https://gcc.gnu.org/bugzilla/show_bug.cgi?id=79634
--- Comment #3 from Alexander Ivchenko <aivchenk at gmail dot com> ---
The problem here is that when CHKP is instrumenting call statement "i();" it
doesn't know that it's a builtin call. When optimizations come into play,
namely ccp pass, it becomes known that the call is to memmove and it is
actually is replaced as memmove. But we instrumented the call statement, so we
expand it like that:
if (CALL_WITH_BOUNDS_P (exp))
return expand_builtin_with_bounds (exp, target, subtarget,
tmode, ignore);
and then this assert fails:
gcc_assert (fcode > BEGIN_CHKP_BUILTINS
&& fcode < END_CHKP_BUILTINS);
Here is untested fix to check whether we substitute builtin and, if the builtin
is of the instrumentable type, make the call to instrumented builtin:
diff --git a/gcc/tree-ssa-propagate.c b/gcc/tree-ssa-propagate.c
index 0693802..9e9c4a3 100644
--- a/gcc/tree-ssa-propagate.c
+++ b/gcc/tree-ssa-propagate.c
@@ -38,6 +38,8 @@
#include "cfgloop.h"
#include "tree-cfgcleanup.h"
#include "cfganal.h"
+#include "cgraph.h"
+#include "ipa-chkp.h"
/* This file implements a generic value propagation engine based on
the same propagation used by the SSA-CCP algorithm [1].
@@ -1072,6 +1074,13 @@ substitute_and_fold_dom_walker::before_dom_children
(basic_block bb)
fold_stmt (&i, follow_single_use_edges);
stmt = gsi_stmt (i);
gimple_set_modified (stmt, true);
+ if (flag_check_pointer_bounds &&
+ gimple_code (stmt) == GIMPLE_CALL)
+ {
+ tree fndecl = gimple_call_fndecl (stmt);
+ fndecl = chkp_maybe_clone_builtin_fndecl (fndecl);
+ gimple_call_set_fndecl (stmt, fndecl);
+ }
}
/* Some statements may be simplified using propagator
