re PR sanitizer/80875 (UBSAN: compile time crash in fold_binary_loc at fold-const.c:9817)

	PR sanitizer/80875
	* fold-const.c (fold_binary_loc) <case MULT_EXPR>: Check if OP1
	can be negated.

	* c-c++-common/ubsan/pr80875.c: New test.

From-SVN: r248485

4 files changed, 21 insertions, 0 deletions

diff --git a/gcc/ChangeLog b/gcc/ChangeLog
index f281611..f926e9d 100644
--- a/gcc/ChangeLog
+++ b/gcc/ChangeLog
@@ -1,3 +1,9 @@
+2017-05-26  Marek Polacek  <polacek@redhat.com>
+
+	PR sanitizer/80875
+	* fold-const.c (fold_binary_loc) <case MULT_EXPR>: Check if OP1
+	can be negated.
+
 2017-05-26  Richard Biener  <rguenther@suse.de>
 
 	PR tree-optimization/80842
diff --git a/gcc/fold-const.c b/gcc/fold-const.c
index efc0b10..911ae36 100644
--- a/gcc/fold-const.c
+++ b/gcc/fold-const.c
@@ -9813,6 +9813,7 @@ fold_binary_loc (location_t loc,
 	  if (TREE_CODE (op1) == INTEGER_CST
 	      && tree_int_cst_sgn (op1) == -1
 	      && negate_expr_p (op0)
+	      && negate_expr_p (op1)
 	      && (tem = negate_expr (op1)) != op1
 	      && ! TREE_OVERFLOW (tem))
 	    return fold_build2_loc (loc, MULT_EXPR, type,
diff --git a/gcc/testsuite/ChangeLog b/gcc/testsuite/ChangeLog
index b2fc5b6..8d2e7de 100644
--- a/gcc/testsuite/ChangeLog
+++ b/gcc/testsuite/ChangeLog
@@ -1,3 +1,8 @@
+2017-05-26  Marek Polacek  <polacek@redhat.com>
+
+	PR sanitizer/80875
+	* c-c++-common/ubsan/pr80875.c: New test.
+
 2017-05-26  Tom de Vries  <tom@codesourcery.com>
 
 	PR testsuite/80557
diff --git a/gcc/testsuite/c-c++-common/ubsan/pr80875.c b/gcc/testsuite/c-c++-common/ubsan/pr80875.c
new file mode 100644
index 0000000..e679452
--- /dev/null
+++ b/gcc/testsuite/c-c++-common/ubsan/pr80875.c
@@ -0,0 +1,9 @@
+/* PR sanitizer/80875 */
+/* { dg-do compile } */
+/* { dg-options "-fsanitize=undefined" } */
+
+int
+foo (void)
+{
+  return ~__INT_MAX__ * (0 / 0); /* { dg-warning "division by zero" } */
+}