[PATCH] use-after-scope fallout

[PATCH] use-after-scope fallout

[Martin Liška]

[-- Attachment #1: Type: text/plain, Size: 565 bytes --]

Hello.

This is fallout fix where I changed:

1) Fix ICE for lambda functions (added test-case: use-after-scope-4.C)
2) Fix ICE in gimplify_switch_expr, at gimplify.c:2269 (fixed by not adding
artificial variables)
3) PR testsuite/78242 - I basically removed the test (not interesting)
4) LEAF and NOTHROW flags are properly set on ASAN {un}poison functions
5) dbg_cnt has been added
6) use-after-scope-types-4.C - scanned pattern is updated to work on i686

Patch can bootstrap on ppc64le-redhat-linux and survives regression tests.

Ready to be installed?
Martin

[-- Attachment #2: 0001-use-after-scope-fallout.patch --]
[-- Type: text/x-patch, Size: 6781 bytes --]

From 36eb4a8b3542729c9c428ac319d8422bea677869 Mon Sep 17 00:00:00 2001
From: marxin <mliska@suse.cz>
Date: Mon, 7 Nov 2016 14:49:00 +0100
Subject: [PATCH] use-after-scope fallout

gcc/testsuite/ChangeLog:

2016-11-08  Martin Liska  <mliska@suse.cz>

	PR testsuite/78242
	* g++.dg/asan/use-after-scope-4.C: New test.
	* g++.dg/asan/use-after-scope-types-4.C: Update scanned pattern.
	* gcc.dg/asan/use-after-scope-8.c: Remove.

gcc/ChangeLog:

2016-11-08  Martin Liska  <mliska@suse.cz>

	PR testsuite/78242
	* dbgcnt.def: Add new debug counter asan_use_after_scope.
	* gimplify.c (gimplify_decl_expr): Do not sanitize vars
	with a value expr.  Do not add artificial variables to
	live_switch_vars.  Use the debug counter.
	(gimplify_target_expr): Use the debug counter.
	* internal-fn.def: Remove ECF_TM_PURE from ASAN_MARK builtin.
	* sanitizer.def: Set ATTR_NOTHROW_LEAF_LIST to
	BUILT_IN_ASAN_CLOBBER_N and BUILT_IN_ASAN_UNCLOBBER_N.
---
 gcc/dbgcnt.def                                     |  1 +
 gcc/gimplify.c                                     | 10 ++++--
 gcc/internal-fn.def                                |  2 +-
 gcc/sanitizer.def                                  |  4 +--
 gcc/testsuite/g++.dg/asan/use-after-scope-4.C      | 36 ++++++++++++++++++++++
 .../g++.dg/asan/use-after-scope-types-4.C          |  2 +-
 gcc/testsuite/gcc.dg/asan/use-after-scope-8.c      | 14 ---------
 7 files changed, 48 insertions(+), 21 deletions(-)
 create mode 100644 gcc/testsuite/g++.dg/asan/use-after-scope-4.C
 delete mode 100644 gcc/testsuite/gcc.dg/asan/use-after-scope-8.c

diff --git a/gcc/dbgcnt.def b/gcc/dbgcnt.def
index 78ddcc2..0a45bac 100644
--- a/gcc/dbgcnt.def
+++ b/gcc/dbgcnt.def
@@ -141,6 +141,7 @@ echo ubound: $ub
 */
 
 /* Debug counter definitions.  */
+DEBUG_COUNTER (asan_use_after_scope)
 DEBUG_COUNTER (auto_inc_dec)
 DEBUG_COUNTER (ccp)
 DEBUG_COUNTER (cfg_cleanup)
diff --git a/gcc/gimplify.c b/gcc/gimplify.c
index e5930e6..d392450 100644
--- a/gcc/gimplify.c
+++ b/gcc/gimplify.c
@@ -60,6 +60,7 @@ along with GCC; see the file COPYING3.  If not see
 #include "langhooks-def.h"	/* FIXME: for lhd_set_decl_assembler_name */
 #include "builtins.h"
 #include "asan.h"
+#include "dbgcnt.h"
 
