Bug 100229

Summary: arm: UB in arm_block_set_aligned_non_vect (shift exponent 32 is too large for 32-bit type)
Product: gcc Reporter: Alex Coplan <acoplan>
Component: targetAssignee: Not yet assigned to anyone <unassigned>
Status: UNCONFIRMED ---    
Severity: normal CC: clyon
Priority: P3    
Version: 11.0   
Target Milestone: ---   
Host: Target: arm
Build: Known to work:
Known to fail: 11.0 Last reconfirmed:
Bug Depends on:    
Bug Blocks: 63426    

Description Alex Coplan 2021-04-23 09:24:53 UTC
$ cat test.c
int a[1];
__attribute((always_inline)) void g(void *c, int d, int e) {
  __builtin_memset(c, d, e);
}
void f() { g(a, 0, 0); }
$ gcc/xgcc -B gcc -c test.c -ftree-ter
test.c:2:35: warning: ‘always_inline’ function might not be inlinable [-Wattributes]
    2 | __attribute((always_inline)) void g(void *c, int d, int e) {
      |                                   ^
/data_sdb/toolchain/src/gcc/gcc/config/arm/arm.c:32358:22: runtime error: shift exponent 32 is too large for 32-bit type 'unsigned int'
    #0 0x2427a05 in arm_block_set_aligned_non_vect(rtx_def*, unsigned long, unsigned long, unsigned long) (/data_sdb/toolchain/cc1s/ubsan-arm/gcc/cc1+0x2427a05)
    #1 0x2428ce6 in arm_gen_setmem(rtx_def**) (/data_sdb/toolchain/cc1s/ubsan-arm/gcc/cc1+0x2428ce6)
    #2 0x2c32189 in gen_setmemsi(rtx_def*, rtx_def*, rtx_def*, rtx_def*) (/data_sdb/toolchain/cc1s/ubsan-arm/gcc/cc1+0x2c32189)
    #3 0x16ddcf1 in rtx_insn* insn_gen_fn::operator()<rtx_def*, rtx_def*, rtx_def*, rtx_def*>(rtx_def*, rtx_def*, rtx_def*, rtx_def*) const (/data_sdb/toolchain/cc1s/ubsan-arm/gcc/cc1+0x16ddcf1)
    #4 0x16dcd35 in maybe_gen_insn(insn_code, unsigned int, expand_operand*) (/data_sdb/toolchain/cc1s/ubsan-arm/gcc/cc1+0x16dcd35)
    #5 0x16dd513 in maybe_expand_insn(insn_code, unsigned int, expand_operand*) (/data_sdb/toolchain/cc1s/ubsan-arm/gcc/cc1+0x16dd513)
    #6 0x10561d0 in set_storage_via_setmem(rtx_def*, rtx_def*, rtx_def*, unsigned int, unsigned int, long, unsigned long, unsigned long, unsigned long) (/data_sdb/toolchain/cc1s/ubsan-arm/gcc/cc1+0x10561d0)
    #7 0xc7df36 in expand_builtin_memset_args(tree_node*, tree_node*, tree_node*, rtx_def*, machine_mode, tree_node*) (/data_sdb/toolchain/cc1s/ubsan-arm/gcc/cc1+0xc7df36)
    #8 0xc7db6f in expand_builtin_memset(tree_node*, rtx_def*, machine_mode) (/data_sdb/toolchain/cc1s/ubsan-arm/gcc/cc1+0xc7db6f)
    #9 0xc8ccc8 in expand_builtin(tree_node*, rtx_def*, rtx_def*, machine_mode, int) (/data_sdb/toolchain/cc1s/ubsan-arm/gcc/cc1+0xc8ccc8)
    #10 0x108ff58 in expand_expr_real_1(tree_node*, rtx_def*, machine_mode, expand_modifier, rtx_def**, bool) (/data_sdb/toolchain/cc1s/ubsan-arm/gcc/cc1+0x108ff58)
    #11 0x1079c93 in expand_expr_real(tree_node*, rtx_def*, machine_mode, expand_modifier, rtx_def**, bool) (/data_sdb/toolchain/cc1s/ubsan-arm/gcc/cc1+0x1079c93)
    #12 0xd0c350 in expand_expr(tree_node*, rtx_def*, machine_mode, expand_modifier) (/data_sdb/toolchain/cc1s/ubsan-arm/gcc/cc1+0xd0c350)
    #13 0xd1b56d in expand_call_stmt(gcall*) (/data_sdb/toolchain/cc1s/ubsan-arm/gcc/cc1+0xd1b56d)
    #14 0xd211e3 in expand_gimple_stmt_1(gimple*) (/data_sdb/toolchain/cc1s/ubsan-arm/gcc/cc1+0xd211e3)
    #15 0xd21b56 in expand_gimple_stmt(gimple*) (/data_sdb/toolchain/cc1s/ubsan-arm/gcc/cc1+0xd21b56)
    #16 0xd32062 in expand_gimple_basic_block(basic_block_def*, bool) (/data_sdb/toolchain/cc1s/ubsan-arm/gcc/cc1+0xd32062)
    #17 0xd35db8 in (anonymous namespace)::pass_expand::execute(function*) (/data_sdb/toolchain/cc1s/ubsan-arm/gcc/cc1+0xd35db8)
    #18 0x17d2355 in execute_one_pass(opt_pass*) (/data_sdb/toolchain/cc1s/ubsan-arm/gcc/cc1+0x17d2355)
    #19 0x17d2b6e in execute_pass_list_1(opt_pass*) (/data_sdb/toolchain/cc1s/ubsan-arm/gcc/cc1+0x17d2b6e)
    #20 0x17d2c65 in execute_pass_list(function*, opt_pass*) (/data_sdb/toolchain/cc1s/ubsan-arm/gcc/cc1+0x17d2c65)
    #21 0xdf27ac in cgraph_node::expand() (/data_sdb/toolchain/cc1s/ubsan-arm/gcc/cc1+0xdf27ac)
    #22 0xdf3a23 in cgraph_order_sort::process() (/data_sdb/toolchain/cc1s/ubsan-arm/gcc/cc1+0xdf3a23)
    #23 0xdf4135 in output_in_order() (/data_sdb/toolchain/cc1s/ubsan-arm/gcc/cc1+0xdf4135)
    #24 0xdf4e01 in symbol_table::compile() (/data_sdb/toolchain/cc1s/ubsan-arm/gcc/cc1+0xdf4e01)
    #25 0xdf55ea in symbol_table::finalize_compilation_unit() (/data_sdb/toolchain/cc1s/ubsan-arm/gcc/cc1+0xdf55ea)
    #26 0x1ac3baa in compile_file() (/data_sdb/toolchain/cc1s/ubsan-arm/gcc/cc1+0x1ac3baa)
    #27 0x1ac8a15 in do_compile() (/data_sdb/toolchain/cc1s/ubsan-arm/gcc/cc1+0x1ac8a15)
    #28 0x1ac8f10 in toplev::main(int, char**) (/data_sdb/toolchain/cc1s/ubsan-arm/gcc/cc1+0x1ac8f10)
    #29 0x36a5ee7 in main (/data_sdb/toolchain/cc1s/ubsan-arm/gcc/cc1+0x36a5ee7)
    #30 0x7ffff5ca1bf6 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21bf6)
    #31 0x980249 in _start (/data_sdb/toolchain/cc1s/ubsan-arm/gcc/cc1+0x980249)