Bug 90242 - [UBSAN]: in vn_reference_compute_hash
Summary: [UBSAN]: in vn_reference_compute_hash
Status: UNCONFIRMED
Alias: None
Product: gcc
Classification: Unclassified
Component: tree-optimization (show other bugs)
Version: 9.0
: P3 normal
Target Milestone: ---
Assignee: Not yet assigned to anyone
URL:
Keywords:
Depends on:
Blocks: ubsan
  Show dependency treegraph
 
Reported: 2019-04-25 08:00 UTC by David Binderman
Modified: 2019-04-26 07:33 UTC (History)
2 users (show)

See Also:
Host:
Target:
Build:
Known to work:
Known to fail:
Last reconfirmed:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description David Binderman 2019-04-25 08:00:31 UTC 
Following on from PR 85164, where I tried a UBSAN version
of gcc trunk over the testsuite, for file 
./c-c++-common/Warray-bounds.c, with flags -g -O3 -march=native -Wall, I got

../../trunk/gcc/poly-int.h:715:21: runtime error: signed integer overflow: 9223372036854775804 + 4 cannot be represented in type 'long int'
    #0 0x318ecb2 in poly_int<1u, long>& poly_int<1u, long>::operator+=<long>(poly_int_pod<1u, long> const&) ../../trunk/gcc/poly-int.h:715
    #1 0x318ecb2 in vn_reference_compute_hash ../../trunk/gcc/tree-ssa-sccvn.c:657
    #2 0x31b26b5 in vn_reference_lookup(tree_node*, tree_node*, vn_lookup_kind, vn_reference_s**, bool) ../../trunk/gcc/tree-ssa-sccvn.c:2714
    #3 0x31ea070 in visit_reference_op_load ../../trunk/gcc/tree-ssa-sccvn.c:4091
    #4 0x31ea070 in visit_stmt ../../trunk/gcc/tree-ssa-sccvn.c:4509
    #5 0x31efef6 in process_bb ../../trunk/gcc/tree-ssa-sccvn.c:6130
    #6 0x31f9fb0 in do_rpo_vn ../../trunk/gcc/tree-ssa-sccvn.c:6625
Comment 1 David Binderman 2019-04-25 08:55:42 UTC 
Only flag -O2 required.
Comment 2 Richard Biener 2019-04-25 12:04:35 UTC 
signed offset vs. unsigned size, but on "invalid" input (too large object).
Comment 3 Vittorio Zecca 2019-04-26 07:33:05 UTC 
On this input file I got this one and two more undefined


~/local/gcc-270309-undefined/bin/gcc c-c++-common/Warray-bounds.c -S -O
../../gcc/gcc/poly-int.h:715:21: runtime error: signed integer overflow: 9223372036854775804 + 4 cannot be represented in type 'long int'
../../gcc/gcc/poly-int.h:753:21: runtime error: signed integer overflow: -9223372036854775807 * 8 cannot be represented in type 'long int'
../../gcc/gcc/cse.c:2215:34: runtime error: signed integer overflow: 0 - -9223372036854775808 cannot be represented in type 'long int'

Optimization -O would do.