public inbox for gcc-bugs@sourceware.org
help / color / mirror / Atom feed
* [Bug c/39311] New: Optimization breaks existing overflow checks
@ 2009-02-26 13:58 dominik dot vogt at gmx dot de
2009-02-26 14:28 ` [Bug c/39311] " rguenth at gcc dot gnu dot org
0 siblings, 1 reply; 2+ messages in thread
From: dominik dot vogt at gmx dot de @ 2009-02-26 13:58 UTC (permalink / raw)
To: gcc-bugs
Sorry, I'm unable to figure out how to fill in "Host triplet", "Traget
triplet", and "Build triplet". I only have one triplet: "i486-linux-gnu".
You'll find the detailed output of "gcc -v -save-temps -O2 -o foo foo.c" below.
--
The following code worked fine with gcc-3.4 and g++-3.4 but
not with gcc-4.3.2 and g++4.3.2.
foo.c:
---BEGIN code ---
#include <stdlib.h>
#include <limits.h>
int main(int argc, char **argv)
{
int x;
if (argc < 2)
{
return 99;
}
x = atoi(argv[1]);
if (x + (INT_MAX - 100) < x)
{
return 1;
}
else
{
return 0;
}
}
---END code ---
To run it:
----------
# with gcc-3.4:
$ gcc -O2 -o foo foo.c
$ ./foo 0; echo "--> $?"
--> 0
$ ./foo 200; echo "--> $?"
--> 1
# with gcc-4.3.2:
$ gcc -O2 -o foo foo.c
$ ./foo 0; echo "--> $?"
--> 0
$ ./foo 200; echo "--> $?"
--> 0 (wrong!)
Compiling with -Wall explains what happens:
foo.c: In function 'main':
foo.c:13: warning: assuming signed overflow does not occur when assuming that
(X + c) < X is always false
------------------
I think there are several severe flaws in this behavoiur:
1. This does break a lot of existing code. For example,
certain overflow checks in the fvwm (a window manager)
fail if compiled with gcc-4.3.2. Code doing standard
integer overflow checking a la
if (x + 1 < x)
handle_overflow();
has to be rewritten, possibly like this
if (*(volatile int *)&x + 1 < *(volatile int *)&x)
handle_overflow();
2. You won't even notice if you're not compiling with -Wall,
The warning is printed only if explicitly enabled.
3. I can't imagine what this kind of optimization is good
for in the first place. The code is very likely to be either a
bug or an overflow check. If it's a bug, the compiler should
print a warning and don't optimize. If it's an overflow check
the compiler should not optimize either.
--
Note: This optimization occurs only if a constant is added to
a variable. The optimizer behaves very different if both values
are constants:
if (INT_MAX + 1 < INT_MAX)
or if both values are variables:
if (x + y < x)
---------------
$ gcc -v -save-temps -O2 -o foo foo.c
Using built-in specs.
Target: i486-linux-gnu
Configured with: ../src/configure -v --with-pkgversion='Debian 4.3.2-1.1'
--with-bugurl=file:///usr/share/doc/gcc-4.3/README.Bugs
--enable-languages=c,c++,fortran,objc,obj-c++ --prefix=/usr --enable-shared
--with-system-zlib --libexecdir=/usr/lib --without-included-gettext
--enable-threads=posix --enable-nls --with-gxx-include-dir=/usr/include/c++/4.3
--program-suffix=-4.3 --enable-clocale=gnu --enable-libstdcxx-debug
--enable-objc-gc --enable-mpfr --enable-targets=all --enable-cld
--enable-checking=release --build=i486-linux-gnu --host=i486-linux-gnu
--target=i486-linux-gnu
Thread model: posix
gcc version 4.3.2 (Debian 4.3.2-1.1)
COLLECT_GCC_OPTIONS='-v' '-save-temps' '-O2' '-o' 'foo' '-mtune=generic'
/usr/lib/gcc/i486-linux-gnu/4.3.2/cc1 -E -quiet -v foo.c -mtune=generic -O2
-fpch-preprocess -o foo.i
ignoring nonexistent directory "/usr/local/include/i486-linux-gnu"
ignoring nonexistent directory
"/usr/lib/gcc/i486-linux-gnu/4.3.2/../../../../i486-linux-gnu/include"
ignoring nonexistent directory "/usr/include/i486-linux-gnu"
#include "..." search starts here:
#include <...> search starts here:
/usr/local/include
/usr/lib/gcc/i486-linux-gnu/4.3.2/include
/usr/lib/gcc/i486-linux-gnu/4.3.2/include-fixed
/usr/include
End of search list.
