[Bug c/38942] New: possible integer codegen error

Thu, 22 Jan 2009 19:25:08 -0800 

Seen using r143582 on Ubuntu Hardy.  I'm pretty sure this is a miscompilation
at -O2.

The safe_* macros are basically just macroizations of safe math functions from
here:

https://www.securecoding.cert.org/confluence/display/seccode/INT32-C.+Ensure+that+operations+on+signed+integers+do+not+result+in+overflow

reg...@john-home:~/volatile/tmp127$ current-gcc -O1 small.c -o small
reg...@john-home:~/volatile/tmp127$ ./small
reg...@john-home:~/volatile/tmp127$ current-gcc -O2 small.c -o small
reg...@john-home:~/volatile/tmp127$ ./small
small: small.c:29: func_31: Assertion `0' failed.
Aborted
reg...@john-home:~/volatile/tmp127$ current-gcc -v
Using built-in specs.
Target: i686-pc-linux-gnu
Configured with: ../configure --prefix=/home/regehr/z/tmp/gcc-r143582-install
--program-prefix=r143582- --enable-languages=c,c++
Thread model: posix
gcc version 4.4.0 20090123 (experimental) (GCC) 
reg...@john-home:~/volatile/tmp127$ cat small.c
#include <stdint.h>
#include <stdint.h>
#include <limits.h>
#include <stdio.h>
#include <assert.h>

#define safe_sub_macro_int8_t_s_s(si1,si2) \
                ((((((int8_t)(si1))^((int8_t)(si2))) \
                & (((((int8_t)(si1)) ^ ((((int8_t)(si1))^((int8_t)(si2))) \
                & (((int8_t)1) <<
(sizeof(int8_t)*CHAR_BIT-1))))-((int8_t)(si2)))^((int8_t)(si2)))) <
((int8_t)0)) \
                ? ((int8_t)(si1)) \
                : (((int8_t)(si1)) - ((int8_t)(si2))) \
                )

#define safe_add_macro_int16_t_s_s(si1,si2) \
                ((((((int16_t)(si1))>((int16_t)0)) &&
(((int16_t)(si2))>((int16_t)0)) && (((int16_t)(si1)) >
((INT16_MAX)-((int16_t)(si2))))) \
                  || ((((int16_t)(si1))<((int16_t)0)) &&
(((int16_t)(si2))<((int16_t)0)) && (((int16_t)(si1)) <
((INT16_MIN)-((int16_t)(si2)))))) \
                 ? ((int16_t)(si1)) \
                 : (((int16_t)(si1)) + ((int16_t)(si2))) \
                 ) 

uint32_t g_113;

void func_31 (uint8_t p_33)
{
  uint32_t l_40 = 0x0A6F85D5L;
  if (0 >= safe_sub_macro_int8_t_s_s (1 < p_33, safe_add_macro_int16_t_s_s
(l_40, 1))) {
  } else {
    assert (0);
  }
}

int main (void)
{
  func_31 (1);
  return 0;
}


-- 
           Summary: possible integer codegen error
           Product: gcc
           Version: unknown
            Status: UNCONFIRMED
          Severity: normal
          Priority: P3
         Component: c
        AssignedTo: unassigned at gcc dot gnu dot org
        ReportedBy: regehr at cs dot utah dot edu
 GCC build triplet: i686-pc-linux-gnu
  GCC host triplet: i686-pc-linux-gnu
GCC target triplet: i686-pc-linux-gnu


http://gcc.gnu.org/bugzilla/show_bug.cgi?id=38942

Reply via email to