re PR sanitizer/60613 (Invalid signed subtraction ubsan diagnostics)

PR sanitizer/60613
	* internal-fn.c (ubsan_expand_si_overflow_addsub_check): For
	code == MINUS_EXPR, never swap op0 with op1.

	* c-c++-common/ubsan/pr60613-1.c: New test.
	* c-c++-common/ubsan/pr60613-2.c: New test.

From-SVN: r208766

gcc/ChangeLog

@@ -1,5 +1,9 @@
 2014-03-22  Jakub Jelinek  <jakub@redhat.com>
 
+	PR sanitizer/60613
+	* internal-fn.c (ubsan_expand_si_overflow_addsub_check): For
+	code == MINUS_EXPR, never swap op0 with op1.
+
 	* toplev.c (init_local_tick): Avoid signed integer multiplication
 	overflow.
 	* genautomata.c (reserv_sets_hash_value): Fix rotate idiom, avoid

gcc/internal-fn.c

@@ -221,14 +221,15 @@ ubsan_expand_si_overflow_addsub_check (tree_code code, gimple stmt)
       res = expand_binop (mode, code == PLUS_EXPR ? add_optab : sub_optab,
 			  op0, op1, NULL_RTX, false, OPTAB_LIB_WIDEN);
 
-      /* If we can prove one of the arguments is always non-negative
-	 or always negative, we can do just one comparison and
-	 conditional jump instead of 2 at runtime, 3 present in the
+      /* If we can prove one of the arguments (for MINUS_EXPR only
+	 the second operand, as subtraction is not commutative) is always
+	 non-negative or always negative, we can do just one comparison
+	 and conditional jump instead of 2 at runtime, 3 present in the
 	 emitted code.  If one of the arguments is CONST_INT, all we
 	 need is to make sure it is op1, then the first
 	 emit_cmp_and_jump_insns will be just folded.  Otherwise try
 	 to use range info if available.  */
-      if (CONST_INT_P (op0))
+      if (code == PLUS_EXPR && CONST_INT_P (op0))
 	{
 	  rtx tem = op0;
 	  op0 = op1;
@@ -236,7 +237,7 @@ ubsan_expand_si_overflow_addsub_check (tree_code code, gimple stmt)
 	}
       else if (CONST_INT_P (op1))
 	;
-      else if (TREE_CODE (arg0) == SSA_NAME)
+      else if (code == PLUS_EXPR && TREE_CODE (arg0) == SSA_NAME)
 	{
 	  double_int arg0_min, arg0_max;
 	  if (get_range_info (arg0, &arg0_min, &arg0_max) == VR_RANGE)

gcc/testsuite/ChangeLog

@@ -1,3 +1,9 @@
+2014-03-22  Jakub Jelinek  <jakub@redhat.com>
+
+	PR sanitizer/60613
+	* c-c++-common/ubsan/pr60613-1.c: New test.
+	* c-c++-common/ubsan/pr60613-2.c: New test.
+
 2014-03-22  Matthias Klose  <doko@ubuntu.com>
 
 	* g++.dg/cpp0x/regress: Remove empty directory.

gcc/testsuite/c-c++-common/ubsan/pr60613-1.c

@@ -0,0 +1,33 @@
+/* PR sanitizer/60613 */
+/* { dg-do run } */
+/* { dg-options "-fsanitize=undefined" } */
+
+long long y;
+
+__attribute__((noinline, noclone)) long long
+foo (long long x)
+{
+  asm ("");
+  if (x >= 0 || x < -2040)
+    return 23;
+  x += 2040;
+  return x - y;
+}
+
+__attribute__((noinline, noclone)) long long
+bar (long long x)
+{
+  asm ("");
+  return 8LL - x;
+}
+
+int
+main ()
+{
+  y = 1;
+  if (foo (8 - 2040) != 8 - 1)
+    __builtin_abort ();
+  if (bar (1) != 8 - 1)
+    __builtin_abort ();
+  return 0;
+}

gcc/testsuite/c-c++-common/ubsan/pr60613-2.c

@@ -0,0 +1,36 @@
+/* PR sanitizer/60613 */
+/* { dg-do run } */
+/* { dg-options "-fsanitize=undefined" } */
+
+long long y;
+
+__attribute__((noinline, noclone)) long long
+foo (long long x)
+{
+  asm ("");
+  if (x >= 0 || x < -2040)
+    return 23;
+  x += 2040;
+  return x - y;
+}
+
+__attribute__((noinline, noclone)) long long
+bar (long long x)
+{
+  asm ("");
+  return 8LL - x;
+}
+
+int
+main ()
+{
+  y = -__LONG_LONG_MAX__ + 6;
+  if (foo (8 - 2040) != -__LONG_LONG_MAX__)
+    __builtin_abort ();
+  if (bar (-__LONG_LONG_MAX__ + 5) != -__LONG_LONG_MAX__ + 1)
+    __builtin_abort ();
+  return 0;
+}
+
+/* { dg-output "signed integer overflow: 8 \\- -9223372036854775801 cannot be represented in type 'long long int'(\n|\r\n|\r)" } */
+/* { dg-output "\[^\n\r]*signed integer overflow: 8 \\- -9223372036854775802 cannot be represented in type 'long long int'" } */