re PR sanitizer/80414 ([UBSAN] segfault with -fsanitize=undefined)

	PR sanitizer/80414
	* ubsan.c (ubsan_expand_bounds_ifn): Pass original index
	to ubsan_encode_value.

	* c-c++-common/ubsan/bounds-15.c: New test.

From-SVN: r246909

diff --git a/gcc/ChangeLog b/gcc/ChangeLog
index caec4409c337743dc52fb98903314275873a87d1..2fb6b3522312aa98f75bd532483f548ffa74be67 100644 (file)
--- a/gcc/ChangeLog
+++ b/gcc/ChangeLog
@@ -1,3 +1,9 @@
+2017-04-13  Denis Khalikov <d.khalikov@partner.samsung.com>
+
+       PR sanitizer/80414
+       * ubsan.c (ubsan_expand_bounds_ifn): Pass original index
+       to ubsan_encode_value.
+
 2017-04-13  Jeff Law  <law@redhat.com>
 
        * reload1.c (eliminate_regs_1): Call gen_rtx_raw_SUBREG for SUBREGs

diff --git a/gcc/testsuite/ChangeLog b/gcc/testsuite/ChangeLog
index f15ba0343c6d04a96db01ccff7c9eba9ad73e164..c7b8d61736454c8b78edd5533206d6a57ce89103 100644 (file)
--- a/gcc/testsuite/ChangeLog
+++ b/gcc/testsuite/ChangeLog
@@ -1,3 +1,8 @@
+2017-04-13  Denis Khalikov  <d.khalikov@partner.samsung.com>
+
+       PR sanitizer/80414
+       * c-c++-common/ubsan/bounds-15.c: New test.
+
 2017-04-13  Richard Biener  <rguenther@suse.de>
 
        PR testsuite/80416

diff --git a/gcc/testsuite/c-c++-common/ubsan/bounds-15.c b/gcc/testsuite/c-c++-common/ubsan/bounds-15.c
new file mode 100644 (file)
index 0000000..5fa8eee
--- /dev/null
+++ b/gcc/testsuite/c-c++-common/ubsan/bounds-15.c
@@ -0,0 +1,13 @@
+/* { dg-do run } */
+/* { dg-options "-fsanitize=bounds" } */
+/* { dg-skip-if "" { *-*-* } { "*" } { "-O0" } } */
+
+int main()
+{
+  long long offset = 10;
+  char array[10];
+  char c = array[offset];
+  return 0;
+}
+
+/* { dg-output "index 10 out of bounds for type 'char \\\[10\\\]'" } */

diff --git a/gcc/ubsan.c b/gcc/ubsan.c
index c01d63318c238bbf5b58c88cad4d4388960467a4..4159cc5f6f94a134ae28571754808e7d243346bb 100644 (file)
--- a/gcc/ubsan.c
+++ b/gcc/ubsan.c
@@ -673,7 +673,7 @@ ubsan_expand_bounds_ifn (gimple_stmt_iterator *gsi)
   /* Pick up the arguments of the UBSAN_BOUNDS call.  */
   tree type = TREE_TYPE (TREE_TYPE (gimple_call_arg (stmt, 0)));
   tree index = gimple_call_arg (stmt, 1);
-  tree orig_index_type = TREE_TYPE (index);
+  tree orig_index = index;
   tree bound = gimple_call_arg (stmt, 2);
 
   gimple_stmt_iterator gsi_orig = *gsi;
@@ -700,7 +700,7 @@ ubsan_expand_bounds_ifn (gimple_stmt_iterator *gsi)
       tree data
        = ubsan_create_data ("__ubsan_out_of_bounds_data", 1, &loc,
                             ubsan_type_descriptor (type, UBSAN_PRINT_ARRAY),
-                            ubsan_type_descriptor (orig_index_type),
+                            ubsan_type_descriptor (TREE_TYPE (orig_index)),
                             NULL_TREE, NULL_TREE);
       data = build_fold_addr_expr_loc (loc, data);
       enum built_in_function bcode
@@ -708,9 +708,9 @@ ubsan_expand_bounds_ifn (gimple_stmt_iterator *gsi)
          ? BUILT_IN_UBSAN_HANDLE_OUT_OF_BOUNDS
          : BUILT_IN_UBSAN_HANDLE_OUT_OF_BOUNDS_ABORT;
       tree fn = builtin_decl_explicit (bcode);
-      tree val = force_gimple_operand_gsi (gsi, ubsan_encode_value (index),
-                                          true, NULL_TREE, true,
-                                          GSI_SAME_STMT);
+      tree val
+       = force_gimple_operand_gsi (gsi, ubsan_encode_value (orig_index), true,
+                                   NULL_TREE, true, GSI_SAME_STMT);
       g = gimple_build_call (fn, 2, data, val);
     }
   gimple_set_location (g, loc);