Message ID | b278df38f01b823d8a3915f67321affc9a8ca05b.camel@mengyan1223.wang |
---|---|
State | New |
Headers |
Return-Path: <gcc-patches-bounces+patchwork=sourceware.org@gcc.gnu.org> X-Original-To: patchwork@sourceware.org Delivered-To: patchwork@sourceware.org Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id 947963858423 for <patchwork@sourceware.org>; Wed, 9 Mar 2022 16:13:11 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 947963858423 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gcc.gnu.org; s=default; t=1646842391; bh=60CVHwTl0ZJdKZgss/j7KUmAObfo7QGnbyWGlHJ18A8=; h=Subject:To:Date:In-Reply-To:References:List-Id:List-Unsubscribe: List-Archive:List-Post:List-Help:List-Subscribe:From:Reply-To:Cc: From; b=RJGiKo9kFm1j8XeVZmh1ukj7zeesJ/kf2QRt/Nyixy51cbt8f8XpuXkIkDj1PPYvs zFJSzpwdG/yzRu+sk84+Q38TGQ5VYpoCDjFvOcpG/rdVjOupZLpUy5SLBhPh1bdW8I mfWaHBIeEdna68IYx+J2NTWOs/REW8MAUOJ8hObQ= X-Original-To: gcc-patches@gcc.gnu.org Delivered-To: gcc-patches@gcc.gnu.org Received: from mengyan1223.wang (mengyan1223.wang [89.208.246.23]) by sourceware.org (Postfix) with ESMTPS id 95A833858408 for <gcc-patches@gcc.gnu.org>; Wed, 9 Mar 2022 16:12:41 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org 95A833858408 Received: from localhost.localdomain (localhost [127.0.0.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature ECDSA (P-384) server-digest SHA384) (Client did not present a certificate) (Authenticated sender: xry111@mengyan1223.wang) by mengyan1223.wang (Postfix) with ESMTPSA id 159D065C24; Wed, 9 Mar 2022 11:12:38 -0500 (EST) Message-ID: <b278df38f01b823d8a3915f67321affc9a8ca05b.camel@mengyan1223.wang> Subject: [PATCH v2] cse: avoid signed overflow in compute_const_anchors [PR 104843] To: Richard Biener <richard.guenther@gmail.com> Date: Thu, 10 Mar 2022 00:12:36 +0800 In-Reply-To: <CAFiYyc3KbQDJby=enT53p9=yrmFT5iBDbgstXY1tAZv6vpEc3w@mail.gmail.com> References: <a2561b832ad3ffc1a5c3a50762f916aa60068815.camel@mengyan1223.wang> <CAFiYyc3KbQDJby=enT53p9=yrmFT5iBDbgstXY1tAZv6vpEc3w@mail.gmail.com> Content-Type: text/plain; charset="UTF-8" User-Agent: Evolution 3.42.4 MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=-3037.9 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, GIT_PATCH_0, JMQ_SPF_NEUTRAL, SPF_HELO_PASS, SPF_PASS, TXREP, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.4 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on server2.sourceware.org X-BeenThere: gcc-patches@gcc.gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Gcc-patches mailing list <gcc-patches.gcc.gnu.org> List-Unsubscribe: <https://gcc.gnu.org/mailman/options/gcc-patches>, <mailto:gcc-patches-request@gcc.gnu.org?subject=unsubscribe> List-Archive: <https://gcc.gnu.org/pipermail/gcc-patches/> List-Post: <mailto:gcc-patches@gcc.gnu.org> List-Help: <mailto:gcc-patches-request@gcc.gnu.org?subject=help> List-Subscribe: <https://gcc.gnu.org/mailman/listinfo/gcc-patches>, <mailto:gcc-patches-request@gcc.gnu.org?subject=subscribe> From: Xi Ruoyao via Gcc-patches <gcc-patches@gcc.gnu.org> Reply-To: Xi Ruoyao <xry111@mengyan1223.wang> Cc: Richard Sandiford <richard.sandiford@arm.com>, GCC Patches <gcc-patches@gcc.gnu.org>, Jeff Law <law@redhat.com> Errors-To: gcc-patches-bounces+patchwork=sourceware.org@gcc.gnu.org Sender: "Gcc-patches" <gcc-patches-bounces+patchwork=sourceware.org@gcc.gnu.org> |
Series |
