$ ../results.265631.ubsan/bin/gcc -c -O3 bug472.c ../../trunk/gcc/gimple-ssa-store-merging.c:281:12: runtime error: shift exponent 64 is too large for 64-bit type 'long unsigned int' $ For this C code: typedef a; *b; c; d() { a e, f = 8 + 8; e = 0; for (; e < f; ++e) b[e] = c >> e * 8; } The bug seems to be sometime before revision 264725.
svn blame says 254947 jakub n->n >>= count;
Cleaned up: int c; void foo (int *b) { int e; for (e = 0; e < 16; ++e) b[e] = c >> e * 8; } The testcase with UB in it if the function is ever called has the loop unrolled by cunroll and we end up with out of bound shifts. Store-merging should just punt in that case.
Created attachment 44935 [details] gcc9-pr87826.patch Untested fix.
Author: jakub Date: Thu Nov 1 12:31:45 2018 New Revision: 265720 URL: https://gcc.gnu.org/viewcvs?rev=265720&root=gcc&view=rev Log: PR tree-optimization/87826 * gimple-ssa-store-merging.c (do_shift_rotate): Punt if count is negative or larger or equal to type's precision. * gcc.dg/pr87826.c: New test. Added: trunk/gcc/testsuite/gcc.dg/pr87826.c Modified: trunk/gcc/ChangeLog trunk/gcc/gimple-ssa-store-merging.c trunk/gcc/testsuite/ChangeLog
Jakub: Can you please update Known to work/fail?