[Bug tree-optimization/82491] UBSAN in gcc/gimple-fold.c:6187:6: runtime error: signed integer overflow: 9223372036854775807 * 8 cannot be represented in type 'long int'
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=82491 Martin Liška changed: What|Removed |Added Status|ASSIGNED|RESOLVED Resolution|--- |FIXED --- Comment #11 from Martin Liška --- Fixed.
[Bug tree-optimization/82491] UBSAN in gcc/gimple-fold.c:6187:6: runtime error: signed integer overflow: 9223372036854775807 * 8 cannot be represented in type 'long int'
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=82491 --- Comment #10 from Martin Liška --- Author: marxin Date: Tue Apr 3 13:43:22 2018 New Revision: 259030 URL: https://gcc.gnu.org/viewcvs?rev=259030&root=gcc&view=rev Log: Remove UBSAN in dwarf2out.c (PR tree-optimization/82491). 2018-04-03 Martin Liska PR tree-optimization/82491 * rtl.h (strip_offset_and_add): Replace += suboffset with poly_uint64 () + suboffset. Modified: trunk/gcc/ChangeLog trunk/gcc/rtl.h
[Bug tree-optimization/82491] UBSAN in gcc/gimple-fold.c:6187:6: runtime error: signed integer overflow: 9223372036854775807 * 8 cannot be represented in type 'long int'
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=82491 --- Comment #9 from rsandifo at gcc dot gnu.org --- (In reply to Martin Liška from comment #8) > (In reply to Jakub Jelinek from comment #7) > > Dunno, either perform the calculation in poly_uint64 instead and then cast > > to poly_int64, or don't do it at all if there is overflow. > > Richard, may I ask you please one more time for poly_int hint how to write > overflow checking? What Jakub said about using poly_uint64 for the calculations sounds right in this context. CONST_INTs (and thus CONST_INT offsets) aren't inherently signed or unsigned.
[Bug tree-optimization/82491] UBSAN in gcc/gimple-fold.c:6187:6: runtime error: signed integer overflow: 9223372036854775807 * 8 cannot be represented in type 'long int'
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=82491
--- Comment #8 from Martin Liška ---
(In reply to Jakub Jelinek from comment #7)
> (In reply to Martin Liška from comment #5)
> > Thanks Richard!
> >
> > Now I still see the other issue in dwarf2out:
> >
> > Breakpoint 1, based_loc_descr (reg=0x751183a8, offset=...,
> > initialized=VAR_INIT_STATUS_INITIALIZED) at ../../gcc/dwarf2out.c:14170
> > warning: Source file is more recent than executable.
> > 14170 elim = strip_offset_and_add (elim, &offset);
> > (gdb) c
> > Continuing.
> > ../../gcc/poly-int.h:414:21: runtime error: signed integer overflow:
> > 9223372036854775789 + 48 cannot be represented in type 'long int'
> > #0 0xaa9c75 in poly_int_pod<1u, long>& poly_int_pod<1u,
> > long>::operator+=(poly_int_pod<1u, long> const&)
> > ../../gcc/poly-int.h:414
> > #1 0xaa9266 in strip_offset_and_add(rtx_def*, poly_int_pod<1u, long>*)
> > ../../gcc/rtl.h:4340
> > #2 0xd4f022 in based_loc_descr ../../gcc/dwarf2out.c:14170
> > #3 0xd5da4c in mem_loc_descriptor(rtx_def*, machine_mode, machine_mode,
> > var_init_status) ../../gcc/dwarf2out.c:15643
> > #4 0xd65a2a in loc_descriptor ../../gcc/dwarf2out.c:16616
> > ...
> >
> > (gdb) p debug_rtx(elim)
> > (plus:DI (reg/f:DI 7 sp)
> > (const_int 48 [0x30]))
> > $2 = void
> > (gdb) p offset
> > $3 = {> = {coeffs = {9223372036854775789}}, > fields>}
> >
> > Is it Jakub something we should handle? Do you have a suggestion how to do
> > that?
