This is the mail archive of the gcc-patches@gcc.gnu.org mailing list for the GCC project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

[PATCH] Fix ICE in fold_comparison with -fsanitize=shift (PR sanitizer/80067)

The code in fold_comparison calls save_expr on an expression and then tries to
set a location of the expression.  But since save_expr calls fold, it can
produce an integer constant, so we must be more careful when setting its
location.  In this case we had

  (int) a > 646

where 'a' is signed char so we fold it to 0.

Bootstrapped/regtested on x86_64-linux, ok for trunk/6?

2017-03-27  Marek Polacek  <polacek@redhat.com>

	PR sanitizer/80067
	* fold-const.c (fold_comparison): Use protected_set_expr_location
	instead of SET_EXPR_LOCATION.

	* c-c++-common/ubsan/shift-10.c: New test.

diff --git gcc/fold-const.c gcc/fold-const.c
index 1a9a264..6db16b5 100644
--- gcc/fold-const.c
+++ gcc/fold-const.c
@@ -8704,7 +8704,7 @@ fold_comparison (location_t loc, enum tree_code code, tree type,
 	      if (save_p)
 		{
 		  tem = save_expr (build2 (code, type, cval1, cval2));
-		  SET_EXPR_LOCATION (tem, loc);
+		  protected_set_expr_location (tem, loc);
 		  return tem;
 		}
 	      return fold_build2_loc (loc, code, type, cval1, cval2);
diff --git gcc/testsuite/c-c++-common/ubsan/shift-10.c gcc/testsuite/c-c++-common/ubsan/shift-10.c
index e69de29..9202fcc 100644
--- gcc/testsuite/c-c++-common/ubsan/shift-10.c
+++ gcc/testsuite/c-c++-common/ubsan/shift-10.c
@@ -0,0 +1,10 @@
+/* PR sanitizer/80067 */
+/* { dg-do compile } */
+/* { dg-options "-fsanitize=shift" } */
+
+extern signed char a;
+void
+foo ()
+{
+  0 << ((647 > a) - 1);
+}

	Marek
Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]