[v2] cse: avoid signed overflow in compute_const_anchors [PR 104843]
|
|
Commit Message
Xi Ruoyao
March 9, 2022, 4:12 p.m. UTC
On Wed, 2022-03-09 at 15:55 +0100, Richard Biener wrote: > isn't it better to make targetm.const_anchor unsigned? > The & and ~ are not subject to overflow rules. It's not enough: if n is the minimum value of HOST_WIDE_INT and const_anchor = 0x8000 (the value for MIPS), we'll have a signed 0x7fff in *upper_base. Then the next line, "*upper_offs = n - *upper_base;" will be a signed overflow again. How about the following? -- >8 -- With a non-zero const_anchor, the behavior of this function relied on signed overflow. gcc/ PR rtl-optimization/104843 * cse.cc (compute_const_anchors): Use unsigned HOST_WIDE_INT for n to perform overflow arithmetics safely. --- gcc/cse.cc | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-)
Comments
On Wed, Mar 9, 2022 at 5:12 PM Xi Ruoyao <xry111@mengyan1223.wang> wrote: > > On Wed, 2022-03-09 at 15:55 +0100, Richard Biener wrote: > > > isn't it better to make targetm.const_anchor unsigned? > > The & and ~ are not subject to overflow rules. > > It's not enough: if n is the minimum value of HOST_WIDE_INT and > const_anchor = 0x8000 (the value for MIPS), we'll have a signed 0x7fff > in *upper_base. Then the next line, "*upper_offs = n - *upper_base;" > will be a signed overflow again. > > How about the following? Hmm, so all this seems to be to round CST up and down to a multiple of CONST_ANCHOR. It works on CONST_INT only which is sign-extended, so if there is overflow the resulting anchor is broken as far as I can see. So instead of papering over this issue the function should return false when n is negative since then n & ~(targetm.const_anchor - 1) is also not n rounded down to a multiple of const_anchor. But of course I know nothing about this .. Richard. > -- >8 -- > > With a non-zero const_anchor, the behavior of this function relied on > signed overflow. > > gcc/ > > PR rtl-optimization/104843 > * cse.cc (compute_const_anchors): Use unsigned HOST_WIDE_INT for > n to perform overflow arithmetics safely. > --- > gcc/cse.cc | 8 ++++---- > 1 file changed, 4 insertions(+), 4 deletions(-) > > diff --git a/gcc/cse.cc b/gcc/cse.cc > index a18b599d324..052fa0c3490 100644 > --- a/gcc/cse.cc > +++ b/gcc/cse.cc > @@ -1169,12 +1169,12 @@ compute_const_anchors (rtx cst, > HOST_WIDE_INT *lower_base, HOST_WIDE_INT *lower_offs, > HOST_WIDE_INT *upper_base, HOST_WIDE_INT *upper_offs) > { > - HOST_WIDE_INT n = INTVAL (cst); > - > - *lower_base = n & ~(targetm.const_anchor - 1); > - if (*lower_base == n) > + unsigned HOST_WIDE_INT n = UINTVAL (cst); > + unsigned HOST_WIDE_INT lb = n & ~(targetm.const_anchor - 1); > + if (lb == n) > return false; > > + *lower_base = lb; > *upper_base = > (n + (targetm.const_anchor - 1)) & ~(targetm.const_anchor - 1); > *upper_offs = n - *upper_base; > -- > 2.35.1 > > > >
