[Bug tree-optimization/91555] [9.2 regression] Optimizer bug
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91555 --- Comment #10 from Daniel Richard G. --- Okay. I'll accept that the code is dodgy. Thanks for looking into this. I'll keep in mind -fsanitize=undefined as a way of tracking down these issues in the future.
[Bug tree-optimization/91555] [9.2 regression] Optimizer bug
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91555 Andrew Pinski changed: What|Removed |Added Status|UNCONFIRMED |RESOLVED Resolution|--- |INVALID --- Comment #9 from Andrew Pinski --- t5.c:754:7: runtime error: signed integer overflow: 4611686018427387904 * 2 cannot be represented in type 'long int' This loop where the problem shows up: lo = 1; for (i = 0; i < (int) TYPE_BIT(time_t) - 1; ++i) lo *= 2; hi = -(lo + 1); Changing it to: unsigned long long lo1 = 1; for (i = 0; i < (int) TYPE_BIT(time_t) - 1; ++i) lo1 *= 2; hi = -(lo1 + 1); lo = lo1; Fixes the problem.
[Bug tree-optimization/91555] [9.2 regression] Optimizer bug
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91555 --- Comment #8 from Daniel Richard G. --- The most I could tell via strategic printf() calls is that everything appears to run correctly up until the binary search. I don't think any (unchecked) overflow is at issue, but it seems I don't have a way of instrumenting the program to check for that...
[Bug tree-optimization/91555] [9.2 regression] Optimizer bug
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91555 --- Comment #7 from Andrew Pinski --- (In reply to Daniel Richard G. from comment #6) > Unfortunately, this GCC build does not have libsanitizer, as it is on an > older (Linux) system without the necessary system headers. > > $ gcc -O2 -fsanitize=undefined gcc9-opt-bug.c -o bug > /usr/bin/ld: cannot find -lubsan > collect2: error: ld returned 1 exit status > > (I get a similar error on the Solaris system.) > > Are you able to reproduce the -O1/-O2 split in behavior? Well -O2 enables VPR which is known to expose undefined signed integer overflow issues. This is why it might only be exposed at -O2 and above.
[Bug tree-optimization/91555] [9.2 regression] Optimizer bug
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91555 --- Comment #6 from Daniel Richard G. --- Unfortunately, this GCC build does not have libsanitizer, as it is on an older (Linux) system without the necessary system headers. $ gcc -O2 -fsanitize=undefined gcc9-opt-bug.c -o bug /usr/bin/ld: cannot find -lubsan collect2: error: ld returned 1 exit status (I get a similar error on the Solaris system.) Are you able to reproduce the -O1/-O2 split in behavior?
[Bug tree-optimization/91555] [9.2 regression] Optimizer bug
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91555 --- Comment #5 from Andrew Pinski --- Also does -fsanitize=undefined print anything at runtime? If so there is no bug with GCC.
[Bug tree-optimization/91555] [9.2 regression] Optimizer bug
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91555 --- Comment #4 from Daniel Richard G. --- Yes, that is the case: $ gcc -O2 gcc9-opt-bug.c -o bug $ ./bug WRONG 13 result: t = 18446744073709551615 (wrong) $ gcc -O2 -fwrapv gcc9-opt-bug.c -o bug $ ./bug result: t = 1009489458 (correct)
[Bug tree-optimization/91555] [9.2 regression] Optimizer bug
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91555 Andrew Pinski changed: What|Removed |Added Status|RESOLVED|UNCONFIRMED Resolution|INVALID |--- --- Comment #3 from Andrew Pinski --- Does adding -fwrapv cause the behavior to be different?
[Bug tree-optimization/91555] [9.2 regression] Optimizer bug
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91555 Daniel Richard G. changed: What|Removed |Added Attachment #46761|0 |1 is obsolete|| --- Comment #2 from Daniel Richard G. --- Created attachment 46762 --> https://gcc.gnu.org/bugzilla/attachment.cgi?id=46762=edit Revised version of test program Hi Andrew, I revised the test program with the current version of those two functions. The erroneous behavior w.r.t. optimization is unchanged. >From what poking around I could do, the problem appears to occur in the binary search in time2sub(), which is why making the lo/hi variables volatile appears to straighten things out.
[Bug tree-optimization/91555] [9.2 regression] Optimizer bug
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91555
Andrew Pinski changed:
What|Removed |Added
Status|UNCONFIRMED |RESOLVED
Resolution|--- |INVALID
--- Comment #1 from Andrew Pinski ---
static int
increment_overflow(int *number, int delta)
{
int number0;
number0 = *number;
*number += delta;
return (*number < number0) != (delta < 0);
}
static int
long_increment_overflow(long *number, int delta)
{
longnumber0;
number0 = *number;
*number += delta;
return (*number < number0) != (delta < 0);
}
These all have undefined behavior with respect to signed overflow.
You either need to use unsigned types to do the addition and then see if there
was an overflow or you need to check for the overflow before it happens.
The latest code (from
https://github.com/epam/libdt/blob/master/src/unix/libtz/libtz.c at least) has:
static int
long_increment_overflow(lp, m)
long *constlp;
int const m;
{
register long const l = *lp;
if ((l >= 0) ? (m > LONG_MAX - l) : (m < LONG_MIN - l)) {
return TRUE;
}
*lp += m;
return FALSE;
}
