Fix two ubsan failures (PR85164)

Message ID	mptbm138yly.fsf@arm.com
State	New
Headers	show Return-Path: <gcc-patches-return-499429-incoming=patchwork.ozlabs.org@gcc.gnu.org> DomainKey-Signature: a=rsa-sha1; c=nofws; d=gcc.gnu.org; h=list-id :list-unsubscribe:list-archive:list-post:list-help:sender:from :to:subject:date:message-id:mime-version:content-type; q=dns; s= default; b=RZOeMBUxg7CfS+M1TiMKXpBIB4s/l40aZ8+ALdru8hPfeUUWVw9Zp Cdxo6Z0D52PMI/0qENTc9+8wpVYU9rp6yDD5FZQ5ZXczpC0PhWvPgI0vCXu20JiK AQygi/SD7a3wqMzLsz/oqY6Uy402S27yDAeHfz+TRqlwhgJqaVaeP8= Mailing-List: contact gcc-patches-help@gcc.gnu.org; run by ezmlm Precedence: bulk Sender: gcc-patches-owner@gcc.gnu.org From: Richard Sandiford <richard.sandiford@arm.com> To: gcc-patches@gcc.gnu.org Mail-Followup-To: gcc-patches@gcc.gnu.org, richard.sandiford@arm.com Subject: Fix two ubsan failures (PR85164) Date: Thu, 18 Apr 2019 10:13:45 +0100 Message-ID: <mptbm138yly.fsf@arm.com> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.1 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain
Series	Fix two ubsan failures (PR85164) \| expand Fix two ubsan failures (PR85164)

Message ID

mptbm138yly.fsf@arm.com

State

New

Headers

DomainKey-Signature: a=rsa-sha1; c=nofws; d=gcc.gnu.org; h=list-id
	:list-unsubscribe:list-archive:list-post:list-help:sender:from
	:to:subject:date:message-id:mime-version:content-type; q=dns; s=
	default; b=RZOeMBUxg7CfS+M1TiMKXpBIB4s/l40aZ8+ALdru8hPfeUUWVw9Zp
	Cdxo6Z0D52PMI/0qENTc9+8wpVYU9rp6yDD5FZQ5ZXczpC0PhWvPgI0vCXu20JiK
	AQygi/SD7a3wqMzLsz/oqY6Uy402S27yDAeHfz+TRqlwhgJqaVaeP8=
Mailing-List: contact gcc-patches-help@gcc.gnu.org; run by ezmlm
Precedence: bulk
Sender: gcc-patches-owner@gcc.gnu.org
From: Richard Sandiford <richard.sandiford@arm.com>
To: gcc-patches@gcc.gnu.org
Mail-Followup-To: gcc-patches@gcc.gnu.org, richard.sandiford@arm.com
Subject: Fix two ubsan failures (PR85164)
Date: Thu, 18 Apr 2019 10:13:45 +0100
Message-ID: <mptbm138yly.fsf@arm.com>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.1 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain

Series

Fix two ubsan failures (PR85164) | expand

Commit Message

Richard Sandiford April 18, 2019, 9:13 a.m. UTC

Two fixes for UB when handling very large offsets.  The calculation in
force_int_to_mode would have been correct if signed integers used modulo
arithmetic, so just switch to unsigned types.  The calculation in
rtx_addr_can_trap_p_1 didn't handle overflow properly, so switch to
known_subrange_p instead (which is supposed to handle all cases).

Tested with bootstrap-ubsan on aarch64-linux-gnu and x86_64-linux-gnu.
OK to install?

Richard


2019-04-18  Richard Sandiford  <richard.sandiford@arm.com>

gcc/
	PR middle-end/85164
	* combine.c (force_int_to_mode): Cast the argument rather than
	the result of known_alignment.
	* rtlanal.c (rtx_addr_can_trap_p_1): Use known_subrange_p.

gcc/testsuite/
	PR middle-end/85164
	* gcc.dg/pr85164-1.c, gcc.dg/pr85164-2.c: New tests.

Comments

Richard Biener April 18, 2019, 10:20 a.m. UTC | #1

On Thu, Apr 18, 2019 at 11:13 AM Richard Sandiford
<richard.sandiford@arm.com> wrote:
>
> Two fixes for UB when handling very large offsets.  The calculation in
> force_int_to_mode would have been correct if signed integers used modulo
> arithmetic, so just switch to unsigned types.  The calculation in
> rtx_addr_can_trap_p_1 didn't handle overflow properly, so switch to
> known_subrange_p instead (which is supposed to handle all cases).
>
> Tested with bootstrap-ubsan on aarch64-linux-gnu and x86_64-linux-gnu.
> OK to install?

OK.

Richard.

