[Bug target/100229] New: arm: UB in arm_block_set_aligned_non_vect (shift exponent 32 is too large for 32-bit type)

acoplan at gcc dot gnu.org gcc-bugzilla@gcc.gnu.org
Fri Apr 23 09:24:53 GMT 2021 

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=100229

            Bug ID: 100229
           Summary: arm: UB in arm_block_set_aligned_non_vect (shift
                    exponent 32 is too large for 32-bit type)
           Product: gcc
           Version: 11.0
            Status: UNCONFIRMED
          Severity: normal
          Priority: P3
         Component: target
          Assignee: unassigned at gcc dot gnu.org
          Reporter: acoplan at gcc dot gnu.org
  Target Milestone: ---

$ cat test.c
int a[1];
__attribute((always_inline)) void g(void *c, int d, int e) {
  __builtin_memset(c, d, e);
}
void f() { g(a, 0, 0); }
$ gcc/xgcc -B gcc -c test.c -ftree-ter
test.c:2:35: warning: ‘always_inline’ function might not be inlinable
[-Wattributes]
    2 | __attribute((always_inline)) void g(void *c, int d, int e) {
      |                                   ^
/data_sdb/toolchain/src/gcc/gcc/config/arm/arm.c:32358:22: runtime error: shift
exponent 32 is too large for 32-bit type 'unsigned int'
    #0 0x2427a05 in arm_block_set_aligned_non_vect(rtx_def*, unsigned long,
unsigned long, unsigned long)
(/data_sdb/toolchain/cc1s/ubsan-arm/gcc/cc1+0x2427a05)
    #1 0x2428ce6 in arm_gen_setmem(rtx_def**)
(/data_sdb/toolchain/cc1s/ubsan-arm/gcc/cc1+0x2428ce6)
    #2 0x2c32189 in gen_setmemsi(rtx_def*, rtx_def*, rtx_def*, rtx_def*)
(/data_sdb/toolchain/cc1s/ubsan-arm/gcc/cc1+0x2c32189)
    #3 0x16ddcf1 in rtx_insn* insn_gen_fn::operator()<rtx_def*, rtx_def*,
rtx_def*, rtx_def*>(rtx_def*, rtx_def*, rtx_def*, rtx_def*) const
(/data_sdb/toolchain/cc1s/ubsan-arm/gcc/cc1+0x16ddcf1)
    #4 0x16dcd35 in maybe_gen_insn(insn_code, unsigned int, expand_operand*)
(/data_sdb/toolchain/cc1s/ubsan-arm/gcc/cc1+0x16dcd35)
    #5 0x16dd513 in maybe_expand_insn(insn_code, unsigned int, expand_operand*)
(/data_sdb/toolchain/cc1s/ubsan-arm/gcc/cc1+0x16dd513)
    #6 0x10561d0 in set_storage_via_setmem(rtx_def*, rtx_def*, rtx_def*,
unsigned int, unsigned int, long, unsigned long, unsigned long, unsigned long)
(/data_sdb/toolchain/cc1s/ubsan-arm/gcc/cc1+0x10561d0)
    #7 0xc7df36 in expand_builtin_memset_args(tree_node*, tree_node*,
tree_node*, rtx_def*, machine_mode, tree_node*)
(/data_sdb/toolchain/cc1s/ubsan-arm/gcc/cc1+0xc7df36)
    #8 0xc7db6f in expand_builtin_memset(tree_node*, rtx_def*, machine_mode)
(/data_sdb/toolchain/cc1s/ubsan-arm/gcc/cc1+0xc7db6f)
