On Tue, Mar 14, 2023 at 06:50:26PM -0400, Marek Polacek via Gcc-patches wrote:
> Here we're failing to detect a signed overflow with -O because match.pd,
> since r8-1516, transforms
>
> c = (a + 1) - (int) (short int) b;
>
> into
>
> c = (int) ((unsigned int) a + 4294946117);
>
> wrongly eliding the overflow. This kind of problems is usually
> avoided by using TYPE_OVERFLOW_SANITIZED in the appropriate place.
> The first match.pd hunk in the patch fixes it. I've constructed
> a testcase for each of the surrounding cases as well. Then I
> noticed that fold_binary_loc/associate has the same problem, so I've
> added a TYPE_OVERFLOW_SANITIZED there as well (it may be too coarse,
> sorry). Then I found yet another problem, but instead of fixing it
> now I've opened 109134. I could probably go on and find a dozen more.
>
> Is this worth doing?
>
> Bootstrapped/regtested on x86_64-pc-linux-gnu, ok for trunk?
>
> PR sanitizer/109107
>
> gcc/ChangeLog:
>
> * fold-const.cc (fold_binary_loc): Use TYPE_OVERFLOW_SANITIZED
> when associating.
> * match.pd: Use TYPE_OVERFLOW_SANITIZED.
>
> gcc/testsuite/ChangeLog:
>
> * c-c++-common/ubsan/pr109107-2.c: New test.
> * c-c++-common/ubsan/pr109107-3.c: New test.
> * c-c++-common/ubsan/pr109107-4.c: New test.
> * c-c++-common/ubsan/pr109107.c: New test.
Please rename the last test to pr109107-1.c.
Otherwise LGTM.
Jakub
