[Bug other/59545] Signed integer overflow issues
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=59545 Martin Liška changed: What|Removed |Added Status|WAITING |RESOLVED Resolution|--- |FIXED --- Comment #16 from Martin Liška --- Then marking as fixed.
[Bug other/59545] Signed integer overflow issues
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=59545 --- Comment #15 from Marek Polacek --- I haven't run bootstrap-ubsan in a while so I don't know, but those old logs are definitely useless now. So we can close this I think.
[Bug other/59545] Signed integer overflow issues
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=59545 Martin Liška changed: What|Removed |Added Status|NEW |WAITING CC||marxin at gcc dot gnu.org --- Comment #14 from Martin Liška --- Marek and Markus can we close this. Or do you still see any of these UBSAN errors?
[Bug other/59545] Signed integer overflow issues
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=59545 Markus Trippelsdorf trippels at gcc dot gnu.org changed: What|Removed |Added CC||octoploid at yandex dot com --- Comment #13 from Markus Trippelsdorf trippels at gcc dot gnu.org --- *** Bug 57324 has been marked as a duplicate of this bug. ***
[Bug other/59545] Signed integer overflow issues
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=59545 --- Comment #12 from ian at gcc dot gnu.org ian at gcc dot gnu.org --- Author: ian Date: Fri Mar 28 05:20:48 2014 New Revision: 20 URL: http://gcc.gnu.org/viewcvs?rev=20root=gccview=rev Log: PR other/59545 compiler: Fix bogus invalid static_cast to Unary_expression. Modified: trunk/gcc/go/gofrontend/expressions.cc
[Bug other/59545] Signed integer overflow issues
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=59545 --- Comment #9 from Marek Polacek mpolacek at gcc dot gnu.org --- Author: mpolacek Date: Wed Mar 26 06:46:27 2014 New Revision: 208834 URL: http://gcc.gnu.org/viewcvs?rev=208834root=gccview=rev Log: PR other/59545 * ira-color.c (update_conflict_hard_regno_costs): Perform the multiplication in unsigned type. Modified: trunk/gcc/ChangeLog trunk/gcc/ira-color.c
[Bug other/59545] Signed integer overflow issues
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=59545 Jakub Jelinek jakub at gcc dot gnu.org changed: What|Removed |Added CC||ian at gcc dot gnu.org --- Comment #10 from Jakub Jelinek jakub at gcc dot gnu.org --- During bootstrap-ubsan, I'm still seeing tons of: ../../gcc/go/gofrontend/expressions.cc:3652:18: runtime error: load of value 196636864, which is not a valid value for type 'Operator' and similar errors (something for Ian), plus PR60667, and in the testsuite e.g. ../../gcc/ira.c:2597:24: runtime error: signed integer overflow: -2144862208 + -62586880 cannot be represented in type 'int' ../../gcc/tree-data-ref.c:2334:38: runtime error: signed integer overflow: 1073741824 + 1073741824 cannot be represented in type 'int' ../../gcc/tree-ssa-loop-ivopts.c:4148:24: runtime error: signed integer overflow: -1 * -9223372036854775808 cannot be represented in type 'long long int' ../../libiberty/cp-demangle.c:4039:40: runtime error: variable length array bound evaluates to non-positive value 0 ../../gcc/fortran/interface.c:2667:43: runtime error: load of value 1818451807, which is not a valid value for type 'expr_t' ../../gcc/fortran/trans-array.c:2207:9: runtime error: load of value 100, which is not a valid value for type 'bool' just to name some unique ones for which I don't have a fix.
