use-after-scope fallout

PR testsuite/78242
	* g++.dg/asan/use-after-scope-4.C: New test.
	* g++.dg/asan/use-after-scope-types-4.C: Update scanned pattern.
	* gcc.dg/asan/use-after-scope-8.c: Remove.
	PR testsuite/78242
	* dbgcnt.def: Add new debug counter asan_use_after_scope.
	* gimplify.c (gimplify_decl_expr): Do not sanitize vars
	with a value expr.  Do not add artificial variables to
	live_switch_vars.  Use the debug counter.
	(gimplify_target_expr): Use the debug counter.
	* internal-fn.def: Remove ECF_TM_PURE from ASAN_MARK builtin.
	* sanitizer.def: Set ATTR_NOTHROW_LEAF_LIST to
	BUILT_IN_ASAN_CLOBBER_N and BUILT_IN_ASAN_UNCLOBBER_N.

From-SVN: r241961

gcc/ChangeLog

@@ -1,3 +1,15 @@
+2016-11-08  Martin Liska  <mliska@suse.cz>
+
+	PR testsuite/78242
+	* dbgcnt.def: Add new debug counter asan_use_after_scope.
+	* gimplify.c (gimplify_decl_expr): Do not sanitize vars
+	with a value expr.  Do not add artificial variables to
+	live_switch_vars.  Use the debug counter.
+	(gimplify_target_expr): Use the debug counter.
+	* internal-fn.def: Remove ECF_TM_PURE from ASAN_MARK builtin.
+	* sanitizer.def: Set ATTR_NOTHROW_LEAF_LIST to
+	BUILT_IN_ASAN_CLOBBER_N and BUILT_IN_ASAN_UNCLOBBER_N.
+
 2016-11-08  Richard Biener  <rguenther@suse.de>
 
 	* tree-vect-stmts.c (get_group_load_store_type): If the

gcc/dbgcnt.def

@@ -141,6 +141,7 @@ echo ubound: $ub
 */
 
 /* Debug counter definitions.  */
+DEBUG_COUNTER (asan_use_after_scope)
 DEBUG_COUNTER (auto_inc_dec)
 DEBUG_COUNTER (ccp)
 DEBUG_COUNTER (cfg_cleanup)

gcc/gimplify.c

@@ -60,6 +60,7 @@ along with GCC; see the file COPYING3.  If not see
 #include "langhooks-def.h"	/* FIXME: for lhd_set_decl_assembler_name */
 #include "builtins.h"
 #include "asan.h"
+#include "dbgcnt.h"
 
 /* Hash set of poisoned variables in a bind expr.  */
 static hash_set<tree> *asan_poisoned_variables = NULL;
@@ -1622,11 +1623,13 @@ gimplify_decl_expr (tree *stmt_p, gimple_seq *seq_p)
 	  && !asan_no_sanitize_address_p ()
 	  && !is_vla
 	  && TREE_ADDRESSABLE (decl)
-	  && !TREE_STATIC (decl))
+	  && !TREE_STATIC (decl)
+	  && !DECL_HAS_VALUE_EXPR_P (decl)
+	  && dbg_cnt (asan_use_after_scope))
 	{
 	  asan_poisoned_variables->add (decl);
 	  asan_poison_variable (decl, false, seq_p);
-	  if (gimplify_ctxp->live_switch_vars)
+	  if (!DECL_ARTIFICIAL (decl) && gimplify_ctxp->live_switch_vars)
 	    gimplify_ctxp->live_switch_vars->add (decl);
 	}
 
@@ -6399,7 +6402,8 @@ gimplify_target_expr (tree *expr_p, gimple_seq *pre_p, gimple_seq *post_p)
 	      else
 		cleanup = clobber;
 	    }
-	  if (asan_sanitize_use_after_scope ())
+	  if (asan_sanitize_use_after_scope ()
+	      && dbg_cnt (asan_use_after_scope))
 	    {
 	      tree asan_cleanup = build_asan_poison_call_expr (temp);
 	      if (asan_cleanup)