On Thu, 2022-03-10 at 09:01 +0100, Richard Biener wrote: > On Wed, Mar 9, 2022 at 5:12 PM Xi Ruoyao <xry111@mengyan1223.wang> > wrote: > > > > On Wed, 2022-03-09 at 15:55 +0100, Richard Biener wrote: > > > > > isn't it better to make targetm.const_anchor unsigned? > > > The & and ~ are not subject to overflow rules. > > > > It's not enough: if n is the minimum value of HOST_WIDE_INT and > > const_anchor = 0x8000 (the value for MIPS), we'll have a signed > > 0x7fff > > in *upper_base. Then the next line, "*upper_offs = n - > > *upper_base;" > > will be a signed overflow again. > > > > How about the following? > > Hmm, so all this seems to be to round CST up and down to a multiple of > CONST_ANCHOR. > It works on CONST_INT only which is sign-extended, so if there is > overflow the resulting > anchor is broken as far as I can see. On MIPS addiu/daddiu do 2-complement addition, so the overflowed result is still usable. > So instead of papering over this issue > the function should return false when n is negative since then > n & ~(targetm.const_anchor - 1) is also not n rounded down to a > multiple of const_anchor. This function does work for negative n, like: void g (int, int); void f (void) { g(0x8123ffff, 0x81240001); } It should produce: li $4,-2128347136 # 0xffffffff81240000 daddiu $5,$4,1 daddiu $4,$4,-1 jal g But return false for negative n will cause regression for this case, producing: li $5,-2128347136 # 0xffffffff81240000 li $4,-2128412672 # 0xffffffff81230000 ori $5,$5,0x1 ori $4,$4,0xffff jal g That being said, it indeed does not work for: void g (int, int); void f () { g (0x7fffffff, 0x80000001); } It produces: li $5,-2147483648 # 0xffffffff80000000 li $4,2147418112 # 0x7fff0000 daddiu $5,$5,1 ori $4,$4,0xffff jal g Should be: li $5,-2147483648 # 0xffffffff80000000 daddiu $5,$5,1 addiu $4,$5,-1 > > -- >8 -- > > > > With a non-zero const_anchor, the behavior of this function relied on > > signed overflow. > > > > gcc/ > > > > PR rtl-optimization/104843 > > * cse.cc (compute_const_anchors): Use unsigned HOST_WIDE_INT for > > n to perform overflow arithmetics safely. > > --- > > gcc/cse.cc | 8 ++++---- > > 1 file changed, 4 insertions(+), 4 deletions(-) > > > > diff --git a/gcc/cse.cc b/gcc/cse.cc > > index a18b599d324..052fa0c3490 100644 > > --- a/gcc/cse.cc > > +++ b/gcc/cse.cc > > @@ -1169,12 +1169,12 @@ compute_const_anchors (rtx cst, > > HOST_WIDE_INT *lower_base, HOST_WIDE_INT *lower_offs, > > HOST_WIDE_INT *upper_base, HOST_WIDE_INT *upper_offs) > > { > > - HOST_WIDE_INT n = INTVAL (cst); > > - > > - *lower_base = n & ~(targetm.const_anchor - 1); > > - if (*lower_base == n) > > + unsigned HOST_WIDE_INT n = UINTVAL (cst); > > + unsigned HOST_WIDE_INT lb = n & ~(targetm.const_anchor - 1); > > + if (lb == n) > > return false; > > > > + *lower_base = lb; > > *upper_base = > > (n + (targetm.const_anchor - 1)) & ~(targetm.const_anchor - 1); > > *upper_offs = n - *upper_base; > > -- > > 2.35.1 > > > > > > >
On Thu, Mar 10, 2022 at 12:32 PM Xi Ruoyao <xry111@mengyan1223.wang> wrote: > > On Thu, 2022-03-10 at 09:01 +0100, Richard Biener wrote: > > On Wed, Mar 9, 2022 at 5:12 PM Xi Ruoyao <xry111@mengyan1223.wang> > > wrote: > > > > > > On Wed, 2022-03-09 at 15:55 +0100, Richard Biener wrote: > > > > > > > isn't it better to make targetm.const_anchor unsigned? > > > > The & and ~ are not subject to overflow rules. > > > > > > It's not enough: if n is the minimum value of HOST_WIDE_INT and > > > const_anchor = 0x8000 (the value for MIPS), we'll have a signed > > > 0x7fff > > > in *upper_base. Then the next line, "*upper_offs = n - > > > *upper_base;" > > > will be a signed overflow again. > > > > > > How about the following? > > > > Hmm, so all this seems to be to round CST up and down to a multiple of > > CONST_ANCHOR. > > It works on CONST_INT only which is sign-extended, so if there is > > overflow