re PR sanitizer/77396 (address sanitizer crashes if all static global variables are optimized)

	PR sanitizer/77396
	* sanopt.c: Include gimple-ssa.h, tree-phinodes.h and ssa-iterators.h.
	(sanopt_optimize_walker): Optimize away
	__asan_before_dynamic_init (...) followed by
	__asan_after_dynamic_init () without intervening memory loads/stores.
	* ipa-pure-const.c (special_builtin_state): Handle
	BUILT_IN_ASAN_BEFORE_DYNAMIC_INIT and
	BUILT_IN_ASAN_AFTER_DYNAMIC_INIT.

	* decl2.c (do_static_initialization_or_destruction): Only
	call asan_dynamic_init_call if INITP is true.

	* g++.dg/asan/pr77396.C: New test.

From-SVN: r239961

7 files changed, 74 insertions, 13 deletions

diff --git a/gcc/ChangeLog b/gcc/ChangeLog
index a72ca0618c9..c57c89ef80d 100644
--- a/gcc/ChangeLog
+++ b/gcc/ChangeLog
@@ -1,3 +1,14 @@
+2016-09-02  Jakub Jelinek  <jakub@redhat.com>
+
+	PR sanitizer/77396
+	* sanopt.c: Include gimple-ssa.h, tree-phinodes.h and ssa-iterators.h.
+	(sanopt_optimize_walker): Optimize away
+	__asan_before_dynamic_init (...) followed by
+	__asan_after_dynamic_init () without intervening memory loads/stores.
+	* ipa-pure-const.c (special_builtin_state): Handle
+	BUILT_IN_ASAN_BEFORE_DYNAMIC_INIT and
+	BUILT_IN_ASAN_AFTER_DYNAMIC_INIT.
+
 2016-09-02  Prathamesh Kulkarni  <prathamesh.kulkarni@linaro.org>
 
 	* cfg.c (free_original_copy_tables): Replace second assignment of
@@ -28,7 +39,7 @@
 	* ipa-cp.c (ipcp_store_bits_results): Change option name from
 	-fipa-cp-bit to -fipa-bit-cp.
 
-2016-09-01 Martin Sebor  <msebor@redhat.com>
+2016-09-01  Martin Sebor  <msebor@redhat.com>
 
 	PR tree-optimization/71831
 	* tree-object-size.h: Return bool instead of the size and add
@@ -45,7 +56,7 @@
 	* doc/extend.texi (Object Size Checking): Update.
 	* ubsan.c (instrument_object_size): Adjust.
 
-2016-09-01 Martin Sebor  <msebor@redhat.com>
+2016-09-01  Martin Sebor  <msebor@redhat.com>
 
 	* genmatch.c (parser::parse_expr): Increase buffer size to guarantee
 	it fits the output of the formatted function regardless of its
@@ -3487,11 +3498,11 @@
 	* config/rs6000/rs6000-c.c (altivec_resolve_overloaded_builtin):
 	Reformat two multi-line strings.
 
-2016-07-22 Martin Sebor  <msebor@redhat.com>
+2016-07-22  Martin Sebor  <msebor@redhat.com>
 
 	* doc/extend.texi (Compound Literals): Add '@' missed in last commit.
 
-2016-07-22 Martin Sebor  <msebor@redhat.com>
+2016-07-22  Martin Sebor  <msebor@redhat.com>
 
 	PR c/71560
 	* doc/extend.texi (Compound Literals): Correct and clarify.
diff --git a/gcc/cp/ChangeLog b/gcc/cp/ChangeLog
index c5738561dc1..2073e277857 100644
--- a/gcc/cp/ChangeLog
+++ b/gcc/cp/ChangeLog
@@ -1,4 +1,10 @@
-2016-09-01 Martin Sebor  <msebor@redhat.com>
+2016-09-02  Jakub Jelinek  <jakub@redhat.com>
+
+	PR sanitizer/77396
+	* decl2.c (do_static_initialization_or_destruction): Only
+	call asan_dynamic_init_call if INITP is true.
+
+2016-09-01  Martin Sebor  <msebor@redhat.com>
 
 	* mangle.c: Increase buffer size to guarantee it fits the output
 	of the formatted function regardless of its arguments.
@@ -299,7 +305,7 @@
 	* cp-gimplify.c (cp_fully_fold): Only maybe_constant_value in
 	C++11 and up.
 
-2016-07-30 Martin Sebor  <msebor@redhat.com>
+2016-07-30  Martin Sebor  <msebor@redhat.com>
 
 	PR c++/60760
 	PR c++/71091
diff --git a/gcc/cp/decl2.c b/gcc/cp/decl2.c
index 55bb987ebbe..2ba5ffb31dc 100644
--- a/gcc/cp/decl2.c
+++ b/gcc/cp/decl2.c
@@ -3861,7 +3861,7 @@ do_static_initialization_or_destruction (tree vars, bool initp)
      in other compilation units, or at least those that haven't been
      initialized yet.  Variables that need dynamic construction in
      the current compilation unit are kept accessible.  */
-  if (flag_sanitize & SANITIZE_ADDRESS)
+  if (initp && (flag_sanitize & SANITIZE_ADDRESS))
     finish_expr_stmt (asan_dynamic_init_call (/*after_p=*/false));
 
   node = vars;
@@ -3914,7 +3914,7 @@ do_static_initialization_or_destruction (tree vars, bool initp)
 
   /* Revert what __asan_before_dynamic_init did by calling
      __asan_after_dynamic_init.  */
-  if (flag_sanitize & SANITIZE_ADDRESS)
+  if (initp && (flag_sanitize & SANITIZE_ADDRESS))
     finish_expr_stmt (asan_dynamic_init_call (/*after_p=*/true));
 