 /* Hash set of poisoned variables in a bind expr.  */
 static hash_set<tree> *asan_poisoned_variables = NULL;
@@ -1622,11 +1623,13 @@ gimplify_decl_expr (tree *stmt_p, gimple_seq *seq_p)
 	  && !asan_no_sanitize_address_p ()
 	  && !is_vla
 	  && TREE_ADDRESSABLE (decl)
-	  && !TREE_STATIC (decl))
+	  && !TREE_STATIC (decl)
+	  && !DECL_HAS_VALUE_EXPR_P (decl)
+	  && dbg_cnt (asan_use_after_scope))
 	{
 	  asan_poisoned_variables->add (decl);
 	  asan_poison_variable (decl, false, seq_p);
-	  if (gimplify_ctxp->live_switch_vars)
+	  if (!DECL_ARTIFICIAL (decl) && gimplify_ctxp->live_switch_vars)
 	    gimplify_ctxp->live_switch_vars->add (decl);
 	}
 
@@ -6399,7 +6402,8 @@ gimplify_target_expr (tree *expr_p, gimple_seq *pre_p, gimple_seq *post_p)
 	      else
 		cleanup = clobber;
 	    }
-	  if (asan_sanitize_use_after_scope ())
+	  if (asan_sanitize_use_after_scope ()
+	      && dbg_cnt (asan_use_after_scope))
 	    {
 	      tree asan_cleanup = build_asan_poison_call_expr (temp);
 	      if (asan_cleanup)
diff --git a/gcc/internal-fn.def b/gcc/internal-fn.def
index 6a0a7f6..0869b2f 100644
--- a/gcc/internal-fn.def
+++ b/gcc/internal-fn.def
@@ -158,7 +158,7 @@ DEF_INTERNAL_FN (UBSAN_OBJECT_SIZE, ECF_LEAF | ECF_NOTHROW, NULL)
 DEF_INTERNAL_FN (ABNORMAL_DISPATCHER, ECF_NORETURN, NULL)
 DEF_INTERNAL_FN (BUILTIN_EXPECT, ECF_CONST | ECF_LEAF | ECF_NOTHROW, NULL)
 DEF_INTERNAL_FN (ASAN_CHECK, ECF_TM_PURE | ECF_LEAF | ECF_NOTHROW, ".R...")
-DEF_INTERNAL_FN (ASAN_MARK, ECF_TM_PURE | ECF_LEAF | ECF_NOTHROW, ".R..")
+DEF_INTERNAL_FN (ASAN_MARK, ECF_LEAF | ECF_NOTHROW, ".R..")
 DEF_INTERNAL_FN (ADD_OVERFLOW, ECF_CONST | ECF_LEAF | ECF_NOTHROW, NULL)
 DEF_INTERNAL_FN (SUB_OVERFLOW, ECF_CONST | ECF_LEAF | ECF_NOTHROW, NULL)
 DEF_INTERNAL_FN (MUL_OVERFLOW, ECF_CONST | ECF_LEAF | ECF_NOTHROW, NULL)
diff --git a/gcc/sanitizer.def b/gcc/sanitizer.def
index 1c142e9..c11c95a 100644
--- a/gcc/sanitizer.def
+++ b/gcc/sanitizer.def
@@ -166,9 +166,9 @@ DEF_SANITIZER_BUILTIN(BUILT_IN_ASAN_AFTER_DYNAMIC_INIT,
 		      "__asan_after_dynamic_init",
 		      BT_FN_VOID, ATTR_NOTHROW_LEAF_LIST)
 DEF_SANITIZER_BUILTIN(BUILT_IN_ASAN_CLOBBER_N, "__asan_poison_stack_memory",
-		      BT_FN_VOID_PTR_PTRMODE, 0)
+		      BT_FN_VOID_PTR_PTRMODE, ATTR_NOTHROW_LEAF_LIST)
 DEF_SANITIZER_BUILTIN(BUILT_IN_ASAN_UNCLOBBER_N, "__asan_unpoison_stack_memory",
-		      BT_FN_VOID_PTR_PTRMODE, 0)
+		      BT_FN_VOID_PTR_PTRMODE, ATTR_NOTHROW_LEAF_LIST)
 
