[Bug c++/122540] New: [16 Regression] ubsan: "shift exponent is too large" in c++ frontend

pheeck at gcc dot gnu.org via Gcc-bugs Mon, 03 Nov 2025 05:11:34 -0800

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=122540


            Bug ID: 122540
           Summary: [16 Regression] ubsan: "shift exponent is too large"
                    in c++ frontend
           Product: gcc
           Version: 16.0
            Status: UNCONFIRMED
          Severity: normal
          Priority: P3
         Component: c++
          Assignee: unassigned at gcc dot gnu.org
          Reporter: pheeck at gcc dot gnu.org
            Blocks: 63426
  Target Milestone: ---
              Host: x86_64-linux
            Target: x86_64-linux

Ubsan-instrumented gcc reports

/home/worker/buildworker/tiber-gcc-ubsan/build/gcc/hwint.h:315:61: runtime
error: shift exponent 64 is too large for 64-bit type 'long unsigned int'
/home/worker/buildworker/tiber-gcc-ubsan/build/gcc/hwint.h:315:72: runtime
error: shift exponent 64 is too large for 64-bit type 'long int'

when run on these GCC testsuite tests:

g++.dg/parse/pr96442.C
g++.dg/cpp0x/auto9.C

This is the stacktrace (gathered using
UBSAN_OPTIONS="halt_on_error=1:abort_on_error=1:print_summary=1:print_stacktrace=1"):

    #0 0x000004808dee in sext_hwi(long, unsigned int)
/home/worker/buildworker/tiber-gcc-ubsan/build/gcc/hwint.h:315
    #1 0x000004808dee in
wi::binary_traits<generic_wide_int<wide_int_ref_storage<false, true> >,
generic_wide_int<wide_int_ref_storage<false, true> >,
wi::int_traits<generic_wide_int<wide_int_ref_storage<false, true> >
>::precision_type, wi::int_traits<generic_wide_int<wide_int_ref_storage<false,
true> > >::precision_type>::result_type
wi::sext<generic_wide_int<wide_int_ref_storage<false, true> >
>(generic_wide_int<wide_int_ref_storage<false, true> > const&, unsigned int)
/home/worker/buildworker/tiber-gcc-ubsan/build/gcc/wide-int.h:2586
    #2 0x000004808dee in poly_int<1u,
poly_result<generic_wide_int<wide_int_ref_storage<false, true> >,
generic_wide_int<wide_int_ref_storage<false, true> >,
poly_coeff_pair_traits<generic_wide_int<wide_int_ref_storage<false, true> >,
generic_wide_int<wide_int_ref_storage<false, true> > >::result_kind>::type>
wi::sext<1u, generic_wide_int<wide_int_ref_storage<false, true> >
>(poly_int<1u, generic_wide_int<wide_int_ref_storage<false, true> > > const&,
unsigned int) /home/worker/buildworker/tiber-gcc-ubsan/build/gcc/poly-int.h:750
    #3 0x000004808dee in bool wi::fits_to_tree_p<poly_int<1u,
generic_wide_int<wide_int_ref_storage<false, true> > > >(poly_int<1u,
generic_wide_int<wide_int_ref_storage<false, true> > > const&, tree_node
const*) /home/worker/buildworker/tiber-gcc-ubsan/build/gcc/tree.h:6799
    #4 0x0000047e54cb in force_fit_type(tree_node*, poly_int<1u,
generic_wide_int<wide_int_ref_storage<false, true> > > const&, int, bool)
/home/worker/buildworker/tiber-gcc-ubsan/build/gcc/tree.cc:1698
    #5 0x00000231b102 in fold_convert_const_int_from_int
/home/worker/buildworker/tiber-gcc-ubsan/build/gcc/fold-const.cc:2198
    #6 0x00000231b102 in fold_convert_const
/home/worker/buildworker/tiber-gcc-ubsan/build/gcc/fold-const.cc:2503
    #7 0x000002350b0b in fold_convert_loc(unsigned long, tree_node*,
tree_node*)
/home/worker/buildworker/tiber-gcc-ubsan/build/gcc/fold-const.cc:2658
    #8 0x000000f28f43 in finish_enum_value_list(tree_node*)
/home/worker/buildworker/tiber-gcc-ubsan/build/gcc/cp/decl.cc:18962
    #9 0x00000144bcc4 in cp_parser_enum_specifier
/home/worker/buildworker/tiber-gcc-ubsan/build/gcc/cp/parser.cc:23118
    #10 0x0000013e7155 in cp_parser_type_specifier
/home/worker/buildworker/tiber-gcc-ubsan/build/gcc/cp/parser.cc:21356
    #11 0x0000013e7aea in cp_parser_decl_specifier_seq
/home/worker/buildworker/tiber-gcc-ubsan/build/gcc/cp/parser.cc:17974
    #12 0x000001490097 in cp_parser_simple_declaration
/home/worker/buildworker/tiber-gcc-ubsan/build/gcc/cp/parser.cc:17068
    #13 0x0000014b64e0 in cp_parser_declaration
/home/worker/buildworker/tiber-gcc-ubsan/build/gcc/cp/parser.cc:16815
    #14 0x0000014bae74 in cp_parser_translation_unit
/home/worker/buildworker/tiber-gcc-ubsan/build/gcc/cp/parser.cc:5506
    #15 0x0000014bae74 in c_parse_file()
/home/worker/buildworker/tiber-gcc-ubsan/build/gcc/cp/parser.cc:55310
    #16 0x0000019ce019 in c_common_parse_file()
/home/worker/buildworker/tiber-gcc-ubsan/build/gcc/c-family/c-opts.cc:1418
    #17 0x0000037dfe6d in compile_file
/home/worker/buildworker/tiber-gcc-ubsan/build/gcc/toplev.cc:453
    #18 0x000000c0261e in do_compile
/home/worker/buildworker/tiber-gcc-ubsan/build/gcc/toplev.cc:2222
    #19 0x000000c0261e in toplev::main(int, char**)
/home/worker/buildworker/tiber-gcc-ubsan/build/gcc/toplev.cc:2385
    #20 0x000000c05f2e in main
/home/worker/buildworker/tiber-gcc-ubsan/build/gcc/main.cc:39
    #21 0x7f8f6b02b2fa in __libc_start_call_main (/lib64/libc.so.6+0x2b2fa)
(BuildId: 8523b213e7586a93ab00f6dd476418b1e521e62c)
    #22 0x7f8f6b02b3ca in __libc_start_main_impl (/lib64/libc.so.6+0x2b3ca)
(BuildId: 8523b213e7586a93ab00f6dd476418b1e521e62c)
    #23 0x000000c068a4 in _start ../sysdeps/x86_64/start.S:115

I've looked at stack frames #0-#8 and didn't find any relevant recent changes
in the corresponding source files so I believe that a change in the c++
frontend must have caused this.

This started happening between
r16-4694-ge6322a6c9ac6e3
r16-4923-gac3eeb987ad049


Compiler configured with
configure --enable-languages=default,jit,lto,go,d --enable-host-shared
--enable-checking=release --disable-multilib
--with-build-config=bootstrap-ubsan


Referenced Bugs:

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=63426
[Bug 63426] [meta-bug] Issues found with -fsanitize=undefined

[Bug c++/122540] New: [16 Regression] ubsan: "shift exponent is too large" in c++ frontend

Reply via email to