[Bug other/59545] Signed integer overflow issues
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=59545 --- Comment #11 from Jakub Jelinek jakub at gcc dot gnu.org --- Author: jakub Date: Wed Mar 26 19:32:40 2014 New Revision: 208848 URL: http://gcc.gnu.org/viewcvs?rev=208848root=gccview=rev Log: PR other/59545 * real.c (real_to_integer2): Change type of low to UHWI. Modified: trunk/gcc/ChangeLog trunk/gcc/real.c
[Bug other/59545] Signed integer overflow issues
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=59545 --- Comment #6 from Jakub Jelinek jakub at gcc dot gnu.org --- (In reply to Markus Trippelsdorf from comment #5) Thanks Jakub, it looks much better now. What is left are mostly left shifts of negative values: gcc/combine.c:11865:14: runtime error: left shift of negative value -4096 Left shifts of negative value we apparently only warn for C++11 and C++14, not for C++98 (is that because the C++98 wording is fuzzy, don't remember), and for C99 and C11 the even stronger check where for signed left shifts not only all negative values shifted up by any amount are invalid, but also positive values shifted up such that the result is negative or any bits are shifted away. Perhaps we should fix that in preparation for C++11 anyway, just trying to understand why GCC hasn't reported it. gcc/cp/error.c:448:7: runtime error: call to function pp_cxx_type_specifier_seq(cxx_pretty_printer*, tree_node*) through pointer to incorrect function type 'void (*)(c_pretty _printer *, tree_node *)' Haven't seen this error, perhaps we don't instrument it (yet)? Marek? gcc/cselib.c:1121:43: runtime error: signed integer overflow: 4224 + 9223372036854775806 cannot be represented in type 'long' gcc/cselib.c:1121:43: runtime error: signed integer overflow: 4224 + 9223372036854775807 cannot be represented in type 'long' gcc/expr.c:3986:17: runtime error: signed integer overflow: 0 - -9223372036854775808 cannot be represented in type 'long' I wonder why I haven't seen these with GCC (for clang I used some random svn snapshot and the compiler was so terribly slow and occassionally hanging that I gave up on it). What exact configuration you've used?
[Bug other/59545] Signed integer overflow issues
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=59545 --- Comment #7 from Markus Trippelsdorf trippels at gcc dot gnu.org --- (In reply to Jakub Jelinek from comment #6) (In reply to Markus Trippelsdorf from comment #5) gcc/cselib.c:1121:43: runtime error: signed integer overflow: 4224 + 9223372036854775806 cannot be represented in type 'long' gcc/cselib.c:1121:43: runtime error: signed integer overflow: 4224 + 9223372036854775807 cannot be represented in type 'long' gcc/expr.c:3986:17: runtime error: signed integer overflow: 0 - -9223372036854775808 cannot be represented in type 'long' I wonder why I haven't seen these with GCC (for clang I used some random svn snapshot and the compiler was so terribly slow and occassionally hanging that I gave up on it). What exact configuration you've used? You're right that clang is terribly slow (e.g. compiling insn-extract takes over 5 minutes on my machine). I'm using the LLVM 3.4 branch (they are close to release). Config: % CC=clang -fsanitize=undefined -fno-sanitize=bounds -w CXX=clang++ -fsanitize=undefined -fno-sanitize=bounds -w ../gcc/configure --disable-bootstrap --disable-werror --disable-multilib --enable-languages=c,c++,fortran
[Bug other/59545] Signed integer overflow issues
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=59545 Marek Polacek mpolacek at gcc dot gnu.org changed: What|Removed |Added Status|UNCONFIRMED |NEW Last reconfirmed||2013-12-20 Ever confirmed|0 |1 --- Comment #8 from Marek Polacek mpolacek at gcc dot gnu.org --- (In reply to Jakub Jelinek from comment #6) gcc/cp/error.c:448:7: runtime error: call to function pp_cxx_type_specifier_seq(cxx_pretty_printer*, tree_node*) through pointer to incorrect function type 'void (*)(c_pretty _printer *, tree_node *)' Haven't seen this error, perhaps we don't instrument it (yet)? Marek? Yeah, we don't instrument this at all.
