public inbox for gcc-bugs@sourceware.org
help / color / mirror / Atom feed
* [Bug c/53968] New: integer undefined behaviors in GCC
@ 2012-07-14 22:50 regehr at cs dot utah.edu
2012-07-14 22:53 ` [Bug c/53968] " regehr at cs dot utah.edu
` (3 more replies)
0 siblings, 4 replies; 5+ messages in thread
From: regehr at cs dot utah.edu @ 2012-07-14 22:50 UTC (permalink / raw)
To: gcc-bugs
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=53968
Bug #: 53968
Summary: integer undefined behaviors in GCC
Classification: Unclassified
Product: gcc
Version: 4.8.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: c
AssignedTo: unassigned@gcc.gnu.org
ReportedBy: regehr@cs.utah.edu
Using IOC (link below) I made a GCC that looks for integer overflow problems in
itself, and then used it to run the GCC testsuite and bootstrap itself. The
resulting defects are listed below.
I've found that the best way to track down these problems is to put an
assertion into the source code close to where the overflow happens.
Note that this is far fewer undefined behaviors than were present two years
ago:
http://gcc.gnu.org/ml/gcc/2010-08/msg00039.html
Version info:
regehr@home:~/z/checked-gcc-install/bin$ ./gcc -v
Using built-in specs.
COLLECT_GCC=./gcc
COLLECT_LTO_WRAPPER=/home/regehr/z/checked-gcc-install/libexec/gcc/x86_64-unknown-linux-gnu/4.8.0/lto-wrapper
Target: x86_64-unknown-linux-gnu
Configured with: /home/regehr/z/compiler-source/gcc/configure
--enable-languages=c,c++ CC='clang -w -fcatch-undefined-behavior' CXX='clang++
-w -fcatch-undefined-behavior' --prefix=/home/regehr/z/checked-gcc-install
--disable-bootstrap
Thread model: posix
gcc version 4.8.0 20120714 (experimental) (GCC)
IOC tool:
http://embed.cs.utah.edu/ioc/
Defects:
ARITHMETIC UNDEFINED at </home/regehr/z/compiler-source/gcc/gcc/diagnostic.c,
(244:28)> : Op: -, Reason : Signed Subtraction Overflow, BINARY OPERATION: left
(int32): 2147483647 right (int32): -1
ARITHMETIC UNDEFINED at </home/regehr/z/compiler-source/gcc/gcc/double-int.c,
(158:21)> : Op: *, Reason : Signed Multiplication Overflow, BINARY OPERATION:
left (int64): 4294967295 right (int64): 4294967295
ARITHMETIC UNDEFINED at </home/regehr/z/compiler-source/gcc/gcc/double-int.c,
(613:46)> : Op: <<, Reason : Unsigned Left Shift: Right operand is negative or
is greater than or equal to the width of the promoted left operand, BINARY
OPERATION: left (uint64): 2 right (uint64): 4294967295
ARITHMETIC UNDEFINED at </home/regehr/z/compiler-source/gcc/gcc/expr.c,
(3832:20)> : Op: -, Reason : Signed Subtraction Overflow, UNARY OPERATION: left
(int64): 0 right (int64): -9223372036854775808
ARITHMETIC UNDEFINED at
</home/regehr/z/compiler-source/gcc/gcc/ipa-inline-analysis.c, (2347:22)> : Op:
*, Reason : Signed Multiplication Overflow, BINARY OPERATION: left (int32):
256348 right (int32): 10000
ARITHMETIC UNDEFINED at </home/regehr/z/compiler-source/gcc/gcc/simplify-rtx.c,
(69:24)> : Op: -, Reason : Signed Subtraction Overflow, UNARY OPERATION: left
(int64): 0 right (int64): -9223372036854775808
ARITHMETIC UNDEFINED at </home/regehr/z/compiler-source/gcc/gcc/stor-layout.c,
(2563:52)> : Op: -, Reason : Signed Subtraction Overflow, BINARY OPERATION:
left (int64): -9223372036854775808 right (int64): 1
ARITHMETIC UNDEFINED at </home/regehr/z/compiler-source/gcc/gcc/stor-layout.c,
(2566:54)> : Op: -, Reason : Signed Subtraction Overflow, BINARY OPERATION:
left (int64): -9223372036854775808 right (int64): 1
ARITHMETIC UNDEFINED at
</home/regehr/z/compiler-source/gcc/gcc/tree-ssa-loop-ivopts.c, (3450:10)> :
Op: -, Reason : Signed Subtraction Overflow, UNARY OPERATION: left (int64): 0
right (int64): -9223372036854775808
ARITHMETIC UNDEFINED at
</home/regehr/z/compiler-source/gcc/gcc/tree-ssa-loop-ivopts.c, (3459:35)> :
Op: -, Reason : Signed Subtraction Overflow, BINARY OPERATION: left (int64):
-9223372036854775808 right (int64): 1
ARITHMETIC UNDEFINED at </home/regehr/z/compiler-source/gcc/gcc/tree.c,
(1889:37)> : Op: -, Reason : Signed Subtraction Overflow, BINARY OPERATION:
left (int64): -9223372036854775808 right (int64): 1
^ permalink raw reply [flat|nested] 5+ messages in thread
* [Bug c/53968] integer undefined behaviors in GCC
2012-07-14 22:50 [Bug c/53968] New: integer undefined behaviors in GCC regehr at cs dot utah.edu
@ 2012-07-14 22:53 ` regehr at cs dot utah.edu
2012-08-13 12:40 ` jakub at gcc dot gnu.org
` (2 subsequent siblings)
3 siblings, 0 replies; 5+ messages in thread
From: regehr at cs dot utah.edu @ 2012-07-14 22:53 UTC (permalink / raw)
To: gcc-bugs
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=53968
--- Comment #1 from John Regehr <regehr at cs dot utah.edu> 2012-07-14 22:53:06 UTC ---
Also there are about 50 defects relating to C99's restrictive rules for
left-shifts of signed integers. I have omitted them since people typically
don't care to fix these. If anyone wants to see them, let me know.
