From: Jakub Jelinek Date: Mon, 31 Jul 2017 08:24:58 +0000 (+0200) Subject: re PR sanitizer/81604 (Ubsan type reporting can be bogus in some cases) X-Git-Url: https://git.libre-soc.org/?a=commitdiff_plain;h=066bbc5721fbda2affe061fc4025a622bf30d5b5;p=gcc.git re PR sanitizer/81604 (Ubsan type reporting can be bogus in some cases) PR sanitizer/81604 * ubsan.c (ubsan_type_descriptor): For UBSAN_PRINT_ARRAY don't change type to the element type, instead add eltype variable and use it where we are interested in the element type. * c-c++-common/ubsan/pr81604.c: New test. From-SVN: r250728 --- diff --git a/gcc/ChangeLog b/gcc/ChangeLog index 318a9859351..176847911b3 100644 --- a/gcc/ChangeLog +++ b/gcc/ChangeLog @@ -1,5 +1,10 @@ 2017-07-31 Jakub Jelinek + PR sanitizer/81604 + * ubsan.c (ubsan_type_descriptor): For UBSAN_PRINT_ARRAY don't + change type to the element type, instead add eltype variable and + use it where we are interested in the element type. + PR tree-optimization/81603 * ipa-polymorphic-call.c (ipa_polymorphic_call_context::ipa_polymorphic_call_context): Perform diff --git a/gcc/testsuite/ChangeLog b/gcc/testsuite/ChangeLog index a6a378263c1..e84a715c22a 100644 --- a/gcc/testsuite/ChangeLog +++ b/gcc/testsuite/ChangeLog @@ -1,3 +1,8 @@ +2017-07-31 Jakub Jelinek + + PR sanitizer/81604 + * c-c++-common/ubsan/pr81604.c: New test. + 2017-07-30 H.J. Lu PR target/79793 diff --git a/gcc/testsuite/c-c++-common/ubsan/pr81604.c b/gcc/testsuite/c-c++-common/ubsan/pr81604.c new file mode 100644 index 00000000000..a06de76b023 --- /dev/null +++ b/gcc/testsuite/c-c++-common/ubsan/pr81604.c @@ -0,0 +1,31 @@ +/* PR sanitizer/81604 */ +/* { dg-do run } */ +/* { dg-options "-fsanitize=bounds,signed-integer-overflow" } */ + +long a[10]; + +__attribute__((noinline, noclone)) long * +foo (int i) +{ + return &a[i]; +} + +__attribute__((noinline, noclone)) long +bar (long x, long y) +{ + return x * y; +} + +int +main () +{ + volatile int i = -1; + volatile long l = __LONG_MAX__; + long *volatile p; + p = foo (i); + l = bar (l, l); + return 0; +} + +/* { dg-output "index -1 out of bounds for type 'long int \\\[10\\\]'\[^\n\r]*(\n|\r\n|\r)" } */ +/* { dg-output "\[^\n\r]*signed integer overflow: \[0-9]+ \\* \[0-9]+ cannot be represented in type 'long int'" } */ diff --git a/gcc/ubsan.c b/gcc/ubsan.c index cca3c2d85d3..2580a58b6eb 100644 --- a/gcc/ubsan.c +++ b/gcc/ubsan.c @@ -402,6 +402,7 @@ ubsan_type_descriptor (tree type, enum ubsan_print_style pstyle) /* We weren't able to determine the type name. */ tname = ""; + tree eltype = type; if (pstyle == UBSAN_PRINT_POINTER) { pp_printf (&pretty_name, "'%s%s%s%s%s%s%s", @@ -452,12 +453,12 @@ ubsan_type_descriptor (tree type, enum ubsan_print_style pstyle) pp_quote (&pretty_name); /* Save the tree with stripped types. */ - type = t; + eltype = t; } else pp_printf (&pretty_name, "'%s'", tname); - switch (TREE_CODE (type)) + switch (TREE_CODE (eltype)) { case BOOLEAN_TYPE: case ENUMERAL_TYPE: @@ -467,9 +468,9 @@ ubsan_type_descriptor (tree type, enum ubsan_print_style pstyle) case REAL_TYPE: /* FIXME: libubsan right now only supports float, double and long double type formats. */ - if (TYPE_MODE (type) == TYPE_MODE (float_type_node) - || TYPE_MODE (type) == TYPE_MODE (double_type_node) - || TYPE_MODE (type) == TYPE_MODE (long_double_type_node)) + if (TYPE_MODE (eltype) == TYPE_MODE (float_type_node) + || TYPE_MODE (eltype) == TYPE_MODE (double_type_node) + || TYPE_MODE (eltype) == TYPE_MODE (long_double_type_node)) tkind = 0x0001; else tkind = 0xffff; @@ -478,7 +479,7 @@ ubsan_type_descriptor (tree type, enum ubsan_print_style pstyle) tkind = 0xffff; break; } - tinfo = get_ubsan_type_info_for_type (type); + tinfo = get_ubsan_type_info_for_type (eltype); /* Create a new VAR_DECL of type descriptor. */ const char *tmp = pp_formatted_text (&pretty_name);