* [PATCH] cse: avoid signed overflow in compute_const_anchors [PR 104843]
@ 2022-03-09 11:19 Xi Ruoyao
2022-03-09 14:55 ` Richard Biener
0 siblings, 1 reply; 6+ messages in thread
From: Xi Ruoyao @ 2022-03-09 11:19 UTC (permalink / raw)
To: gcc-patches; +Cc: Richard Sandiford, Jeff Law
Bootstrapped and tested on mips64el-linux-gnuabi64, and MIPS is the only
port with a non-zero targetm.const_anchor. Ok for trunk?
-- >8 --
With a non-zero const_anchor, the behavior of this function relied on
signed overflow.
gcc/
PR rtl-optimization/104843
* cse.cc (compute_const_anchors): Cast to unsigned HOST_WIDE_INT
to perform overflow arithmetics safely.
---
gcc/cse.cc | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/gcc/cse.cc b/gcc/cse.cc
index a18b599d324..7c39a009449 100644
--- a/gcc/cse.cc
+++ b/gcc/cse.cc
@@ -1169,10 +1169,10 @@ compute_const_anchors (rtx cst,
HOST_WIDE_INT *lower_base, HOST_WIDE_INT *lower_offs,
HOST_WIDE_INT *upper_base, HOST_WIDE_INT *upper_offs)
{
- HOST_WIDE_INT n = INTVAL (cst);
+ unsigned HOST_WIDE_INT n = INTVAL (cst);
*lower_base = n & ~(targetm.const_anchor - 1);
- if (*lower_base == n)
+ if (*lower_base == INTVAL (cst))
return false;
*upper_base =
--
2.35.1
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH] cse: avoid signed overflow in compute_const_anchors [PR 104843]
2022-03-09 11:19 [PATCH] cse: avoid signed overflow in compute_const_anchors [PR 104843] Xi Ruoyao
@ 2022-03-09 14:55 ` Richard Biener
2022-03-09 16:12 ` [PATCH v2] " Xi Ruoyao
0 siblings, 1 reply; 6+ messages in thread
From: Richard Biener @ 2022-03-09 14:55 UTC (permalink / raw)
To: Xi Ruoyao; +Cc: GCC Patches, Richard Sandiford, Jeff Law
On Wed, Mar 9, 2022 at 12:20 PM Xi Ruoyao via Gcc-patches
<gcc-patches@gcc.gnu.org> wrote:
>
> Bootstrapped and tested on mips64el-linux-gnuabi64, and MIPS is the only
> port with a non-zero targetm.const_anchor. Ok for trunk?
>
> -- >8 --
>
> With a non-zero const_anchor, the behavior of this function relied on
> signed overflow.
>
> gcc/
>
> PR rtl-optimization/104843
> * cse.cc (compute_const_anchors): Cast to unsigned HOST_WIDE_INT
> to perform overflow arithmetics safely.
> ---
> gcc/cse.cc | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/gcc/cse.cc b/gcc/cse.cc
> index a18b599d324..7c39a009449 100644
> --- a/gcc/cse.cc
> +++ b/gcc/cse.cc
> @@ -1169,10 +1169,10 @@ compute_const_anchors (rtx cst,
> HOST_WIDE_INT *lower_base, HOST_WIDE_INT *lower_offs,
> HOST_WIDE_INT *upper_base, HOST_WIDE_INT *upper_offs)
> {
> - HOST_WIDE_INT n = INTVAL (cst);
> + unsigned HOST_WIDE_INT n = INTVAL (cst);
UINTVAL (cst)?
>
> *lower_base = n & ~(targetm.const_anchor - 1);
isn't it better to make targetm.const_anchor unsigned?
The & and ~ are not subject to overflow rules.
> - if (*lower_base == n)
> + if (*lower_base == INTVAL (cst))
duplicating this here is definitely ugly.
