From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <SRS0=SSLJ=7B=suse.de=rguenther@sourceware.org>
Received: from smtp-out2.suse.de (smtp-out2.suse.de [195.135.220.29])
	by sourceware.org (Postfix) with ESMTPS id 1DEBC385842B
	for <gcc-patches@gcc.gnu.org>; Thu,  9 Mar 2023 13:29:13 +0000 (GMT)
DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 1DEBC385842B
Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=suse.de
Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=suse.de
Received: from relay2.suse.de (relay2.suse.de [149.44.160.134])
	by smtp-out2.suse.de (Postfix) with ESMTP id 162DF200CA;
	Thu,  9 Mar 2023 13:29:12 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.de; s=susede2_rsa;
	t=1678368552; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc:
	 mime-version:mime-version:content-type:content-type:
	 in-reply-to:in-reply-to:references:references;
	bh=pExUDzQ/DFnZAHhthX1HJPkKmjZyaufPuk+4X0dpdcg=;
	b=sG3ziw31sP0MQtcRmHV960uHw5wdScnnbMgtg3sDhqNIhpKEcQ1uDxVU2AKcZ9dBeFZN8F
	2FeKEFSTGozoCacsHYW72Aq5Qon4TxndCzs4rqeSpRFkSL3K6AJFpKrOkKTEfmc1TcnxR0
	SbQk/p/Digd67vS4G3iStNza2A2tT6c=
DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=suse.de;
	s=susede2_ed25519; t=1678368552;
	h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc:
	 mime-version:mime-version:content-type:content-type:
	 in-reply-to:in-reply-to:references:references;
	bh=pExUDzQ/DFnZAHhthX1HJPkKmjZyaufPuk+4X0dpdcg=;
	b=FAN+1juEqoE/dv05DYDT7VgDErvVkWcNqYl+QrdmFpmaLbH5k+W9pbSWn2XojeVMFAANRS
	tvs5YB1NW7y5o/Dw==
Received: from wotan.suse.de (wotan.suse.de [10.160.0.1])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by relay2.suse.de (Postfix) with ESMTPS id 103FB2C143;
	Thu,  9 Mar 2023 13:29:11 +0000 (UTC)
Date: Thu, 9 Mar 2023 13:29:11 +0000 (UTC)
From: Richard Biener <rguenther@suse.de>
To: Jakub Jelinek <jakub@redhat.com>
cc: gcc-patches@gcc.gnu.org
Subject: Re: [PATCH] middle-end/108995 - avoid folding when sanitizing
 overflow
In-Reply-To: <ZAnastIWWgNG4L59@tucnak>
Message-ID: <nycvar.YFH.7.77.849.2303091328510.18795@jbgna.fhfr.qr>
References: <20230308093849.51C183858C62@sourceware.org> <ZAnastIWWgNG4L59@tucnak>
User-Agent: Alpine 2.22 (LSU 394 2020-01-19)
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
X-Spam-Status: No, score=-11.0 required=5.0 tests=BAYES_00,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,GIT_PATCH_0,SPF_HELO_NONE,SPF_PASS,TXREP autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org
List-Id: <gcc-patches.gcc.gnu.org>

On Thu, 9 Mar 2023, Jakub Jelinek wrote:

> On Wed, Mar 08, 2023 at 09:38:43AM +0000, Richard Biener via Gcc-patches wrote:
> > The following plugs one place in extract_muldiv where it should avoid
> > folding when sanitizing overflow.
> > 
> > I'm unsure about the testcase, I didn't find any that tests for
> > a runtime sanitizer error ...
> > 
> > Bootstrapped and tested on x86_64-unknown-linux-gnu.
> > 
> > OK?
> > 
> > 	PR middle-end/108995
> > 	* fold-const.cc (extract_muldiv_1): Avoid folding
> > 	(CST * b) / CST2 when sanitizing overflow and we rely on
> > 	overflow being undefined.
> 
> This is ok.
> 
> > 
> > 	* gcc.dg/ubsan/pr108995.c: New testcase.
> 
> As for testcase, there are many testcases that test for runtime sanitizer
> errors.  For ubsan, it is more common to test -fsanitize-recover= and
> just dg-output scan the output for expected diagnostics (many examples
> in that directory).
> Another possibility is to test for the no recovery, see e.g.
> gcc.dg/ubsan/bounds-3.c.  In that case there should be
> /* { dg-do run } */
> and
> /* { dg-shouldfail "ubsan" } */
> but dg-output checking for the exact wording is still highly desirable.
> 
> The test also relies on 32-bit ints, so it should be dg-do run { target int32 }
> I think.

