From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from smtp-out1.suse.de (smtp-out1.suse.de [195.135.220.28]) by sourceware.org (Postfix) with ESMTPS id 94E923858C54 for ; Wed, 8 Mar 2023 09:38:45 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 94E923858C54 Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=suse.de Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=suse.de Received: from relay2.suse.de (relay2.suse.de [149.44.160.134]) by smtp-out1.suse.de (Postfix) with ESMTP id B392121A01; Wed, 8 Mar 2023 09:38:43 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.de; s=susede2_rsa; t=1678268323; h=from:from:reply-to:date:date:to:to:cc:cc:mime-version:mime-version: content-type:content-type; bh=M9m/vbi4YmYGCqZ/JfvJj6O0IOt+Ftm4O7S77o/a8PU=; b=d5Kqicjvh/qdiZ7I1+TtqhO9/N67T13lkcWIyq04mknfn3ZFJSQkhYXp/LFiMzEYw87tdK yRerF4MWkqByxnUyXqHbbpSW885tqhrd2PbFKcZ0nl5O7/T2Te4bZovDXP7sxHTRFVaXn6 aFYwnwbNzV1cY6JxwbKq2bTU/hSgqag= DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=suse.de; s=susede2_ed25519; t=1678268323; h=from:from:reply-to:date:date:to:to:cc:cc:mime-version:mime-version: content-type:content-type; bh=M9m/vbi4YmYGCqZ/JfvJj6O0IOt+Ftm4O7S77o/a8PU=; b=rWHhu1u5j5ROJJfDSS9N7ftSv6ndEQaogQD32I9C7ZqernvqY1Xe5MLtS50cXe7CLt3/L6 lVUXHcIJ7nxVA4AQ== Received: from wotan.suse.de (wotan.suse.de [10.160.0.1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by relay2.suse.de (Postfix) with ESMTPS id 8936B2C141; Wed, 8 Mar 2023 09:38:43 +0000 (UTC) Date: Wed, 8 Mar 2023 09:38:43 +0000 (UTC) From: Richard Biener To: gcc-patches@gcc.gnu.org cc: Jakub Jelinek Subject: [PATCH] middle-end/108995 - avoid folding when sanitizing overflow User-Agent: Alpine 2.22 (LSU 394 2020-01-19) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII X-Spam-Status: No, score=-10.6 required=5.0 tests=BAYES_00,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,GIT_PATCH_0,MISSING_MID,SPF_HELO_NONE,SPF_PASS,TXREP autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org List-Id: Message-ID: <20230308093843.Q5ljkjVg1Lbzc2THuujLNUn3PRgys7_zkPwz7-L6lzA@z> The following plugs one place in extract_muldiv where it should avoid folding when sanitizing overflow. I'm unsure about the testcase, I didn't find any that tests for a runtime sanitizer error ... Bootstrapped and tested on x86_64-unknown-linux-gnu. OK? PR middle-end/108995 * fold-const.cc (extract_muldiv_1): Avoid folding (CST * b) / CST2 when sanitizing overflow and we rely on overflow being undefined. * gcc.dg/ubsan/pr108995.c: New testcase. --- gcc/fold-const.cc | 7 +++---- gcc/testsuite/gcc.dg/ubsan/pr108995.c | 15 +++++++++++++++ 2 files changed, 18 insertions(+), 4 deletions(-) create mode 100644 gcc/testsuite/gcc.dg/ubsan/pr108995.c diff --git a/gcc/fold-const.cc b/gcc/fold-const.cc index 99882ef820a..02a24c5fe65 100644 --- a/gcc/fold-const.cc +++ b/gcc/fold-const.cc @@ -7093,6 +7093,7 @@ extract_muldiv_1 (tree t, tree c, enum tree_code code, tree wide_type, If we have an unsigned type, we cannot do this since it will change the result if the original computation overflowed. */ if (TYPE_OVERFLOW_UNDEFINED (ctype) + && !TYPE_OVERFLOW_SANITIZED (ctype) && ((code == MULT_EXPR && tcode == EXACT_DIV_EXPR) || (tcode == MULT_EXPR && code != TRUNC_MOD_EXPR && code != CEIL_MOD_EXPR @@ -7102,8 +7103,7 @@ extract_muldiv_1 (tree t, tree c, enum tree_code code, tree wide_type, if (wi::multiple_of_p (wi::to_wide (op1), wi::to_wide (c), TYPE_SIGN (type))) { - if (TYPE_OVERFLOW_UNDEFINED (ctype)) - *strict_overflow_p = true; + *strict_overflow_p = true; return fold_build2 (tcode, ctype, fold_convert (ctype, op0), fold_convert (ctype, const_binop (TRUNC_DIV_EXPR, @@ -7112,8 +7112,7 @@ extract_muldiv_1 (tree t, tree c, enum tree_code code, tree wide_type, else if (wi::multiple_of_p (wi::to_wide (c), wi::to_wide (op1), TYPE_SIGN (type))) { - if (TYPE_OVERFLOW_UNDEFINED (ctype)) - *strict_overflow_p = true; + *strict_overflow_p = true; return fold_build2 (code, ctype, fold_convert (ctype, op0), fold_convert (ctype, const_binop (TRUNC_DIV_EXPR, diff --git a/gcc/testsuite/gcc.dg/ubsan/pr108995.c b/gcc/testsuite/gcc.dg/ubsan/pr108995.c new file mode 100644 index 00000000000..79a178c6751 --- /dev/null +++ b/gcc/testsuite/gcc.dg/ubsan/pr108995.c @@ -0,0 +1,15 @@ +/* { dg-do run { xfail *-*-* } } */ +/* With optimization we constant fold and diagnose the overflow and do + not sanitize anything. */ +/* { dg-skip-if "" { *-*-* } { "*" } { ! "-O0" } } */ +/* { dg-options "-fsanitize=undefined -fno-sanitize-recover=undefined" } */ + +int a; +const int b = 44514; +int *c = &a; + +int main () +{ + *c = 65526 * b / 6; + return 0; +} -- 2.35.3