| Message ID | 20170407172317.GD17196@redhat.com |
|---|---|
| State | New |
| Headers | show |
On Fri, Apr 07, 2017 at 07:23:17PM +0200, Marek Polacek wrote: > This ICEs in ubsan_instrument_division on the assert that checks whether both > operands of the division have the same type. Well, here they didn't, because > in cp_build_binary_op we first converted both operands to result_type but then > fold_non_dependent_expr changed the type of op0, so we need to catch this case > before calling ubsan_instrument_division. > > Bootstrapped/regtested on x86_64-linux, ok for trunk? > > 2017-04-07 Marek Polacek <polacek@redhat.com> > > PR sanitizer/80348 > * typeck.c (cp_build_binary_op): Convert COP[01] to ORIG_TYPE. > > * g++.dg/ubsan/div-by-zero-2.C: New test. Ok, thanks. Jakub
diff --git gcc/cp/typeck.c gcc/cp/typeck.c index 79391c0..65a3435 100644 --- gcc/cp/typeck.c +++ gcc/cp/typeck.c @@ -5218,10 +5218,12 @@ cp_build_binary_op (location_t location, original result_type. */ tree cop0 = op0; tree cop1 = op1; - if (orig_type != NULL && result_type != orig_type) + if (orig_type != NULL_TREE) { - cop0 = cp_convert (orig_type, op0, complain); - cop1 = cp_convert (orig_type, op1, complain); + if (TREE_TYPE (cop0) != orig_type) + cop0 = cp_convert (orig_type, op0, complain); + if (TREE_TYPE (cop1) != orig_type) + cop1 = cp_convert (orig_type, op1, complain); } instrument_expr = ubsan_instrument_division (location, cop0, cop1); } diff --git gcc/testsuite/g++.dg/ubsan/div-by-zero-2.C gcc/testsuite/g++.dg/ubsan/div-by-zero-2.C index e69de29..d500ae6 100644 --- gcc/testsuite/g++.dg/ubsan/div-by-zero-2.C +++ gcc/testsuite/g++.dg/ubsan/div-by-zero-2.C @@ -0,0 +1,10 @@ +// PR sanitizer/80348 +// { dg-do compile } +// { dg-options "-fsanitize=integer-divide-by-zero" } + +void +foo () +{ + if (0) + unsigned ((0 != 60806) > (0 != 0)) / 0; // { dg-warning "division by zero" } +}