> return false;
>
> *upper_base =
> --
> 2.35.1
>
>
^ permalink raw reply [flat|nested] 6+ messages in thread
* [PATCH v2] cse: avoid signed overflow in compute_const_anchors [PR 104843]
2022-03-09 14:55 ` Richard Biener
@ 2022-03-09 16:12 ` Xi Ruoyao
2022-03-10 8:01 ` Richard Biener
0 siblings, 1 reply; 6+ messages in thread
From: Xi Ruoyao @ 2022-03-09 16:12 UTC (permalink / raw)
To: Richard Biener; +Cc: GCC Patches, Richard Sandiford, Jeff Law
On Wed, 2022-03-09 at 15:55 +0100, Richard Biener wrote:
> isn't it better to make targetm.const_anchor unsigned?
> The & and ~ are not subject to overflow rules.
It's not enough: if n is the minimum value of HOST_WIDE_INT and
const_anchor = 0x8000 (the value for MIPS), we'll have a signed 0x7fff
in *upper_base. Then the next line, "*upper_offs = n - *upper_base;"
will be a signed overflow again.
How about the following?
-- >8 --
With a non-zero const_anchor, the behavior of this function relied on
signed overflow.
gcc/
PR rtl-optimization/104843
* cse.cc (compute_const_anchors): Use unsigned HOST_WIDE_INT for
n to perform overflow arithmetics safely.
---
gcc/cse.cc | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/gcc/cse.cc b/gcc/cse.cc
index a18b599d324..052fa0c3490 100644
--- a/gcc/cse.cc
+++ b/gcc/cse.cc
@@ -1169,12 +1169,12 @@ compute_const_anchors (rtx cst,
HOST_WIDE_INT *lower_base, HOST_WIDE_INT *lower_offs,
HOST_WIDE_INT *upper_base, HOST_WIDE_INT *upper_offs)
{
- HOST_WIDE_INT n = INTVAL (cst);
-
- *lower_base = n & ~(targetm.const_anchor - 1);
- if (*lower_base == n)
+ unsigned HOST_WIDE_INT n = UINTVAL (cst);
+ unsigned HOST_WIDE_INT lb = n & ~(targetm.const_anchor - 1);
+ if (lb == n)
return false;
+ *lower_base = lb;
*upper_base =
(n + (targetm.const_anchor - 1)) & ~(targetm.const_anchor - 1);
*upper_offs = n - *upper_base;
--
2.35.1
>
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH v2] cse: avoid signed overflow in compute_const_anchors [PR 104843]
2022-03-09 16:12 ` [PATCH v2] " Xi Ruoyao
@ 2022-03-10 8:01 ` Richard Biener
2022-03-10 11:32 ` Xi Ruoyao
0 siblings, 1 reply; 6+ messages in thread
From: Richard Biener @ 2022-03-10 8:01 UTC (permalink / raw)
To: Xi Ruoyao; +Cc: GCC Patches, Richard Sandiford, Jeff Law
On Wed, Mar 9, 2022 at 5:12 PM Xi Ruoyao <xry111@mengyan1223.wang> wrote:
>
> On Wed, 2022-03-09 at 15:55 +0100, Richard Biener wrote:
>
> > isn't it better to make targetm.const_anchor unsigned?
> > The & and ~ are not subject to overflow rules.
>
> It's not enough: if n is the minimum value of HOST_WIDE_INT and
> const_anchor = 0x8000 (the value for MIPS), we'll have a signed 0x7fff
> in *upper_base. Then the next line, "*upper_offs = n - *upper_base;"
> will be a signed overflow again.
>
> How about the following?
Hmm, so all this seems to be to round CST up and down to a multiple of
CONST_ANCHOR.
It works on CONST_INT only which is sign-extended, so if there is
overflow the resulting
anchor is broken as far as I can see. So instead of papering over this issue
the function should return false when n is negative since then
n & ~(targetm.const_anchor - 1) is also not n rounded down to a
multiple of const_anchor.