   /* Finish up the init/destruct if-stmt body.  */
diff --git a/gcc/ipa-pure-const.c b/gcc/ipa-pure-const.c
index a9570e4aa6c..9732cbff12e 100644
--- a/gcc/ipa-pure-const.c
+++ b/gcc/ipa-pure-const.c
@@ -508,6 +508,8 @@ special_builtin_state (enum pure_const_state_e *state, bool *looping,
 	case BUILT_IN_FRAME_ADDRESS:
 	case BUILT_IN_APPLY:
 	case BUILT_IN_APPLY_ARGS:
+	case BUILT_IN_ASAN_BEFORE_DYNAMIC_INIT:
+	case BUILT_IN_ASAN_AFTER_DYNAMIC_INIT:
 	  *looping = false;
 	  *state = IPA_CONST;
 	  return true;
diff --git a/gcc/sanopt.c b/gcc/sanopt.c
index 26604539ca5..eeb4cd00de0 100644
--- a/gcc/sanopt.c
+++ b/gcc/sanopt.c
@@ -33,6 +33,9 @@ along with GCC; see the file COPYING3.  If not see
 #include "ubsan.h"
 #include "params.h"
 #include "tree-hash-traits.h"
+#include "gimple-ssa.h"
+#include "tree-phinodes.h"
+#include "ssa-iterators.h"
 
 
 /* This is used to carry information about basic blocks.  It is
@@ -538,6 +541,28 @@ sanopt_optimize_walker (basic_block bb, struct sanopt_ctx *ctx)
       if (asan_check_optimize && !nonfreeing_call_p (stmt))
 	info->freeing_call_events++;
 
+      /* If __asan_before_dynamic_init ("module"); is followed by
+	 __asan_after_dynamic_init (); without intervening memory loads/stores,
+	 there is nothing to guard, so optimize both away.  */
+      if (asan_check_optimize
+	  && gimple_call_builtin_p (stmt, BUILT_IN_ASAN_BEFORE_DYNAMIC_INIT))
+	{
+	  use_operand_p use;
+	  gimple *use_stmt;
+	  if (single_imm_use (gimple_vdef (stmt), &use, &use_stmt))
+	    {
+	      if (is_gimple_call (use_stmt)
+		  && gimple_call_builtin_p (use_stmt,
+					    BUILT_IN_ASAN_AFTER_DYNAMIC_INIT))
+		{
+		  unlink_stmt_vdef (use_stmt);
+		  gimple_stmt_iterator gsi2 = gsi_for_stmt (use_stmt);
+		  gsi_remove (&gsi2, true);
+		  remove = true;
+		}
+	    }
+	}
+
       if (gimple_call_internal_p (stmt))
 	switch (gimple_call_internal_fn (stmt))
 	  {
diff --git a/gcc/testsuite/ChangeLog b/gcc/testsuite/ChangeLog
index cda58733fa9..4e31cbea088 100644
--- a/gcc/testsuite/ChangeLog
+++ b/gcc/testsuite/ChangeLog
@@ -1,4 +1,9 @@
-2016-09-01 Martin Sebor  <msebor@redhat.com>
+2016-09-02  Jakub Jelinek  <jakub@redhat.com>
+
+	PR sanitizer/77396
+	* g++.dg/asan/pr77396.C: New test.
+
+2016-09-01  Martin Sebor  <msebor@redhat.com>
 
 	PR tree-optimization/71831
 	* gcc.dg/builtin-object-size-16.c: New test.
@@ -1105,7 +1110,7 @@
 	* gcc.dg/tree-ssa/vrp105.c: New test.
 	* gcc.dg/tree-ssa/vrp106.c: New test.
 
-2016-08-05 Martin Sebor  <msebor@redhat.com>
+2016-08-05  Martin Sebor  <msebor@redhat.com>
 
 	* g++.dg/cpp0x/constexpr-cast.C: Avoid assuming (void*)1 is spelled
 	1ul in diagnostics.  Remove hyphen from "constant-expression."
@@ -1339,7 +1344,7 @@
 	PR fortran/68566
 	* gfortran.dg/pr68566.f90: new test.
 
-2016-07-30 Martin Sebor  <msebor@redhat.com>
+2016-07-30  Martin Sebor  <msebor@redhat.com>
 
 	PR c++/60760
 	PR c++/71091
@@ -1687,7 +1692,7 @@
 	* gfortran.dg/c_sizeof_6.f90: here.  Test for error.
 	* gfortran.dg/pr71935.f90: New test.
 
-2016-07-22 Martin Sebor  <msebor@redhat.com>
+2016-07-22  Martin Sebor  <msebor@redhat.com>
 
 	PR c++/71675
 	* g++.dg/ext/atomic-3.C: New test.
@@ -3340,7 +3345,7 @@
 	PR target/71103
 	* gcc.target/avr/torture/pr71103-2.c: New test.
 
-2016-06-19 Martin Sebor  <msebor@redhat.com>
+2016-06-19  Martin Sebor  <msebor@redhat.com>
 
 	PR c/69507
 	* gcc.dg/alignof.c: New test.
diff --git a/gcc/testsuite/g++.dg/asan/pr77396.C b/gcc/testsuite/g++.dg/asan/pr77396.C
new file mode 100644
index 00000000000..3b3195ec1ec
--- /dev/null
+++ b/gcc/testsuite/g++.dg/asan/pr77396.C
@@ -0,0 +1,12 @@
+// PR sanitizer/77396
+// { dg-do run }
+// { dg-set-target-env-var ASAN_OPTIONS "check_initialization_order=true" }
+
+static int a = 0; 
+static int b = a; 
+
+int
+main ()
+{
+  return 0;
+}