https://gcc.gnu.org/bugzilla/show_bug.cgi?id=61657
Bug ID: 61657
Summary: Undefined behavior in loop-iv.c
Product: gcc
Version: 4.10.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: rtl-optimization
Assignee: unassigned at gcc dot gnu.org
Reporter: jakub at gcc dot gnu.org
CC: rakdver at gcc dot gnu.org, rguenth at gcc dot gnu.org
Seen during bootstrap-ubsan bootstrap/regtest. E.g.
./cc1 -O3 -fomit-frame-pointer -funroll-loops gcc.c-torture/compile/pr42049.c
../../gcc/loop-iv.c:2626:14: runtime error: signed integer overflow:
9223372036854775806 - -9223372036854775808 cannot be represented in type 'long
int'
../../gcc/loop-iv.c:2288:24: runtime error: signed integer overflow:
9223372036854775807 - -9223372036854775808 cannot be represented in type 'long
int'
but seen also during the bootstrap itself.
E.g. on line 2626:
inc = INTVAL (iv0.step) - INTVAL (iv1.step);
if (CONST_INT_P (iv1.base))
up = INTVAL (iv1.base);
else
up = INTVAL (mode_mmax) - inc;
down = INTVAL (CONST_INT_P (iv0.base)
? iv0.base
: mode_mmin);
max = (up - down) / inc + 1;
inc is 1, both iv0.base and iv1.base are non-CONST_INT and thus up is
0x7ffffffffffffffeLL and down is 0x8000000000000000LL (-LONG_MIN).
The subtraction and division surely can be performed in UHWI, or perhaps
widest_int, just not sure what is the right thing if there is any overflow or
if max is negative in the end - shall we just not record the bound at all?
