c/5593: GCC miscompiles bitshifts on unsigned struct members when creating a 64-bit value

[gandalf@winds.org]

>Number:         5593
>Category:       c
>Synopsis:       GCC miscompiles bitshifts on unsigned struct members when creating a 64-bit value
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    unassigned
>State:          open
>Class:          wrong-code
>Submitter-Id:   net
>Arrival-Date:   Tue Feb 05 11:46:01 PST 2002
>Closed-Date:
>Last-Modified:
>Originator:     gandalf@winds.org
>Release:        gcc-2.95.3, gcc-3.0.3, gcc-3.1.0 (as of 20020205)
>Organization:
>Environment:
Error occurs on both i686 (IA32) and Alpha (64-bit) environments
>Description:
Four equations in the following code attempt to leftshift the 'flags' field to
create a 64-bit 'long long' value. The function equation4() is in error,
producing a value that has the upper 32 bits set to '1' due to an unexpected
problem with signed 32-bit integers.

This problem is observed under both -O0 and -O3 optimizations.


/* Begin Code */

struct field {
  int num;
  unsigned int flags:16;
  unsigned int container:8;
  unsigned int quantity:8;
};

long long equation1(void)
{
  int num=0x1234;
  unsigned int flags=0x8000;
  unsigned int container=0;
  unsigned int quantity=0;

  return ((long long)num << 32)|
          (flags << 16)|
          (container << 8)|
          quantity;
}

long long equation2(struct field *data)
{
  return ((long long)data->num << 32)|
          (unsigned int)(data->flags << 16)|
          (data->container << 8)|
          data->quantity;
}

long long equation3(struct field *data)
{
  return ((long long)data->num << 32)|
          (data->flags << 12)|
          (data->container << 8)|
          data->quantity;
}

long long equation4(struct field *data)
{
  return ((long long)data->num << 32)|
          (data->flags << 16)|
          (data->container << 8)|
          data->quantity;
}

int main(int argc, char *argv[])
{
  struct field test={0x1234, 0x8000, 0, 0};

  printf("0x%016qx\n", equation1());
  printf("0x%016qx\n", equation2(&test));
  printf("0x%016qx\n", equation3(&test));
  printf("0x%016qx\n", equation4(&test));
}

/* End Code */


Program Output:
---------------

0x0000123480000000
0x0000123480000000
0x0000123408000000
0xffffffff80000000



Analysis:
---------

Equation4() above is the equation with the error. The other three equations are
provided as a comparison to hone-in on what the actual problem is, as per the
following descriptions:

Equation1() is different from equation 4 in that the variables being left-
shifted are local, unsigned variables declared using 'char' and 'short' instead
of being members of a structure that are all defined as 'unsigned int' with a
number-of-bits limitation (the :8 and :16).

Equation2() is different in that the expression (data->flags << 16) is prefixed
by an (unsigned int) cast.

Equation3() is different in that the data->flags field is being left-shifted by
12 instead of by 16.

Whatever the case, because 'data->flags' is an unsigned 16-bit integer, left-
shifting by 16 in a 64-bit value is erroneously being sign-extended unless
the entire shift operation is explicitly casted as unsigned.
  
---
Byron Stanoszek                         Ph: (330) 644-3059
Systems Programmer                      Fax: (330) 644-8110
Commercial Timesharing Inc.             Email: bstanoszek@comtime.com
>How-To-Repeat:

>Fix:

>Release-Note:
>Audit-Trail:
>Unformatted:
----gnatsweb-attachment----
Content-Type: application/octet-stream; name="error.c"
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename="error.c"

c3RydWN0IGZpZWxkIHsKICBpbnQgbnVtOwogIHVuc2lnbmVkIGludCBmbGFnczoxNjsKICB1bnNp
Z25lZCBpbnQgY29udGFpbmVyOjg7CiAgdW5zaWduZWQgaW50IHF1YW50aXR5Ojg7Cn07Cgpsb25n
IGxvbmcgZXF1YXRpb24xKHZvaWQpCnsKICBpbnQgbnVtPTB4MTIzNDsKICB1bnNpZ25lZCBpbnQg
ZmxhZ3M9MHg4MDAwOwogIHVuc2lnbmVkIGludCBjb250YWluZXI9MDsKICB1bnNpZ25lZCBpbnQg
cXVhbnRpdHk9MDsKCiAgcmV0dXJuICgobG9uZyBsb25nKW51bSA8PCAzMil8CiAgICAgICAgICAo
ZmxhZ3MgPDwgMTYpfAogICAgICAgICAgKGNvbnRhaW5lciA8PCA4KXwKICAgICAgICAgIHF1YW50
aXR5Owp9Cgpsb25nIGxvbmcgZXF1YXRpb24yKHN0cnVjdCBmaWVsZCAqZGF0YSkKewogIHJldHVy
biAoKGxvbmcgbG9uZylkYXRhLT5udW0gPDwgMzIpfAogICAgICAgICAgKHVuc2lnbmVkIGludCko
ZGF0YS0+ZmxhZ3MgPDwgMTYpfAogICAgICAgICAgKGRhdGEtPmNvbnRhaW5lciA8PCA4KXwKICAg
ICAgICAgIGRhdGEtPnF1YW50aXR5Owp9Cgpsb25nIGxvbmcgZXF1YXRpb24zKHN0cnVjdCBmaWVs
ZCAqZGF0YSkKewogIHJldHVybiAoKGxvbmcgbG9uZylkYXRhLT5udW0gPDwgMzIpfAogICAgICAg
ICAgKGRhdGEtPmZsYWdzIDw8IDEyKXwKICAgICAgICAgIChkYXRhLT5jb250YWluZXIgPDwgOCl8
CiAgICAgICAgICBkYXRhLT5xdWFudGl0eTsKfQoKbG9uZyBsb25nIGVxdWF0aW9uNChzdHJ1Y3Qg
ZmllbGQgKmRhdGEpCnsKICByZXR1cm4gKChsb25nIGxvbmcpZGF0YS0+bnVtIDw8IDMyKXwKICAg
ICAgICAgIChkYXRhLT5mbGFncyA8PCAxNil8CiAgICAgICAgICAoZGF0YS0+Y29udGFpbmVyIDw8
IDgpfAogICAgICAgICAgZGF0YS0+cXVhbnRpdHk7Cn0KCmludCBtYWluKGludCBhcmdjLCBjaGFy
ICphcmd2W10pCnsKICBzdHJ1Y3QgZmllbGQgdGVzdD17MHgxMjM0LCAweDgwMDAsIDAsIDB9OwoK
ICBwcmludGYoIjB4JTAxNnF4XG4iLCBlcXVhdGlvbjEoKSk7CiAgcHJpbnRmKCIweCUwMTZxeFxu
IiwgZXF1YXRpb24yKCZ0ZXN0KSk7CiAgcHJpbnRmKCIweCUwMTZxeFxuIiwgZXF1YXRpb24zKCZ0
ZXN0KSk7CiAgcHJpbnRmKCIweCUwMTZxeFxuIiwgZXF1YXRpb240KCZ0ZXN0KSk7Cn0K