[Bug c/108915] New: invalid pointer access preserved in optimized code

[Bug c/108915] New: invalid pointer access preserved in optimized code

[hiraditya at msn dot com]

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=108915

            Bug ID: 108915
           Summary: invalid pointer access preserved in optimized code
           Product: gcc
           Version: unknown
            Status: UNCONFIRMED
          Severity: normal
          Priority: P3
         Component: c
          Assignee: unassigned at gcc dot gnu.org
          Reporter: hiraditya at msn dot com
  Target Milestone: ---

Testcase has been reduced from u-boot's linker-list macro:
https://github.com/u-boot/u-boot/blob/master/include/linker_lists.h#L127


#include<stdio.h>

char* bar() {
    static char start_bar[0] __attribute__((aligned(16)))
       __attribute__((unused))
       __attribute__((section("__u_boot_list_2_1")));
    char *p = (char *)start_bar;
    for (int i = p[0]; i < p[9]; i++)
        printf("asdfasd");
    return 0;
}



$ gcc -O3 -fno-unroll-loops -S -o -

.LC0:
        .string "asdfasd"
bar:
        push    rbx
        movsx   eax, BYTE PTR start_bar.1[rip+9]
        movsx   ebx, BYTE PTR start_bar.1[rip]
        cmp     ebx, eax
        jge     .L2
.L3:
        mov     edi, OFFSET FLAT:.LC0
        xor     eax, eax
        add     ebx, 1
        call    printf
        movsx   eax, BYTE PTR start_bar.1[rip+9]
        cmp     eax, ebx
        jg      .L3
.L2:
        xor     eax, eax
        pop     rbx
        ret

-----------------------------------------------------
$ clang -O3 -fno-unroll-loops -S -o -

bar:                                    # @bar
        xor     eax, eax
        ret

[Bug tree-optimization/108915] invalid pointer access preserved in optimized code

[pinskia at gcc dot gnu.org]

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=108915

Andrew Pinski <pinskia at gcc dot gnu.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|UNCONFIRMED                 |RESOLVED
         Resolution|---                         |INVALID

--- Comment #1 from Andrew Pinski <pinskia at gcc dot gnu.org> ---
static char start_bar[0]
says this is an array of size 0.

The reduced testcase does not match up with the code in uboot though.

Anyways GCC is correct for the reduced testcase, so is clang since it is
undefined as you are accessing outside of the bounds of the array.

The way to fix uboot code is to change the ll_entry_start/ll_entry_end to:


#define ll_entry_start(_type, _list)                                    \
({                                                                      \
        static char start[0] __aligned(CONFIG_LINKER_LIST_ALIGN)        \
                __attribute__((unused))                                 \
                __section("__u_boot_list_2_"#_list"_1");                \
        _type * tmp = (_type *)&start;                                  \
        asm("":"+r"(tmp));                                              \
        tmp;                                                            \
})


#define ll_entry_end(_type, _list)                                      \
({                                                                      \
        static char end[0] __aligned(4) __attribute__((unused))         \
                __section("__u_boot_list_2_"#_list"_3");                       
\
        _type * tmp = (_type *)&end;                                    \
        asm("":"+r"(tmp));                                              \
        tmp;                                                            \
})

[Bug tree-optimization/108915] invalid pointer access preserved in optimized code

[pinskia at gcc dot gnu.org]

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=108915

--- Comment #2 from Andrew Pinski <pinskia at gcc dot gnu.org> ---
ll_start/ll_end needs a similar change.

[Bug tree-optimization/108915] invalid pointer access preserved in optimized code

[pinskia at gcc dot gnu.org]

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=108915

--- Comment #3 from Andrew Pinski <pinskia at gcc dot gnu.org> ---
(In reply to Andrew Pinski from comment #1)
> The way to fix uboot code is to change the ll_entry_start/ll_entry_end to:

That is because you cannot take the difference between two distinct objects and
have a well defined answer. Nor can increment one from one distinct object into
another.

[Bug tree-optimization/108915] invalid pointer access preserved in optimized code

[hiraditya at msn dot com]

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=108915

AK <hiraditya at msn dot com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
         Resolution|INVALID                     |FIXED

--- Comment #4 from AK <hiraditya at msn dot com> ---
Adding `__attribute__((used))` also fixed it. Does it reflect the same behavior
as using `asm` as you suggested?

[Bug tree-optimization/108915] invalid pointer access preserved in optimized code

[pinskia at gcc dot gnu.org]

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=108915

Andrew Pinski <pinskia at gcc dot gnu.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
         Resolution|FIXED                       |INVALID

--- Comment #5 from Andrew Pinski <pinskia at gcc dot gnu.org> ---
(In reply to AK from comment #4)
> Adding `__attribute__((used))` also fixed it. Does it reflect the same
> behavior as using `asm` as you suggested?

NO.

[Bug tree-optimization/108915] invalid pointer access preserved in optimized code

[hiraditya at msn dot com]

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=108915

--- Comment #6 from AK <hiraditya at msn dot com> ---
For reference, I had opened a related bug in clang:
https://github.com/llvm/llvm-project/issues/60967