diff options
| author | Martin Liska <mliska@suse.cz> | 2016-10-25 16:16:10 +0200 |
|---|---|---|
| committer | Martin Liska <marxin@gcc.gnu.org> | 2016-10-25 14:16:10 +0000 |
| commit | 8e104951788de1a591287637d2b29fa37d8822ea (patch) | |
| tree | 18fc8d8acdae6c8a7b6ba799f256667fab11c24b /gcc | |
| parent | b93ee1bb06d43c0547b4de6f1389deafa28a474c (diff) | |
| download | gcc-8e104951788de1a591287637d2b29fa37d8822ea.zip gcc-8e104951788de1a591287637d2b29fa37d8822ea.tar.gz gcc-8e104951788de1a591287637d2b29fa37d8822ea.tar.bz2 | |
Fix not caught use-after-scope with -O1 (PR sanitize/78106)
PR sanitizer/78106
* sanopt.c (imm_dom_path_with_freeing_call): Handle gasm
statements as they can also contain possibly a freeing call.
PR sanitizer/78106
* gcc.dg/asan/pr78106.c: New test.
From-SVN: r241511
Diffstat (limited to 'gcc')
| -rw-r--r-- | gcc/ChangeLog | 6 | ||||
| -rw-r--r-- | gcc/sanopt.c | 6 | ||||
| -rw-r--r-- | gcc/testsuite/ChangeLog | 5 | ||||
| -rw-r--r-- | gcc/testsuite/gcc.dg/asan/pr78106.c | 31 |
4 files changed, 47 insertions, 1 deletions
diff --git a/gcc/ChangeLog b/gcc/ChangeLog index e0601576d..6548386 100644 --- a/gcc/ChangeLog +++ b/gcc/ChangeLog @@ -1,3 +1,9 @@ +2016-10-25 Martin Liska <mliska@suse.cz> + + PR sanitizer/78106 + * sanopt.c (imm_dom_path_with_freeing_call): Handle gasm + statements as they can also contain possibly a freeing call. + 2016-10-25 H.J. Lu <hongjiu.lu@intel.com> Martin Liska <mliska@suse.cz> diff --git a/gcc/sanopt.c b/gcc/sanopt.c index 27c43da..8a6fbe9 100644 --- a/gcc/sanopt.c +++ b/gcc/sanopt.c @@ -211,8 +211,12 @@ imm_dom_path_with_freeing_call (basic_block bb, basic_block dom) for (gsi = gsi_start_bb (e->src); !gsi_end_p (gsi); gsi_next (&gsi)) { gimple *stmt = gsi_stmt (gsi); + gasm *asm_stmt; - if (is_gimple_call (stmt) && !nonfreeing_call_p (stmt)) + if ((is_gimple_call (stmt) && !nonfreeing_call_p (stmt)) + || ((asm_stmt = dyn_cast <gasm *> (stmt)) + && (gimple_asm_clobbers_memory_p (asm_stmt) + || gimple_asm_volatile_p (asm_stmt)))) { pred_info->has_freeing_call_p = true; break; diff --git a/gcc/testsuite/ChangeLog b/gcc/testsuite/ChangeLog index c7c233f..edc026e 100644 --- a/gcc/testsuite/ChangeLog +++ b/gcc/testsuite/ChangeLog @@ -1,5 +1,10 @@ 2016-10-25 Martin Liska <mliska@suse.cz> + PR sanitizer/78106 + * gcc.dg/asan/pr78106.c: New test. + +2016-10-25 Martin Liska <mliska@suse.cz> + * gcc.dg/ipa/ipa-icf-32.c: Removed one scanned pattern. 2016-10-25 Wilco Dijkstra <wdijkstr@arm.com> diff --git a/gcc/testsuite/gcc.dg/asan/pr78106.c b/gcc/testsuite/gcc.dg/asan/pr78106.c new file mode 100644 index 0000000..d333f9b --- /dev/null +++ b/gcc/testsuite/gcc.dg/asan/pr78106.c @@ -0,0 +1,31 @@ +/* PR sanitizer/78106 */ +/* { dg-do compile } */ +/* { dg-options "-fsanitize=address -fdump-tree-sanopt-details" } */ + +int *variable; + +void __attribute__((used)) release() +{ + __builtin_free (variable); +} + +int main2(int argc) +{ + *variable = 2; + + if (argc <= 5) + asm volatile ("call release"); + + *variable = 2; + __builtin_abort (); + + return 0; +} + +int main(int argc, char **argv) +{ + variable = __builtin_malloc (sizeof(int)); + return main2(argc); +} + +/* { dg-final { scan-tree-dump-not "Optimizing out(\n|\r\n|\r) ASAN_CHECK \\(7, variable.*" "sanopt" } } */ |