[Bug c/61240] New: Incorrect warning "integer overflow in expression" on pointer-pointer subtraction

classic Classic list List threaded Threaded
29 messages Options
12
Reply | Threaded
Open this post in threaded view
|

[Bug c/61240] New: Incorrect warning "integer overflow in expression" on pointer-pointer subtraction

thiago at kde dot org
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=61240

            Bug ID: 61240
           Summary: Incorrect warning "integer overflow in expression" on
                    pointer-pointer subtraction
           Product: gcc
           Version: 4.8.0
            Status: UNCONFIRMED
          Severity: normal
          Priority: P3
         Component: c
          Assignee: unassigned at gcc dot gnu.org
          Reporter: Keith.S.Thompson at gmail dot com

Credit goes to "Lumbering Lummox", the author of this Stack Overflow post:
http://stackoverflow.com/q/23747641/827263

I see this problem with gcc versions 4.8.0 and 4.9.0, both compiled from
source, on Linux Mint 14 on x86_64.

Source program:

int main(void) {
    int i;
    int *p = &i;
    int *q = &i + 1;
    p - (p - 1);
    q - (q - 1);
}

Compiler output:

% /usr/local/apps/gcc-4.8.0/bin/gcc gcc-bug-integer-overflow.c
gcc-bug-integer-overflow.c: In function ‘main’:
gcc-bug-integer-overflow.c:5:7: warning: integer overflow in expression
[-Woverflow]
     p - (p - 1);
       ^
gcc-bug-integer-overflow.c:6:7: warning: integer overflow in expression
[-Woverflow]
     q - (q - 1);
       ^

A warning would be appropriate for "p - (p - 1)", since (p - 1) has undefined
behavior -- but since it's pointer arithmetic, not integer arithmetic, the
"integer overflow" warning is at least incorrectly worded. Furthermore, the
error message points to the first "-", which is not the problem.

As for "q - (q - 1)", no warning should be issued at all, since both "(q - 1)"
and "q - (q - 1)" are valid expressions with well defined behavior (yielding &i
and (ptrdiff_t)1, respectively).

This might be related to bug #48267.
Reply | Threaded
Open this post in threaded view
|

[Bug c/61240] [4.8/4.9/4.10 Regression] Incorrect warning "integer overflow in expression" on pointer-pointer subtraction

thiago at kde dot org
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=61240

Richard Biener <rguenth at gcc dot gnu.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|UNCONFIRMED                 |NEW
   Last reconfirmed|                            |2014-05-20
   Target Milestone|---                         |4.8.3
            Summary|Incorrect warning "integer  |[4.8/4.9/4.10 Regression]
                   |overflow in expression" on  |Incorrect warning "integer
                   |pointer-pointer subtraction |overflow in expression" on
                   |                            |pointer-pointer subtraction
     Ever confirmed|0                           |1

--- Comment #1 from Richard Biener <rguenth at gcc dot gnu.org> ---
We warn for

 <integer_cst 0x7ffff6d54e28 type <integer_type 0x7ffff6c407e0 long int>
constant public overflow 1>

via c-common.c:overflow_warning called from

#1  0x000000000065b80e in parser_build_binary_op (location=5653,
    code=MINUS_EXPR, arg1=..., arg2=...)
    at /space/rguenther/src/svn/trunk/gcc/c/c-typeck.c:3411
#2  0x000000000068f5ed in c_parser_binary_expression (parser=0x7ffff6d67000,
    after=0x0, omp_atomic_lhs=<tree 0x0>)
    at /space/rguenther/src/svn/trunk/gcc/c/c-parser.c:6282
#3  0x000000000068dfee in c_parser_conditional_expression (
    parser=0x7ffff6d67000, after=0x0, omp_atomic_lhs=<tree 0x0>)
    at /space/rguenther/src/svn/trunk/gcc/c/c-parser.c:5934
#4  0x000000000068dd75 in c_parser_expr_no_commas (parser=0x7ffff6d67000,
    after=0x0, omp_atomic_lhs=<tree 0x0>)
    at /space/rguenther/src/svn/trunk/gcc/c/c-parser.c:5852

when building p - (p + -1U) which gets simplified to - -1U -> 1U (with overflow
set - as it's sizetype arithmetic).  pointer_diff is guilty here which calls

  /* First do the subtraction as integers;
     then drop through to build the divide operator.
     Do not do default conversions on the minus operator
     in case restype is a short type.  */

  op0 = build_binary_op (loc,
                         MINUS_EXPR, convert (inttype, op0),
                         convert (inttype, op1), 0);

doing 0 - -1U, converting them to inttype (long int) first.  I suggest
to do that conversion and strip overflow bits in the POINTER_PLUS_EXPR
decomposition part.
Reply | Threaded
Open this post in threaded view
|

[Bug c/61240] [4.8/4.9/4.10 Regression] Incorrect warning "integer overflow in expression" on pointer-pointer subtraction

thiago at kde dot org
In reply to this post by thiago at kde dot org
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=61240

Richard Biener <rguenth at gcc dot gnu.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
   Target Milestone|4.8.3                       |4.8.4