>
> Dunno, either perform the calculation in poly_uint64 instead and then cast
> to poly_int64, or don't do it at all if there is overflow.
Richard, may I ask you please one more time for poly_int hint how to write
overflow checking?
[Bug tree-optimization/82491] UBSAN in gcc/gimple-fold.c:6187:6: runtime error: signed integer overflow: 9223372036854775807 * 8 cannot be represented in type 'long int'
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=82491
--- Comment #7 from Jakub Jelinek ---
(In reply to Martin Liška from comment #5)
> Thanks Richard!
>
> Now I still see the other issue in dwarf2out:
>
> Breakpoint 1, based_loc_descr (reg=0x751183a8, offset=...,
> initialized=VAR_INIT_STATUS_INITIALIZED) at ../../gcc/dwarf2out.c:14170
> warning: Source file is more recent than executable.
> 14170 elim = strip_offset_and_add (elim, &offset);
> (gdb) c
> Continuing.
> ../../gcc/poly-int.h:414:21: runtime error: signed integer overflow:
> 9223372036854775789 + 48 cannot be represented in type 'long int'
> #0 0xaa9c75 in poly_int_pod<1u, long>& poly_int_pod<1u,
> long>::operator+=(poly_int_pod<1u, long> const&)
> ../../gcc/poly-int.h:414
> #1 0xaa9266 in strip_offset_and_add(rtx_def*, poly_int_pod<1u, long>*)
> ../../gcc/rtl.h:4340
> #2 0xd4f022 in based_loc_descr ../../gcc/dwarf2out.c:14170
> #3 0xd5da4c in mem_loc_descriptor(rtx_def*, machine_mode, machine_mode,
> var_init_status) ../../gcc/dwarf2out.c:15643
> #4 0xd65a2a in loc_descriptor ../../gcc/dwarf2out.c:16616
> ...
>
> (gdb) p debug_rtx(elim)
> (plus:DI (reg/f:DI 7 sp)
> (const_int 48 [0x30]))
> $2 = void
> (gdb) p offset
> $3 = {> = {coeffs = {9223372036854775789}}, fields>}
>
> Is it Jakub something we should handle? Do you have a suggestion how to do
> that?
Dunno, either perform the calculation in poly_uint64 instead and then cast to
poly_int64, or don't do it at all if there is overflow.
[Bug tree-optimization/82491] UBSAN in gcc/gimple-fold.c:6187:6: runtime error: signed integer overflow: 9223372036854775807 * 8 cannot be represented in type 'long int'
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=82491 --- Comment #6 from Martin Liška --- Author: marxin Date: Mon Feb 19 18:29:52 2018 New Revision: 257816 URL: https://gcc.gnu.org/viewcvs?rev=257816&root=gcc&view=rev Log: Fix ubsan in gimple-fold.c (PR tree-optimization/82491). 2018-02-19 Martin Liska Richard Sandiford PR tree-optimization/82491 * gimple-fold.c (get_base_constructor): Make earlier bail out to prevent ubsan. Modified: trunk/gcc/ChangeLog trunk/gcc/gimple-fold.c
[Bug tree-optimization/82491] UBSAN in gcc/gimple-fold.c:6187:6: runtime error: signed integer overflow: 9223372036854775807 * 8 cannot be represented in type 'long int'
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=82491 Martin Liška changed: What|Removed |Added Target Milestone|--- |8.0
[Bug tree-optimization/82491] UBSAN in gcc/gimple-fold.c:6187:6: runtime error: signed integer overflow: 9223372036854775807 * 8 cannot be represented in type 'long int'
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=82491
Martin Liška changed:
What|Removed |Added
CC||jakub at gcc dot gnu.org
--- Comment #5 from Martin Liška ---
Thanks Richard!
Now I still see the other issue in dwarf2out:
Breakpoint 1, based_loc_descr (reg=0x751183a8, offset=...,
initialized=VAR_INIT_STATUS_INITIALIZED) at ../../gcc/dwarf2out.c:14170
warning: Source file is more recent than executable.
