From 0d1e5925e46184273f930aa45f1ec4f87752998b Mon Sep 17 00:00:00 2001 From: Jakub Jelinek Date: Mon, 31 Jul 2017 10:22:14 +0200 Subject: [PATCH] re PR tree-optimization/81603 (Various compiler UB on very large constant offsets) PR tree-optimization/81603 * ipa-polymorphic-call.c (ipa_polymorphic_call_context::ipa_polymorphic_call_context): Perform offset arithmetic in offset_int, bail out if the resulting bit offset doesn't fit into shwi. From-SVN: r250727 --- gcc/ChangeLog | 8 ++++++++ gcc/ipa-polymorphic-call.c | 19 ++++++++++++++----- 2 files changed, 22 insertions(+), 5 deletions(-) diff --git a/gcc/ChangeLog b/gcc/ChangeLog index 59ddc50..318a985 100644 --- a/gcc/ChangeLog +++ b/gcc/ChangeLog @@ -1,3 +1,11 @@ +2017-07-31 Jakub Jelinek + + PR tree-optimization/81603 + * ipa-polymorphic-call.c + (ipa_polymorphic_call_context::ipa_polymorphic_call_context): Perform + offset arithmetic in offset_int, bail out if the resulting bit offset + doesn't fit into shwi. + 2017-07-31 Martin Liska * gimplify.c (mostly_copy_tree_r): Remove Java specific hunk. diff --git a/gcc/ipa-polymorphic-call.c b/gcc/ipa-polymorphic-call.c index 6b9f821..9ac5153 100644 --- a/gcc/ipa-polymorphic-call.c +++ b/gcc/ipa-polymorphic-call.c @@ -921,9 +921,13 @@ ipa_polymorphic_call_context::ipa_polymorphic_call_context (tree fndecl, and MEM_REF is meaningless, but we can look futher. */ if (TREE_CODE (base) == MEM_REF) { + offset_int o = mem_ref_offset (base) * BITS_PER_UNIT; + o += offset; + o += offset2; + if (!wi::fits_shwi_p (o)) + break; base_pointer = TREE_OPERAND (base, 0); - offset - += offset2 + mem_ref_offset (base).to_short_addr () * BITS_PER_UNIT; + offset = o.to_shwi (); outer_type = NULL; } /* We found base object. In this case the outer_type @@ -961,10 +965,15 @@ ipa_polymorphic_call_context::ipa_polymorphic_call_context (tree fndecl, break; } else if (TREE_CODE (base_pointer) == POINTER_PLUS_EXPR - && tree_fits_uhwi_p (TREE_OPERAND (base_pointer, 1))) + && TREE_CODE (TREE_OPERAND (base_pointer, 1)) == INTEGER_CST) { - offset += tree_to_shwi (TREE_OPERAND (base_pointer, 1)) - * BITS_PER_UNIT; + offset_int o = offset_int::from (TREE_OPERAND (base_pointer, 1), + SIGNED); + o *= BITS_PER_UNIT; + o += offset; + if (!wi::fits_shwi_p (o)) + break; + offset = o.to_shwi (); base_pointer = TREE_OPERAND (base_pointer, 0); } else -- 2.7.4