diff options
| author | Jakub Jelinek <jakub@redhat.com> | 2025-11-22 12:24:35 +0100 |
|---|---|---|
| committer | Jakub Jelinek <jakub@gcc.gnu.org> | 2025-11-22 12:24:35 +0100 |
| commit | fb22d7f3b665555cfb55673ca2b954f860d28b50 (patch) | |
| tree | 90db40704be47bfca4521c4e53fc4f301e959733 | |
| parent | 799ca4cda74dec3d567f2c6f417ab09cb53b5025 (diff) | |
c++: Readd type checks for cp_fold -ffold-simple-inlines foldings [PR122185]
In GCC15, cp_fold -ffold-simple-inlines code contained
if (INDIRECT_TYPE_P (TREE_TYPE (x))
&& INDIRECT_TYPE_P (TREE_TYPE (r)))
check around the optimization, but as std::to_underlying has been
added to the set, it got removed.
Now, the check isn't needed when using correct libstdc++-v3 headers,
because the function template types ensure the converted types are sane
(so for most of them both are some kind of REFERENCE_TYPEs, for addressof
one REFERENCE_TYPE and one POINTER_TYPE, for to_underlying one ENUMERAL_TYPE
and one INTEGRAL_TYPE_P).
But when some fuzzer or user attempts to implement one or more of those
std:: functions and does it wrong (sure, such code is invalid), we can ICE
because build_nop certainly doesn't handle all possible type conversions.
So, the following patch readds the INDIRECT_REF_P && INDIRECT_REF_P check
for everything but to_underlying, for which it checks ENUMERAL_TYPE to
INTEGRAL_TYPE_P. That way we don't ICE on bogus code.
Though, I wonder about 2 things, whether the CALL_EXPR_ARG in there
shouldn't be also guarded just in case somebody tries to compile
namespace std { int to_underlying (); }; int a = std::to_underlying ();
and also whether this to_underlying folding doesn't behave differently
from the libstdc++-v3 implementation if the enum is
enum A : bool { B, C };
I think -fno-fold-simple-inlines will compile it as != 0, while
the -ffold-simple-inlines code just as a cast. Sure, enum with underlying
bool can't contain enumerators with values other than 0 and 1, but it is
still 8-bit at least and so what happens with other values?
2025-11-22 Jakub Jelinek <jakub@redhat.com>
PR c++/122185
* cp-gimplify.cc (cp_fold) <case CALL_EXPR>: For -ffold-simple-inlines
restore check that both types are INDIRECT_TYPE_P, except for
"to_underlying" check that r has ENUMERAL_TYPE and x has
INTEGRAL_TYPE_P.
* g++.dg/cpp1z/pr122185.C: New test.
| -rw-r--r-- | gcc/cp/cp-gimplify.cc | 14 | ||||
| -rw-r--r-- | gcc/testsuite/g++.dg/cpp1z/pr122185.C | 49 |
2 files changed, 61 insertions, 2 deletions
diff --git a/gcc/cp/cp-gimplify.cc b/gcc/cp/cp-gimplify.cc index 1662336e165..994d4deb0f1 100644 --- a/gcc/cp/cp-gimplify.cc +++ b/gcc/cp/cp-gimplify.cc @@ -3447,8 +3447,18 @@ cp_fold (tree x, fold_flags_t flags) || id_equal (DECL_NAME (callee), "as_const"))) { r = CALL_EXPR_ARG (x, 0); - r = build_nop (TREE_TYPE (x), r); - x = cp_fold (r, flags); + /* These type-checks must be performed here, because invalid + definitions of these functions could fail to ensure those and + build_nop could misbehave. See PR122185. */ + if (id_equal (DECL_NAME (callee), "to_underlying") + ? TREE_CODE (TREE_TYPE (r)) == ENUMERAL_TYPE + && INTEGRAL_TYPE_P (TREE_TYPE (x)) + : INDIRECT_TYPE_P (TREE_TYPE (x)) + && INDIRECT_TYPE_P (TREE_TYPE (r))) + { + r = build_nop (TREE_TYPE (x), r); + x = cp_fold (r, flags); + } break; } diff --git a/gcc/testsuite/g++.dg/cpp1z/pr122185.C b/gcc/testsuite/g++.dg/cpp1z/pr122185.C new file mode 100644 index 00000000000..73cba761b01 --- /dev/null +++ b/gcc/testsuite/g++.dg/cpp1z/pr122185.C @@ -0,0 +1,49 @@ +// PR c++/122185 +// { dg-do compile { target c++17 } } +// { dg-options "-w -O2" } + +namespace std { +template <typename _Tp> struct remove_reference { + using type = __remove_reference(_Tp); +}; +template <typename _Tp> _Tp forward(typename remove_reference<_Tp>::type); +} +template <typename T> struct static_const { + static constexpr T value{}; +}; +template <typename, typename> struct adl_serializer; +template <template <typename, typename> class = adl_serializer> +class basic_json; +struct from_json_fn { + template <typename BasicJsonType, typename T> + void operator()(BasicJsonType, T) const; +}; +template <typename, typename> struct adl_serializer { + template <typename BasicJsonType, typename TargetType> + static void from_json(BasicJsonType &&j, TargetType val) { + static_const<from_json_fn>::value(std::forward<BasicJsonType>(j), val); + } +}; +struct iter_impl { + basic_json<> operator*(); + void operator++(); + bool operator!=(iter_impl); +}; +template <template <typename, typename = void> class JSONSerializer> +struct basic_json { + template <typename> using iter_impl = iter_impl; + using iterator = iter_impl<basic_json>; + template <typename> void get_impl(int) { + auto ret = int(); + JSONSerializer<int>::from_json(*this, ret); + } + template <typename> void get() { get_impl<int>({}); } + iterator begin(); + iterator end(); + char type_name; +}; +void _ValidateSignatureFile() { + basic_json signatures; + for (auto signature : signatures) + signature.get<int>(); +} |