From: Denis Khalikov <d.khalikov@partner.samsung.com>
Date: Tue, 7 Nov 2017 16:10:03 +0000 (+0300)
Subject: [ISan] Fix ICE with ISan and -ftree-loop-vectorize
X-Git-Tag: accepted/tizen/base/20171117.154048~1
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=refs%2Fchanges%2F53%2F159253%2F3;p=platform%2Fupstream%2Flinaro-gcc.git

[ISan] Fix ICE with ISan and -ftree-loop-vectorize

In case we want to vectorize the loop, we can not
rely only on TREE_OVERFLOW flag, while folding the INTEGER_CST,
which represents the step of vectorization.
We still should check TYPE_OVERFLOW_WRAPS flag instead
TYPE_OVERFLOW_SANITIZED flag, because the step could
be already marked as TREE_OVERFLOW == 1.

Change-Id: I1288b7e3b587c5773b184636bdfdada168b8941f
---

diff --git a/gcc/fold-const.c b/gcc/fold-const.c
index 17ff640..23ee11f 100644
--- a/gcc/fold-const.c
+++ b/gcc/fold-const.c
@@ -550,8 +550,9 @@ fold_negate_expr (location_t loc, tree t)
       if (TREE_OVERFLOW (tem) == TREE_OVERFLOW (t)
 	  || (ANY_INTEGRAL_TYPE_P (type)
 	      && !TYPE_OVERFLOW_TRAPS (type)
-	      && !TYPE_OVERFLOW_SANITIZED (type))
-	  || (flag_sanitize & (SANITIZE_SI_OVERFLOW | SANITIZE_UI_OVERFLOW)) == 0)
+	      && TYPE_OVERFLOW_WRAPS (type))
+	  || (flag_sanitize & (SANITIZE_SI_OVERFLOW | SANITIZE_UI_OVERFLOW))
+	       == 0)
 	return tem;
       break;
 
diff --git a/gcc/testsuite/c-c++-common/isan/loop-vect.c b/gcc/testsuite/c-c++-common/isan/loop-vect.c
new file mode 100644
index 0000000..3944652
--- /dev/null
+++ b/gcc/testsuite/c-c++-common/isan/loop-vect.c
@@ -0,0 +1,21 @@
+/* { dg-do compile } */
+/* { dg-options "-fsanitize=unsigned-integer-overflow" } */
+
+typedef struct {
+  int r;
+  int i;
+} kiss_fft_cpx;
+
+typedef struct {
+  int inmem[0];
+} TonalityAnalysisState;
+
+float a;
+kiss_fft_cpx b[0];
+TonalityAnalysisState c;
+
+void foo() {
+  int i = 0;
+  for (; i < 40; i++)
+    b[-i].i = a * c.inmem[i];
+}