[Bug middle-end/108543] [10/11/12/13 Regression] ICE in build_call_expr_loc_array, at tree.cc:10686

cvs-commit at gcc dot gnu.org gcc-bugzilla@gcc.gnu.org
Thu Jan 26 17:59:47 GMT 2023 

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=108543

--- Comment #5 from CVS Commits <cvs-commit at gcc dot gnu.org> ---
The trunk branch has been updated by Marek Polacek <mpolacek@gcc.gnu.org>:

https://gcc.gnu.org/g:a82ce9c8d155ecda2d1c647d5c588f29e21ef4a3

commit r13-5399-ga82ce9c8d155ecda2d1c647d5c588f29e21ef4a3
Author: Marek Polacek <polacek@redhat.com>
Date:   Wed Jan 25 17:19:54 2023 -0500

    opts: SANITIZE_ADDRESS wrongly cleared [PR108543]

    Here we crash on a null fndecl ultimately because we haven't defined
    the built-ins described in sanitizer.def.  So
    builtin_decl_explicit (BUILT_IN_ASAN_POINTER_SUBTRACT);
    returns NULL_TREE, causing an ICE later.

    DEF_SANITIZER_BUILTIN only actually defines the built-ins when
flag_sanitize
    has SANITIZE_ADDRESS, or some of the other SANITIZE_*, but it doesn't check
    SANITIZE_KERNEL_ADDRESS or SANITIZE_USER_ADDRESS.  Unfortunately, with
    -fsanitize=address -fno-sanitize=kernel-address
    or
    -fsanitize=kernel-address -fno-sanitize=address
    SANITIZE_ADDRESS ends up being unset from flag_sanitize even though
    _USER/_KERNEL are set.  That's because -fsanitize=address means
    SANITIZE_ADDRESS | SANITIZE_USER_ADDRESS and -fsanitize=kernel-address
    is SANITIZE_ADDRESS | SANITIZE_KERNEL_ADDRESS but parse_sanitizer_options
    does
      flags &= ~sanitizer_opts[i].flag;
    so the subsequent -fno- unsets SANITIZE_ADDRESS.  Then no sanitizer
    built-ins are actually defined.

    I'm not sure why SANITIZE_ADDRESS isn't just SANITIZE_USER_ADDRESS |
    SANITIZE_KERNEL_ADDRESS, I don't think we need 3 bits.

            PR middle-end/108543

    gcc/ChangeLog:

            * opts.cc (parse_sanitizer_options): Don't always clear
SANITIZE_ADDRESS
            if it was previously set.

    gcc/testsuite/ChangeLog:

            * c-c++-common/asan/pointer-subtract-5.c: New test.
            * c-c++-common/asan/pointer-subtract-6.c: New test.
            * c-c++-common/asan/pointer-subtract-7.c: New test.
            * c-c++-common/asan/pointer-subtract-8.c: New test.

More information about the Gcc-bugs mailing list