Hello,
Changes from V1:
* Replaced INTVAL with UINTVAL as suggested by Segher.
* Fixed whitespace and formatting issues.
* Rebased patch on trunk.
* Reworded commit message to follow standards.
While building GCC with --with-build-config=bootstrap-ubsan on
powerpc64le-unknown-linux-gnu, multiple UBSAN runtime errors were
encountered in rs6000.cc and rs6000.md due to undefined behavior
involving left shifts on negative values and shift exponents equal to
or exceeding the type width.
The issue was in bit pattern recognition code
(in can_be_rotated_to_negative_lis and can_be_built_by_li_and_rldic),
where signed values were shifted without handling negative inputs or
guarding against shift counts equal to the type width, causing UB.
The fix ensures shifts and rotations are done unsigned HOST_WIDE_INT,
and casting back only where needed (like for arithmetic right shifts)
with proper guards to prevent shift-by-64.
2025-06-26 Kishan Parmar <kis...@linux.ibm.com>
gcc:
PR target/118890
* config/rs6000/rs6000.cc (can_be_rotated_to_negative_lis): Avoid left
shift of
negative value and guard shift count.
(can_be_built_by_li_and_rldic): Likewise.
(rs6000_emit_set_long_const): Likewise.
* config/rs6000/rs6000.md (splitter for plus into two 16-bit parts):
Fix error.
---
gcc/config/rs6000/rs6000.cc | 24 ++++++++++++++----------
gcc/config/rs6000/rs6000.md | 2 +-
2 files changed, 15 insertions(+), 11 deletions(-)
diff --git a/gcc/config/rs6000/rs6000.cc b/gcc/config/rs6000/rs6000.cc
index 1c60695ff8c..b16be8581ce 100644
--- a/gcc/config/rs6000/rs6000.cc
+++ b/gcc/config/rs6000/rs6000.cc
@@ -10320,15 +10320,18 @@ can_be_rotated_to_negative_lis (HOST_WIDE_INT c, int
*rot)
/* case b. xx0..01..1xx: some of 15 x's (and some of 16 0's) are
rotated over the highest bit. */
- int pos_one = clz_hwi ((c << 16) >> 16);
- middle_zeros = ctz_hwi (c >> (HOST_BITS_PER_WIDE_INT - pos_one));
- int middle_ones = clz_hwi (~(c << pos_one));
- if (middle_zeros >= 16 && middle_ones >= 33)
+ unsigned HOST_WIDE_INT uc = (unsigned HOST_WIDE_INT) c;
+ int pos_one = clz_hwi ((HOST_WIDE_INT) (uc << 16) >> 16);
+ if (pos_one != 0)
{
- *rot = pos_one;
- return true;
+ middle_zeros = ctz_hwi (c >> (HOST_BITS_PER_WIDE_INT - pos_one));
+ int middle_ones = clz_hwi (~(uc << pos_one));
+ if (middle_zeros >= 16 && middle_ones >= 33)
+ {
+ *rot = pos_one;
+ return true;
+ }
}
-
return false;
}
@@ -10445,7 +10448,7 @@ can_be_built_by_li_and_rldic (HOST_WIDE_INT c, int
*shift, HOST_WIDE_INT *mask)
if (lz >= HOST_BITS_PER_WIDE_INT)
return false;
- int middle_ones = clz_hwi (~(c << lz));
+ int middle_ones = clz_hwi (~(((unsigned HOST_WIDE_INT) c) << lz));
if (tz + lz + middle_ones >= ones
&& (tz - lz) < HOST_BITS_PER_WIDE_INT
&& tz < HOST_BITS_PER_WIDE_INT)
@@ -10479,7 +10482,7 @@ can_be_built_by_li_and_rldic (HOST_WIDE_INT c, int
*shift, HOST_WIDE_INT *mask)
if (!IN_RANGE (pos_first_1, 1, HOST_BITS_PER_WIDE_INT-1))
return false;
- middle_ones = clz_hwi (~c << pos_first_1);
+ middle_ones = clz_hwi ((~(unsigned HOST_WIDE_INT) c) << pos_first_1);
middle_zeros = ctz_hwi (c >> (HOST_BITS_PER_WIDE_INT - pos_first_1));
if (pos_first_1 < HOST_BITS_PER_WIDE_INT
&& middle_ones + middle_zeros < HOST_BITS_PER_WIDE_INT
@@ -10581,7 +10584,8 @@ rs6000_emit_set_long_const (rtx dest, HOST_WIDE_INT c,
int *num_insns)
{
/* li/lis; rldicX */
unsigned HOST_WIDE_INT imm = (c | ~mask);
- imm = (imm >> shift) | (imm << (HOST_BITS_PER_WIDE_INT - shift));
+ if (shift != 0)
+ imm = (imm >> shift) | (imm << (HOST_BITS_PER_WIDE_INT - shift));
count_or_emit_insn (temp, GEN_INT (imm));
if (shift != 0)
diff --git a/gcc/config/rs6000/rs6000.md b/gcc/config/rs6000/rs6000.md
index 9c718ca2a22..e31ee40aa87 100644
--- a/gcc/config/rs6000/rs6000.md
+++ b/gcc/config/rs6000/rs6000.md
@@ -1969,7 +1969,7 @@
[(set (match_dup 0) (plus:GPR (match_dup 1) (match_dup 3)))
(set (match_dup 0) (plus:GPR (match_dup 0) (match_dup 4)))]
{
- HOST_WIDE_INT val = INTVAL (operands[2]);
+ unsigned HOST_WIDE_INT val = UINTVAL (operands[2]);
HOST_WIDE_INT low = sext_hwi (val, 16);
HOST_WIDE_INT rest = trunc_int_for_mode (val - low, <MODE>mode);
--
2.47.1
