public inbox for gcc-bugs@sourceware.org
help / color / mirror / Atom feed
* [Bug c/110399] New: pointer substraction causes coredump with ftrapv on edge case
@ 2023-06-25 1:49 baiwfg2 at gmail dot com
2023-06-25 1:59 ` [Bug middle-end/110399] " pinskia at gcc dot gnu.org
` (2 more replies)
0 siblings, 3 replies; 4+ messages in thread
From: baiwfg2 at gmail dot com @ 2023-06-25 1:49 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=110399
Bug ID: 110399
Summary: pointer substraction causes coredump with ftrapv on
edge case
Product: gcc
Version: unknown
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: c
Assignee: unassigned at gcc dot gnu.org
Reporter: baiwfg2 at gmail dot com
Target Milestone: ---
The demo code is :
```c
#include <stdio.h>
#include <stdint.h>
#include <signal.h>
#include <assert.h>
int main() {
{
char *p = (char *)0x80000001;
char *q = (char *)0x7fffffff;
uint32_t w = p - q;
printf("32 bit, w1=%u\n", w);
}
{
char *p = (char *)0x7fffffffffffffff;
char *q = (char *)0x7ffffffffffffffd;
uint32_t w2 = p - q;
printf("w2=%u\n", w2);
}
{
char *p = (char *)0x8000000000000003;
char *q = (char *)0x8000000000000001;
uint32_t w3 = p - q;
printf("w3=%u\n", w3);
}
{
char *p = (char *)0x8000000000000001;
char *q = (char *)0x0000000000000001;
uint32_t w4 = p - q;
printf("w4=%u\n", w4); // ans is 0, not crash under -ftrapv
}
{
char *p = (char *)0x8000000000000001;
char *q = (char *)0x7fffffffffffffff;
uint32_t w5 = (uintptr_t)p - (uintptr_t)q;
printf("w5=%u\n", w5);
}
{
char *p = (char *)0x8000000000000001; // use uint8_t also crash
char *q = (char *)0x7fffffffffffffff; // use smaller num
0x0000000000000011, also crash
uint32_t w6 = p - q;
printf("w6=%u\n", w6); // crash under gcc -ftrapv, not crash under
clang -ftrapv
}
return 0;
}
```
The statement w6 = p - q cause coredump. But what program actually means do
pointer unsigned arithmetic operation. How can I make it right(that is, output
2) with ftrapv option ? I find it's ok with clang -ftrapv .
This happens on many gcc versions.
^ permalink raw reply [flat|nested] 4+ messages in thread
* [Bug middle-end/110399] pointer substraction causes coredump with ftrapv on edge case
2023-06-25 1:49 [Bug c/110399] New: pointer substraction causes coredump with ftrapv on edge case baiwfg2 at gmail dot com
@ 2023-06-25 1:59 ` pinskia at gcc dot gnu.org
2023-06-25 2:01 ` pinskia at gcc dot gnu.org
2023-06-29 9:33 ` baiwfg2 at gmail dot com
2 siblings, 0 replies; 4+ messages in thread
From: pinskia at gcc dot gnu.org @ 2023-06-25 1:59 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=110399
--- Comment #1 from Andrew Pinski <pinskia at gcc dot gnu.org> ---
32 bit, w1=2
w2=2
w3=2
w4=0
w5=2
Program received signal SIGABRT, Aborted.
^ permalink raw reply [flat|nested] 4+ messages in thread
* [Bug middle-end/110399] pointer substraction causes coredump with ftrapv on edge case
2023-06-25 1:49 [Bug c/110399] New: pointer substraction causes coredump with ftrapv on edge case baiwfg2 at gmail dot com
2023-06-25 1:59 ` [Bug middle-end/110399] " pinskia at gcc dot gnu.org
@ 2023-06-25 2:01 ` pinskia at gcc dot gnu.org
2023-06-29 9:33 ` baiwfg2 at gmail dot com
2 siblings, 0 replies; 4+ messages in thread
From: pinskia at gcc dot gnu.org @ 2023-06-25 2:01 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=110399
Andrew Pinski <pinskia at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Resolution|--- |DUPLICATE
Status|UNCONFIRMED |RESOLVED
--- Comment #2 from Andrew Pinski <pinskia at gcc dot gnu.org> ---
Dup of bug 13421.
*** This bug has been marked as a duplicate of bug 13421 ***
^ permalink raw reply [flat|nested] 4+ messages in thread
* [Bug middle-end/110399] pointer substraction causes coredump with ftrapv on edge case
2023-06-25 1:49 [Bug c/110399] New: pointer substraction causes coredump with ftrapv on edge case baiwfg2 at gmail dot com
2023-06-25 1:59 ` [Bug middle-end/110399] " pinskia at gcc dot gnu.org
2023-06-25 2:01 ` pinskia at gcc dot gnu.org
@ 2023-06-29 9:33 ` baiwfg2 at gmail dot com
2 siblings, 0 replies; 4+ messages in thread
From: baiwfg2 at gmail dot com @ 2023-06-29 9:33 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=110399
--- Comment #3 from Chan Lewis <baiwfg2 at gmail dot com> ---
(In reply to Andrew Pinski from comment #2)
> Dup of bug 13421.
>
> *** This bug has been marked as a duplicate of bug 13421 ***
I see. I wonder why gcc consider pointer signed and need to abort in this case,
whereas clang still works as expected. If we change pointer to unsigned in our
codebase, that will be lots of work.
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2023-06-29 9:33 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2023-06-25 1:49 [Bug c/110399] New: pointer substraction causes coredump with ftrapv on edge case baiwfg2 at gmail dot com
2023-06-25 1:59 ` [Bug middle-end/110399] " pinskia at gcc dot gnu.org
2023-06-25 2:01 ` pinskia at gcc dot gnu.org
2023-06-29 9:33 ` baiwfg2 at gmail dot com
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).