[ISan] Fix ICE with ISan and -ftree-loop-vectorize

In case we want to vectorize the loop, we can not
rely only on TREE_OVERFLOW flag, while folding the INTEGER_CST,
which represents the step of vectorization.
We still should check TYPE_OVERFLOW_WRAPS flag instead
TYPE_OVERFLOW_SANITIZED flag, because the step could
be already marked as TREE_OVERFLOW == 1.

Change-Id: I1288b7e3b587c5773b184636bdfdada168b8941f

diff --git a/gcc/fold-const.c b/gcc/fold-const.c
index 17ff640..23ee11f 100644 (file)
--- a/gcc/fold-const.c
+++ b/gcc/fold-const.c
@@ -550,8 +550,9 @@ fold_negate_expr (location_t loc, tree t)
       if (TREE_OVERFLOW (tem) == TREE_OVERFLOW (t)
          || (ANY_INTEGRAL_TYPE_P (type)
              && !TYPE_OVERFLOW_TRAPS (type)
-             && !TYPE_OVERFLOW_SANITIZED (type))
-         || (flag_sanitize & (SANITIZE_SI_OVERFLOW | SANITIZE_UI_OVERFLOW)) == 0)
+             && TYPE_OVERFLOW_WRAPS (type))
+         || (flag_sanitize & (SANITIZE_SI_OVERFLOW | SANITIZE_UI_OVERFLOW))
+              == 0)
        return tem;
       break;
 

diff --git a/gcc/testsuite/c-c++-common/isan/loop-vect.c b/gcc/testsuite/c-c++-common/isan/loop-vect.c
new file mode 100644 (file)
index 0000000..3944652
--- /dev/null
+++ b/gcc/testsuite/c-c++-common/isan/loop-vect.c
@@ -0,0 +1,21 @@
+/* { dg-do compile } */
+/* { dg-options "-fsanitize=unsigned-integer-overflow" } */
+
+typedef struct {
+  int r;
+  int i;
+} kiss_fft_cpx;
+
+typedef struct {
+  int inmem[0];
+} TonalityAnalysisState;
+
+float a;
+kiss_fft_cpx b[0];
+TonalityAnalysisState c;
+
+void foo() {
+  int i = 0;
+  for (; i < 40; i++)
+    b[-i].i = a * c.inmem[i];
+}