[ubsan PATCH] Fix ICE with bounds checking on VLA-in-a-struct (PR sanitizer/70875)
Jakub Jelinek
jakub@redhat.com
Fri May 6 09:29:00 GMT 2016
On Fri, May 06, 2016 at 11:22:41AM +0200, Marek Polacek wrote:
> A program containing an array of structs containing a VLA caused ICE with UBSAN
> bounds checking, because in get_ubsan_type_info_for_type we asserted that the
> size of a type fits uhwi, which implies it is an INTEGER_CST. But that's not
> the case for a struct with VLA. However, the assert here is bogus, for
> !REAL_TYPE and !INTEGRAL_TYPE_P get_ubsan_type_info_for_type just returns 0.
> And since tree_to_uhwi has
> gcc_assert (tree_fits_uhwi_p (t));
> there's no need to duplicate that for the REAL_TYPE / INTEGRAL_TYPE_P cases.
Yeah, and for NULL TYPE_SIZE we just segfault, not really need to assert
that.
>
> Bootstrapped/regtested on x86_64-linux, ok for trunk?
Ok, thanks. If it affects 6.x branch, it is ok there as well.
> 2016-05-06 Marek Polacek <polacek@redhat.com>
>
> PR sanitizer/70875
> * ubsan.c (get_ubsan_type_info_for_type): Remove assert.
>
> * gcc.dg/ubsan/bounds-3.c: New test.
Jakub
More information about the Gcc-patches
mailing list