Mikael Pettersson <mikpelinux at gmail dot com> changed:

           What    |Removed                     |Added
                 CC|                            |mikpelinux at gmail dot com

--- Comment #2 from Mikael Pettersson <mikpelinux at gmail dot com> ---
Created attachment 41983
simple test case

Simpler test case that will __builtin_abort () when the bug hits rather than
segfault.  Problem seems to be that

int * __attribute__((__noinline__, __noclone__))
foo(int x[])
    int k = INT_MIN;
    return &x[k - INT_MAX];

becomes the bogus code

        movabsq $-17179869180, %rax
        addq    %rdi, %rax

which returns a pointer to a large negative offset off x[], even though -fwrapv
has been passed to gcc.

The equivalent

int * __attribute__((__noinline__, __noclone__))
bar(int x[])
    return &x[INT_MIN - INT_MAX];

becomes the expected code

        leaq    4(%rdi), %rax

although gcc also emits an IMO unwarranted (since -fwrapv is present) warning

pr81785.c: In function 'bar':
pr81785.c:20:23: warning: integer overflow in expression of type 'int' results
in '1' [-Woverflow]
     return &x[INT_MIN - INT_MAX];

Affects every single gcc since 3.x on x86_64 as far as I can tell.

Reply via email to