asan: Fix ICE during instrumentation of returns_twice calls [PR112709]

The following patch on top of the previously posted ubsan/gimple-iterator
one handles asan the same.  While the case of returning by hidden reference
is handled differently because of the first recently posted asan patch,
this deals with instrumentation of the aggregates returned in registers
case as well as instrumentation of loads from aggregate memory in the
function arguments of returns_twice calls.

2024-03-13  Jakub Jelinek  <jakub@redhat.com>

	PR sanitizer/112709
	* asan.cc (maybe_create_ssa_name, maybe_cast_to_ptrmode,
	build_check_stmt, maybe_instrument_call, asan_expand_mark_ifn): Use
	gsi_safe_insert_before instead of gsi_insert_before.

	* gcc.dg/asan/pr112709-2.c: New test.

diff --git a/gcc/asan.cc b/gcc/asan.cc
index c533b09b1a12ed5ca277b1d2bf0b81297e79a624..cfe83106460528a8b326eb405e3622fdc4ec9f00 100644 (file)
--- a/gcc/asan.cc
+++ b/gcc/asan.cc
@@ -2574,7 +2574,7 @@ maybe_create_ssa_name (location_t loc, tree base, gimple_stmt_iterator *iter,
   gimple *g = gimple_build_assign (make_ssa_name (TREE_TYPE (base)), base);
   gimple_set_location (g, loc);
   if (before_p)
-    gsi_insert_before (iter, g, GSI_SAME_STMT);
+    gsi_safe_insert_before (iter, g);
   else
     gsi_insert_after (iter, g, GSI_NEW_STMT);
   return gimple_assign_lhs (g);
@@ -2593,7 +2593,7 @@ maybe_cast_to_ptrmode (location_t loc, tree len, gimple_stmt_iterator *iter,
                                  NOP_EXPR, len);
   gimple_set_location (g, loc);
   if (before_p)
-    gsi_insert_before (iter, g, GSI_SAME_STMT);
+    gsi_safe_insert_before (iter, g);
   else
     gsi_insert_after (iter, g, GSI_NEW_STMT);
   return gimple_assign_lhs (g);
@@ -2684,7 +2684,7 @@ build_check_stmt (location_t loc, tree base, tree len,
                                                 align / BITS_PER_UNIT));
   gimple_set_location (g, loc);
   if (before_p)
-    gsi_insert_before (&gsi, g, GSI_SAME_STMT);
+    gsi_safe_insert_before (&gsi, g);
   else
     {
       gsi_insert_after (&gsi, g, GSI_NEW_STMT);
@@ -3025,7 +3025,7 @@ maybe_instrument_call (gimple_stmt_iterator *iter)
          tree decl = builtin_decl_implicit (BUILT_IN_ASAN_HANDLE_NO_RETURN);
          gimple *g = gimple_build_call (decl, 0);
          gimple_set_location (g, gimple_location (stmt));
-         gsi_insert_before (iter, g, GSI_SAME_STMT);
+         gsi_safe_insert_before (iter, g);
        }
     }
 
@@ -3852,7 +3852,7 @@ asan_expand_mark_ifn (gimple_stmt_iterator *iter)
       g = gimple_build_assign (make_ssa_name (pointer_sized_int_node),
                               NOP_EXPR, len);
       gimple_set_location (g, loc);
-      gsi_insert_before (iter, g, GSI_SAME_STMT);
+      gsi_safe_insert_before (iter, g);
       tree sz_arg = gimple_assign_lhs (g);
 
       tree fun

diff --git a/gcc/testsuite/gcc.dg/asan/pr112709-2.c b/gcc/testsuite/gcc.dg/asan/pr112709-2.c
new file mode 100644 (file)
index 0000000..e793f53
--- /dev/null
+++ b/gcc/testsuite/gcc.dg/asan/pr112709-2.c
@@ -0,0 +1,50 @@
+/* PR sanitizer/112709 */
+/* { dg-do compile } */
+/* { dg-options "-fsanitize=address -O2" } */
+
+struct S { char c[1024]; } *p;
+int foo (int);
+
+__attribute__((returns_twice, noipa)) int
+bar (struct S x)
+{
+  (void) x.c[0];
+  return 0;
+}
+
+void
+baz (int *y)
+{
+  foo (1);
+  *y = bar (*p);
+}
+
+void
+qux (int x, int *y)
+{
+  if (x == 25)
+    x = foo (2);
+  else if (x == 42)
+    x = foo (foo (3));
+  *y = bar (*p);
+}
+
+void
+corge (int x, int *y)
+{
+  void *q[] = { &&l1, &&l2, &&l3, &&l3 };
+  if (x == 25)
+    {
+    l1:
+      x = foo (2);
+    }
+  else if (x == 42)
+    {
+    l2:
+      x = foo (foo (3));
+    }
+l3:
+  *y = bar (*p);
+  if (x < 4)
+    goto *q[x & 3];
+}