re PR middle-end/81005 (-fsanitize=null and -fsanitize=alignment doesn't check aggregate arguments of calls)

PR middle-end/81005
	* ubsan.c (instrument_null): Avoid pointless code temporary.
	(pass_ubsan::execute): Instrument aggregate arguments of calls.

	* c-c++-common/ubsan/align-10.c: New test.
	* c-c++-common/ubsan/null-13.c: New test.

From-SVN: r249030

gcc/ChangeLog

@@ -1,3 +1,9 @@
+2017-06-08  Jakub Jelinek  <jakub@redhat.com>
+
+	PR middle-end/81005
+	* ubsan.c (instrument_null): Avoid pointless code temporary.
+	(pass_ubsan::execute): Instrument aggregate arguments of calls.
+
 2017-06-08  Uros Bizjak  <ubizjak@gmail.com>
 
 	PR target/81015

gcc/testsuite/ChangeLog

@@ -1,3 +1,9 @@
+2017-06-08  Jakub Jelinek  <jakub@redhat.com>
+
+	PR middle-end/81005
+	* c-c++-common/ubsan/align-10.c: New test.
+	* c-c++-common/ubsan/null-13.c: New test.
+
 2017-06-08  Uros Bizjak  <ubizjak@gmail.com>
 
 	PR target/81015

gcc/testsuite/c-c++-common/ubsan/align-10.c

@@ -0,0 +1,39 @@
+/* Limit this to known non-strict alignment targets.  */
+/* { dg-do run { target { i?86-*-linux* x86_64-*-linux* } } } */
+/* { dg-options "-O -fsanitize=alignment -fsanitize-recover=alignment" } */
+
+struct R { int a; } r;
+struct S { struct R a; char b; long long c; short d[10]; };
+struct T { char a; long long b; };
+struct U { char a; int b; int c; long long d; struct S e; struct T f; } __attribute__((packed));
+struct V { long long a; struct S b; struct T c; struct U u; } v;
+
+__attribute__((noinline, noclone)) int
+bar (int x, struct R y, struct R z)
+{
+  return x + y.a;
+}
+
+__attribute__((noinline, noclone)) int
+foo (struct S *p, struct S *q)
+{
+  int i = bar (0, r, r);
+  i += bar (1, p->a, r);
+  i += bar (2, r, q->a);
+  return i;
+}
+
+int
+main ()
+{
+  char *p = (char *) &v.u.e;
+  struct S *q, *r;
+  asm volatile ("" : "=r" (q) : "0" (p));
+  asm volatile ("" : "=r" (r) : "0" (p));
+  if (foo (q, r) != 3)
+    __builtin_abort ();
+  return 0;
+}
+
+/* { dg-output "\.c:21:\[0-9]*: \[^\n\r]*member access within misaligned address 0x\[0-9a-fA-F]* for type 'struct S', which requires \[48] byte alignment.*" } */
+/* { dg-output "\.c:22:\[0-9]*: \[^\n\r]*member access within misaligned address 0x\[0-9a-fA-F]* for type 'struct S', which requires \[48] byte alignment" } */

gcc/testsuite/c-c++-common/ubsan/null-13.c

@@ -0,0 +1,37 @@
+/* { dg-do run } */
+/* { dg-options "-fsanitize=null -fno-sanitize-recover=null -w" } */
+/* { dg-shouldfail "ubsan" } */
+
+struct S {
+  int i;
+  long long j;
+  long long m;
+};
+union U {
+  int k;
+  struct S l;
+};
+
+__attribute__((noinline, noclone)) int
+foo (struct S s)
+{
+  return s.i + s.j + s.m;
+}
+
+__attribute__((noinline, noclone)) int
+bar (union U *u)
+{
+  foo (u->l);
+}
+
+union U v;
+
+int
+main (void)
+{
+  union U *u = 0;
+  asm volatile ("" : "+r" (u) : "r" (&v) : "memory");
+  return bar (u);
+}
+
+/* { dg-output "member access within null pointer of type 'union U'" } */

gcc/ubsan.c

@@ -1212,8 +1212,7 @@ instrument_null (gimple_stmt_iterator gsi, bool is_lhs)
   if (TREE_CODE (t) == ADDR_EXPR)
     t = TREE_OPERAND (t, 0);
   tree base = get_base_address (t);
-  const enum tree_code code = TREE_CODE (base);
-  if (code == MEM_REF
+  if (TREE_CODE (base) == MEM_REF
       && TREE_CODE (TREE_OPERAND (base, 0)) == SSA_NAME)
     instrument_mem_ref (t, base, &gsi, is_lhs);
 }
@@ -2003,6 +2002,20 @@ pass_ubsan::execute (function *fun)
 		instrument_null (gsi, true);
 	      if (gimple_assign_single_p (stmt))
 		instrument_null (gsi, false);
+	      if (is_gimple_call (stmt))
+		{
+		  unsigned args_num = gimple_call_num_args (stmt);
+		  for (unsigned i = 0; i < args_num; ++i)
+		    {
+		      tree arg = gimple_call_arg (stmt, i);
+		      if (is_gimple_reg (arg) || is_gimple_min_invariant (arg))
+			continue;
+		      tree base = get_base_address (arg);
+		      if (TREE_CODE (base) == MEM_REF
+			  && TREE_CODE (TREE_OPERAND (base, 0)) == SSA_NAME)
+			instrument_mem_ref (arg, base, &gsi, false);
+		    }
+		}
 	    }
 
 	  if (flag_sanitize & (SANITIZE_BOOL | SANITIZE_ENUM)