    #9 0xc8ccc8 in expand_builtin(tree_node*, rtx_def*, rtx_def*, machine_mode,
int) (/data_sdb/toolchain/cc1s/ubsan-arm/gcc/cc1+0xc8ccc8)
    #10 0x108ff58 in expand_expr_real_1(tree_node*, rtx_def*, machine_mode,
expand_modifier, rtx_def**, bool)
(/data_sdb/toolchain/cc1s/ubsan-arm/gcc/cc1+0x108ff58)
    #11 0x1079c93 in expand_expr_real(tree_node*, rtx_def*, machine_mode,
expand_modifier, rtx_def**, bool)
(/data_sdb/toolchain/cc1s/ubsan-arm/gcc/cc1+0x1079c93)
    #12 0xd0c350 in expand_expr(tree_node*, rtx_def*, machine_mode,
expand_modifier) (/data_sdb/toolchain/cc1s/ubsan-arm/gcc/cc1+0xd0c350)
    #13 0xd1b56d in expand_call_stmt(gcall*)
(/data_sdb/toolchain/cc1s/ubsan-arm/gcc/cc1+0xd1b56d)
    #14 0xd211e3 in expand_gimple_stmt_1(gimple*)
(/data_sdb/toolchain/cc1s/ubsan-arm/gcc/cc1+0xd211e3)
    #15 0xd21b56 in expand_gimple_stmt(gimple*)
(/data_sdb/toolchain/cc1s/ubsan-arm/gcc/cc1+0xd21b56)
    #16 0xd32062 in expand_gimple_basic_block(basic_block_def*, bool)
(/data_sdb/toolchain/cc1s/ubsan-arm/gcc/cc1+0xd32062)
    #17 0xd35db8 in (anonymous namespace)::pass_expand::execute(function*)
(/data_sdb/toolchain/cc1s/ubsan-arm/gcc/cc1+0xd35db8)
    #18 0x17d2355 in execute_one_pass(opt_pass*)
(/data_sdb/toolchain/cc1s/ubsan-arm/gcc/cc1+0x17d2355)
    #19 0x17d2b6e in execute_pass_list_1(opt_pass*)
(/data_sdb/toolchain/cc1s/ubsan-arm/gcc/cc1+0x17d2b6e)
    #20 0x17d2c65 in execute_pass_list(function*, opt_pass*)
(/data_sdb/toolchain/cc1s/ubsan-arm/gcc/cc1+0x17d2c65)
    #21 0xdf27ac in cgraph_node::expand()
(/data_sdb/toolchain/cc1s/ubsan-arm/gcc/cc1+0xdf27ac)
    #22 0xdf3a23 in cgraph_order_sort::process()
(/data_sdb/toolchain/cc1s/ubsan-arm/gcc/cc1+0xdf3a23)
    #23 0xdf4135 in output_in_order()
(/data_sdb/toolchain/cc1s/ubsan-arm/gcc/cc1+0xdf4135)
    #24 0xdf4e01 in symbol_table::compile()
(/data_sdb/toolchain/cc1s/ubsan-arm/gcc/cc1+0xdf4e01)
    #25 0xdf55ea in symbol_table::finalize_compilation_unit()
(/data_sdb/toolchain/cc1s/ubsan-arm/gcc/cc1+0xdf55ea)
    #26 0x1ac3baa in compile_file()
(/data_sdb/toolchain/cc1s/ubsan-arm/gcc/cc1+0x1ac3baa)
    #27 0x1ac8a15 in do_compile()
(/data_sdb/toolchain/cc1s/ubsan-arm/gcc/cc1+0x1ac8a15)
    #28 0x1ac8f10 in toplev::main(int, char**)
(/data_sdb/toolchain/cc1s/ubsan-arm/gcc/cc1+0x1ac8f10)
    #29 0x36a5ee7 in main
(/data_sdb/toolchain/cc1s/ubsan-arm/gcc/cc1+0x36a5ee7)
    #30 0x7ffff5ca1bf6 in __libc_start_main
(/lib/x86_64-linux-gnu/libc.so.6+0x21bf6)
    #31 0x980249 in _start
(/data_sdb/toolchain/cc1s/ubsan-arm/gcc/cc1+0x980249)

More information about the Gcc-bugs mailing list