 /* Thread Sanitizer */
 DEF_SANITIZER_BUILTIN(BUILT_IN_TSAN_INIT, "__tsan_init", 
diff --git a/gcc/testsuite/g++.dg/asan/use-after-scope-4.C b/gcc/testsuite/g++.dg/asan/use-after-scope-4.C
new file mode 100644
index 0000000..c3b6932
--- /dev/null
+++ b/gcc/testsuite/g++.dg/asan/use-after-scope-4.C
@@ -0,0 +1,36 @@
+/* Caused ICE in in make_decl_rtl, at varasm.c:1311.  */
+/* { dg-do compile } */
+
+class A
+{
+public:
+  A () : value (123) {}
+  int value;
+};
+
+template <typename StoredFunction> class B
+{
+public:
+  template <typename F> B (F p1) : mFunction (p1) { mFunction (); }
+  StoredFunction mFunction;
+};
+template <typename Function>
+void
+NS_NewRunnableFunction (Function p1)
+{
+  (B<Function> (p1));
+}
+class C
+{
+  void DispatchConnectionCloseEvent (A);
+  void AsyncCloseConnectionWithErrorMsg (const A &);
+};
+void
+C::AsyncCloseConnectionWithErrorMsg (const A &)
+{
+  {
+    A message;
+    NS_NewRunnableFunction (
+      [this, message] { DispatchConnectionCloseEvent (message); });
+  }
+}
diff --git a/gcc/testsuite/g++.dg/asan/use-after-scope-types-4.C b/gcc/testsuite/g++.dg/asan/use-after-scope-types-4.C
index dd06e94..44f4d3b 100644
--- a/gcc/testsuite/g++.dg/asan/use-after-scope-types-4.C
+++ b/gcc/testsuite/g++.dg/asan/use-after-scope-types-4.C
@@ -13,5 +13,5 @@ int main()
 }
 
 // { dg-output "ERROR: AddressSanitizer: stack-use-after-scope on address.*(\n|\r\n|\r)" }
-// { dg-output "READ of size 8 at" }
+// { dg-output "READ of size " }
 // { dg-output ".*'x' <== Memory access at offset \[0-9\]* is inside this variable.*" }
diff --git a/gcc/testsuite/gcc.dg/asan/use-after-scope-8.c b/gcc/testsuite/gcc.dg/asan/use-after-scope-8.c
deleted file mode 100644
index b204206..0000000
--- a/gcc/testsuite/gcc.dg/asan/use-after-scope-8.c
+++ /dev/null
@@ -1,14 +0,0 @@
-// { dg-do compile }
-// { dg-additional-options "-fdump-tree-asan0" }
-/* { dg-skip-if "" { *-*-* } { "*" } { "-O0" } } */
-
-int
-fn1 ()
-{
-  int x = 123;
-  register int a asm("rdi") = 123;
-
-  return x * x;
-}
-
-/* { dg-final { scan-tree-dump-not "ASAN_CHECK" "asan0" } }  */
-- 
2.10.1

Re: Fix build of jit (was Re: [PATCH, RFC] Introduce -fsanitize=use-after-scope (v3))

[Martin Liška]

On 11/07/2016 05:17 PM, Jakub Jelinek wrote:
> On Mon, Nov 07, 2016 at 11:07:13AM -0500, David Malcolm wrote:
>> The patch (r241896) introduced an error in the build of the jit:
>>
>> ../../src/gcc/jit/jit-builtins.c:62:1: error: invalid conversion from
>> ‘int’ to ‘gcc::jit::built_in_attribute’ [-fpermissive]
>>  };
>>  ^
>>
>> which seems to be due to the "0" for ATTRS in:
>>
>> --- a/gcc/sanitizer.def
>> +++ b/gcc/sanitizer.def
>> @@ -165,6 +165,10 @@ DEF_SANITIZER_BUILTIN(BUILT_IN_ASAN_BEFORE_DYNAMIC_INIT,
>>  DEF_SANITIZER_BUILTIN(BUILT_IN_ASAN_AFTER_DYNAMIC_INIT,
>>  		      "__asan_after_dynamic_init",
>>  		      BT_FN_VOID, ATTR_NOTHROW_LEAF_LIST)
>> +DEF_SANITIZER_BUILTIN(BUILT_IN_ASAN_CLOBBER_N, "__asan_poison_stack_memory",
>> +		      BT_FN_VOID_PTR_PTRMODE, 0)
>> +DEF_SANITIZER_BUILTIN(BUILT_IN_ASAN_UNCLOBBER_N, "__asan_unpoison_stack_memory",
>> +		      BT_FN_VOID_PTR_PTRMODE, 0)
> 
> I believe the 0 here is a bug, I'd think we should be using something like
> ATTR_TMPURE_NOTHROW_LEAF_LIST that we are using __asan_load* - the functions
> aren't going to throw, nor call anything in the current TU.  Not 100% sure
> about the TMPURE, after all they do write/read memory (the shadow one).
> So maybe ATTR_NOTHROW_LEAF_LIST instead for now?  Martin?