OK, the following is what I have applied.

Richard.

>From ace65db9215882b95e2ead1bb0dc8c54c2ea69be Mon Sep 17 00:00:00 2001
From: Richard Biener <rguenther@suse.de>
Date: Wed, 8 Mar 2023 09:06:44 +0100
Subject: [PATCH] middle-end/108995 - avoid folding when sanitizing overflow
To: gcc-patches@gcc.gnu.org

The following plugs one place in extract_muldiv where it should avoid
folding when sanitizing overflow.

	PR middle-end/108995
	* fold-const.cc (extract_muldiv_1): Avoid folding
	(CST * b) / CST2 when sanitizing overflow and we rely on
	overflow being undefined.

	* gcc.dg/ubsan/pr108995.c: New testcase.
---
 gcc/fold-const.cc                     |  7 +++----
 gcc/testsuite/gcc.dg/ubsan/pr108995.c | 18 ++++++++++++++++++
 2 files changed, 21 insertions(+), 4 deletions(-)
 create mode 100644 gcc/testsuite/gcc.dg/ubsan/pr108995.c

diff --git a/gcc/fold-const.cc b/gcc/fold-const.cc
index 99882ef820a..02a24c5fe65 100644
--- a/gcc/fold-const.cc
+++ b/gcc/fold-const.cc
@@ -7093,6 +7093,7 @@ extract_muldiv_1 (tree t, tree c, enum tree_code code, tree wide_type,
 	 If we have an unsigned type, we cannot do this since it will change
 	 the result if the original computation overflowed.  */
       if (TYPE_OVERFLOW_UNDEFINED (ctype)
+	  && !TYPE_OVERFLOW_SANITIZED (ctype)
 	  && ((code == MULT_EXPR && tcode == EXACT_DIV_EXPR)
 	      || (tcode == MULT_EXPR
 		  && code != TRUNC_MOD_EXPR && code != CEIL_MOD_EXPR
@@ -7102,8 +7103,7 @@ extract_muldiv_1 (tree t, tree c, enum tree_code code, tree wide_type,
 	  if (wi::multiple_of_p (wi::to_wide (op1), wi::to_wide (c),
 				 TYPE_SIGN (type)))
 	    {
-	      if (TYPE_OVERFLOW_UNDEFINED (ctype))
-		*strict_overflow_p = true;
+	      *strict_overflow_p = true;
 	      return fold_build2 (tcode, ctype, fold_convert (ctype, op0),
 				  fold_convert (ctype,
 						const_binop (TRUNC_DIV_EXPR,
@@ -7112,8 +7112,7 @@ extract_muldiv_1 (tree t, tree c, enum tree_code code, tree wide_type,
 	  else if (wi::multiple_of_p (wi::to_wide (c), wi::to_wide (op1),
 				      TYPE_SIGN (type)))
 	    {
-	      if (TYPE_OVERFLOW_UNDEFINED (ctype))
-		*strict_overflow_p = true;
+	      *strict_overflow_p = true;
 	      return fold_build2 (code, ctype, fold_convert (ctype, op0),
 				  fold_convert (ctype,
 						const_binop (TRUNC_DIV_EXPR,
diff --git a/gcc/testsuite/gcc.dg/ubsan/pr108995.c b/gcc/testsuite/gcc.dg/ubsan/pr108995.c
new file mode 100644
index 00000000000..166825b2ef8
--- /dev/null
+++ b/gcc/testsuite/gcc.dg/ubsan/pr108995.c
@@ -0,0 +1,18 @@
+/* { dg-do run { target int32 } } */
+/* { dg-shouldfail "ubsan" } */
+/* With optimization we constant fold and diagnose the overflow and do
+   not sanitize anything.  */
+/* { dg-skip-if "" { *-*-* } { "*" } { ! "-O0" } } */
+/* { dg-options "-fsanitize=undefined -fno-sanitize-recover=undefined" } */
+
+int a;
+const int b = 44514;
+int *c = &a;
+
+int main ()
+{
+  *c = 65526 * b / 6;
+  return 0;
+}
+
+/* { dg-output "signed integer overflow: 44514 \\* 65526 cannot be represented in type 'int'" } */
-- 
2.35.3