--- Comment #2 from Richard Biener <rguenth at gcc dot gnu.org> ---
GCC 4.8.3 is being released, adjusting target milestone.
Reply | Threaded
Open this post in threaded view
|

[Bug c/61240] [4.8/4.9/4.10 Regression] Incorrect warning "integer overflow in expression" on pointer-pointer subtraction

thiago at kde dot org
In reply to this post by thiago at kde dot org
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=61240

Marek Polacek <mpolacek at gcc dot gnu.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |mpolacek at gcc dot gnu.org

--- Comment #3 from Marek Polacek <mpolacek at gcc dot gnu.org> ---
Richi, did you mean something like this?  With this we wouldn't warn on nor p -
(p - 1); neither q - (q - 1); line...

--- a/gcc/c/c-typeck.c
+++ b/gcc/c/c-typeck.c
@@ -3513,6 +3513,9 @@ pointer_diff (location_t loc, tree op0, tree op1)
     {
       lit0 = TREE_OPERAND (con0, 1);
       con0 = TREE_OPERAND (con0, 0);
+      lit0 = convert (inttype, lit0);
+      if (TREE_CODE (lit0) == INTEGER_CST)
+       TREE_OVERFLOW (lit0) = 0;
     }
   else
     lit0 = integer_zero_node;
@@ -3521,6 +3524,9 @@ pointer_diff (location_t loc, tree op0, tree op1)
     {
       lit1 = TREE_OPERAND (con1, 1);
       con1 = TREE_OPERAND (con1, 0);
+      lit1 = convert (inttype, lit1);
+      if (TREE_CODE (lit1) == INTEGER_CST)
+       TREE_OVERFLOW (lit1) = 0;
     }
   else
     lit1 = integer_zero_node;
Reply | Threaded
Open this post in threaded view
|

[Bug c/61240] [4.8/4.9/4.10 Regression] Incorrect warning "integer overflow in expression" on pointer-pointer subtraction

thiago at kde dot org
In reply to this post by thiago at kde dot org
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=61240

Jakub Jelinek <jakub at gcc dot gnu.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |jakub at gcc dot gnu.org

--- Comment #4 from Jakub Jelinek <jakub at gcc dot gnu.org> ---
Started with r184965.
Reply | Threaded
Open this post in threaded view
|

[Bug c/61240] [4.8/4.9/4.10 Regression] Incorrect warning "integer overflow in expression" on pointer-pointer subtraction

thiago at kde dot org
In reply to this post by thiago at kde dot org
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=61240

Marek Polacek <mpolacek at gcc dot gnu.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |ASSIGNED
           Assignee|unassigned at gcc dot gnu.org      |mpolacek at gcc dot gnu.org

--- Comment #5 from Marek Polacek <mpolacek at gcc dot gnu.org> ---
Maybe best would be to remove the optimization in pointer_diff altogether.
Mine for now.
Reply | Threaded
Open this post in threaded view
|

[Bug c/61240] [4.8/4.9/4.10 Regression] Incorrect warning "integer overflow in expression" on pointer-pointer subtraction

thiago at kde dot org
In reply to this post by thiago at kde dot org
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=61240

--- Comment #6 from Jakub Jelinek <jakub at gcc dot gnu.org> ---
But in that case we should have an adequate replacement on the
match_and_simplify side.
Reply | Threaded
Open this post in threaded view
|

[Bug c/61240] [4.8/4.9/4.10 Regression] Incorrect warning "integer overflow in expression" on pointer-pointer subtraction

thiago at kde dot org
In reply to this post by thiago at kde dot org
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=61240

--- Comment #7 from Marek Polacek <mpolacek at gcc dot gnu.org> ---
But C++ has its own pointer_diff version that doesn't do such optimization.
With my change the C FE would generate the same expr as the C++ FE.  And FEs
shouldn't perform such optimizations anyway.
Reply | Threaded
Open this post in threaded view
|

[Bug c/61240] [4.8/4.9/5 Regression] Incorrect warning "integer overflow in expression" on pointer-pointer subtraction

thiago at kde dot org
In reply to this post by thiago at kde dot org
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=61240

Richard Biener <rguenth at gcc dot gnu.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
           Keywords|                            |diagnostic,
                   |                            |missed-optimization
           Priority|P3                          |P2

--- Comment #8 from Richard Biener <rguenth at gcc dot gnu.org> ---
So this is also a missed optimization on the C++ side?  Btw, the C++ FE warns
for me as well (on trunk).
Reply | Threaded
Open this post in threaded view
|

[Bug c/61240] [4.8/4.9/5 Regression] Incorrect warning "integer overflow in expression" on pointer-pointer subtraction

thiago at kde dot org
In reply to this post by thiago at kde dot org
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=61240

--- Comment #9 from Marek Polacek <mpolacek at gcc dot gnu.org> ---
I view this as a problem that we fold too early - I think this bug (and its
kin) are to be solved with delayed folding.
Reply | Threaded
Open this post in threaded view
|