Yes, 0 is bug. I'm inclining to ATTR_NOTHROW_LEAF_LIST as __asan_{un}poison_stack_memory
modifies global memory. It would be more safe. I'm also going to change it for ASAN_MARK
internal function (where ECF_TM_PURE is currently selected).

I'm testing patch for that.
Martin

> 
>> Is the attached patch OK as a fix? (assuming testing passes)  Or should
>> these builtins have other attrs?  (sorry, am not very familiar with the
>> sanitizer code).
> 
> 	Jakub
> 

Re: Fix build of jit (was Re: [PATCH, RFC] Introduce -fsanitize=use-after-scope (v3))

[Jakub Jelinek]

On Mon, Nov 07, 2016 at 11:07:13AM -0500, David Malcolm wrote:
> The patch (r241896) introduced an error in the build of the jit:
> 
> ../../src/gcc/jit/jit-builtins.c:62:1: error: invalid conversion from
> ‘int’ to ‘gcc::jit::built_in_attribute’ [-fpermissive]
>  };
>  ^
> 
> which seems to be due to the "0" for ATTRS in:
> 
> --- a/gcc/sanitizer.def
> +++ b/gcc/sanitizer.def
> @@ -165,6 +165,10 @@ DEF_SANITIZER_BUILTIN(BUILT_IN_ASAN_BEFORE_DYNAMIC_INIT,
>  DEF_SANITIZER_BUILTIN(BUILT_IN_ASAN_AFTER_DYNAMIC_INIT,
>  		      "__asan_after_dynamic_init",
>  		      BT_FN_VOID, ATTR_NOTHROW_LEAF_LIST)
> +DEF_SANITIZER_BUILTIN(BUILT_IN_ASAN_CLOBBER_N, "__asan_poison_stack_memory",
> +		      BT_FN_VOID_PTR_PTRMODE, 0)
> +DEF_SANITIZER_BUILTIN(BUILT_IN_ASAN_UNCLOBBER_N, "__asan_unpoison_stack_memory",
> +		      BT_FN_VOID_PTR_PTRMODE, 0)

I believe the 0 here is a bug, I'd think we should be using something like
ATTR_TMPURE_NOTHROW_LEAF_LIST that we are using __asan_load* - the functions
aren't going to throw, nor call anything in the current TU.  Not 100% sure
about the TMPURE, after all they do write/read memory (the shadow one).
So maybe ATTR_NOTHROW_LEAF_LIST instead for now?  Martin?

> Is the attached patch OK as a fix? (assuming testing passes)  Or should
> these builtins have other attrs?  (sorry, am not very familiar with the
> sanitizer code).

	Jakub

Fix build of jit (was Re: [PATCH, RFC] Introduce -fsanitize=use-after-scope (v3))

[David Malcolm]

[-- Attachment #1: Type: text/plain, Size: 1825 bytes --]

On Mon, 2016-11-07 at 11:03 +0100, Martin Liška wrote:
> Hello.
> 
> After discussion with Jakub, I'm resending new version of the patch,
> where I changed following:
> 1) gimplify_ctxp->live_switch_vars is used to track variables
> introduced in switch_expr. Every time
>    a case_label_expr is seen, these are unpoisoned. It's quite
> conservative, however it covers all
>    corner cases on can come up with. Compared to clang, we are much
> more precise in switch statements
>    where a variable liveness crosses label boundary.
> 2) I found a bug where ASAN_CHECK was optimized out due to missing
> check of IFN_ASAN_MARK internal fn.
>    Test was added for that.
> 3) Multiple switch tests have been added, which is going to be sent
> in upcoming email.
> 
> Patch can bootstrap on ppc64le-redhat-linux and survives regression
> tests (+ asan bootstrap finishes
> successfully).

