From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gcc-bugzilla@gcc.gnu.org>
Received: by sourceware.org (Postfix, from userid 48)
	id 6DFDF3858D39; Tue, 14 Mar 2023 22:15:01 +0000 (GMT)
DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 6DFDF3858D39
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gcc.gnu.org;
	s=default; t=1678832101;
	bh=N7H81tRU/s1vXr4FvpaLMydTDFn2hJ28WKfY1167iw4=;
	h=From:To:Subject:Date:From;
	b=qmbJj5YtsmQ6ZH48Iah0gzKNPQtIUToeULjLVVhDdbVqBFkfmO4F1Ukvd942dugog
	 McejHzhRFhoiqt2LxfnbQz3uCc90HT5k1+jnNlIObSeXSfErbAGh45ZMiKdgC+x0ed
	 au7oGjvlA6uawZ1P8KBdcHi8V0iVbxaJKFCO2kTc=
From: "mpolacek at gcc dot gnu.org" <gcc-bugzilla@gcc.gnu.org>
To: gcc-bugs@gcc.gnu.org
Subject: [Bug sanitizer/109134] New: UBSan signed integer overflow check
 missing
Date: Tue, 14 Mar 2023 22:15:01 +0000
X-Bugzilla-Reason: CC
X-Bugzilla-Type: new
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: gcc
X-Bugzilla-Component: sanitizer
X-Bugzilla-Version: 12.0
X-Bugzilla-Keywords: 
X-Bugzilla-Severity: normal
X-Bugzilla-Who: mpolacek at gcc dot gnu.org
X-Bugzilla-Status: UNCONFIRMED
X-Bugzilla-Resolution: 
X-Bugzilla-Priority: P3
X-Bugzilla-Assigned-To: unassigned at gcc dot gnu.org
X-Bugzilla-Target-Milestone: ---
X-Bugzilla-Flags: 
X-Bugzilla-Changed-Fields: bug_id short_desc product version bug_status
 bug_severity priority component assigned_to reporter cc target_milestone
Message-ID: <bug-109134-4@http.gcc.gnu.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: http://gcc.gnu.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
List-Id: <gcc-bugs.sourceware.org>

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=3D109134

            Bug ID: 109134
           Summary: UBSan signed integer overflow check missing
           Product: gcc
           Version: 12.0
            Status: UNCONFIRMED
          Severity: normal
          Priority: P3
         Component: sanitizer
          Assignee: unassigned at gcc dot gnu.org
          Reporter: mpolacek at gcc dot gnu.org
                CC: dodji at gcc dot gnu.org, dvyukov at gcc dot gnu.org,
                    jakub at gcc dot gnu.org, kcc at gcc dot gnu.org, marxi=
n at gcc dot gnu.org
  Target Milestone: ---

Related to bug 109107, but not a dup and my patch doesn't fix this one:

/* { dg-do run { target int32 } } */
/* { dg-options "-fsanitize=3Dsigned-integer-overflow" } */

#define INT_MIN (-__INT_MAX__ - 1)
const int a =3D INT_MIN;
const unsigned int b =3D 676540;
int d =3D 1;

__attribute__((noipa)) int
foo ()
{
  int c =3D b - (a - (short) d);
  return c;
}

int
main ()
{
  foo ();
  return 0;
}

With -O0 we give
runtime error: signed integer overflow: -2147483648 - 1 cannot be represent=
ed
in type 'int'
but with -O nothing.

We fold

int c =3D (int) ((unsigned int) b - (unsigned int) ((int) a - (int) (short =
int)
d));

into

int c =3D (int) ((unsigned int) (short int) d + 2148160188);

hiding the overflow.=