But of course I know nothing about this ..
Richard.
> -- >8 --
>
> With a non-zero const_anchor, the behavior of this function relied on
> signed overflow.
>
> gcc/
>
> PR rtl-optimization/104843
> * cse.cc (compute_const_anchors): Use unsigned HOST_WIDE_INT for
> n to perform overflow arithmetics safely.
> ---
> gcc/cse.cc | 8 ++++----
> 1 file changed, 4 insertions(+), 4 deletions(-)
>
> diff --git a/gcc/cse.cc b/gcc/cse.cc
> index a18b599d324..052fa0c3490 100644
> --- a/gcc/cse.cc
> +++ b/gcc/cse.cc
> @@ -1169,12 +1169,12 @@ compute_const_anchors (rtx cst,
> HOST_WIDE_INT *lower_base, HOST_WIDE_INT *lower_offs,
> HOST_WIDE_INT *upper_base, HOST_WIDE_INT *upper_offs)
> {
> - HOST_WIDE_INT n = INTVAL (cst);
> -
> - *lower_base = n & ~(targetm.const_anchor - 1);
> - if (*lower_base == n)
> + unsigned HOST_WIDE_INT n = UINTVAL (cst);
> + unsigned HOST_WIDE_INT lb = n & ~(targetm.const_anchor - 1);
> + if (lb == n)
> return false;
>
> + *lower_base = lb;
> *upper_base =
> (n + (targetm.const_anchor - 1)) & ~(targetm.const_anchor - 1);
> *upper_offs = n - *upper_base;
> --
> 2.35.1
>
>
> >
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH v2] cse: avoid signed overflow in compute_const_anchors [PR 104843]
2022-03-10 8:01 ` Richard Biener
@ 2022-03-10 11:32 ` Xi Ruoyao
2022-03-11 11:12 ` Richard Biener
0 siblings, 1 reply; 6+ messages in thread
From: Xi Ruoyao @ 2022-03-10 11:32 UTC (permalink / raw)
To: Richard Biener; +Cc: GCC Patches, Richard Sandiford, Jeff Law
On Thu, 2022-03-10 at 09:01 +0100, Richard Biener wrote:
> On Wed, Mar 9, 2022 at 5:12 PM Xi Ruoyao <xry111@mengyan1223.wang>
> wrote:
> >
> > On Wed, 2022-03-09 at 15:55 +0100, Richard Biener wrote:
> >
> > > isn't it better to make targetm.const_anchor unsigned?
> > > The & and ~ are not subject to overflow rules.
> >
> > It's not enough: if n is the minimum value of HOST_WIDE_INT and
> > const_anchor = 0x8000 (the value for MIPS), we'll have a signed
> > 0x7fff
> > in *upper_base. Then the next line, "*upper_offs = n -
> > *upper_base;"
> > will be a signed overflow again.
> >
> > How about the following?
>
> Hmm, so all this seems to be to round CST up and down to a multiple of
> CONST_ANCHOR.
> It works on CONST_INT only which is sign-extended, so if there is
> overflow the resulting
> anchor is broken as far as I can see.
On MIPS addiu/daddiu do 2-complement addition, so the overflowed result
is still usable.
> So instead of papering over this issue
> the function should return false when n is negative since then
> n & ~(targetm.const_anchor - 1) is also not n rounded down to a
> multiple of const_anchor.
