https://gcc.gnu.org/bugzilla/show_bug.cgi?id=97535
--- Comment #8 from CVS Commits <cvs-commit at gcc dot gnu.org> --- The releases/gcc-10 branch has been updated by Tamar Christina <tnfch...@gcc.gnu.org>: https://gcc.gnu.org/g:886964a78aa89ef3c15e69a7b4b96c55d51ea812 commit r10-9034-g886964a78aa89ef3c15e69a7b4b96c55d51ea812 Author: Tamar Christina <tamar.christ...@arm.com> Date: Tue Nov 17 10:19:20 2020 +0000 AArch64: Fix overflow in memcopy expansion on aarch64. Currently the inline memcpy expansion code for AArch64 is using a signed int to hold the number of elements to copy. When you giver give it a value larger than INT_MAX it will overflow. The overflow causes the maximum number of instructions we want to expand to check to fail since this assumes an unsigned number. This patch changes the maximum isns arithmetic to be unsigned. The type can stay 32-bits since the number of instructions we are allowed to expand to are at most 8 which is far below what you could fit in an unsigned int. note that the calculation *must* remained signed as the memcopy issues overlapping unaligned copies. This means the pointer must be moved back and so you need signed arithmetic. gcc/ChangeLog: PR target/97535 * config/aarch64/aarch64.c (aarch64_expand_cpymem): Use unsigned arithmetic in check. gcc/testsuite/ChangeLog: PR target/97535 * gcc.target/aarch64/pr97535.c: New test.
