| Message ID | 20140107135944.GF29237@redhat.com |
|---|---|
| State | New |
| Headers | show |
On 01/07/14 06:59, Marek Polacek wrote: > In case we're dealing with (*)[N] types, we should strip the > ARRAY_TYPEs prior to getting the type name. Otherwise we segv, since > the DECL_NAME is NULL. > > Regtested on x86_64-linux, ok for trunk? > > 2014-01-07 Marek Polacek <polacek@redhat.com> > > PR sanitizer/59667 > * ubsan.c (ubsan_type_descriptor): Call strip_array_types on type2. > testsuite/ > * c-c++-common/ubsan/pr59667.c: New test. OK. Jeff
--- gcc/ubsan.c.mp 2014-01-07 14:37:46.782944043 +0100 +++ gcc/ubsan.c 2014-01-07 14:37:53.740972042 +0100 @@ -311,6 +311,9 @@ ubsan_type_descriptor (tree type, bool w type2 = TYPE_METHOD_BASETYPE (type2); } + /* If an array, get its type. */ + type2 = strip_array_types (type2); + if (TYPE_NAME (type2) != NULL) { if (TREE_CODE (TYPE_NAME (type2)) == IDENTIFIER_NODE) --- gcc/testsuite/c-c++-common/ubsan/pr59667.c.mp 2014-01-07 14:50:39.956271370 +0100 +++ gcc/testsuite/c-c++-common/ubsan/pr59667.c 2014-01-07 14:44:10.244545879 +0100 @@ -0,0 +1,15 @@ +/* { dg-do run } */ +/* { dg-options "-fsanitize=undefined" } */ +/* { dg-shouldfail "ubsan" } */ +/* { dg-skip-if "" { *-*-* } { "-flto" } { "" } } */ + +int +main (void) +{ + unsigned int len = 1; + float (*P)[len][len] = 0; + (*P)[0][0] = 1; + return 0; +} + +/* { dg-output "store to null pointer of type 'float'(\n|\r\n|\r)" } */