diff options
| author | Jakub Jelinek <jakub@redhat.com> | 2017-07-31 10:22:14 +0200 |
|---|---|---|
| committer | Jakub Jelinek <jakub@gcc.gnu.org> | 2017-07-31 10:22:14 +0200 |
| commit | 0d1e5925e46184273f930aa45f1ec4f87752998b (patch) | |
| tree | 7be87901463f1ef62952085845540f55e078c437 | |
| parent | 3dd9302511e2f2d01a14d5d7faa682c10a5c4d5b (diff) | |
| download | gcc-0d1e5925e46184273f930aa45f1ec4f87752998b.zip gcc-0d1e5925e46184273f930aa45f1ec4f87752998b.tar.gz gcc-0d1e5925e46184273f930aa45f1ec4f87752998b.tar.bz2 | |
re PR tree-optimization/81603 (Various compiler UB on very large constant offsets)
PR tree-optimization/81603
* ipa-polymorphic-call.c
(ipa_polymorphic_call_context::ipa_polymorphic_call_context): Perform
offset arithmetic in offset_int, bail out if the resulting bit offset
doesn't fit into shwi.
From-SVN: r250727
| -rw-r--r-- | gcc/ChangeLog | 8 | ||||
| -rw-r--r-- | gcc/ipa-polymorphic-call.c | 19 |
2 files changed, 22 insertions, 5 deletions
diff --git a/gcc/ChangeLog b/gcc/ChangeLog index 59ddc50..318a985 100644 --- a/gcc/ChangeLog +++ b/gcc/ChangeLog @@ -1,3 +1,11 @@ +2017-07-31 Jakub Jelinek <jakub@redhat.com> + + PR tree-optimization/81603 + * ipa-polymorphic-call.c + (ipa_polymorphic_call_context::ipa_polymorphic_call_context): Perform + offset arithmetic in offset_int, bail out if the resulting bit offset + doesn't fit into shwi. + 2017-07-31 Martin Liska <mliska@suse.cz> * gimplify.c (mostly_copy_tree_r): Remove Java specific hunk. diff --git a/gcc/ipa-polymorphic-call.c b/gcc/ipa-polymorphic-call.c index 6b9f821..9ac5153 100644 --- a/gcc/ipa-polymorphic-call.c +++ b/gcc/ipa-polymorphic-call.c @@ -921,9 +921,13 @@ ipa_polymorphic_call_context::ipa_polymorphic_call_context (tree fndecl, and MEM_REF is meaningless, but we can look futher. */ if (TREE_CODE (base) == MEM_REF) { + offset_int o = mem_ref_offset (base) * BITS_PER_UNIT; + o += offset; + o += offset2; + if (!wi::fits_shwi_p (o)) + break; base_pointer = TREE_OPERAND (base, 0); - offset - += offset2 + mem_ref_offset (base).to_short_addr () * BITS_PER_UNIT; + offset = o.to_shwi (); outer_type = NULL; } /* We found base object. In this case the outer_type @@ -961,10 +965,15 @@ ipa_polymorphic_call_context::ipa_polymorphic_call_context (tree fndecl, break; } else if (TREE_CODE (base_pointer) == POINTER_PLUS_EXPR - && tree_fits_uhwi_p (TREE_OPERAND (base_pointer, 1))) + && TREE_CODE (TREE_OPERAND (base_pointer, 1)) == INTEGER_CST) { - offset += tree_to_shwi (TREE_OPERAND (base_pointer, 1)) - * BITS_PER_UNIT; + offset_int o = offset_int::from (TREE_OPERAND (base_pointer, 1), + SIGNED); + o *= BITS_PER_UNIT; + o += offset; + if (!wi::fits_shwi_p (o)) + break; + offset = o.to_shwi (); base_pointer = TREE_OPERAND (base_pointer, 0); } else |