public inbox for gcc-bugs@sourceware.org
help / color / mirror / Atom feed
From: "cvs-commit at gcc dot gnu.org" <gcc-bugzilla@gcc.gnu.org>
To: gcc-bugs@gcc.gnu.org
Subject: [Bug middle-end/105533] UBSAN: gcc/expmed.cc:3272:26: runtime error: signed integer overflow: -9223372036854775808 - 1 cannot be represented in type 'long int'
Date: Thu, 07 Mar 2024 09:08:31 +0000 [thread overview]
Message-ID: <bug-105533-4-koih9tvx0K@http.gcc.gnu.org/bugzilla/> (raw)
In-Reply-To: <bug-105533-4@http.gcc.gnu.org/bugzilla/>
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=105533
--- Comment #11 from GCC Commits <cvs-commit at gcc dot gnu.org> ---
The master branch has been updated by Jakub Jelinek <jakub@gcc.gnu.org>:
https://gcc.gnu.org/g:e1bd0f293d8407d4e8149fbafd470612323dc938
commit r14-9353-ge1bd0f293d8407d4e8149fbafd470612323dc938
Author: Jakub Jelinek <jakub@redhat.com>
Date: Thu Mar 7 10:01:08 2024 +0100
sccvn: Avoid UB in ao_ref_init_from_vn_reference [PR105533]
When compiling libgcc or on e.g.
int a[64];
int p;
void
foo (void)
{
int s = 1;
while (p)
{
s -= 11;
a[s] != 0;
}
}
sccvn invokes UB in the compiler as detected by ubsan:
../../gcc/poly-int.h:1089:5: runtime error: left shift of negative value
-40
The problem is that we still use C++11..C++17 as the implementation
language
and in those C++ versions shifting negative values left is UB (well defined
since C++20) and above in
offset += op->off << LOG2_BITS_PER_UNIT;
op->off is poly_int64 with -40 value (in libgcc with -8).
I understand the offset_int << LOG2_BITS_PER_UNIT shifts but it is then
well
defined during underlying implementation which is done on the uhwi limbs,
but for poly_int64 we use
offset += pop->off * BITS_PER_UNIT;
a few lines earlier and I think that is both more readable in what it
actually does and triggers UB only if there would be signed multiply
overflow. In the end, the compiler will treat them the same at least at
the
RTL level (at least, if not and they aren't the same cost, it should).
2024-03-07 Jakub Jelinek <jakub@redhat.com>
PR middle-end/105533
* tree-ssa-sccvn.cc (ao_ref_init_from_vn_reference) <case
ARRAY_REF>:
Multiple op->off by BITS_PER_UNIT instead of shifting it left by
LOG2_BITS_PER_UNIT.
next prev parent reply other threads:[~2024-03-07 9:08 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-05-09 11:27 [Bug tree-optimization/105533] New: " zsojka at seznam dot cz
2022-10-31 3:32 ` [Bug middle-end/105533] " pinskia at gcc dot gnu.org
2024-03-05 19:20 ` dcb314 at hotmail dot com
2024-03-06 9:30 ` dcb314 at hotmail dot com
2024-03-06 10:33 ` jakub at gcc dot gnu.org
2024-03-06 11:39 ` dcb314 at hotmail dot com
2024-03-06 13:37 ` jakub at gcc dot gnu.org
2024-03-06 13:45 ` jakub at gcc dot gnu.org
2024-03-06 13:56 ` jakub at gcc dot gnu.org
2024-03-06 15:16 ` jakub at gcc dot gnu.org
2024-03-07 7:32 ` rguenther at suse dot de
2024-03-07 9:08 ` cvs-commit at gcc dot gnu.org [this message]
2024-03-07 9:08 ` cvs-commit at gcc dot gnu.org
2024-03-08 8:28 ` dcb314 at hotmail dot com
2024-03-08 8:29 ` jakub at gcc dot gnu.org
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=bug-105533-4-koih9tvx0K@http.gcc.gnu.org/bugzilla/ \
--to=gcc-bugzilla@gcc.gnu.org \
--cc=gcc-bugs@gcc.gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).