https://gcc.gnu.org/bugzilla/show_bug.cgi?id=117259
--- Comment #8 from GCC Commits <cvs-commit at gcc dot gnu.org> --- The master branch has been updated by Jakub Jelinek <ja...@gcc.gnu.org>: https://gcc.gnu.org/g:b25d3201b6338d9f71c64f524ca2974d9a1f38e8 commit r15-4595-gb25d3201b6338d9f71c64f524ca2974d9a1f38e8 Author: Jakub Jelinek <ja...@redhat.com> Date: Thu Oct 24 12:56:19 2024 +0200 c++: Further fix for get_member_function_from_ptrfunc [PR117259] The following testcase shows that the previous get_member_function_from_ptrfunc changes weren't sufficient and we still have cases where -fsanitize=undefined with pointers to member functions can cause wrong code being generated and related false positive warnings. The problem is that save_expr doesn't always create SAVE_EXPR, it can skip some invariant arithmetics and in the end it could be really large expressions which would be evaluated several times (and what is worse, with -fsanitize=undefined those expressions then can have SAVE_EXPRs added to their subparts for -fsanitize=bounds or -fsanitize=null or -fsanitize=alignment instrumentation). Tried to just build1 a SAVE_EXPR + add TREE_SIDE_EFFECTS instead of save_expr, but that doesn't work either, because cp_fold happily optimizes those SAVE_EXPRs away when it sees SAVE_EXPR operand is tree_invariant_p. So, the following patch instead of using save_expr or building SAVE_EXPR manually builds a TARGET_EXPR. Both types are pointers, so it doesn't need to be destroyed in any way, but TARGET_EXPR is what doesn't get optimized away immediately. 2024-10-24 Jakub Jelinek <ja...@redhat.com> PR c++/117259 * typeck.cc (get_member_function_from_ptrfunc): Use force_target_expr rather than save_expr for instance_ptr and function. Don't call it for TREE_CONSTANT. * g++.dg/ubsan/pr117259.C: New test.