^ permalink raw reply [flat|nested] 5+ messages in thread
* [Bug c/53968] integer undefined behaviors in GCC
2012-07-14 22:50 [Bug c/53968] New: integer undefined behaviors in GCC regehr at cs dot utah.edu
2012-07-14 22:53 ` [Bug c/53968] " regehr at cs dot utah.edu
@ 2012-08-13 12:40 ` jakub at gcc dot gnu.org
2012-08-13 12:41 ` jakub at gcc dot gnu.org
2014-10-23 19:30 ` mpolacek at gcc dot gnu.org
3 siblings, 0 replies; 5+ messages in thread
From: jakub at gcc dot gnu.org @ 2012-08-13 12:40 UTC (permalink / raw)
To: gcc-bugs
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=53968
--- Comment #2 from Jakub Jelinek <jakub at gcc dot gnu.org> 2012-08-13 12:40:04 UTC ---
Author: jakub
Date: Mon Aug 13 12:39:54 2012
New Revision: 190342
URL: http://gcc.gnu.org/viewcvs?root=gcc&view=rev&rev=190342
Log:
PR c/53968
* tree.c (integer_pow2p): Avoid undefined signed overflows.
* simplify-rtx.c (neg_const_int): Likewise.
* expr.c (fixup_args_size_notes): Likewise.
* stor-layout.c (set_min_and_max_values_for_integral_type): Likewise.
* double-int.c (mul_double_wide_with_sign): Likewise.
(double_int_mask): Likewise.
* tree-ssa-loop-ivopts.c (get_address_cost): Likewise.
Modified:
trunk/gcc/ChangeLog
trunk/gcc/double-int.c
trunk/gcc/expr.c
trunk/gcc/simplify-rtx.c
trunk/gcc/stor-layout.c
trunk/gcc/tree-ssa-loop-ivopts.c
trunk/gcc/tree.c
^ permalink raw reply [flat|nested] 5+ messages in thread
* [Bug c/53968] integer undefined behaviors in GCC
2012-07-14 22:50 [Bug c/53968] New: integer undefined behaviors in GCC regehr at cs dot utah.edu
2012-07-14 22:53 ` [Bug c/53968] " regehr at cs dot utah.edu
2012-08-13 12:40 ` jakub at gcc dot gnu.org
@ 2012-08-13 12:41 ` jakub at gcc dot gnu.org
2014-10-23 19:30 ` mpolacek at gcc dot gnu.org
3 siblings, 0 replies; 5+ messages in thread
From: jakub at gcc dot gnu.org @ 2012-08-13 12:41 UTC (permalink / raw)
To: gcc-bugs
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=53968
Jakub Jelinek <jakub at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|UNCONFIRMED |NEW
Last reconfirmed| |2012-08-13
CC| |hubicka at gcc dot gnu.org,
| |jakub at gcc dot gnu.org
Ever Confirmed|0 |1
--- Comment #3 from Jakub Jelinek <jakub at gcc dot gnu.org> 2012-08-13 12:41:06 UTC ---
Haven't reproduced the diagnostic.c failure, and leaving the ipa hunk to Honza.
^ permalink raw reply [flat|nested] 5+ messages in thread
* [Bug c/53968] integer undefined behaviors in GCC
2012-07-14 22:50 [Bug c/53968] New: integer undefined behaviors in GCC regehr at cs dot utah.edu
` (2 preceding siblings ...)
2012-08-13 12:41 ` jakub at gcc dot gnu.org
@ 2014-10-23 19:30 ` mpolacek at gcc dot gnu.org
3 siblings, 0 replies; 5+ messages in thread
From: mpolacek at gcc dot gnu.org @ 2014-10-23 19:30 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=53968
Marek Polacek <mpolacek at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
CC| |mpolacek at gcc dot gnu.org
Resolution|--- |FIXED
--- Comment #4 from Marek Polacek <mpolacek at gcc dot gnu.org> ---
Should be fixed.
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2014-10-23 19:27 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2012-07-14 22:50 [Bug c/53968] New: integer undefined behaviors in GCC regehr at cs dot utah.edu
2012-07-14 22:53 ` [Bug c/53968] " regehr at cs dot utah.edu
2012-08-13 12:40 ` jakub at gcc dot gnu.org
2012-08-13 12:41 ` jakub at gcc dot gnu.org
2014-10-23 19:30 ` mpolacek at gcc dot gnu.org
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).