https://gcc.gnu.org/bugzilla/show_bug.cgi?id=81785
Mikael Pettersson <mikpelinux at gmail dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |mikpelinux at gmail dot com
--- Comment #2 from Mikael Pettersson <mikpelinux at gmail dot com> ---
Created attachment 41983
--> https://gcc.gnu.org/bugzilla/attachment.cgi?id=41983&action=edit
simple test case
Simpler test case that will __builtin_abort () when the bug hits rather than
segfault. Problem seems to be that
int * __attribute__((__noinline__, __noclone__))
foo(int x[])
{
int k = INT_MIN;
return &x[k - INT_MAX];
}
becomes the bogus code
foo:
movabsq $-17179869180, %rax
addq %rdi, %rax
ret
which returns a pointer to a large negative offset off x[], even though -fwrapv
has been passed to gcc.
The equivalent
int * __attribute__((__noinline__, __noclone__))
bar(int x[])
{
return &x[INT_MIN - INT_MAX];
}
becomes the expected code
bar:
leaq 4(%rdi), %rax
ret
although gcc also emits an IMO unwarranted (since -fwrapv is present) warning
pr81785.c: In function 'bar':
pr81785.c:20:23: warning: integer overflow in expression of type 'int' results
in '1' [-Woverflow]
return &x[INT_MIN - INT_MAX];
Affects every single gcc since 3.x on x86_64 as far as I can tell.
