On 3/29/19 3:39 PM, Jakub Jelinek wrote:
Hi!The following testcase is miscompiled, because when cp_build_modify_expr processes assignment into lvalue COND_EXPR, the rhs doesn't have side-effects and so stabilize_expr doesn't do anything to it, then we use that rhs in both COND_EXPR branches (but shared) and finally during genericization we ubsan instrument that rhs, adding some SAVE_EXPRs in there because we want to evaluate parts of it multiple times. Unfortunately, the SAVE_EXPRs will be initialized only in one of the two COND_EXPR branches and will just use uninitialized temporary in the other one. Fixed by unsharing the rhs if we do this (but only for ubsan, so that we don't waste compile time/memory on that when we don't need that). Bootstrapped/regtested on x86_64-linux and i686-linux, ok for trunk? 2019-03-29 Jakub Jelinek <ja...@redhat.com> PR sanitizer/89869 * typeck.c: Include gimplify.h. (cp_build_modify_expr) <case COND_EXPR>: Unshare rhs before using it for second time. Formatting fixes.
OK. Jason