[Bug other/59545] Signed integer overflow issues
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=59545 Jakub Jelinek jakub at gcc dot gnu.org changed: What|Removed |Added CC||jakub at gcc dot gnu.org --- Comment #2 from Jakub Jelinek jakub at gcc dot gnu.org --- Perhaps it would be nice to compare on the same codebase what clang and gcc catch (it would have to be --disable-bootstrap build and start with separately built same version of gcc, installed into some temp directory and just use -fsanitize=undefined in stage1 flags (or wrap both compilers)?)
[Bug other/59545] Signed integer overflow issues
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=59545 Markus Trippelsdorf trippels at gcc dot gnu.org changed: What|Removed |Added CC||trippels at gcc dot gnu.org --- Comment #3 from Markus Trippelsdorf trippels at gcc dot gnu.org --- FWIW here's the list issues clang catches on r206105: gcc/combine.c:11867:14: runtime error: left shift of negative value -4096 gcc/config/i386/i386.c:21805:37: runtime error: left shift of negative value -1073807360 gcc/config/i386/i386.c:21805:37: runtime error: left shift of negative value -65537 gcc/config/i386/i386.c:21805:44: runtime error: left shift of negative value -140739635838976 gcc/config/i386/i386.c:21805:44: runtime error: left shift of negative value -2305983746702049280 gcc/cp/error.c:448:7: runtime error: call to function pp_cxx_type_specifier_seq(cxx_pretty_printer*, tree_node*) through pointer to incorrect function type 'void (*)(c_pretty _printer *, tree_node *)' gcc/cselib.c:1121:43: runtime error: signed integer overflow: 4224 + 9223372036854775807 cannot be represented in type 'long' gcc/dce.c:278:16: runtime error: left shift of negative value -1 gcc/double-int.c:141:13: runtime error: negation of -9223372036854775808 cannot be represented in type 'long'; cast to an unsigned type to negate this value to itself gcc/dwarf2out.c:11516:61: runtime error: left shift of negative value -1 gcc/dwarf2out.c:11531:54: runtime error: left shift of negative value -1 gcc/expmed.c:2986:15: runtime error: left shift of negative value -1 gcc/expr.c:3986:17: runtime error: signed integer overflow: 0 - -9223372036854775808 cannot be represented in type 'long' gcc/genattrtab.c:622:27: runtime error: signed integer overflow: 4568797 * 613 cannot be represented in type 'int' gcc/genautomata.c:3497:23: runtime error: shift exponent 64 is too large for 64-bit type 'set_el_t' (aka 'unsigned long') gcc/ggc-common.c:133:7: runtime error: call to function gt_ggc_m_S(void const*) through pointer to incorrect function type 'void (*)(void *)' gcc/ggc-common.c:501:2: runtime error: call to function gt_pch_n_S(void const*) through pointer to incorrect function type 'void (*)(void *)' gcc/haifa-sched.c:1160:24: runtime error: left shift of negative value -1 gcc/haifa-sched.c:1423:26: runtime error: left shift of negative value -1 gcc/ipa-split.c:1051:20: runtime error: load of value 100, which is not a valid value for type 'bool' gcc/ipa-split.c:1051:20: runtime error: load of value 108, which is not a valid value for type 'bool' gcc/ipa-split.c:1051:20: runtime error: load of value 116, which is not a valid value for type 'bool' gcc/ipa-split.c:1051:20: runtime error: load of value 124, which is not a valid value for type 'bool' gcc/ipa-split.c:1051:20: runtime error: load of value 12, which is not a valid value for type 'bool' gcc/ipa-split.c:1051:20: runtime error: load of value 132, which is not a valid value for type 'bool' gcc/ipa-split.c:1051:20: runtime error: load of value 140, which is not a valid value for type 'bool' gcc/ipa-split.c:1051:20: runtime error: load of value 156, which is not a valid value for type 