This function does work for negative n, like:
void g (int, int);
void
f (void)
{
g(0x8123ffff, 0x81240001);
}
It should produce:
li $4,-2128347136 # 0xffffffff81240000
daddiu $5,$4,1
daddiu $4,$4,-1
jal g
But return false for negative n will cause regression for this case,
producing:
li $5,-2128347136 # 0xffffffff81240000
li $4,-2128412672 # 0xffffffff81230000
ori $5,$5,0x1
ori $4,$4,0xffff
jal g
That being said, it indeed does not work for:
void g (int, int);
void f ()
{
g (0x7fffffff, 0x80000001);
}
It produces:
li $5,-2147483648 # 0xffffffff80000000
li $4,2147418112 # 0x7fff0000
daddiu $5,$5,1
ori $4,$4,0xffff
jal g
Should be:
li $5,-2147483648 # 0xffffffff80000000
daddiu $5,$5,1
addiu $4,$5,-1
> > -- >8 --
> >
> > With a non-zero const_anchor, the behavior of this function relied on
> > signed overflow.
> >
> > gcc/
> >
> > PR rtl-optimization/104843
> > * cse.cc (compute_const_anchors): Use unsigned HOST_WIDE_INT for
> > n to perform overflow arithmetics safely.
> > ---
> > gcc/cse.cc | 8 ++++----
> > 1 file changed, 4 insertions(+), 4 deletions(-)
> >
> > diff --git a/gcc/cse.cc b/gcc/cse.cc
> > index a18b599d324..052fa0c3490 100644
> > --- a/gcc/cse.cc
> > +++ b/gcc/cse.cc
> > @@ -1169,12 +1169,12 @@ compute_const_anchors (rtx cst,
> > HOST_WIDE_INT *lower_base, HOST_WIDE_INT *lower_offs,
> > HOST_WIDE_INT *upper_base, HOST_WIDE_INT *upper_offs)
> > {
> > - HOST_WIDE_INT n = INTVAL (cst);
> > -
> > - *lower_base = n & ~(targetm.const_anchor - 1);
> > - if (*lower_base == n)
> > + unsigned HOST_WIDE_INT n = UINTVAL (cst);
> > + unsigned HOST_WIDE_INT lb = n & ~(targetm.const_anchor - 1);
> > + if (lb == n)
> > return false;
> >
> > + *lower_base = lb;
> > *upper_base =
> > (n + (targetm.const_anchor - 1)) & ~(targetm.const_anchor - 1);
> > *upper_offs = n - *upper_base;
> > --
> > 2.35.1
> >
> >
> > >
--
Xi Ruoyao <xry111@mengyan1223.wang>
School of Aerospace Science and Technology, Xidian University
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH v2] cse: avoid signed overflow in compute_const_anchors [PR 104843]
2022-03-10 11:32 ` Xi Ruoyao
@ 2022-03-11 11:12 ` Richard Biener
0 siblings, 0 replies; 6+ messages in thread
From: Richard Biener @ 2022-03-11 11:12 UTC (permalink / raw)
To: Xi Ruoyao; +Cc: GCC Patches, Richard Sandiford, Jeff Law
On Thu, Mar 10, 2022 at 12:32 PM Xi Ruoyao <xry111@mengyan1223.wang> wrote:
>
> On Thu, 2022-03-10 at 09:01 +0100, Richard Biener wrote:
> > On Wed, Mar 9, 2022 at 5:12 PM Xi Ruoyao <xry111@mengyan1223.wang>
> > wrote:
> > >
> > > On Wed, 2022-03-09 at 15:55 +0100, Richard Biener wrote:
> > >
> > > > isn't it better to make targetm.const_anchor unsigned?
> > > > The & and ~ are not subject to overflow rules.
> > >
> > > It's not enough: if n is the minimum value of HOST_WIDE_INT and
> > > const_anchor = 0x8000 (the value for MIPS), we'll have a signed
> > > 0x7fff
> > > in *upper_base. Then the next line, "*upper_offs = n -
> > > *upper_base;"
> > > will be a signed overflow again.
> > >
> > > How about the following?
> >
> > Hmm, so all this seems to be to round CST up and down to a multiple of
> > CONST_ANCHOR.
> > It works on CONST_INT only which is sign-extended, so if there is
> > overflow the resulting
> > anchor is broken as far as I can see.
