening memory loads/stores. * ipa-pure-const.c (special_builtin_state): Handle BUILT_IN_ASAN_BEFORE_DYNAMIC_INIT and BUILT_IN_ASAN_AFTER_DYNAMIC_INIT. * decl2.c (do_static_initialization_or_destruction): Only call asan_dynamic_init_call if INITP is true. * g++.dg/asan/pr77396.C: New test. From-SVN: r239961
94087e88 · Jakub Jelinek · af711c23 · 94087e88 · 94087e88 · 94087e88
Commit 94087e88 authored Sep 02, 2016 by Jakub Jelinek
Showing with 63 additions and 2 deletions

gcc/ChangeLog
+11 -0

gcc/cp/ChangeLog
+6 -0

gcc/cp/decl2.c
+2 -2

gcc/ipa-pure-const.c
+2 -0

gcc/sanopt.c
+25 -0

gcc/testsuite/ChangeLog
+5 -0

gcc/testsuite/g++.dg/asan/pr77396.C
+12 -0

No files found.
--- a/gcc/ChangeLog
+++ b/gcc/ChangeLog
+2016-09-02  Jakub Jelinek  <jakub@redhat.com>
+	PR sanitizer/77396
+	* sanopt.c: Include gimple-ssa.h, tree-phinodes.h and ssa-iterators.h.
+	(sanopt_optimize_walker): Optimize away
+	__asan_before_dynamic_init (...) followed by
+	__asan_after_dynamic_init () without intervening memory loads/stores.
+	* ipa-pure-const.c (special_builtin_state): Handle
+	BUILT_IN_ASAN_BEFORE_DYNAMIC_INIT and
+	BUILT_IN_ASAN_AFTER_DYNAMIC_INIT.
 2016-09-02  Prathamesh Kulkarni  <prathamesh.kulkarni@linaro.org>
 	* cfg.c (free_original_copy_tables): Replace second assignment of

--- a/gcc/cp/ChangeLog
+++ b/gcc/cp/ChangeLog
+2016-09-02  Jakub Jelinek  <jakub@redhat.com>
+	PR sanitizer/77396
+	* decl2.c (do_static_initialization_or_destruction): Only
+	call asan_dynamic_init_call if INITP is true.
 2016-09-01  Martin Sebor  <msebor@redhat.com>
 	* mangle.c: Increase buffer size to guarantee it fits the output

--- a/gcc/cp/decl2.c
+++ b/gcc/cp/decl2.c
@@ -3861,7 +3861,7 @@ do_static_initialization_or_destruction (tree vars, bool initp)
     in other compilation units, or at least those that haven't been
     initialized yet.  Variables that need dynamic construction in
     the current compilation unit are kept accessible.  */
-  if (flag_sanitize & SANITIZE_ADDRESS)
+  if (initp && (flag_sanitize & SANITIZE_ADDRESS))
    finish_expr_stmt (asan_dynamic_init_call (/*after_p=*/false));
  node = vars;
@@ -3914,7 +3914,7 @@ do_static_initialization_or_destruction (tree vars, bool initp)
  /* Revert what __asan_before_dynamic_init did by calling
     __asan_after_dynamic_init.  */
-  if (flag_sanitize & SANITIZE_ADDRESS)
+  if (initp && (flag_sanitize & SANITIZE_ADDRESS))
    finish_expr_stmt (asan_dynamic_init_call (/*after_p=*/true));
  /* Finish up the init/destruct if-stmt body.  */

--- a/gcc/ipa-pure-const.c
+++ b/gcc/ipa-pure-const.c
@@ -508,6 +508,8 @@ special_builtin_state (enum pure_const_state_e *state, bool *looping,
 	case BUILT_IN_FRAME_ADDRESS:
 	case BUILT_IN_APPLY:
 	case BUILT_IN_APPLY_ARGS:
+	case BUILT_IN_ASAN_BEFORE_DYNAMIC_INIT:
+	case BUILT_IN_ASAN_AFTER_DYNAMIC_INIT:
 	  *looping = false;
 	  *state = IPA_CONST;
 	  return true;

--- a/gcc/sanopt.c
+++ b/gcc/sanopt.c
@@ -33,6 +33,9 @@ along with GCC; see the file COPYING3.  If not see
 #include "ubsan.h"
 #include "params.h"
 #include "tree-hash-traits.h"
+#include "gimple-ssa.h"
+#include "tree-phinodes.h"
+#include "ssa-iterators.h"
 /* This is used to carry information about basic blocks.  It is
@@ -538,6 +541,28 @@ sanopt_optimize_walker (basic_block bb, struct sanopt_ctx *ctx)
      if (asan_check_optimize && !nonfreeing_call_p (stmt))
 	info->freeing_call_events++;
+      /* If __asan_before_dynamic_init ("module"); is followed by
+	 __asan_after_dynamic_init (); without intervening memory loads/stores,
+	 there is nothing to guard, so optimize both away.  */
+      if (asan_check_optimize
+	  && gimple_call_builtin_p (stmt, BUILT_IN_ASAN_BEFORE_DYNAMIC_INIT))
+	{
+	  use_operand_p use;
+	  gimple *use_stmt;
+	  if (single_imm_use (gimple_vdef (stmt), &use, &use_stmt))
+	    {
+	      if (is_gimple_call (use_stmt)
+		  && gimple_call_builtin_p (use_stmt,
+					    BUILT_IN_ASAN_AFTER_DYNAMIC_INIT))
+		{
+		  unlink_stmt_vdef (use_stmt);
+		  gimple_stmt_iterator gsi2 = gsi_for_stmt (use_stmt);
+		  gsi_remove (&gsi2, true);
+		  remove = true;
+		}
+	    }
+	}
      if (gimple_call_internal_p (stmt))
 	switch (gimple_call_internal_fn (stmt))
 	  {

--- a/gcc/testsuite/ChangeLog
+++ b/gcc/testsuite/ChangeLog
+2016-09-02  Jakub Jelinek  <jakub@redhat.com>
+	PR sanitizer/77396
+	* g++.dg/asan/pr77396.C: New test.
 2016-09-01  Martin Sebor  <msebor@redhat.com>
 	PR tree-optimization/71831

--- a/gcc/testsuite/g++.dg/asan/pr77396.C
+++ b/gcc/testsuite/g++.dg/asan/pr77396.C
+// PR sanitizer/77396
+// { dg-do run }
+// { dg-set-target-env-var ASAN_OPTIONS "check_initialization_order=true" }
+static int a = 0; 
+static int b = a; 
+int
+main ()
+{
+  return 0;
+}