From 440d632db92530bf08eb1b7825f021a8a9b2bd50 Mon Sep 17 00:00:00 2001
From: mpolacek <mpolacek@138bc75d-0d04-0410-961f-82ee72b054a4>
Date: Mon, 1 Dec 2014 15:37:55 +0000
Subject: [PATCH] 	PR sanitizer/64121 	* ubsan.c
 (instrument_object_size): Stop searching if the base 	occurs in abnormal
 phi.

	* c-c++-common/ubsan/pr64121.c: New test.


git-svn-id: svn+ssh://gcc.gnu.org/svn/gcc/trunk@218222 138bc75d-0d04-0410-961f-82ee72b054a4
---
 gcc/ChangeLog                              |  7 +++++++
 gcc/testsuite/ChangeLog                    |  5 +++++
 gcc/testsuite/c-c++-common/ubsan/pr64121.c | 16 ++++++++++++++++
 gcc/ubsan.c                                |  9 ++++++++-
 4 files changed, 36 insertions(+), 1 deletion(-)
 create mode 100644 gcc/testsuite/c-c++-common/ubsan/pr64121.c

diff --git a/gcc/ChangeLog b/gcc/ChangeLog
index f75ecf5391e..08f40967ca8 100644
--- a/gcc/ChangeLog
+++ b/gcc/ChangeLog
@@ -1,4 +1,11 @@
 2014-12-01  Marek Polacek  <polacek@redhat.com>
+	    Jakub Jelinek  <jakub@redhat.com>
+
+	PR sanitizer/64121
+	* ubsan.c (instrument_object_size): Stop searching if the base
+	occurs in abnormal phi.
+
+2014-12-01  Marek Polacek  <polacek@redhat.com>
 
 	PR sanitizer/63956
 	* ubsan.c (is_ubsan_builtin_p): Check also built-in class.
diff --git a/gcc/testsuite/ChangeLog b/gcc/testsuite/ChangeLog
index d7635f2f21a..3be4a88fa57 100644
--- a/gcc/testsuite/ChangeLog
+++ b/gcc/testsuite/ChangeLog
@@ -1,5 +1,10 @@
 2014-12-01  Marek Polacek  <polacek@redhat.com>
 
+	PR sanitizer/64121
+	* c-c++-common/ubsan/pr64121.c: New test.
+
+2014-12-01  Marek Polacek  <polacek@redhat.com>
+
 	PR sanitizer/63956
 	* c-c++-common/ubsan/shift-5.c: Add xfails.
 	* g++.dg/ubsan/div-by-zero-1.C: Don't use -w.  Add xfail.
diff --git a/gcc/testsuite/c-c++-common/ubsan/pr64121.c b/gcc/testsuite/c-c++-common/ubsan/pr64121.c
new file mode 100644
index 00000000000..614d72a22af
--- /dev/null
+++ b/gcc/testsuite/c-c++-common/ubsan/pr64121.c
@@ -0,0 +1,16 @@
+/* PR sanitizer/64121 */
+/* { dg-do compile } */
+/* { dg-options "-fsanitize=undefined -Wno-pointer-arith" } */
+
+extern int tab[16];
+
+void
+execute (int *ip, int x)
+{
+  int *xp = tab;
+base:
+  if (x)
+    return;
+  *xp++ = *ip;
+  goto *(&&base + *ip);
+}
diff --git a/gcc/ubsan.c b/gcc/ubsan.c
index cff0982eac7..fb5f104d701 100644
--- a/gcc/ubsan.c
+++ b/gcc/ubsan.c
@@ -1563,7 +1563,14 @@ instrument_object_size (gimple_stmt_iterator *gsi, bool is_lhs)
 	      && POINTER_TYPE_P (TREE_TYPE (gimple_assign_rhs1 (def_stmt))))
 	  || (is_gimple_assign (def_stmt)
 	      && gimple_assign_rhs_code (def_stmt) == POINTER_PLUS_EXPR))
-	base = gimple_assign_rhs1 (def_stmt);
+	{
+	  tree rhs1 = gimple_assign_rhs1 (def_stmt);
+	  if (TREE_CODE (rhs1) == SSA_NAME
+	    && SSA_NAME_OCCURS_IN_ABNORMAL_PHI (rhs1))
+	    break;
+	  else
+	    base = rhs1;
+	}
       else
 	break;
     }
-- 
2.11.4.GIT