the resulting > > anchor is broken as far as I can see. > > On MIPS addiu/daddiu do 2-complement addition, so the overflowed result > is still usable. The issue is that what the CONST_INT actually means depends on the mode, an "overflow" to a positive number will eventually change what is lower and what is the upper bound(?) > > So instead of papering over this issue > > the function should return false when n is negative since then > > n & ~(targetm.const_anchor - 1) is also not n rounded down to a > > multiple of const_anchor. > > This function does work for negative n, like: > > void g (int, int); > void > f (void) > { > g(0x8123ffff, 0x81240001); > } > > It should produce: > > li $4,-2128347136 # 0xffffffff81240000 > daddiu $5,$4,1 > daddiu $4,$4,-1 > jal g > > But return false for negative n will cause regression for this case, > producing: > > li $5,-2128347136 # 0xffffffff81240000 > li $4,-2128412672 # 0xffffffff81230000 > ori $5,$5,0x1 > ori $4,$4,0xffff > jal g > > That being said, it indeed does not work for: > > void g (int, int); > void f () > { > g (0x7fffffff, 0x80000001); > } > > It produces: > > li $5,-2147483648 # 0xffffffff80000000 > li $4,2147418112 # 0x7fff0000 > daddiu $5,$5,1 > ori $4,$4,0xffff > jal g > > Should be: > > li $5,-2147483648 # 0xffffffff80000000 > daddiu $5,$5,1 > addiu $4,$5,-1 So maybe you can figure out a fix that makes it work for this case as well. > > > -- >8 -- > > > > > > With a non-zero const_anchor, the behavior of this function relied on > > > signed overflow. > > > > > > gcc/ > > > > > > PR rtl-optimization/104843 > > > * cse.cc (compute_const_anchors): Use unsigned HOST_WIDE_INT for > > > n to perform overflow arithmetics safely. > > > --- > > > gcc/cse.cc | 8 ++++---- > > > 1 file changed, 4 insertions(+), 4 deletions(-) > > > > > > diff --git a/gcc/cse.cc b/gcc/cse.cc > > > index a18b599d324..052fa0c3490 100644 > > > --- a/gcc/cse.cc > > > +++ b/gcc/cse.cc > > > @@ -1169,12 +1169,12 @@ compute_const_anchors (rtx cst, > > > HOST_WIDE_INT *lower_base, HOST_WIDE_INT *lower_offs, > > > HOST_WIDE_INT *upper_base, HOST_WIDE_INT *upper_offs) > > > { > > > - HOST_WIDE_INT n = INTVAL (cst); > > > - > > > - *lower_base = n & ~(targetm.const_anchor - 1); > > > - if (*lower_base == n) > > > + unsigned HOST_WIDE_INT n = UINTVAL (cst); > > > + unsigned HOST_WIDE_INT lb = n & ~(targetm.const_anchor - 1); > > > + if (lb == n) > > > return false; > > > > > > + *lower_base = lb; > > > *upper_base = > > > (n + (targetm.const_anchor - 1)) & ~(targetm.const_anchor - 1); > > > *upper_offs = n - *upper_base; > > > -- > > > 2.35.1 > > > > > > > > > > > > -- > Xi Ruoyao <xry111@mengyan1223.wang> > School of Aerospace Science and Technology, Xidian University
diff --git a/gcc/cse.cc b/gcc/cse.cc index a18b599d324..052fa0c3490 100644 --- a/gcc/cse.cc +++ b/gcc/cse.cc @@ -1169,12 +1169,12 @@ compute_const_anchors (rtx cst, HOST_WIDE_INT *lower_base, HOST_WIDE_INT *lower_offs, HOST_WIDE_INT *upper_base, HOST_WIDE_INT *upper_offs) { - HOST_WIDE_INT n = INTVAL (cst); - - *lower_base = n & ~(targetm.const_anchor - 1); - if (*lower_base == n) + unsigned HOST_WIDE_INT n = UINTVAL (cst); + unsigned HOST_WIDE_INT lb = n & ~(targetm.const_anchor - 1); + if (lb == n) return false; + *lower_base = lb; *upper_base = (n + (targetm.const_anchor - 1)) & ~(targetm.const_anchor - 1); *upper_offs = n - *upper_base;