[Bug tree-optimization/82042] signed integer overflow in ao_ref_init_from_ptr_and_size

rguenther at suse dot de gcc-bugzilla@gcc.gnu.org
Tue Sep 12 12:50:00 GMT 2017


https://gcc.gnu.org/bugzilla/show_bug.cgi?id=82042

--- Comment #3 from rguenther at suse dot de <rguenther at suse dot de> ---
On Mon, 11 Sep 2017, marxin at gcc dot gnu.org wrote:

> https://gcc.gnu.org/bugzilla/show_bug.cgi?id=82042
> 
> Martin Liška <marxin at gcc dot gnu.org> changed:
> 
>            What    |Removed                     |Added
> ----------------------------------------------------------------------------
>              Status|UNCONFIRMED                 |NEW
>    Last reconfirmed|                            |2017-09-11
>                  CC|                            |marxin at gcc dot gnu.org,
>                    |                            |rguenth at gcc dot gnu.org
>            Assignee|unassigned at gcc dot gnu.org      |marxin at gcc dot gnu.org
>      Ever confirmed|0                           |1
> 
> --- Comment #2 from Martin Liška <marxin at gcc dot gnu.org> ---
> Confirmed, I've got patch for 3/4 of ubsan errors.
> 
> The only one which is remaining is:
> 
>    679  void
>    680  ao_ref_init_from_ptr_and_size (ao_ref *ref, tree ptr, tree size)
>    681  {
>    682    HOST_WIDE_INT t, size_hwi, extra_offset = 0;
>    683    ref->ref = NULL_TREE;
>    684    if (TREE_CODE (ptr) == SSA_NAME)
>    685      {
>    686        gimple *stmt = SSA_NAME_DEF_STMT (ptr);
>    687        if (gimple_assign_single_p (stmt)
>    688            && gimple_assign_rhs_code (stmt) == ADDR_EXPR)
>    689          ptr = gimple_assign_rhs1 (stmt);
>    690        else if (is_gimple_assign (stmt)
>    691                 && gimple_assign_rhs_code (stmt) == POINTER_PLUS_EXPR
>    692                 && TREE_CODE (gimple_assign_rhs2 (stmt)) == INTEGER_CST)
>    693          {
>    694            ptr = gimple_assign_rhs1 (stmt);
>    695            extra_offset = BITS_PER_UNIT
>    696                           * int_cst_value (gimple_assign_rhs2 (stmt));
>    697          }
>    698      }
>    699  
>    700    if (TREE_CODE (ptr) == ADDR_EXPR)
>    701      {
>    702        ref->base = get_addr_base_and_unit_offset (TREE_OPERAND (ptr, 0),
> &t);
>    703        if (ref->base)
>    704          ref->offset = BITS_PER_UNIT * t;
>    705        else
> 
> Where offset should be probably offset_int type, which is not for free.
> Or do we have a special value for such case Richi?

Yeah, this is a know deficiency in ao_ref 'offset' (and also size and
maxsize).  Blowing up to offset_int isn't really a good idea.  size
and max_size have -1 as "unknown" but offset doesn't really have
such value and "failing" isn't an option for the alias machinery.

I've long thought about making ao_ref byte precision but that loses
bit-level disambiguation we get into with bitfield stores/loads so
I "postponed" that to until we (finally) get bitfield load/store 
lowering...

The issue is long-standing so I think we can just leave it that way...


More information about the Gcc-bugs mailing list