'bool' gcc/ipa-split.c:1051:20: runtime error: load of value 164, which is not a valid value for type 'bool' gcc/ipa-split.c:1051:20: runtime error: load of value 172, which is not a valid value for type 'bool' gcc/ipa-split.c:1051:20: runtime error: load of value 188, which is not a valid value for type 'bool' gcc/ipa-split.c:1051:20: runtime error: load of value 196, which is not a valid value for type 'bool' gcc/ipa-split.c:1051:20: runtime error: load of value 204, which is not a valid value for type 'bool' gcc/ipa-split.c:1051:20: runtime error: load of value 20, which is not a valid value for type 'bool' gcc/ipa-split.c:1051:20: runtime error: load of value 212, which is not a valid value for type 'bool' gcc/ipa-split.c:1051:20: runtime error: load of value 220, which is not a valid value for type 'bool' gcc/ipa-split.c:1051:20: runtime error: load of value 224, which is not a valid value for type 'bool' gcc/ipa-split.c:1051:20: runtime error: load of value 228, which is not a valid value for type 'bool' gcc/ipa-split.c:1051:20: runtime error: load of value 236, which is not a valid value for type 'bool' gcc/ipa-split.c:1051:20: runtime error: load of value 244, which is not a valid value for type 'bool' gcc/ipa-split.c:1051:20: runtime error: load of value 252, which is not a valid value for type 'bool' gcc/ipa-split.c:1051:20: runtime error: load of value 28, which is not a valid value for type 'bool' gcc/ipa-split.c:1051:20: runtime error: load of value 36, which is not a valid value for type 'bool' gcc/ipa-split.c:1051:20: runtime error: load of value 44, which is not a valid value for type 'bool' gcc/ipa-split.c:1051:20: runtime error: load of value 4, which is not a valid value for type 'bool'
[Bug other/59545] Signed integer overflow issues
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=59545 --- Comment #4 from Jakub Jelinek jakub at gcc dot gnu.org --- Author: jakub Date: Thu Dec 19 21:27:51 2013 New Revision: 206134 URL: http://gcc.gnu.org/viewcvs?rev=206134root=gccview=rev Log: PR other/59545 * genattrtab.c (struct attr_hash): Change hashcode type to unsigned. (attr_hash_add_rtx, attr_hash_add_string): Change hashcode parameter to unsigned. (attr_rtx_1): Change hashcode variable to unsigned. (attr_string): Likewise. Perform first multiplication in unsigned type. * ifcvt.c (noce_try_store_flag_constants): Avoid signed integer overflows. * double-int.c (neg_double): Likewise. * stor-layout.c (set_min_and_max_values_for_integral_type): Likewise. * combine.c (force_to_mode): Likewise. * postreload.c (move2add_use_add2_insn, move2add_use_add3_insn, reload_cse_move2add, move2add_note_store): Likewise. * simplify-rtx.c (simplify_const_unary_operation, simplify_const_binary_operation): Likewise. * ipa-split.c (find_split_points): Initialize first.can_split and first.non_ssa_vars. * gengtype-state.c (read_state_files_list): Fix up check. * genautomata.c (reserv_sets_hash_value): Use portable rotation idiom. java/ * class.c (hashUtf8String): Compute hash in unsigned type. * javaop.h (WORD_TO_INT): Avoid signed integer overflow. Modified: trunk/gcc/ChangeLog trunk/gcc/combine.c trunk/gcc/double-int.c trunk/gcc/genattrtab.c trunk/gcc/genautomata.c trunk/gcc/gengtype-state.c trunk/gcc/ifcvt.c trunk/gcc/ipa-split.c trunk/gcc/java/ChangeLog trunk/gcc/java/class.c trunk/gcc/java/javaop.h trunk/gcc/postreload.c trunk/gcc/simplify-rtx.c trunk/gcc/stor-layout.c
[Bug other/59545] Signed integer overflow issues
