[Bug tree-optimization/111738] incorrect code when PGO is enabled

pinskia at gcc dot gnu.org via Gcc-bugs Wed, 18 Oct 2023 18:26:22 -0700

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=111738


Andrew Pinski <pinskia at gcc dot gnu.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
         Resolution|---                         |INVALID
             Status|UNCONFIRMED                 |RESOLVED

--- Comment #4 from Andrew Pinski <pinskia at gcc dot gnu.org> ---
=================================================================
==1==ERROR: AddressSanitizer: global-buffer-overflow on address 0x0000004043e0
at pc 0x0000004012a3 bp 0x7ffd3315e4b0 sp 0x7ffd3315e4a8
WRITE of size 8 at 0x0000004043e0 thread T0
    #0 0x4012a2 in i (/app/output.s+0x4012a2) (BuildId:
4eb338bebafc71b3519003fd1b76487cfb8fb27b)
    #1 0x4011c3 in h (/app/output.s+0x4011c3) (BuildId:
4eb338bebafc71b3519003fd1b76487cfb8fb27b)
    #2 0x40146f in main (/app/output.s+0x40146f) (BuildId:
4eb338bebafc71b3519003fd1b76487cfb8fb27b)
    #3 0x7f28b75e2082 in __libc_start_main
(/lib/x86_64-linux-gnu/libc.so.6+0x24082) (BuildId:
1878e6b475720c7c51969e69ab2d276fae6d1dee)
    #4 0x4010fd in _start (/app/output.s+0x4010fd) (BuildId:
4eb338bebafc71b3519003fd1b76487cfb8fb27b)

0x0000004043e4 is located 0 bytes after global variable 'b' defined in
'/app/example.cpp:1:8' (0x4043e0) of size 4
SUMMARY: AddressSanitizer: global-buffer-overflow (/app/output.s+0x4012a2)
(BuildId: 4eb338bebafc71b3519003fd1b76487cfb8fb27b) in i
Shadow bytes around the buggy address:
  0x000000404100: 00 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 00 00 00 00
  0x000000404180: 00 00 00 00 00 00 00 00 f9 f9 f9 f9 f9 f9 f9 f9
  0x000000404200: f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9
  0x000000404280: f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9
  0x000000404300: f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9
=>0x000000404380: f9 f9 f9 f9 f9 f9 f9 f9 00 00 00 00[04]f9 f9 f9
  0x000000404400: f9 f9 f9 f9 04 f9 f9 f9 f9 f9 f9 f9 04 f9 f9 f9
  0x000000404480: f9 f9 f9 f9 04 f9 f9 f9 f9 f9 f9 f9 00 00 00 00
  0x000000404500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x000000404580: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x000000404600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Shadow byte legend (one shadow byte represents 8 application bytes):
  Addressable:           00
  Partially addressable: 01 02 03 04 05 06 07 
  Heap left redzone:       fa
  Freed heap region:       fd
  Stack left redzone:      f1
  Stack mid redzone:       f2
  Stack right redzone:     f3
  Stack after return:      f5
  Stack use after scope:   f8
  Global redzone:          f9
  Global init order:       f6
  Poisoned by user:        f7
  Container overflow:      fc
  Array cookie:            ac
  Intra object redzone:    bb
  ASan internal:           fe
  Left alloca redzone:     ca
  Right alloca redzone:    cb
==1==ABORTING


In this case:
```
**c = &b;
```
...
  int **k = &b;
  *k = &j;
  *g |= **c;
```

Basically once I fixed the size issue (or use -m32) there is profile
difference.

[Bug tree-optimization/111738] incorrect code when PGO is enabled

Reply via email to