From 3777eda2eddbc7d5d54bdc0cddaa7f8f44c5ffe9 Mon Sep 17 00:00:00 2001 From: Marek Polacek Date: Thu, 27 Apr 2017 21:12:29 +0000 Subject: [PATCH] re PR sanitizer/80349 (UBSAN: compile time crash with "type mismatch in binary expression" message) PR sanitizer/80349 * fold-const.c (fold_binary_loc) : Convert arg10 and arg11 to itype. * c-c++-common/ubsan/pr80349.c: New test. From-SVN: r247352 --- gcc/ChangeLog | 6 +++ gcc/fold-const.c | 59 ++++++++++------------ gcc/testsuite/ChangeLog | 5 ++ gcc/testsuite/c-c++-common/ubsan/pr80349.c | 30 +++++++++++ 4 files changed, 69 insertions(+), 31 deletions(-) create mode 100644 gcc/testsuite/c-c++-common/ubsan/pr80349.c diff --git a/gcc/ChangeLog b/gcc/ChangeLog index 7463a78bd5c..d8ee4265844 100644 --- a/gcc/ChangeLog +++ b/gcc/ChangeLog @@ -1,3 +1,9 @@ +2017-04-27 Marek Polacek + + PR sanitizer/80349 + * fold-const.c (fold_binary_loc) : Convert + arg10 and arg11 to itype. + 2017-04-27 Jonathan Wakely * doc/extend.texi (Object Size Checking): Improve grammar. diff --git a/gcc/fold-const.c b/gcc/fold-const.c index ce4b2df8cd2..f6d5af43b33 100644 --- a/gcc/fold-const.c +++ b/gcc/fold-const.c @@ -10797,40 +10797,37 @@ fold_binary_loc (location_t loc, tree itype = TREE_TYPE (arg0); if (operand_equal_p (arg01, arg11, 0)) - return fold_build2_loc (loc, code, type, - fold_build2_loc (loc, BIT_AND_EXPR, itype, - fold_build2_loc (loc, - BIT_XOR_EXPR, itype, - arg00, arg10), - arg01), - build_zero_cst (itype)); - + { + tem = fold_convert_loc (loc, itype, arg10); + tem = fold_build2_loc (loc, BIT_XOR_EXPR, itype, arg00, tem); + tem = fold_build2_loc (loc, BIT_AND_EXPR, itype, tem, arg01); + return fold_build2_loc (loc, code, type, tem, + build_zero_cst (itype)); + } if (operand_equal_p (arg01, arg10, 0)) - return fold_build2_loc (loc, code, type, - fold_build2_loc (loc, BIT_AND_EXPR, itype, - fold_build2_loc (loc, - BIT_XOR_EXPR, itype, - arg00, arg11), - arg01), - build_zero_cst (itype)); - + { + tem = fold_convert_loc (loc, itype, arg11); + tem = fold_build2_loc (loc, BIT_XOR_EXPR, itype, arg00, tem); + tem = fold_build2_loc (loc, BIT_AND_EXPR, itype, tem, arg01); + return fold_build2_loc (loc, code, type, tem, + build_zero_cst (itype)); + } if (operand_equal_p (arg00, arg11, 0)) - return fold_build2_loc (loc, code, type, - fold_build2_loc (loc, BIT_AND_EXPR, itype, - fold_build2_loc (loc, - BIT_XOR_EXPR, itype, - arg01, arg10), - arg00), - build_zero_cst (itype)); - + { + tem = fold_convert_loc (loc, itype, arg10); + tem = fold_build2_loc (loc, BIT_XOR_EXPR, itype, arg01, tem); + tem = fold_build2_loc (loc, BIT_AND_EXPR, itype, tem, arg00); + return fold_build2_loc (loc, code, type, tem, + build_zero_cst (itype)); + } if (operand_equal_p (arg00, arg10, 0)) - return fold_build2_loc (loc, code, type, - fold_build2_loc (loc, BIT_AND_EXPR, itype, - fold_build2_loc (loc, - BIT_XOR_EXPR, itype, - arg01, arg11), - arg00), - build_zero_cst (itype)); + { + tem = fold_convert_loc (loc, itype, arg11); + tem = fold_build2_loc (loc, BIT_XOR_EXPR, itype, arg01, tem); + tem = fold_build2_loc (loc, BIT_AND_EXPR, itype, tem, arg00); + return fold_build2_loc (loc, code, type, tem, + build_zero_cst (itype)); + } } if (TREE_CODE (arg0) == BIT_XOR_EXPR diff --git a/gcc/testsuite/ChangeLog b/gcc/testsuite/ChangeLog index 3523e2b5228..5f25ed1652e 100644 --- a/gcc/testsuite/ChangeLog +++ b/gcc/testsuite/ChangeLog @@ -1,3 +1,8 @@ +2017-04-27 Marek Polacek + + PR sanitizer/80349 + * c-c++-common/ubsan/pr80349.c: New test. + 2017-04-27 Volker Reichelt * g++.dg/cpp1z/direct-enum-init1.C: Adjust for more verbose enum diff --git a/gcc/testsuite/c-c++-common/ubsan/pr80349.c b/gcc/testsuite/c-c++-common/ubsan/pr80349.c new file mode 100644 index 00000000000..eb2e3da0721 --- /dev/null +++ b/gcc/testsuite/c-c++-common/ubsan/pr80349.c @@ -0,0 +1,30 @@ +/* PR sanitizer/80349 */ +/* { dg-do compile } */ +/* { dg-options "-fsanitize=undefined" } */ + +int var; +long a; + +long +fn1 () +{ + return 0 % ((a & 1) == (7UL & 1)); +} + +long +fn2 () +{ + return 0 % ((a & 1) == (1 & 7UL)); +} + +long +fn3 () +{ + return 0 % ((1 & a) == (7UL & 1)); +} + +long +fn4 () +{ + return 0 % ((1 & a) == (1 & 7UL)); +} -- 2.30.2