> Richard
>
>
> 2019-04-18  Richard Sandiford  <richard.sandiford@arm.com>
>
> gcc/
>         PR middle-end/85164
>         * combine.c (force_int_to_mode): Cast the argument rather than
>         the result of known_alignment.
>         * rtlanal.c (rtx_addr_can_trap_p_1): Use known_subrange_p.
>
> gcc/testsuite/
>         PR middle-end/85164
>         * gcc.dg/pr85164-1.c, gcc.dg/pr85164-2.c: New tests.
>
> Index: gcc/combine.c
> ===================================================================
> --- gcc/combine.c       2019-03-08 18:15:36.704740334 +0000
> +++ gcc/combine.c       2019-04-18 10:11:01.984734102 +0100
> @@ -8922,7 +8922,7 @@ force_int_to_mode (rtx x, scalar_int_mod
>        /* If X is (minus C Y) where C's least set bit is larger than any bit
>          in the mask, then we may replace with (neg Y).  */
>        if (poly_int_rtx_p (XEXP (x, 0), &const_op0)
> -         && (unsigned HOST_WIDE_INT) known_alignment (const_op0) > mask)
> +         && known_alignment (poly_uint64 (const_op0)) > mask)
>         {
>           x = simplify_gen_unary (NEG, xmode, XEXP (x, 1), xmode);
>           return force_to_mode (x, mode, mask, next_select);
> Index: gcc/rtlanal.c
> ===================================================================
> --- gcc/rtlanal.c       2019-03-08 18:14:26.721006369 +0000
> +++ gcc/rtlanal.c       2019-04-18 10:11:01.984734102 +0100
> @@ -521,7 +521,7 @@ rtx_addr_can_trap_p_1 (const_rtx x, poly
>
>           return (!known_size_p (decl_size) || known_eq (decl_size, 0)
>                   ? maybe_ne (offset, 0)
> -                 : maybe_gt (offset + size, decl_size));
> +                 : !known_subrange_p (offset, size, 0, decl_size));
>          }
>
>        return 0;
> Index: gcc/testsuite/gcc.dg/pr85164-1.c
> ===================================================================
> --- /dev/null   2019-03-08 11:40:14.606883727 +0000
> +++ gcc/testsuite/gcc.dg/pr85164-1.c    2019-04-18 10:11:01.984734102 +0100
> @@ -0,0 +1,7 @@
> +/* { dg-options "-O2 -w" } */
> +a[];
> +b;
> +c() {
> +  unsigned long d;
> +  b = a[d - 1 >> 3];
> +}
> Index: gcc/testsuite/gcc.dg/pr85164-2.c
> ===================================================================
> --- /dev/null   2019-03-08 11:40:14.606883727 +0000
> +++ gcc/testsuite/gcc.dg/pr85164-2.c    2019-04-18 10:11:01.984734102 +0100
> @@ -0,0 +1,4 @@
> +/* { dg-options "-O2 -w" } */
> +int a;
> +long b;
> +void c() { b = -9223372036854775807L - 1 - a; }

Index: gcc/combine.c
===================================================================
--- gcc/combine.c	2019-03-08 18:15:36.704740334 +0000
+++ gcc/combine.c	2019-04-18 10:11:01.984734102 +0100
@@ -8922,7 +8922,7 @@  force_int_to_mode (rtx x, scalar_int_mod
       /* If X is (minus C Y) where C's least set bit is larger than any bit
 	 in the mask, then we may replace with (neg Y).  */
       if (poly_int_rtx_p (XEXP (x, 0), &const_op0)
-	  && (unsigned HOST_WIDE_INT) known_alignment (const_op0) > mask)
+	  && known_alignment (poly_uint64 (const_op0)) > mask)
 	{
 	  x = simplify_gen_unary (NEG, xmode, XEXP (x, 1), xmode);
 	  return force_to_mode (x, mode, mask, next_select);
Index: gcc/rtlanal.c
===================================================================
--- gcc/rtlanal.c	2019-03-08 18:14:26.721006369 +0000
+++ gcc/rtlanal.c	2019-04-18 10:11:01.984734102 +0100
@@ -521,7 +521,7 @@  rtx_addr_can_trap_p_1 (const_rtx x, poly
 
 	  return (!known_size_p (decl_size) || known_eq (decl_size, 0)
 		  ? maybe_ne (offset, 0)
-		  : maybe_gt (offset + size, decl_size));
+		  : !known_subrange_p (offset, size, 0, decl_size));
         }
 
       return 0;
Index: gcc/testsuite/gcc.dg/pr85164-1.c
===================================================================
--- /dev/null	2019-03-08 11:40:14.606883727 +0000
+++ gcc/testsuite/gcc.dg/pr85164-1.c	2019-04-18 10:11:01.984734102 +0100
@@ -0,0 +1,7 @@ 
+/* { dg-options "-O2 -w" } */
+a[];
+b;
+c() {
+  unsigned long d;
+  b = a[d - 1 >> 3];
+}
Index: gcc/testsuite/gcc.dg/pr85164-2.c
===================================================================
--- /dev/null	2019-03-08 11:40:14.606883727 +0000
+++ gcc/testsuite/gcc.dg/pr85164-2.c	2019-04-18 10:11:01.984734102 +0100
@@ -0,0 +1,4 @@ 
+/* { dg-options "-O2 -w" } */
+int a;
+long b;
+void c() { b = -9223372036854775807L - 1 - a; }

Fix two ubsan failures (PR85164)

Commit Message

Comments

Patch