The patch (r241896) introduced an error in the build of the jit:

../../src/gcc/jit/jit-builtins.c:62:1: error: invalid conversion from
‘int’ to ‘gcc::jit::built_in_attribute’ [-fpermissive]
 };
 ^

which seems to be due to the "0" for ATTRS in:

--- a/gcc/sanitizer.def
+++ b/gcc/sanitizer.def
@@ -165,6 +165,10 @@ DEF_SANITIZER_BUILTIN(BUILT_IN_ASAN_BEFORE_DYNAMIC_INIT,
 DEF_SANITIZER_BUILTIN(BUILT_IN_ASAN_AFTER_DYNAMIC_INIT,
 		      "__asan_after_dynamic_init",
 		      BT_FN_VOID, ATTR_NOTHROW_LEAF_LIST)
+DEF_SANITIZER_BUILTIN(BUILT_IN_ASAN_CLOBBER_N, "__asan_poison_stack_memory",
+		      BT_FN_VOID_PTR_PTRMODE, 0)
+DEF_SANITIZER_BUILTIN(BUILT_IN_ASAN_UNCLOBBER_N, "__asan_unpoison_stack_memory",
+		      BT_FN_VOID_PTR_PTRMODE, 0)

Is the attached patch OK as a fix? (assuming testing passes)  Or should
these builtins have other attrs?  (sorry, am not very familiar with the
sanitizer code).

Dave

[-- Attachment #2: 0001-Fix-build-of-jit.patch --]
[-- Type: text/x-patch, Size: 1659 bytes --]

From 6db5f9e50dc95f504d33970ee553172bbf400ae7 Mon Sep 17 00:00:00 2001
From: David Malcolm <dmalcolm@redhat.com>
Date: Mon, 7 Nov 2016 11:21:20 -0500
Subject: [PATCH] Fix build of jit

gcc/ChangeLog:
	* asan.c (ATTR_NULL): Define.
	* sanitizer.def (BUILT_IN_ASAN_CLOBBER_N): Use ATTR_NULL rather
	than 0.
	(BUILT_IN_ASAN_UNCLOBBER_N): Likewise.
---
 gcc/asan.c        | 2 ++
 gcc/sanitizer.def | 4 ++--
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/gcc/asan.c b/gcc/asan.c
index 1e0ce8d..4a124cb 100644
--- a/gcc/asan.c
+++ b/gcc/asan.c
@@ -2463,6 +2463,8 @@ initialize_sanitizer_builtins (void)
 #define BT_FN_I16_CONST_VPTR_INT BT_FN_IX_CONST_VPTR_INT[4]
 #define BT_FN_I16_VPTR_I16_INT BT_FN_IX_VPTR_IX_INT[4]
 #define BT_FN_VOID_VPTR_I16_INT BT_FN_VOID_VPTR_IX_INT[4]
+#undef ATTR_NULL
+#define ATTR_NULL 0
 #undef ATTR_NOTHROW_LEAF_LIST
 #define ATTR_NOTHROW_LEAF_LIST ECF_NOTHROW | ECF_LEAF
 #undef ATTR_TMPURE_NOTHROW_LEAF_LIST
diff --git a/gcc/sanitizer.def b/gcc/sanitizer.def
index 1c142e9..596b8b0 100644
--- a/gcc/sanitizer.def
+++ b/gcc/sanitizer.def
@@ -166,9 +166,9 @@ DEF_SANITIZER_BUILTIN(BUILT_IN_ASAN_AFTER_DYNAMIC_INIT,
 		      "__asan_after_dynamic_init",
 		      BT_FN_VOID, ATTR_NOTHROW_LEAF_LIST)
 DEF_SANITIZER_BUILTIN(BUILT_IN_ASAN_CLOBBER_N, "__asan_poison_stack_memory",
-		      BT_FN_VOID_PTR_PTRMODE, 0)
+		      BT_FN_VOID_PTR_PTRMODE, ATTR_NULL)
 DEF_SANITIZER_BUILTIN(BUILT_IN_ASAN_UNCLOBBER_N, "__asan_unpoison_stack_memory",
-		      BT_FN_VOID_PTR_PTRMODE, 0)
+		      BT_FN_VOID_PTR_PTRMODE, ATTR_NULL)
 
 /* Thread Sanitizer */
 DEF_SANITIZER_BUILTIN(BUILT_IN_TSAN_INIT, "__tsan_init", 
-- 
1.8.5.3

Re: Fix build of jit (was Re: [PATCH, RFC] Introduce -fsanitize=use-after-scope (v3))

[Jakub Jelinek]

On Tue, Nov 08, 2016 at 10:38:23AM +0100, Martin Liška wrote:
> > I believe the 0 here is a bug, I'd think we should be using something like
> > ATTR_TMPURE_NOTHROW_LEAF_LIST that we are using __asan_load* - the functions
> > aren't going to throw, nor call anything in the current TU.  Not 100% sure
> > about the TMPURE, after all they do write/read memory (the shadow one).
> > So maybe ATTR_NOTHROW_LEAF_LIST instead for now?  Martin?
> 
> Yes, 0 is bug. I'm inclining to ATTR_NOTHROW_LEAF_LIST as __asan_{un}poison_stack_memory
> modifies global memory. It would be more safe. I'm also going to change it for ASAN_MARK
> internal function (where ECF_TM_PURE is currently selected).