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=59545 --- Comment #5 from Markus Trippelsdorf trippels at gcc dot gnu.org --- Thanks Jakub, it looks much better now. What is left are mostly left shifts of negative values: gcc/combine.c:11865:14: runtime error: left shift of negative value -4096 gcc/config/i386/i386.c:21800:37: runtime error: left shift of negative value -1073807360 ... (3 times with different values) gcc/cp/error.c:448:7: runtime error: call to function pp_cxx_type_specifier_seq(cxx_pretty_printer*, tree_node*) through pointer to incorrect function type 'void (*)(c_pretty _printer *, tree_node *)' gcc/cselib.c:1121:43: runtime error: signed integer overflow: 4224 + 9223372036854775806 cannot be represented in type 'long' gcc/cselib.c:1121:43: runtime error: signed integer overflow: 4224 + 9223372036854775807 cannot be represented in type 'long' gcc/dce.c:278:16: runtime error: left shift of negative value -1 gcc/dwarf2out.c:11516:61: runtime error: left shift of negative value -1 gcc/dwarf2out.c:11531:54: runtime error: left shift of negative value -1 gcc/expmed.c:2986:15: runtime error: left shift of negative value -1 gcc/expr.c:3986:17: runtime error: signed integer overflow: 0 - -9223372036854775808 cannot be represented in type 'long' gcc/ggc-common.c:133:7: runtime error: call to function gt_ggc_m_S(void const*) through pointer to incorrect function type 'void (*)(void *)' gcc/ggc-common.c:501:2: runtime error: call to function gt_pch_n_S(void const*) through pointer to incorrect function type 'void (*)(void *)' gcc/haifa-sched.c:1160:24: runtime error: left shift of negative value -1 gcc/haifa-sched.c:1423:26: runtime error: left shift of negative value -1 gcc/ira-color.c:1508:29: runtime error: signed integer overflow: -128583990 * 811 cannot be represented in type 'int' ... (13 times with different values) gcc/passes.c:1627:8: runtime error: call to function execute_pass_list(opt_pass*) through pointer to incorrect function type 'void (*)(void *)' gcc/real.c:2812:25: runtime error: left shift of negative value -1 ... (22 times with different values) gcc/recog.h:283:43: runtime error: call to function gen_pause() through pointer to incorrect function type 'rtx_def *(*)(rtx_def *)' gcc/recog.h:283:43: runtime error: call to function gen_xend() through pointer to incorrect function type 'rtx_def *(*)(rtx_def *)' gcc/sched-deps.c:110:20: runtime error: left shift of negative value -1 gcc/stor-layout.c:2539:5: runtime error: left shift of negative value -1 libcpp/files.c:675:30: runtime error: left shift of negative value -1 libcpp/symtab.c:235:6: runtime error: call to function count_defs(cpp_reader*, cpp_hashnode*, void*) through pointer to incorrect function type 'int (*)(cpp_reader *, ht_iden tifier *, const void *)' libcpp/symtab.c:235:6: runtime error: call to function save_idents(cpp_reader*, cpp_hashnode*, void*) through pointer to incorrect function type 'int (*)(cpp_reader *, ht_ide ntifier *, const void *)' libcpp/symtab.c:235:6: runtime error: call to function undefine_macros(cpp_reader*, cpp_hashnode*, void*) through pointer to incorrect function type 'int (*)(cpp_reader *, ht _identifier *, const void *)' libcpp/symtab.c:235:6: runtime error: call to function write_defs(cpp_reader*, cpp_hashnode*, void*) through pointer to incorrect function type 'int (*)(cpp_reader *, ht_iden tifier *, const void *)' libcpp/symtab.c:235:6: runtime error: call to function write_macdef(cpp_reader*, cpp_hashnode*, void*) through pointer to incorrect function type 'int (*)(cpp_reader *, ht_id entifier *, const void *)' libiberty/regex.c:6970:11: runtime error: left shift of negative value -1 libiberty/regex.c:7165:4: runtime error: left shift of negative value -1
[Bug other/59545] Signed integer overflow issues
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=59545 --- Comment #1 from Marc Glisse glisse at gcc dot gnu.org --- Dup of PR 57324? (yes, I know, gcc vs clang)