[Bug c/61240] [4.8/4.9/5 Regression] Incorrect warning "integer overflow in expression" on pointer-pointer subtraction

thiago at kde dot org
In reply to this post by thiago at kde dot org
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=61240

Jakub Jelinek <jakub at gcc dot gnu.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
   Target Milestone|4.8.4                       |4.8.5

--- Comment #10 from Jakub Jelinek <jakub at gcc dot gnu.org> ---
GCC 4.8.4 has been released.
Reply | Threaded
Open this post in threaded view
|

[Bug c/61240] [4.8/4.9/5 Regression] Incorrect warning "integer overflow in expression" on pointer-pointer subtraction

thiago at kde dot org
In reply to this post by thiago at kde dot org
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=61240

Marek Polacek <mpolacek at gcc dot gnu.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
   Target Milestone|4.8.5                       |6.0
Reply | Threaded
Open this post in threaded view
|

[Bug c/61240] [4.8/4.9/5/6 Regression] Incorrect warning "integer overflow in expression" on pointer-pointer subtraction

thiago at kde dot org
In reply to this post by thiago at kde dot org
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=61240

Kai Tietz <ktietz at gcc dot gnu.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |ktietz at gcc dot gnu.org

--- Comment #11 from Kai Tietz <ktietz at gcc dot gnu.org> ---
Issue is fixed for C++ delayed folding.
Reply | Threaded
Open this post in threaded view
|

[Bug c/61240] [4.9/5/6 Regression] Incorrect warning "integer overflow in expression" on pointer-pointer subtraction

thiago at kde dot org
In reply to this post by thiago at kde dot org
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=61240

Divya Jyoti Das <divyajyotidas15 at gmail dot com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |divyajyotidas15 at gmail dot com

--- Comment #12 from Divya Jyoti Das <divyajyotidas15 at gmail dot com> ---
(In reply to Marek Polacek from comment #7)
> But C++ has its own pointer_diff version that doesn't do such optimization.
> With my change the C FE would generate the same expr as the C++ FE.  And FEs
> shouldn't perform such optimizations anyway.
Reply | Threaded
Open this post in threaded view
|

[Bug c/61240] [4.9/5/6 Regression] Incorrect warning "integer overflow in expression" on pointer-pointer subtraction

thiago at kde dot org
In reply to this post by thiago at kde dot org
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=61240

Marek Polacek <mpolacek at gcc dot gnu.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
   Target Milestone|6.0                         |7.0
Reply | Threaded
Open this post in threaded view
|

[Bug c/61240] [5/6/7/8 Regression] Incorrect warning "integer overflow in expression" on pointer-pointer subtraction

thiago at kde dot org
In reply to this post by thiago at kde dot org
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=61240

Jakub Jelinek <jakub at gcc dot gnu.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
   Target Milestone|7.0                         |7.2

--- Comment #13 from Jakub Jelinek <jakub at gcc dot gnu.org> ---
GCC 7.1 has been released.
Reply | Threaded
Open this post in threaded view
|

[Bug c/61240] [5/6/7/8 Regression] Incorrect warning "integer overflow in expression" on pointer-pointer subtraction

thiago at kde dot org
In reply to this post by thiago at kde dot org
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=61240

Richard Biener <rguenth at gcc dot gnu.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
   Target Milestone|7.2                         |7.3

--- Comment #14 from Richard Biener <rguenth at gcc dot gnu.org> ---
GCC 7.2 is being released, adjusting target milestone.

--- Comment #15 from Richard Biener <rguenth at gcc dot gnu.org> ---
GCC 7.2 is being released, adjusting target milestone.
Reply | Threaded
Open this post in threaded view
|

[Bug c/61240] [5/6/7/8 Regression] Incorrect warning "integer overflow in expression" on pointer-pointer subtraction

thiago at kde dot org
In reply to this post by thiago at kde dot org
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=61240

Richard Biener <rguenth at gcc dot gnu.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
   Target Milestone|7.2                         |7.3

--- Comment #14 from Richard Biener <rguenth at gcc dot gnu.org> ---
GCC 7.2 is being released, adjusting target milestone.

--- Comment #15 from Richard Biener <rguenth at gcc dot gnu.org> ---
GCC 7.2 is being released, adjusting target milestone.
Reply | Threaded
Open this post in threaded view
|

[Bug c/61240] [5/6/7/8 Regression] Incorrect warning "integer overflow in expression" on pointer-pointer subtraction

thiago at kde dot org
In reply to this post by thiago at kde dot org
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=61240

Richard Biener <rguenth at gcc dot gnu.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
   Target Milestone|7.2                         |7.3
Reply | Threaded
Open this post in threaded view
|

[Bug c/61240] [6/7/8 Regression] Incorrect warning "integer overflow in expression" on pointer-pointer subtraction

thiago at kde dot org
In reply to this post by thiago at kde dot org
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=61240

--- Comment #14 from Jakub Jelinek <jakub at gcc dot gnu.org> ---
Marek, are you still on the hook to remove this premature optimization from the
FE and let it be folded in c_fully_fold or later?
12