* [PATCH] Fix -fsanitize=undefined vs. x + y < x (PR sanitizer/87837)
@ 2018-11-05 9:33 Jakub Jelinek
2018-11-05 10:03 ` Richard Biener
0 siblings, 1 reply; 3+ messages in thread
From: Jakub Jelinek @ 2018-11-05 9:33 UTC (permalink / raw)
To: Richard Biener; +Cc: gcc-patches
Hi!
I wish I had a better fix, but I don't, trying to sanitize signed integer
arithmetics in the FEs already before any folding there is complicated by
that arithmetics being created just in way too many spots.
Bootstrapped/regtested on x86_64-linux and i686-linux, ok for trunk?
2018-11-05 Jakub Jelinek <jakub@redhat.com>
PR sanitizer/87837
* match.pd (X + Y < X): Don't optimize if TYPE_OVERFLOW_SANITIZED.
* c-c++-common/ubsan/pr87837.c: New test.
--- gcc/match.pd.jj 2018-10-31 10:33:07.438686055 +0100
+++ gcc/match.pd 2018-11-01 10:26:44.251883633 +0100
@@ -1572,6 +1572,7 @@ (define_operator_list COND_TERNARY
(op:c (plus:c@2 @0 @1) @1)
(if (ANY_INTEGRAL_TYPE_P (TREE_TYPE (@0))
&& TYPE_OVERFLOW_UNDEFINED (TREE_TYPE (@0))
+ && !TYPE_OVERFLOW_SANITIZED (TREE_TYPE (@0))
&& (CONSTANT_CLASS_P (@0) || single_use (@2)))
(op @0 { build_zero_cst (TREE_TYPE (@0)); }))))
/* For equality, this is also true with wrapping overflow. */
--- gcc/testsuite/c-c++-common/ubsan/pr87837.c.jj 2018-11-01 10:37:35.159186004 +0100
+++ gcc/testsuite/c-c++-common/ubsan/pr87837.c 2018-11-01 10:39:56.162868607 +0100
@@ -0,0 +1,18 @@
+/* PR sanitizer/87837 */
+/* { dg-do run } */
+/* { dg-options "-fsanitize=signed-integer-overflow -Wno-unused-variable" } */
+
+int
+foo (int n)
+{
+ return n + __INT_MAX__ < n;
+}
+
+int
+main ()
+{
+ volatile int a = foo (1);
+ return 0;
+}
+
+/* { dg-output "signed integer overflow: 1 \\+ 2147483647 cannot be represented in type 'int'" } */
Jakub
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [PATCH] Fix -fsanitize=undefined vs. x + y < x (PR sanitizer/87837)
2018-11-05 9:33 [PATCH] Fix -fsanitize=undefined vs. x + y < x (PR sanitizer/87837) Jakub Jelinek
@ 2018-11-05 10:03 ` Richard Biener
2018-11-05 10:05 ` Jakub Jelinek
0 siblings, 1 reply; 3+ messages in thread
From: Richard Biener @ 2018-11-05 10:03 UTC (permalink / raw)
To: Jakub Jelinek; +Cc: gcc-patches
On Mon, 5 Nov 2018, Jakub Jelinek wrote:
> Hi!
>
> I wish I had a better fix, but I don't, trying to sanitize signed integer
> arithmetics in the FEs already before any folding there is complicated by
> that arithmetics being created just in way too many spots.
I suppose we could play some tricks and "unset" TYPE_OVERFLOW_SANITIZED
after instrumentation finished?
> Bootstrapped/regtested on x86_64-linux and i686-linux, ok for trunk?
OK.
Richard.
> 2018-11-05 Jakub Jelinek <jakub@redhat.com>
>
> PR sanitizer/87837
> * match.pd (X + Y < X): Don't optimize if TYPE_OVERFLOW_SANITIZED.
>
> * c-c++-common/ubsan/pr87837.c: New test.
>
> --- gcc/match.pd.jj 2018-10-31 10:33:07.438686055 +0100
> +++ gcc/match.pd 2018-11-01 10:26:44.251883633 +0100
> @@ -1572,6 +1572,7 @@ (define_operator_list COND_TERNARY
> (op:c (plus:c@2 @0 @1) @1)
> (if (ANY_INTEGRAL_TYPE_P (TREE_TYPE (@0))
> && TYPE_OVERFLOW_UNDEFINED (TREE_TYPE (@0))
> + && !TYPE_OVERFLOW_SANITIZED (TREE_TYPE (@0))
> && (CONSTANT_CLASS_P (@0) || single_use (@2)))
> (op @0 { build_zero_cst (TREE_TYPE (@0)); }))))
> /* For equality, this is also true with wrapping overflow. */
> --- gcc/testsuite/c-c++-common/ubsan/pr87837.c.jj 2018-11-01 10:37:35.159186004 +0100
> +++ gcc/testsuite/c-c++-common/ubsan/pr87837.c 2018-11-01 10:39:56.162868607 +0100
> @@ -0,0 +1,18 @@
> +/* PR sanitizer/87837 */
> +/* { dg-do run } */
> +/* { dg-options "-fsanitize=signed-integer-overflow -Wno-unused-variable" } */
> +
> +int
> +foo (int n)
> +{
> + return n + __INT_MAX__ < n;
> +}
> +
> +int
> +main ()
> +{
> + volatile int a = foo (1);
> + return 0;
> +}
> +
> +/* { dg-output "signed integer overflow: 1 \\+ 2147483647 cannot be represented in type 'int'" } */
>
> Jakub
>
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [PATCH] Fix -fsanitize=undefined vs. x + y < x (PR sanitizer/87837)
2018-11-05 10:03 ` Richard Biener
@ 2018-11-05 10:05 ` Jakub Jelinek
0 siblings, 0 replies; 3+ messages in thread
From: Jakub Jelinek @ 2018-11-05 10:05 UTC (permalink / raw)
To: Richard Biener; +Cc: gcc-patches
On Mon, Nov 05, 2018 at 11:03:28AM +0100, Richard Biener wrote:
> On Mon, 5 Nov 2018, Jakub Jelinek wrote:
>
> > Hi!
> >
> > I wish I had a better fix, but I don't, trying to sanitize signed integer
> > arithmetics in the FEs already before any folding there is complicated by
> > that arithmetics being created just in way too many spots.
>
> I suppose we could play some tricks and "unset" TYPE_OVERFLOW_SANITIZED
> after instrumentation finished?
Yes, e.g. have some cfun-> flag or property that would be cleared during the
ubsan pass (and clear from the beginning if not sanitizing integer
overflows).
Jakub
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2018-11-05 10:05 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2018-11-05 9:33 [PATCH] Fix -fsanitize=undefined vs. x + y < x (PR sanitizer/87837) Jakub Jelinek
2018-11-05 10:03 ` Richard Biener
2018-11-05 10:05 ` Jakub Jelinek
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).