This is the mail archive of the gcc-patches@gcc.gnu.org mailing list for the GCC project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: C++ PATCH to fix a crash in cxx_fold_indirect_ref (PR c++/83996)

From: Jason Merrill <jason at redhat dot com>
To: Marek Polacek <polacek at redhat dot com>
Cc: GCC Patches <gcc-patches at gcc dot gnu dot org>
Date: Mon, 29 Jan 2018 15:35:53 -0500
Subject: Re: C++ PATCH to fix a crash in cxx_fold_indirect_ref (PR c++/83996)
Authentication-results: sourceware.org; auth=none
References: <20180129181257.GG2620@redhat.com>

OK.

On Mon, Jan 29, 2018 at 1:12 PM, Marek Polacek <polacek@redhat.com> wrote:
> The crash here is caused by size_binop_loc getting operands of different types:
> sizetype and ssizetype.  Fixed by performing the computation in offset_int,
> much as we do in fold_indirect_ref_1 (fixed in middle-end/81695).
>
> Bootstrapped/regtested on x86_64-linux, ok for trunk?
>
> 2018-01-29  Marek Polacek  <polacek@redhat.com>
>
>         PR c++/83996
>         * constexpr.c (cxx_fold_indirect_ref): Compute ((foo *)&fooarray)[1]
>         => fooarray[1] in offset_int.
>
>         * g++.dg/ext/pr83996.C: New test.
>
> diff --git gcc/cp/constexpr.c gcc/cp/constexpr.c
> index 4d2ee4a28fc..0a1944f6dad 100644
> --- gcc/cp/constexpr.c
> +++ gcc/cp/constexpr.c
> @@ -3143,11 +3143,17 @@ cxx_fold_indirect_ref (location_t loc, tree type, tree op0, bool *empty_base)
>               tree min_val = size_zero_node;
>               if (type_domain && TYPE_MIN_VALUE (type_domain))
>                 min_val = TYPE_MIN_VALUE (type_domain);
> -             op01 = size_binop_loc (loc, EXACT_DIV_EXPR, op01,
> -                                    TYPE_SIZE_UNIT (type));
> -             op01 = size_binop_loc (loc, PLUS_EXPR, op01, min_val);
> -             return build4_loc (loc, ARRAY_REF, type, op00, op01,
> -                                NULL_TREE, NULL_TREE);
> +             offset_int off = wi::to_offset (op01);
> +             offset_int el_sz = wi::to_offset (TYPE_SIZE_UNIT (type));
> +             offset_int remainder;
> +             off = wi::divmod_trunc (off, el_sz, SIGNED, &remainder);
> +             if (remainder == 0 && TREE_CODE (min_val) == INTEGER_CST)
> +               {
> +                 off = off + wi::to_offset (min_val);
> +                 op01 = wide_int_to_tree (sizetype, off);
> +                 return build4_loc (loc, ARRAY_REF, type, op00, op01,
> +                                    NULL_TREE, NULL_TREE);
> +               }
>             }
>           /* Also handle conversion to an empty base class, which
>              is represented with a NOP_EXPR.  */
> diff --git gcc/testsuite/g++.dg/ext/pr83996.C gcc/testsuite/g++.dg/ext/pr83996.C
> index e69de29bb2d..e663d728349 100644
> --- gcc/testsuite/g++.dg/ext/pr83996.C
> +++ gcc/testsuite/g++.dg/ext/pr83996.C
> @@ -0,0 +1,11 @@
> +// PR c++/83996
> +// { dg-do compile }
> +// { dg-options "" }
> +
> +int z[] = { };
> +
> +int
> +main (void)
> +{
> +  __builtin_printf ("%d\n", *(z + 1));
> +}
>
>         Marek

References:
- C++ PATCH to fix a crash in cxx_fold_indirect_ref (PR c++/83996)
  - From: Marek Polacek

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]