14170 elim = strip_offset_and_add (elim, &offset);
(gdb) c
Continuing.
../../gcc/poly-int.h:414:21: runtime error: signed integer overflow:
9223372036854775789 + 48 cannot be represented in type 'long int'
#0 0xaa9c75 in poly_int_pod<1u, long>& poly_int_pod<1u,
long>::operator+=(poly_int_pod<1u, long> const&) ../../gcc/poly-int.h:414
#1 0xaa9266 in strip_offset_and_add(rtx_def*, poly_int_pod<1u, long>*)
../../gcc/rtl.h:4340
#2 0xd4f022 in based_loc_descr ../../gcc/dwarf2out.c:14170
#3 0xd5da4c in mem_loc_descriptor(rtx_def*, machine_mode, machine_mode,
var_init_status) ../../gcc/dwarf2out.c:15643
#4 0xd65a2a in loc_descriptor ../../gcc/dwarf2out.c:16616
...
(gdb) p debug_rtx(elim)
(plus:DI (reg/f:DI 7 sp)
(const_int 48 [0x30]))
$2 = void
(gdb) p offset
$3 = {> = {coeffs = {9223372036854775789}}, }
Is it Jakub something we should handle? Do you have a suggestion how to do
that?
[Bug tree-optimization/82491] UBSAN in gcc/gimple-fold.c:6187:6: runtime error: signed integer overflow: 9223372036854775807 * 8 cannot be represented in type 'long int'
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=82491 rsandifo at gcc dot gnu.org changed: What|Removed |Added CC||rsandifo at gcc dot gnu.org --- Comment #4 from rsandifo at gcc dot gnu.org --- (In reply to Martin Liška from comment #3) > I haven't finished that before poly-int went it. > May I please ask Richard Sandiford to help me with the version of the patch > after we have poly-int in trunk? The poly_int version of the comment #1 code would be something like: poly_offset_int boff = *bit_offset + mem_ref_offset (base) * BITS_PER_UNIT; if (!boff.to_shwi (bit_offset)) return NULL_TREE;
[Bug tree-optimization/82491] UBSAN in gcc/gimple-fold.c:6187:6: runtime error: signed integer overflow: 9223372036854775807 * 8 cannot be represented in type 'long int'
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=82491 Martin Liška changed: What|Removed |Added CC||rdsandiford at googlemail dot com --- Comment #3 from Martin Liška --- I haven't finished that before poly-int went it. May I please ask Richard Sandiford to help me with the version of the patch after we have poly-int in trunk?
[Bug tree-optimization/82491] UBSAN in gcc/gimple-fold.c:6187:6: runtime error: signed integer overflow: 9223372036854775807 * 8 cannot be represented in type 'long int'
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=82491 Martin Liška changed: What|Removed |Added Status|UNCONFIRMED |ASSIGNED Last reconfirmed||2017-12-19 Assignee|unassigned at gcc dot gnu.org |marxin at gcc dot gnu.org Ever confirmed|0 |1 --- Comment #2 from Martin Liška --- Let me take it. I'll prepare patch.
[Bug tree-optimization/82491] UBSAN in gcc/gimple-fold.c:6187:6: runtime error: signed integer overflow: 9223372036854775807 * 8 cannot be represented in type 'long int'
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=82491
--- Comment #1 from Richard Biener ---
if (!integer_zerop (TREE_OPERAND (base, 1)))
{
if (!tree_fits_shwi_p (TREE_OPERAND (base, 1)))
return NULL_TREE;
the above check isn't enough to catch overflow below.
*bit_offset += (mem_ref_offset (base).to_short_addr ()
* BITS_PER_UNIT);
I suppose doing
offset_int boff = *bit_offset + mem_ref_offset (base) * BITS_PER_UNIT;
if (boff.fits_shwi_p ())
*bit_offset = boff.to_short_addr ();
else
return NULL_TREE;
would work.
