[PATCH] Speed-up use-after-scope (re-writing to SSA) (version 2)

Martin Liška mliska@suse.cz
Fri Jan 20 11:55:00 GMT 2017


On 01/19/2017 05:33 PM, Jakub Jelinek wrote:
> On Wed, Jan 18, 2017 at 04:34:48PM +0100, Martin Liška wrote:
>> Hello.
>>
>> During bootstrap, I came to following test-case:
>>
>> struct A
>> {
>>   int regno;
>> };
>> struct
>> {
>>   A base;
>> } typedef *df_ref;
>> int *a;
>> void
>> fn1 (int N)
>> {
>>   for (int i = 0; i < N; i++)
>>     {
>>       df_ref b;
>>       a[(b)->base.regno]++;
>>     }
>> }
> 
> Well, in this case it is UB too, just not actually out of bounds access,
> but use of uninitialized variable.
> Perhaps what we should do, in addition to turning ASAN_MARK (POISON, &b, ...)
> into b = ASAN_POISON (); turn ASAN_MARK (UNPOISON, &b, ...) into
> b = b_YYY(D);

Great, thanks a lot. I'm going to re-trigger asan-bootstrap with your patch.
I'm also adding gcc/testsuite/gcc.dg/asan/use-after-scope-10.c that is a valid
test-case for this issue.

Hopefully it will survive both regression tests and asan-bootstrap.

Thanks,
Martin


> The following seems to do the job:
> --- gcc/tree-ssa.c.jj	2017-01-19 17:20:15.000000000 +0100
> +++ gcc/tree-ssa.c	2017-01-19 17:29:58.015356370 +0100
> @@ -1911,7 +1911,16 @@ execute_update_addresses_taken (void)
>  			    gsi_replace (&gsi, call, GSI_SAME_STMT);
>  			  }
>  			else
> -			  gsi_remove (&gsi, true);
> +			  {
> +			    /* In ASAN_MARK (UNPOISON, &b, ...) the variable
> +			       is uninitialized.  Avoid dependencies on
> +			       previous out of scope value.  */
> +			    tree clobber
> +			      = build_constructor (TREE_TYPE (var), NULL);
> +			    TREE_THIS_VOLATILE (clobber) = 1;
> +			    gimple *g = gimple_build_assign (var, clobber);
> +			    gsi_replace (&gsi, g, GSI_SAME_STMT);
> +			  }
>  			continue;
>  		      }
>  		  }
> 
> 	Jakub
> 

-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-use-after-scope-handle-writes-to-a-poisoned-variable.patch
Type: text/x-patch
Size: 9255 bytes
Desc: not available
URL: <http://gcc.gnu.org/pipermail/gcc-patches/attachments/20170120/446315b3/attachment.bin>


More information about the Gcc-patches mailing list