gcc/internal-fn.def

@@ -158,7 +158,7 @@ DEF_INTERNAL_FN (UBSAN_OBJECT_SIZE, ECF_LEAF | ECF_NOTHROW, NULL)
 DEF_INTERNAL_FN (ABNORMAL_DISPATCHER, ECF_NORETURN, NULL)
 DEF_INTERNAL_FN (BUILTIN_EXPECT, ECF_CONST | ECF_LEAF | ECF_NOTHROW, NULL)
 DEF_INTERNAL_FN (ASAN_CHECK, ECF_TM_PURE | ECF_LEAF | ECF_NOTHROW, ".R...")
-DEF_INTERNAL_FN (ASAN_MARK, ECF_TM_PURE | ECF_LEAF | ECF_NOTHROW, ".R..")
+DEF_INTERNAL_FN (ASAN_MARK, ECF_LEAF | ECF_NOTHROW, ".R..")
 DEF_INTERNAL_FN (ADD_OVERFLOW, ECF_CONST | ECF_LEAF | ECF_NOTHROW, NULL)
 DEF_INTERNAL_FN (SUB_OVERFLOW, ECF_CONST | ECF_LEAF | ECF_NOTHROW, NULL)
 DEF_INTERNAL_FN (MUL_OVERFLOW, ECF_CONST | ECF_LEAF | ECF_NOTHROW, NULL)

gcc/sanitizer.def

@@ -166,9 +166,9 @@ DEF_SANITIZER_BUILTIN(BUILT_IN_ASAN_AFTER_DYNAMIC_INIT,
 		      "__asan_after_dynamic_init",
 		      BT_FN_VOID, ATTR_NOTHROW_LEAF_LIST)
 DEF_SANITIZER_BUILTIN(BUILT_IN_ASAN_CLOBBER_N, "__asan_poison_stack_memory",
-		      BT_FN_VOID_PTR_PTRMODE, 0)
+		      BT_FN_VOID_PTR_PTRMODE, ATTR_NOTHROW_LEAF_LIST)
 DEF_SANITIZER_BUILTIN(BUILT_IN_ASAN_UNCLOBBER_N, "__asan_unpoison_stack_memory",
-		      BT_FN_VOID_PTR_PTRMODE, 0)
+		      BT_FN_VOID_PTR_PTRMODE, ATTR_NOTHROW_LEAF_LIST)
 
 /* Thread Sanitizer */
 DEF_SANITIZER_BUILTIN(BUILT_IN_TSAN_INIT, "__tsan_init", 

gcc/testsuite/ChangeLog

@@ -1,3 +1,10 @@
+2016-11-08  Martin Liska  <mliska@suse.cz>
+
+	PR testsuite/78242
+	* g++.dg/asan/use-after-scope-4.C: New test.
+	* g++.dg/asan/use-after-scope-types-4.C: Update scanned pattern.
+	* gcc.dg/asan/use-after-scope-8.c: Remove.
+
 2016-11-08  Richard Biener  <rguenther@suse.de>
 
 	* gcc.dg/vect/vect-nb-iter-ub-2.c: Adjust.

gcc/testsuite/g++.dg/asan/use-after-scope-4.C

@@ -0,0 +1,36 @@
+/* Caused ICE in in make_decl_rtl, at varasm.c:1311.  */
+/* { dg-do compile } */
+
+class A
+{
+public:
+  A () : value (123) {}
+  int value;
+};
+
+template <typename StoredFunction> class B
+{
+public:
+  template <typename F> B (F p1) : mFunction (p1) { mFunction (); }
+  StoredFunction mFunction;
+};
+template <typename Function>
+void
+NS_NewRunnableFunction (Function p1)
+{
+  (B<Function> (p1));
+}
+class C
+{
+  void DispatchConnectionCloseEvent (A);
+  void AsyncCloseConnectionWithErrorMsg (const A &);
+};
+void
+C::AsyncCloseConnectionWithErrorMsg (const A &)
+{
+  {
+    A message;
+    NS_NewRunnableFunction (
+      [this, message] { DispatchConnectionCloseEvent (message); });
+  }
+}

gcc/testsuite/g++.dg/asan/use-after-scope-types-4.C

@@ -13,5 +13,5 @@ int main()
 }
 
 // { dg-output "ERROR: AddressSanitizer: stack-use-after-scope on address.*(\n|\r\n|\r)" }
-// { dg-output "READ of size 8 at" }
+// { dg-output "READ of size " }
 // { dg-output ".*'x' <== Memory access at offset \[0-9\]* is inside this variable.*" }

gcc/testsuite/gcc.dg/asan/use-after-scope-8.c

@@ -1,14 +0,0 @@
-// { dg-do compile }
-// { dg-additional-options "-fdump-tree-asan0" }
-/* { dg-skip-if "" { *-*-* } { "*" } { "-O0" } } */
-
-int
-fn1 ()
-{
-  int x = 123;
-  register int a asm("rdi") = 123;
-
-  return x * x;
-}
-
-/* { dg-final { scan-tree-dump-not "ASAN_CHECK" "asan0" } }  */