From patchwork Fri Nov  4 16:05:51 2016
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Marek Polacek <polacek@redhat.com>
X-Patchwork-Id: 691298
Return-Path: 
 <gcc-patches-return-440462-incoming=patchwork.ozlabs.org@gcc.gnu.org>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Received: from sourceware.org (server1.sourceware.org [209.132.180.131])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256
	bits)) (No client certificate requested)
	by ozlabs.org (Postfix) with ESMTPS id 3t9RYJ3Vq3z9vFt
	for <incoming@patchwork.ozlabs.org>;
	Sat,  5 Nov 2016 03:06:59 +1100 (AEDT)
Authentication-Results: ozlabs.org; dkim=pass (1024-bit key;
	unprotected) header.d=gcc.gnu.org header.i=@gcc.gnu.org
	header.b="QH6GjXnK"; dkim-atps=neutral
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gcc.gnu.org; h=list-id
	:list-unsubscribe:list-archive:list-post:list-help:sender:date
	:from:to:subject:message-id:mime-version:content-type; q=dns; s=
	default; b=jcpXAQZeoMLau4zUbJgrWf7UiiIPpDPtG7mJhPU0Xl6SO6wtKGtxX
	7sgYB3S9teIhIrHYvftZfNkFPIp4u4FsXlCh4YM8MSJre7yErG7L7pOKGZkHZJXs
	BxcMhO2GG6R+Jlo2nXDrhEpvfAJIq+PPeHw5lO3eNaTPyayUPPd8Q4=
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=gcc.gnu.org; h=list-id
	:list-unsubscribe:list-archive:list-post:list-help:sender:date
	:from:to:subject:message-id:mime-version:content-type; s=
	default; bh=qkpJf4XsN4eF/u0v6kMaJx8nUHs=; b=QH6GjXnKUuJlhnkYs/ou
	NX01Mhhah1xRjFUDVDPZqcT43AbaH9GdjmTnRqLUkwIZOux2PDhNbwW3x5v29az3
	cV5DdkYTwz4h1GUxj0Fl5yIUpwiMNgL7kLWqcCc67Npk2ddI+m9fFiZZ2rhLUZCS
	2WmLWdWnwO4w85QCvfDSmJg=
Received: (qmail 20855 invoked by alias); 4 Nov 2016 16:05:57 -0000
Mailing-List: contact gcc-patches-help@gcc.gnu.org; run by ezmlm
Precedence: bulk
List-Id: <gcc-patches.gcc.gnu.org>
List-Unsubscribe: 
 <mailto:gcc-patches-unsubscribe-incoming=patchwork.ozlabs.org@gcc.gnu.org>
List-Archive: <http://gcc.gnu.org/ml/gcc-patches/>
List-Post: <mailto:gcc-patches@gcc.gnu.org>
List-Help: <mailto:gcc-patches-help@gcc.gnu.org>
Sender: gcc-patches-owner@gcc.gnu.org
Delivered-To: mailing list gcc-patches@gcc.gnu.org
Received: (qmail 20842 invoked by uid 89); 4 Nov 2016 16:05:56 -0000
Authentication-Results: sourceware.org; auth=none
X-Virus-Found: No
X-Spam-SWARE-Status: No, score=-4.2 required=5.0 tests=BAYES_00,
	RP_MATCHES_RCVD,
	SPF_HELO_PASS autolearn=ham version=3.3.2 spammy=1, 22
X-HELO: mx1.redhat.com
Received: from mx1.redhat.com (HELO mx1.redhat.com) (209.132.183.28) by
	sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with ESMTP;
	Fri, 04 Nov 2016 16:05:55 +0000
Received: from int-mx09.intmail.prod.int.phx2.redhat.com
	(int-mx09.intmail.prod.int.phx2.redhat.com
	[10.5.11.22])	(using TLSv1.2 with cipher
	ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))	(No client
	certificate requested)	by mx1.redhat.com (Postfix) with
	ESMTPS id B624A155C3	for <gcc-patches@gcc.gnu.org>;
	Fri,  4 Nov 2016 16:05:54 +0000 (UTC)
Received: from redhat.com (ovpn-204-45.brq.redhat.com [10.40.204.45])	by
	int-mx09.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4)
	with ESMTP id uA4G5pJk015416	(version=TLSv1/SSLv3
	cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO);
	Fri, 4 Nov 2016 12:05:53 -0400
Date: Fri, 4 Nov 2016 17:05:51 +0100
From: Marek Polacek <polacek@redhat.com>
To: GCC Patches <gcc-patches@gcc.gnu.org>, Jakub Jelinek <jakub@redhat.com>,
	Jason Merrill <jason@redhat.com>
Subject: ubsan PATCH to fix compile-time hog with operator overloading (PR
	sanitizer/78208)
Message-ID: <20161104160551.GV5939@redhat.com>
MIME-Version: 1.0
Content-Disposition: inline
User-Agent: Mutt/1.7.1 (2016-10-04)

