From: Jakub Jelinek Date: Sat, 22 Mar 2014 16:25:50 +0000 (+0100) Subject: re PR sanitizer/60613 (Invalid signed subtraction ubsan diagnostics) X-Git-Tag: releases/gcc-4.9.0~346 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=f451d3a836fff435bc4bc0ed121cdc5f6e6c14d6;p=thirdparty%2Fgcc.git re PR sanitizer/60613 (Invalid signed subtraction ubsan diagnostics) PR sanitizer/60613 * internal-fn.c (ubsan_expand_si_overflow_addsub_check): For code == MINUS_EXPR, never swap op0 with op1. * c-c++-common/ubsan/pr60613-1.c: New test. * c-c++-common/ubsan/pr60613-2.c: New test. From-SVN: r208766 --- diff --git a/gcc/ChangeLog b/gcc/ChangeLog index dbd497177bb7..e085b2ac6811 100644 --- a/gcc/ChangeLog +++ b/gcc/ChangeLog @@ -1,5 +1,9 @@ 2014-03-22 Jakub Jelinek + PR sanitizer/60613 + * internal-fn.c (ubsan_expand_si_overflow_addsub_check): For + code == MINUS_EXPR, never swap op0 with op1. + * toplev.c (init_local_tick): Avoid signed integer multiplication overflow. * genautomata.c (reserv_sets_hash_value): Fix rotate idiom, avoid diff --git a/gcc/internal-fn.c b/gcc/internal-fn.c index 9926ec2808be..1062ea84705d 100644 --- a/gcc/internal-fn.c +++ b/gcc/internal-fn.c @@ -221,14 +221,15 @@ ubsan_expand_si_overflow_addsub_check (tree_code code, gimple stmt) res = expand_binop (mode, code == PLUS_EXPR ? add_optab : sub_optab, op0, op1, NULL_RTX, false, OPTAB_LIB_WIDEN); - /* If we can prove one of the arguments is always non-negative - or always negative, we can do just one comparison and - conditional jump instead of 2 at runtime, 3 present in the + /* If we can prove one of the arguments (for MINUS_EXPR only + the second operand, as subtraction is not commutative) is always + non-negative or always negative, we can do just one comparison + and conditional jump instead of 2 at runtime, 3 present in the emitted code. If one of the arguments is CONST_INT, all we need is to make sure it is op1, then the first emit_cmp_and_jump_insns will be just folded. Otherwise try to use range info if available. */ - if (CONST_INT_P (op0)) + if (code == PLUS_EXPR && CONST_INT_P (op0)) { rtx tem = op0; op0 = op1; @@ -236,7 +237,7 @@ ubsan_expand_si_overflow_addsub_check (tree_code code, gimple stmt) } else if (CONST_INT_P (op1)) ; - else if (TREE_CODE (arg0) == SSA_NAME) + else if (code == PLUS_EXPR && TREE_CODE (arg0) == SSA_NAME) { double_int arg0_min, arg0_max; if (get_range_info (arg0, &arg0_min, &arg0_max) == VR_RANGE) diff --git a/gcc/testsuite/ChangeLog b/gcc/testsuite/ChangeLog index 210dbf564a66..f95f4bd23c77 100644 --- a/gcc/testsuite/ChangeLog +++ b/gcc/testsuite/ChangeLog @@ -1,3 +1,9 @@ +2014-03-22 Jakub Jelinek + + PR sanitizer/60613 + * c-c++-common/ubsan/pr60613-1.c: New test. + * c-c++-common/ubsan/pr60613-2.c: New test. + 2014-03-22 Matthias Klose * g++.dg/cpp0x/regress: Remove empty directory. diff --git a/gcc/testsuite/c-c++-common/ubsan/pr60613-1.c b/gcc/testsuite/c-c++-common/ubsan/pr60613-1.c new file mode 100644 index 000000000000..2161e0b8ec8c --- /dev/null +++ b/gcc/testsuite/c-c++-common/ubsan/pr60613-1.c @@ -0,0 +1,33 @@ +/* PR sanitizer/60613 */ +/* { dg-do run } */ +/* { dg-options "-fsanitize=undefined" } */ + +long long y; + +__attribute__((noinline, noclone)) long long +foo (long long x) +{ + asm (""); + if (x >= 0 || x < -2040) + return 23; + x += 2040; + return x - y; +} + +__attribute__((noinline, noclone)) long long +bar (long long x) +{ + asm (""); + return 8LL - x; +} + +int +main () +{ + y = 1; + if (foo (8 - 2040) != 8 - 1) + __builtin_abort (); + if (bar (1) != 8 - 1) + __builtin_abort (); + return 0; +} diff --git a/gcc/testsuite/c-c++-common/ubsan/pr60613-2.c b/gcc/testsuite/c-c++-common/ubsan/pr60613-2.c new file mode 100644 index 000000000000..92c2de81eb8b --- /dev/null +++ b/gcc/testsuite/c-c++-common/ubsan/pr60613-2.c @@ -0,0 +1,36 @@ +/* PR sanitizer/60613 */ +/* { dg-do run } */ +/* { dg-options "-fsanitize=undefined" } */ + +long long y; + +__attribute__((noinline, noclone)) long long +foo (long long x) +{ + asm (""); + if (x >= 0 || x < -2040) + return 23; + x += 2040; + return x - y; +} + +__attribute__((noinline, noclone)) long long +bar (long long x) +{ + asm (""); + return 8LL - x; +} + +int +main () +{ + y = -__LONG_LONG_MAX__ + 6; + if (foo (8 - 2040) != -__LONG_LONG_MAX__) + __builtin_abort (); + if (bar (-__LONG_LONG_MAX__ + 5) != -__LONG_LONG_MAX__ + 1) + __builtin_abort (); + return 0; +} + +/* { dg-output "signed integer overflow: 8 \\- -9223372036854775801 cannot be represented in type 'long long int'(\n|\r\n|\r)" } */ +/* { dg-output "\[^\n\r]*signed integer overflow: 8 \\- -9223372036854775802 cannot be represented in type 'long long int'" } */