https://gcc.gnu.org/bugzilla/show_bug.cgi?id=98269
Bug ID: 98269
Summary: gcc 6.5.0 __builtin_add_overflow() with small uint32_t
values incorrectly detects overflow
Product: gcc
Version: unknown
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: c
Assignee: unassigned at gcc dot gnu.org
Reporter: stli at linux dot ibm.com
Target Milestone: ---
Created attachment 49756
--> https://gcc.gnu.org/bugzilla/attachment.cgi?id=49756&action=edit
Build this tst-gcc-addoverflow.c with gcc 6.5.0 to see the ERROR
If build on s390x (I had no chance to test it on other architectures) with gcc
6.5.0 the attached testcase with small uint32_t input values for
__builtin_add_overflow() detects an overflow and fails:
else if (__builtin_add_overflow (previous->offset,
previous->length + 1,
¤t->offset))
{
printf ("ERROR: __builtin_add_overflow() OVERFLOWED: "
"previous->offset=%" PRIu32 " + "
"(previous->length=%" PRIu32 " + 1)"
" => current->offset=%" PRIu32 "\n",
previous->offset, previous->length, current->offset);
return EXIT_FAILURE;
}
=>
ERROR: __builtin_add_overflow() OVERFLOWED: previous->offset=7 +
(previous->length=3 + 1) => current->offset=11
I have not recognized this issue with gcc 7.1 and later.
The original issue was found if glibc is build with gcc 6.5.0:
__builtin_add_overflow is used in
<glibc>/elf/stringtable.c:stringtable_finalize()
(https://sourceware.org/git/?p=glibc.git;a=blob;f=elf/stringtable.c;h=099347d73ee70b8ffa4b4a91c493e0bba147ffa2;hb=HEAD#l185)
which leads to ldconfig failing with "String table is too large". This is
also recognizable in following glibc-tests:
FAIL: elf/tst-glibc-hwcaps-cache
FAIL: elf/tst-glibc-hwcaps-prepend-cache
FAIL: elf/tst-ldconfig-X
FAIL: elf/tst-ldconfig-bad-aux-cache
FAIL: elf/tst-ldconfig-ld_so_conf-update
FAIL: elf/tst-stringtable
Please also have a look at attached tst-gcc-addoverflow.c for some more details
from my gdb session showing the add and jump instruction.
