As discussed earlier, this patch removes now useless code and adds tests to ensure we don't regress in diagnostics.
Bootstrapped/regtested on x86_64-linux, applying to trunk. 2015-09-25 Marek Polacek <pola...@redhat.com> * c-ubsan.c (ubsan_instrument_division): Remove unnecessary code. (ubsan_instrument_shift): Likewise. * c-c++-common/ubsan/bounds-11.c: New test. * c-c++-common/ubsan/bounds-12.c: New test. diff --git gcc/c-family/c-ubsan.c gcc/c-family/c-ubsan.c index d2bc264..672762c 100644 --- gcc/c-family/c-ubsan.c +++ gcc/c-family/c-ubsan.c @@ -89,20 +89,7 @@ ubsan_instrument_division (location_t loc, tree op0, tree op1) return NULL_TREE; /* In case we have a SAVE_EXPR in a conditional context, we need to - make sure it gets evaluated before the condition. If the OP0 is - an instrumented array reference, mark it as having side effects so - it's not folded away. */ - if (flag_sanitize & SANITIZE_BOUNDS) - { - tree xop0 = op0; - while (CONVERT_EXPR_P (xop0)) - xop0 = TREE_OPERAND (xop0, 0); - if (TREE_CODE (xop0) == ARRAY_REF) - { - TREE_SIDE_EFFECTS (xop0) = 1; - TREE_SIDE_EFFECTS (op0) = 1; - } - } + make sure it gets evaluated before the condition. */ t = fold_build2 (COMPOUND_EXPR, TREE_TYPE (t), unshare_expr (op0), t); t = fold_build2 (COMPOUND_EXPR, TREE_TYPE (t), unshare_expr (op1), t); if (flag_sanitize_undefined_trap_on_error) @@ -187,20 +174,7 @@ ubsan_instrument_shift (location_t loc, enum tree_code code, return NULL_TREE; /* In case we have a SAVE_EXPR in a conditional context, we need to - make sure it gets evaluated before the condition. If the OP0 is - an instrumented array reference, mark it as having side effects so - it's not folded away. */ - if (flag_sanitize & SANITIZE_BOUNDS) - { - tree xop0 = op0; - while (CONVERT_EXPR_P (xop0)) - xop0 = TREE_OPERAND (xop0, 0); - if (TREE_CODE (xop0) == ARRAY_REF) - { - TREE_SIDE_EFFECTS (xop0) = 1; - TREE_SIDE_EFFECTS (op0) = 1; - } - } + make sure it gets evaluated before the condition. */ t = fold_build2 (COMPOUND_EXPR, TREE_TYPE (t), unshare_expr (op0), t); t = fold_build2 (TRUTH_OR_EXPR, boolean_type_node, t, tt ? tt : integer_zero_node); diff --git gcc/testsuite/c-c++-common/ubsan/bounds-11.c gcc/testsuite/c-c++-common/ubsan/bounds-11.c index e69de29..c3e0f22 100644 --- gcc/testsuite/c-c++-common/ubsan/bounds-11.c +++ gcc/testsuite/c-c++-common/ubsan/bounds-11.c @@ -0,0 +1,23 @@ +/* { dg-do run } */ +/* { dg-options "-fsanitize=bounds" } */ + +struct S +{ + unsigned long a[1]; + int l; +}; + +static inline unsigned long +fn (const struct S *s, int i) +{ + return s->a[i] / i; +} + +int +main () +{ + struct S s; + fn (&s, 1); +} + +/* { dg-output "index 1 out of bounds for type 'long unsigned int \\\[1\\\]'" } */ diff --git gcc/testsuite/c-c++-common/ubsan/bounds-12.c gcc/testsuite/c-c++-common/ubsan/bounds-12.c index e69de29..3cd3a4a 100644 --- gcc/testsuite/c-c++-common/ubsan/bounds-12.c +++ gcc/testsuite/c-c++-common/ubsan/bounds-12.c @@ -0,0 +1,23 @@ +/* { dg-do run } */ +/* { dg-options "-fsanitize=bounds" } */ + +struct S +{ + unsigned long a[1]; + int l; +}; + +static inline unsigned long +fn (const struct S *s, int i) +{ + return s->a[i] << i; +} + +int +main () +{ + struct S s; + fn (&s, 1); +} + +/* { dg-output "index 1 out of bounds for type 'long unsigned int \\\[1\\\]'" } */ Marek