This is a similar case to PR sanitizer/70342.  Here, we were generating expression
in a quadratic fashion because of the initializer--we create SAVE_EXPR <>, then 
UBSAN_NULL <SAVE_EXPR <>>, and then COMPOUND_EXPR of these two and so on.

On this testcase we were instrumention CALL_EXPR that is in fact operator<<.  I
think those always return a reference, so it cannot be NULL, so there's no
point in instrumenting those?

Bootstrapped/regtested on x86_64-linux, ok for trunk?

2016-11-04  Marek Polacek  <polacek@redhat.com>

	PR sanitizer/78208
	* cp-gimplify.c (cp_genericize_r): Don't instrument
	CALL_EXPR_OPERATOR_SYNTAX.

	* g++.dg/ubsan/null-8.C: New.


	Marek

diff --git gcc/cp/cp-gimplify.c gcc/cp/cp-gimplify.c
index 9b9b511..f39e9d5 100644
--- gcc/cp/cp-gimplify.c
+++ gcc/cp/cp-gimplify.c
@@ -1495,7 +1495,8 @@ cp_genericize_r (tree *stmt_p, int *walk_subtrees, void *data)
 		= TREE_CODE (fn) == ADDR_EXPR
 		  && TREE_CODE (TREE_OPERAND (fn, 0)) == FUNCTION_DECL
 		  && DECL_CONSTRUCTOR_P (TREE_OPERAND (fn, 0));
-	      if (flag_sanitize & (SANITIZE_NULL | SANITIZE_ALIGNMENT))
+	      if (flag_sanitize & (SANITIZE_NULL | SANITIZE_ALIGNMENT)
+		  && !CALL_EXPR_OPERATOR_SYNTAX (stmt))
 		ubsan_maybe_instrument_member_call (stmt, is_ctor);
 	      if ((flag_sanitize & SANITIZE_VPTR) && !is_ctor)
 		cp_ubsan_maybe_instrument_member_call (stmt);
diff --git gcc/testsuite/g++.dg/ubsan/null-8.C gcc/testsuite/g++.dg/ubsan/null-8.C
index e69de29..0600b93 100644
--- gcc/testsuite/g++.dg/ubsan/null-8.C
+++ gcc/testsuite/g++.dg/ubsan/null-8.C
@@ -0,0 +1,22 @@
+// PR sanitizer/78208
+// { dg-do compile }
+// { dg-options "-fsanitize=null" }
+
+class S
+{
+  virtual void foo () = 0;
+};
+
+struct T {
+  T &operator << (const char *s);
+};
+
+T t;
+
+void
+S::foo ()
+{
+  t << "a" << "b" << "c" << "d" << "e" << "f" << "g" << "h" << "i"
+    << "j" << "k" << "l" << "m" << "n" << "o" << "p" << "q" << "r"
+    << "s" << "t" << "u" << "v" << "w" << "z";
+}