On 09/04/2017 08:21 AM, Marek Polacek wrote:
> Vittorio reported another issue with convert_to_integer_1: for
> u = -l;
> where u is unsigned and l is long long the function does:
>
> 911 return convert (type,
> 912 fold_build1 (ex_form, typex,
> 913 convert (typex,
> 914 TREE_OPERAND (expr,
> 0))));
>
> so instead of
> u = (unsigned int) -l;
> it produced
> u = -(unsigned int) l;
> thus hiding the overflow. Fixed by moving the recently added check a little
> bit above.
>
> Bootstrapped/regtested on x86_64-linux, ok for trunk?
>
> 2017-09-04 Marek Polacek <pola...@redhat.com>
>
> PR sanitizer/82072
> * convert.c (convert_to_integer_1) <case NEGATE_EXPR>: Move the ubsan
> check earlier.
>
> * c-c++-common/ubsan/pr82072-2.c: New test.
OK.
jeff