From b96a3e11572287992923065def1d64e8a2240f9b Mon Sep 17 00:00:00 2001 From: Jakub Jelinek Date: Wed, 12 Apr 2017 20:08:29 +0200 Subject: [PATCH] re PR sanitizer/80403 (UBSAN: compile time crash with "type mismatch in binary expression" message in / and % expr) PR sanitizer/80403 PR sanitizer/80404 PR sanitizer/80405 * fold-const.c (fold_ternary_loc): Use op1 instead of arg1 as argument to fold_build2_loc. Convert TREE_OPERAND (tem, 0) to type. Use op0 instead of fold_convert_loc (loc, type, arg0). * g++.dg/ubsan/pr80403.C: New test. * g++.dg/ubsan/pr80404.C: New test. * g++.dg/ubsan/pr80405.C: New test. From-SVN: r246881 --- gcc/ChangeLog | 9 +++++++++ gcc/fold-const.c | 12 +++++++----- gcc/testsuite/ChangeLog | 7 +++++++ gcc/testsuite/g++.dg/ubsan/pr80403.C | 11 +++++++++++ gcc/testsuite/g++.dg/ubsan/pr80404.C | 12 ++++++++++++ gcc/testsuite/g++.dg/ubsan/pr80405.C | 11 +++++++++++ 6 files changed, 57 insertions(+), 5 deletions(-) create mode 100644 gcc/testsuite/g++.dg/ubsan/pr80403.C create mode 100644 gcc/testsuite/g++.dg/ubsan/pr80404.C create mode 100644 gcc/testsuite/g++.dg/ubsan/pr80405.C diff --git a/gcc/ChangeLog b/gcc/ChangeLog index 89af9cc1671..efd66a6272a 100644 --- a/gcc/ChangeLog +++ b/gcc/ChangeLog @@ -1,3 +1,12 @@ +2017-04-12 Jakub Jelinek + + PR sanitizer/80403 + PR sanitizer/80404 + PR sanitizer/80405 + * fold-const.c (fold_ternary_loc): Use op1 instead of arg1 as argument + to fold_build2_loc. Convert TREE_OPERAND (tem, 0) to type. Use + op0 instead of fold_convert_loc (loc, type, arg0). + 2017-04-12 Jeff Law * genattrtab.c (write_eligible_delay): Verify DELAY_INSN still diff --git a/gcc/fold-const.c b/gcc/fold-const.c index 2f2e93afb55..fb0b1a6afc3 100644 --- a/gcc/fold-const.c +++ b/gcc/fold-const.c @@ -11508,10 +11508,12 @@ fold_ternary_loc (location_t loc, enum tree_code code, tree type, STRIP_NOPS (tem); if (TREE_CODE (tem) == RSHIFT_EXPR && tree_fits_uhwi_p (TREE_OPERAND (tem, 1)) - && (unsigned HOST_WIDE_INT) tree_log2 (arg1) == - tree_to_uhwi (TREE_OPERAND (tem, 1))) + && (unsigned HOST_WIDE_INT) tree_log2 (arg1) + == tree_to_uhwi (TREE_OPERAND (tem, 1))) return fold_build2_loc (loc, BIT_AND_EXPR, type, - TREE_OPERAND (tem, 0), arg1); + fold_convert_loc (loc, type, + TREE_OPERAND (tem, 0)), + op1); } /* A & N ? N : 0 is simply A & N if N is a power of two. This @@ -11542,7 +11544,7 @@ fold_ternary_loc (location_t loc, enum tree_code code, tree type, && (code == VEC_COND_EXPR || !VECTOR_TYPE_P (type))) return fold_build2_loc (loc, code == VEC_COND_EXPR ? BIT_AND_EXPR : TRUTH_ANDIF_EXPR, - type, fold_convert_loc (loc, type, arg0), arg1); + type, op0, op1); /* Convert A ? B : 1 into !A || B if A and B are truth values. */ if (code == VEC_COND_EXPR ? integer_all_onesp (op2) : integer_onep (op2) @@ -11558,7 +11560,7 @@ fold_ternary_loc (location_t loc, enum tree_code code, tree type, ? BIT_IOR_EXPR : TRUTH_ORIF_EXPR, type, fold_convert_loc (loc, type, tem), - arg1); + op1); } /* Convert A ? 0 : B into !A && B if A and B are truth values. */ diff --git a/gcc/testsuite/ChangeLog b/gcc/testsuite/ChangeLog index f43a4d968a0..9dce05e3117 100644 --- a/gcc/testsuite/ChangeLog +++ b/gcc/testsuite/ChangeLog @@ -1,5 +1,12 @@ 2017-04-12 Jakub Jelinek + PR sanitizer/80403 + PR sanitizer/80404 + PR sanitizer/80405 + * g++.dg/ubsan/pr80403.C: New test. + * g++.dg/ubsan/pr80404.C: New test. + * g++.dg/ubsan/pr80405.C: New test. + PR c/80163 * gcc.dg/torture/pr80163.c: New test. diff --git a/gcc/testsuite/g++.dg/ubsan/pr80403.C b/gcc/testsuite/g++.dg/ubsan/pr80403.C new file mode 100644 index 00000000000..e249f9ba43d --- /dev/null +++ b/gcc/testsuite/g++.dg/ubsan/pr80403.C @@ -0,0 +1,11 @@ +// PR sanitizer/80403 +// { dg-do compile } +// { dg-options "-fsanitize=undefined" } + +unsigned +foo () +{ + unsigned a = (unsigned) (!(6044238 >> 0) >= (0 < 0)) % 0; // { dg-warning "division by zero" } + unsigned b = (unsigned) (!(6044238 >> 0) >= (0 < 0)) / 0; // { dg-warning "division by zero" } + return a + b; +} diff --git a/gcc/testsuite/g++.dg/ubsan/pr80404.C b/gcc/testsuite/g++.dg/ubsan/pr80404.C new file mode 100644 index 00000000000..b3fa7c24286 --- /dev/null +++ b/gcc/testsuite/g++.dg/ubsan/pr80404.C @@ -0,0 +1,12 @@ +// PR sanitizer/80404 +// { dg-do compile } +// { dg-options "-fsanitize=undefined" } + +extern short v; + +unsigned +foo () +{ + unsigned a = (0 < 0 >= (0 >= 0)) / (unsigned) v; + return a; +} diff --git a/gcc/testsuite/g++.dg/ubsan/pr80405.C b/gcc/testsuite/g++.dg/ubsan/pr80405.C new file mode 100644 index 00000000000..30a9b1a68cb --- /dev/null +++ b/gcc/testsuite/g++.dg/ubsan/pr80405.C @@ -0,0 +1,11 @@ +// PR sanitizer/80405 +// { dg-do compile } +// { dg-options "-fsanitize=undefined" } + +extern unsigned int v, w; + +void +foo () +{ + w = (!~0 >= (unsigned) (0 < 0)) << v; +} -- 2.30.2