The TM stuff needs to be eventually resolved with the TM maintainers
(Richard Henderson and Torvald Riegel), the thing is that we can annotate
stuff even in TM regions, tm_pure functions etc.  I believe we have lots of
other TM issues (internal calls and the like) that haven't been addressed.

	Jakub

Re: [PATCH] use-after-scope fallout

[Jakub Jelinek]

On Tue, Nov 08, 2016 at 01:00:19PM +0100, Martin Liška wrote:
> This is fallout fix where I changed:
> 
> 1) Fix ICE for lambda functions (added test-case: use-after-scope-4.C)
> 2) Fix ICE in gimplify_switch_expr, at gimplify.c:2269 (fixed by not adding
> artificial variables)
> 3) PR testsuite/78242 - I basically removed the test (not interesting)
> 4) LEAF and NOTHROW flags are properly set on ASAN {un}poison functions
> 5) dbg_cnt has been added
> 6) use-after-scope-types-4.C - scanned pattern is updated to work on i686
> 
> Patch can bootstrap on ppc64le-redhat-linux and survives regression tests.
> 
> Ready to be installed?
> Martin

> >From 36eb4a8b3542729c9c428ac319d8422bea677869 Mon Sep 17 00:00:00 2001
> From: marxin <mliska@suse.cz>
> Date: Mon, 7 Nov 2016 14:49:00 +0100
> Subject: [PATCH] use-after-scope fallout
> 
> gcc/testsuite/ChangeLog:
> 
> 2016-11-08  Martin Liska  <mliska@suse.cz>
> 
> 	PR testsuite/78242
> 	* g++.dg/asan/use-after-scope-4.C: New test.
> 	* g++.dg/asan/use-after-scope-types-4.C: Update scanned pattern.
> 	* gcc.dg/asan/use-after-scope-8.c: Remove.
> 
> gcc/ChangeLog:
> 
> 2016-11-08  Martin Liska  <mliska@suse.cz>
> 
> 	PR testsuite/78242
> 	* dbgcnt.def: Add new debug counter asan_use_after_scope.
> 	* gimplify.c (gimplify_decl_expr): Do not sanitize vars
> 	with a value expr.  Do not add artificial variables to
> 	live_switch_vars.  Use the debug counter.
> 	(gimplify_target_expr): Use the debug counter.
> 	* internal-fn.def: Remove ECF_TM_PURE from ASAN_MARK builtin.
> 	* sanitizer.def: Set ATTR_NOTHROW_LEAF_LIST to
> 	BUILT_IN_ASAN_CLOBBER_N and BUILT_IN_ASAN_UNCLOBBER_N.

Ok.  BTW, in stage3 please also check if/how nested functions (C and
fortran) work, I bet if you ASAN_MARK some vars and then
tree-nested.c moves them into an artificial struct that things might
not work 100% properly (e.g. would there be a guarantee that it is
unpoisoned upon function exit)?

	Jakub

Re: [PATCH] use-after-scope fallout

[David Malcolm]

On Tue, 2016-11-08 at 13:00 +0100, Martin Liška wrote:
> Hello.
> 
> This is fallout fix where I changed:
> 
> 1) Fix ICE for lambda functions (added test-case: use-after-scope
> -4.C)
> 2) Fix ICE in gimplify_switch_expr, at gimplify.c:2269 (fixed by not
> adding
> artificial variables)
> 3) PR testsuite/78242 - I basically removed the test (not
> interesting)
> 4) LEAF and NOTHROW flags are properly set on ASAN {un}poison
> functions
> 5) dbg_cnt has been added
> 6) use-after-scope-types-4.C - scanned pattern is updated to work on
> i686
> 
> Patch can bootstrap on ppc64le-redhat-linux and survives regression
> tests.
> 
> Ready to be installed?

Thanks.  The jit build is now fixed (as of r241961).