From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gcc-bugs-return-492618-listarch-gcc-bugs=gcc.gnu.org@gcc.gnu.org>
Received: (qmail 60009 invoked by alias); 17 Jul 2015 10:48:04 -0000
Mailing-List: contact gcc-bugs-help@gcc.gnu.org; run by ezmlm
Precedence: bulk
List-Id: <gcc-bugs.gcc.gnu.org>
List-Archive: <http://gcc.gnu.org/ml/gcc-bugs/>
List-Post: <mailto:gcc-bugs@gcc.gnu.org>
List-Help: <mailto:gcc-bugs-help@gcc.gnu.org>
Sender: gcc-bugs-owner@gcc.gnu.org
Received: (qmail 59817 invoked by uid 48); 17 Jul 2015 10:47:59 -0000
From: "m.guseva at samsung dot com" <gcc-bugzilla@gcc.gnu.org>
To: gcc-bugs@gcc.gnu.org
Subject: [Bug sanitizer/66908] New: Uninitialized variable when compiled with UBsan
Date: Fri, 17 Jul 2015 10:48:00 -0000
X-Bugzilla-Reason: CC
X-Bugzilla-Type: new
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: gcc
X-Bugzilla-Component: sanitizer
X-Bugzilla-Version: unknown
X-Bugzilla-Keywords:
X-Bugzilla-Severity: normal
X-Bugzilla-Who: m.guseva at samsung dot com
X-Bugzilla-Status: UNCONFIRMED
X-Bugzilla-Resolution:
X-Bugzilla-Priority: P3
X-Bugzilla-Assigned-To: unassigned at gcc dot gnu.org
X-Bugzilla-Target-Milestone: ---
X-Bugzilla-Flags:
X-Bugzilla-Changed-Fields: bug_id short_desc product version bug_status bug_severity priority component assigned_to reporter cc target_milestone attachments.created
Message-ID: <bug-66908-4@http.gcc.gnu.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: http://gcc.gnu.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
X-SW-Source: 2015-07/txt/msg01508.txt.bz2

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=3D66908

            Bug ID: 66908
           Summary: Uninitialized variable when compiled with UBsan
           Product: gcc
           Version: unknown
            Status: UNCONFIRMED
          Severity: normal
          Priority: P3
         Component: sanitizer
          Assignee: unassigned at gcc dot gnu.org
          Reporter: m.guseva at samsung dot com
                CC: dodji at gcc dot gnu.org, dvyukov at gcc dot gnu.org,
                    jakub at gcc dot gnu.org, kcc at gcc dot gnu.org
  Target Milestone: ---

Created attachment 36002
  --> https://gcc.gnu.org/bugzilla/attachment.cgi?id=3D36002&action=3Dedit
Reproducer

When compiled with "-fsanitize=3Dshift,bounds" the gcc reports that "i" var=
iable
maybe uninitialized:
gcc  -O2  -fsanitize=3Dshift,bounds -std=3Dgnu89 -Werror=3Dmaybe-uninitiali=
zed -c
testcase.c
testcase.c: In function =D0=91=E2=94=80=E2=89=A4foo=D0=91=E2=94=80=E2=89=A5:
testcase.c:21:36: error: =D0=91=E2=94=80=E2=89=A4i.1=D0=91=E2=94=80=E2=89=
=A5 may be used uninitialized in this function
[-Werror=3Dmaybe-uninitialized]
     res[i] =3D ((data->scale[i] + tab[i]) << mult);

It's not true in original source code however in produced gimple the "i.1" =
is
initialized in <D.3009> block but may be used in block <D.3010>:
 23   if (mult.0 > 31) goto <D.3009>; else goto <D.3010>;
 24   <D.3009>:
 25   D.3011 =3D (unsigned long) mult.0;
 26   D.3012 =3D data->scale[i];
 27   D.3013 =3D (int) D.3012;
 28   i.1 =3D i;
 29   UBSAN_BOUNDS (0B, i.1, 21);
 30   D.3015 =3D tab[i.1];
 31   D.3016 =3D (int) D.3015;
 32   D.3017 =3D D.3013 + D.3016;
 33   D.3018 =3D (unsigned long) D.3017;
 34   __builtin___ubsan_handle_shift_out_of_bounds (&*.Lubsan_data0, D.3018,
D.3011);
 35   goto <D.3019>;
 36   <D.3010>:
 37   <D.3019>:
 38   D.3020 =3D (long unsigned int) i;
 39   D.3021 =3D D.3020 * 4;
 40   D.3022 =3D res + D.3021;
 41   D.3012 =3D data->scale[i];
 42   D.3013 =3D (int) D.3012;
 43   UBSAN_BOUNDS (0B, i.1, 21);

Discovered in gcc 4.9.2, reproduced on trunk with "-std=3Dgnu89".
>>From gcc-bugs-return-492619-listarch-gcc-bugs=gcc.gnu.org@gcc.gnu.org Fri Jul 17 10:54:57 2015
Return-Path: <gcc-bugs-return-492619-listarch-gcc-bugs=gcc.gnu.org@gcc.gnu.org>
Delivered-To: listarch-gcc-bugs@gcc.gnu.org
Received: (qmail 79961 invoked by alias); 17 Jul 2015 10:54:56 -0000
Mailing-List: contact gcc-bugs-help@gcc.gnu.org; run by ezmlm
Precedence: bulk
List-Id: <gcc-bugs.gcc.gnu.org>
List-Archive: <http://gcc.gnu.org/ml/gcc-bugs/>
List-Post: <mailto:gcc-bugs@gcc.gnu.org>
List-Help: <mailto:gcc-bugs-help@gcc.gnu.org>
Sender: gcc-bugs-owner@gcc.gnu.org
Delivered-To: mailing list gcc-bugs@gcc.gnu.org
Received: (qmail 79905 invoked by uid 48); 17 Jul 2015 10:54:52 -0000
From: "davmac at davmac dot org" <gcc-bugzilla@gcc.gnu.org>
To: gcc-bugs@gcc.gnu.org
Subject: [Bug inline-asm/30527] Use of input/output operands in __asm__ templates not fully documented
Date: Fri, 17 Jul 2015 10:54:00 -0000
X-Bugzilla-Reason: CC
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: gcc
X-Bugzilla-Component: inline-asm
X-Bugzilla-Version: 4.1.1
X-Bugzilla-Keywords: documentation
X-Bugzilla-Severity: normal
X-Bugzilla-Who: davmac at davmac dot org
X-Bugzilla-Status: UNCONFIRMED
X-Bugzilla-Resolution:
X-Bugzilla-Priority: P3
X-Bugzilla-Assigned-To: unassigned at gcc dot gnu.org
X-Bugzilla-Target-Milestone: ---
X-Bugzilla-Flags:
X-Bugzilla-Changed-Fields:
Message-ID: <bug-30527-4-dYAffGpE50@http.gcc.gnu.org/bugzilla/>
In-Reply-To: <bug-30527-4@http.gcc.gnu.org/bugzilla/>
References: <bug-30527-4@http.gcc.gnu.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 7bit
X-Bugzilla-URL: http://gcc.gnu.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
X-SW-Source: 2015-07/txt/msg01509.txt.bz2
Content-length: 304

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=30527

--- Comment #4 from Davin McCall <davmac at davmac dot org> ---
I recently stumbled across section 6.43.2.7 of the manual, which does in fact
document the operand modifiers for (and only for) x86. Modifiers for other
architectures are not documented.