https://gcc.gnu.org/bugzilla/show_bug.cgi?id=125072
Bug ID: 125072
Summary: wrong code generated with counted_by on pointer +
ubsan
Product: gcc
Version: 16.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: tree-optimization
Assignee: unassigned at gcc dot gnu.org
Reporter: andres at anarazel dot de
Target Milestone: ---
Created attachment 64306
--> https://gcc.gnu.org/bugzilla/attachment.cgi?id=64306&action=edit
repro
Hi,
In postgres I tried to use counted_by on a pointer struct member and got a
spurious ubsan failure about misaligned pointers. I managed to reproduce it to
the attached.
gcc-16 -O0 -fsanitize=undefined -Wall -o ubsan_counted_by
/tmp/ubsan_counted_by.c && .others: a: 0x55b0da1a82b8, b: 0x55b0da1a82bc,
diff: 4
others: a: 0x55b0da1a82b8, b: 0x55b0da1a82bc, diff: 4
values: a: 0x55b0da1a82b0, b: 0x55b0da1a82b1, diff: 1
/tmp/ubsan_counted_by.c:23:5: runtime error: store to misaligned address
0x55b0da1a82b1 for type 'int', which requires 4 byte alignment
0x55b0da1a82b1: note: pointer points here ...
Without -fsanitize=undefined:
others: a: 0x5596bb5aa028, b: 0x5596bb5aa02c, diff: 4
values: a: 0x5596bb5aa020, b: 0x5596bb5aa024, diff: 4
The gimple clearly looks wrong:
void repro (struct AttStatsSlot * slot)
{
_2 = slot->values;
_3 = &slot->nvalues;
_1 = .ACCESS_WITH_SIZE (_2, _3, 0B, 4);
_4 = MEM <unsigned int> [(void *)slot];
_5 = (sizetype) _4;
_6 = _5 + 1;
.UBSAN_BOUNDS (0B, 1, _6);
_7 = _1 + 1;
_9 = slot->values;
_10 = &slot->nvalues;
_8 = .ACCESS_WITH_SIZE (_9, _10, 0B, 4);
something_with_two_args ("values", _8, _7);
}
Note the computation of _7 as _1 + 1.
Reproduces with yesterday's git (4765a2e3980) as well as Debian's
$ gcc-16 --version
gcc-16 (Debian 16-20260425-1) 16.0.1 20260425 (prerelease) [gcc-16
r16-8812-gd9c07462a22]
Greetings,
Andres