>
> On MIPS addiu/daddiu do 2-complement addition, so the overflowed result
> is still usable.
The issue is that what the CONST_INT actually means depends on the
mode, an "overflow" to a positive number will eventually change what
is lower and what is the upper bound(?)
> > So instead of papering over this issue
> > the function should return false when n is negative since then
> > n & ~(targetm.const_anchor - 1) is also not n rounded down to a
> > multiple of const_anchor.
>
> This function does work for negative n, like:
>
> void g (int, int);
> void
> f (void)
> {
> g(0x8123ffff, 0x81240001);
> }
>
> It should produce:
>
> li $4,-2128347136 # 0xffffffff81240000
> daddiu $5,$4,1
> daddiu $4,$4,-1
> jal g
>
> But return false for negative n will cause regression for this case,
> producing:
>
> li $5,-2128347136 # 0xffffffff81240000
> li $4,-2128412672 # 0xffffffff81230000
> ori $5,$5,0x1
> ori $4,$4,0xffff
> jal g
>
> That being said, it indeed does not work for:
>
> void g (int, int);
> void f ()
> {
> g (0x7fffffff, 0x80000001);
> }
>
> It produces:
>
> li $5,-2147483648 # 0xffffffff80000000
> li $4,2147418112 # 0x7fff0000
> daddiu $5,$5,1
> ori $4,$4,0xffff
> jal g
>
> Should be:
>
> li $5,-2147483648 # 0xffffffff80000000
> daddiu $5,$5,1
> addiu $4,$5,-1
So maybe you can figure out a fix that makes it work for this case as well.
> > > -- >8 --
> > >
> > > With a non-zero const_anchor, the behavior of this function relied on
> > > signed overflow.
> > >
> > > gcc/
> > >
> > > PR rtl-optimization/104843
> > > * cse.cc (compute_const_anchors): Use unsigned HOST_WIDE_INT for
> > > n to perform overflow arithmetics safely.
> > > ---
> > > gcc/cse.cc | 8 ++++----
> > > 1 file changed, 4 insertions(+), 4 deletions(-)
> > >
> > > diff --git a/gcc/cse.cc b/gcc/cse.cc
> > > index a18b599d324..052fa0c3490 100644
> > > --- a/gcc/cse.cc
> > > +++ b/gcc/cse.cc
> > > @@ -1169,12 +1169,12 @@ compute_const_anchors (rtx cst,
> > > HOST_WIDE_INT *lower_base, HOST_WIDE_INT *lower_offs,
> > > HOST_WIDE_INT *upper_base, HOST_WIDE_INT *upper_offs)
> > > {
> > > - HOST_WIDE_INT n = INTVAL (cst);
> > > -
> > > - *lower_base = n & ~(targetm.const_anchor - 1);
> > > - if (*lower_base == n)
> > > + unsigned HOST_WIDE_INT n = UINTVAL (cst);
> > > + unsigned HOST_WIDE_INT lb = n & ~(targetm.const_anchor - 1);
> > > + if (lb == n)
> > > return false;
> > >
> > > + *lower_base = lb;
> > > *upper_base =
> > > (n + (targetm.const_anchor - 1)) & ~(targetm.const_anchor - 1);
> > > *upper_offs = n - *upper_base;
> > > --
> > > 2.35.1
> > >
> > >
> > > >
>
> --
> Xi Ruoyao <xry111@mengyan1223.wang>
> School of Aerospace Science and Technology, Xidian University
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2022-03-11 11:12 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-03-09 11:19 [PATCH] cse: avoid signed overflow in compute_const_anchors [PR 104843] Xi Ruoyao
2022-03-09 14:55 ` Richard Biener
2022-03-09 16:12 ` [PATCH v2] " Xi Ruoyao
2022-03-10 8:01 ` Richard Biener
2022-03-10 11:32 ` Xi Ruoyao
2022-03-11 11:12 ` Richard Biener
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).