COLLECT_GCC_OPTIONS='-v' '-save-temps' '-O2' '-o' 'foo' '-mtune=generic'
/usr/lib/gcc/i486-linux-gnu/4.3.2/cc1 -fpreprocessed foo.i -quiet -dumpbase
foo.c -mtune=generic -auxbase foo -O2 -version -o foo.s
GNU C (Debian 4.3.2-1.1) version 4.3.2 (i486-linux-gnu)
compiled by GNU C version 4.3.2, GMP version 4.2.2, MPFR version 2.3.2.
warning: MPFR header version 2.3.2 differs from library version 2.3.1.
GGC heuristics: --param ggc-min-expand=100 --param ggc-min-heapsize=131072
Compiler executable checksum: c4cd35f2318868df36b839e33a8e2089
COLLECT_GCC_OPTIONS='-v' '-save-temps' '-O2' '-o' 'foo' '-mtune=generic'
as -V -Qy -o foo.o foo.s
GNU assembler version 2.18.0 (i486-linux-gnu) using BFD version (GNU Binutils
for Debian) 2.18.0.20080103
COMPILER_PATH=/usr/lib/gcc/i486-linux-gnu/4.3.2/:/usr/lib/gcc/i486-linux-gnu/4.3.2/:/usr/lib/gcc/i486-linux-gnu/:/usr/lib/gcc/i486-linux-gnu/4.3.2/:/usr/lib/gcc/i486-linux-gnu/:/usr/lib/gcc/i486-linux-gnu/4.3.2/:/usr/lib/gcc/i486-linux-gnu/
LIBRARY_PATH=/usr/lib/gcc/i486-linux-gnu/4.3.2/:/usr/lib/gcc/i486-linux-gnu/4.3.2/:/usr/lib/gcc/i486-linux-gnu/4.3.2/../../../../lib/:/lib/../lib/:/usr/lib/../lib/:/usr/lib/gcc/i486-linux-gnu/4.3.2/../../../:/lib/:/usr/lib/
COLLECT_GCC_OPTIONS='-v' '-save-temps' '-O2' '-o' 'foo' '-mtune=generic'
/usr/lib/gcc/i486-linux-gnu/4.3.2/collect2 --eh-frame-hdr -m elf_i386
--hash-style=both -dynamic-linker /lib/ld-linux.so.2 -o foo
/usr/lib/gcc/i486-linux-gnu/4.3.2/../../../../lib/crt1.o
/usr/lib/gcc/i486-linux-gnu/4.3.2/../../../../lib/crti.o
/usr/lib/gcc/i486-linux-gnu/4.3.2/crtbegin.o
-L/usr/lib/gcc/i486-linux-gnu/4.3.2 -L/usr/lib/gcc/i486-linux-gnu/4.3.2
-L/usr/lib/gcc/i486-linux-gnu/4.3.2/../../../../lib -L/lib/../lib
-L/usr/lib/../lib -L/usr/lib/gcc/i486-linux-gnu/4.3.2/../../.. foo.o -lgcc
--as-needed -lgcc_s --no-as-needed -lc -lgcc --as-needed -lgcc_s --no-as-needed
/usr/lib/gcc/i486-linux-gnu/4.3.2/crtend.o
/usr/lib/gcc/i486-linux-gnu/4.3.2/../../../../lib/crtn.o
--
Summary: Optimization breaks existing overflow checks
Product: gcc
Version: 4.3.2
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: c
AssignedTo: unassigned at gcc dot gnu dot org
ReportedBy: dominik dot vogt at gmx dot de
GCC build triplet: ???
GCC host triplet: ???
GCC target triplet: ???
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=39311
^ permalink raw reply [flat|nested] 2+ messages in thread
* [Bug c/39311] Optimization breaks existing overflow checks
2009-02-26 13:58 [Bug c/39311] New: Optimization breaks existing overflow checks dominik dot vogt at gmx dot de
@ 2009-02-26 14:28 ` rguenth at gcc dot gnu dot org
0 siblings, 0 replies; 2+ messages in thread
From: rguenth at gcc dot gnu dot org @ 2009-02-26 14:28 UTC (permalink / raw)
To: gcc-bugs
------- Comment #1 from rguenth at gcc dot gnu dot org 2009-02-26 14:28 -------
In C signed overflow invokes undefined behavior so the compiler assumes signed
operations do not overflow. Use -fwrapv or -fno-strict-overflow if you like
to program in DWIM-C.
--
rguenth at gcc dot gnu dot org changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|UNCONFIRMED |RESOLVED
Resolution| |INVALID
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=39311
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2009-02-26 14:28 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2009-02-26 13:58 [Bug c/39311] New: Optimization breaks existing overflow checks dominik dot vogt at gmx dot de
2009-02-26 14:28 ` [Bug c/39311] " rguenth at gcc dot gnu dot org
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).