On Mon, Dec 1, 2014 at 3:12 PM, Marek Polacek <pola...@redhat.com> wrote:
> This fixes PR64121, where we ran into a SSA corruption failure
> because we couldn't coalesce two SSA_NAME_OCCURS_IN_ABNORMAL_PHI
> SSA_NAMEs. So just skip such SSA names when looking for a base.
Not really "skip" but "stop at".
> Bootstrapped/regtested on ppc64-linux, ok for trunk?
Ok.
Thanks,
Richard.
> 2014-12-01 Marek Polacek <pola...@redhat.com>
> Jakub Jelinek <ja...@redhat.com>
>
> PR sanitizer/64121
> * ubsan.c (instrument_object_size): Skip base if
> it occurs in abnormal phi.
>
> * c-c++-common/ubsan/pr64121.c: New test.
>
> diff --git gcc/testsuite/c-c++-common/ubsan/pr64121.c
> gcc/testsuite/c-c++-common/ubsan/pr64121.c
> index e69de29..82b216a 100644
> --- gcc/testsuite/c-c++-common/ubsan/pr64121.c
> +++ gcc/testsuite/c-c++-common/ubsan/pr64121.c
> @@ -0,0 +1,16 @@
> +/* PR sanitizer/64121 */
> +/* { dg-do compile } */
> +/* { dg-options "-fsanitize=undefined -Wno-pointer-arith" } */
> +
> +extern int tab[16];
> +
> +void
> +execute (int *ip, int x)
> +{
> + int *xp = tab;
> +base:
> + if (x)
> + return;
> + *xp++ = *ip;
> + goto *(&&base + *ip);
> +}
> diff --git gcc/ubsan.c gcc/ubsan.c
> index ea5ccb4..e2a07a9 100644
> --- gcc/ubsan.c
> +++ gcc/ubsan.c
> @@ -1564,7 +1564,14 @@ instrument_object_size (gimple_stmt_iterator *gsi,
> bool is_lhs)
> && POINTER_TYPE_P (TREE_TYPE (gimple_assign_rhs1 (def_stmt))))
> || (is_gimple_assign (def_stmt)
> && gimple_assign_rhs_code (def_stmt) == POINTER_PLUS_EXPR))
> - base = gimple_assign_rhs1 (def_stmt);
> + {
> + tree rhs1 = gimple_assign_rhs1 (def_stmt);
> + if (TREE_CODE (rhs1) == SSA_NAME
> + && SSA_NAME_OCCURS_IN_ABNORMAL_PHI (rhs1))
> + break;
> + else
> + base = rhs1;
> + }
> else
> break;
> }
>
> Marek
