https://gcc.gnu.org/bugzilla/show_bug.cgi?id=117259
--- Comment #7 from Jakub Jelinek <jakub at gcc dot gnu.org> --- I don't think throwing more save_expr calls is the right way here. The problem is that save_expr can just return what has been passed to it without building a SAVE_EXPR. In some cases for the PMFs it is fine (if they are already SAVE_EXPR or TREE_CONSTANT), but at other times it is not (possibly huge expression without SAVE_EXPR created just because it is TREE_READONLY without TREE_SIDE_EFFECTS, cases like const arrays or calls to const/pure functions). In all those cases, the ubsan instrumentation can replace stuff in those expressions and use save_expr in there, and it can succeed when it is e.g. called on the ARRAY_REF index (which isn't TREE_READONLY) even when it didn't SAVE_EXPR the ARRAY_REF.
