From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 15884 invoked by alias); 18 Nov 2015 12:51:49 -0000 Mailing-List: contact gcc-patches-help@gcc.gnu.org; run by ezmlm Precedence: bulk List-Id: List-Archive: List-Post: List-Help: Sender: gcc-patches-owner@gcc.gnu.org Received: (qmail 15872 invoked by uid 89); 18 Nov 2015 12:51:48 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-2.5 required=5.0 tests=AWL,BAYES_00,RP_MATCHES_RCVD,SPF_HELO_PASS autolearn=ham version=3.3.2 X-HELO: mx1.redhat.com Received: from mx1.redhat.com (HELO mx1.redhat.com) (209.132.183.28) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with (AES256-GCM-SHA384 encrypted) ESMTPS; Wed, 18 Nov 2015 12:51:47 +0000 Received: from int-mx11.intmail.prod.int.phx2.redhat.com (int-mx11.intmail.prod.int.phx2.redhat.com [10.5.11.24]) by mx1.redhat.com (Postfix) with ESMTPS id 2410B8E221; Wed, 18 Nov 2015 12:51:46 +0000 (UTC) Received: from redhat.com (ovpn-204-39.brq.redhat.com [10.40.204.39]) by int-mx11.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id tAICpfRw008819 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Wed, 18 Nov 2015 07:51:44 -0500 Date: Wed, 18 Nov 2015 12:51:00 -0000 From: Marek Polacek To: Paolo Bonzini Cc: gcc-patches@gcc.gnu.org, joseph@codesourcery.com Subject: Re: [RFC PATCH] Do not sanitize left shifts for -fwrapv Message-ID: <20151118125140.GB21807@redhat.com> References: <1447767170-3413-1-git-send-email-bonzini@gnu.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <1447767170-3413-1-git-send-email-bonzini@gnu.org> User-Agent: Mutt/1.5.24 (2015-08-30) X-SW-Source: 2015-11/txt/msg02204.txt.bz2 On Tue, Nov 17, 2015 at 02:32:50PM +0100, Paolo Bonzini wrote: > Left shifts into the sign bit is a kind of overflow, and the > standard chooses to treat left shifts of negative values the > same way. > > However, the -fwrapv option modifies the language to one where > integers are defined as two's complement---which also defines > entirely the behavior of shifts. Disable sanitization of left > shifts when -fwrapv is in effect. > > This needs test cases of course, but I wanted to be sure in advance > whether this is an acceptable change and whether it is considered > a bug (thus acceptable for stage 3). The same change was proposed > for LLVM at https://llvm.org/bugs/show_bug.cgi?id=25552. > > Paolo > > * c-family/c-ubsan.c (ubsan_instrument_shift): Disable sanitization > of left shifts for wrapping signed types as well. > > > Index: c-family/c-ubsan.c > =================================================================== > --- c-family/c-ubsan.c (revision 227511) > +++ c-family/c-ubsan.c (working copy) > @@ -150,7 +150,7 @@ > (unsigned) x >> (uprecm1 - y) > if non-zero, is undefined. */ > if (code == LSHIFT_EXPR > - && !TYPE_UNSIGNED (type0) > + && !TYPE_OVERFLOW_WRAPS (type0) > && flag_isoc99) > { > tree x = fold_build2 (MINUS_EXPR, op1_utype, uprecm1, > @@ -165,7 +165,7 @@ > x < 0 || ((unsigned) x >> (uprecm1 - y)) > if > 1, is undefined. */ > if (code == LSHIFT_EXPR > - && !TYPE_UNSIGNED (type0) > + && !TYPE_OVERFLOW_WRAPS (type0) > && (cxx_dialect >= cxx11)) > { > tree x = fold_build2 (MINUS_EXPR, op1_utype, uprecm1, I think this would be ok provided you add some testcases (unless I'm missing something). Note that this suppresses instrumenting not only left-shifting into the sign bit, but also shift overflows, so e.g. 10 << 30. And I think this might be viewed on as a bug, thus should be ok even at this stage if you open a PR. Marek