This is the mail archive of the
gcc-patches@gcc.gnu.org
mailing list for the GCC project.
Re: Fix ICE in use-after-scope w/ -fno-tree-dce (PR, sanitize/79783).
- From: Jakub Jelinek <jakub at redhat dot com>
- To: Martin Liška <mliska at suse dot cz>
- Cc: GCC Patches <gcc-patches at gcc dot gnu dot org>
- Date: Mon, 6 Mar 2017 09:09:54 +0100
- Subject: Re: Fix ICE in use-after-scope w/ -fno-tree-dce (PR, sanitize/79783).
- Authentication-results: sourceware.org; auth=none
- References: <0c9de9bb-a232-07d4-302d-c59108484ccf@suse.cz> <20170303125723.GB1849@tucnak> <11a8ab88-b609-12fc-6518-bcec1589c3df@suse.cz>
- Reply-to: Jakub Jelinek <jakub at redhat dot com>
On Mon, Mar 06, 2017 at 08:59:09AM +0100, Martin Liška wrote:
> >> --- a/gcc/asan.c
> >> +++ b/gcc/asan.c
> >> @@ -3107,7 +3107,10 @@ asan_expand_poison_ifn (gimple_stmt_iterator *iter,
> >> {
> >> gimple *g = gsi_stmt (*iter);
> >> tree poisoned_var = gimple_call_lhs (g);
> >> - if (!poisoned_var)
> >> +
> >> + /* It can happen with inlining and -fno-tree-dce that VAR_DECL for a SSA
> >> + NAME was removed and thus the poisoning should not have any usage. */
> >> + if (!poisoned_var || SSA_NAME_VAR (poisoned_var) == NULL_TREE)
> >
> > I wonder if it wouldn't be better to do:
> > if (!poisoned_var || has_zero_uses (poisoned_var))
> >
> > perhaps with -fno-tree-dce we could end up with SSA_NAME_VAR being
> > non-NULL, yet no uses; in that case there is nothing to warn about.
> > On the other side, in theory we could also end up with anonymous SSA_NAME
> > and some uses - in that case perhaps it would be better to warn.
> > So do:
> > if (SSA_NAME_VAR (poisoned_var) == NULL_TREE)
> > SSA_NAME_VAR (poisoned_var) = create_tmp_var (TREE_TYPE (poisoned_var));
> > tree shadow_var = create_asan_shadow_var (SSA_NAME_VAR (poisoned_var),
> > shadow_vars_mapping);
> > or so? We'll need SSA_NAME_VAR non-NULL so that we can use a default def
> > later.
>
> Ok, I've just prepared and tested following patch that does what Jakub suggested.Hi.
> Patch can bootstrap on ppc64le-redhat-linux and survives regression tests.
> --- a/gcc/asan.c
> +++ b/gcc/asan.c
Can you please add also the suggested
{
gimple *g = gsi_stmt (*iter);
tree poisoned_var = gimple_call_lhs (g);
- if (!poisoned_var)
+ if (!poisoned_var || has_zero_uses (poisoned_var))
{
gsi_remove (iter, true);
return true;
hunk into the same function? If we don't do DCE, we can end up with
ASAN_POISON with lhs but not really used anywhere. If there are no uses,
it is a poisoned use.
> @@ -3113,6 +3113,10 @@ asan_expand_poison_ifn (gimple_stmt_iterator *iter,
> return true;
> }
>
> + if (SSA_NAME_VAR (poisoned_var) == NULL_TREE)
> + SET_SSA_NAME_VAR_OR_IDENTIFIER (poisoned_var,
> + create_tmp_var (TREE_TYPE (poisoned_var)));
> +
> tree shadow_var = create_asan_shadow_var (SSA_NAME_VAR (poisoned_var),
> shadow_vars_mapping);
>
Ok with that change.
Jakub