Prevent possible overflows in ipa-profile

The bug in scaling profile of fnsplit produced clones made
some afdo counts during gcc bootstrap very large (2^59).
This made computations in ipa-profile to silently overflow
which triggered hot count to be identified as 1 instead of
sane value.

While fixing the fnsplit bug prevents overflow, I think the histogram code
should be made safe too.  sreal is not very fitting here since mantisa is 32bit
and not very good for many additions of many numbers which are possibly of very
different order.  So I use widest_int while 128bit arithmetics would be safe
(we are summing 60 bit counts multiplied by time estimates).  I don't think
we have readily available 128bit type and code is not really time critical since
the histogram is computed once.

gcc/ChangeLog:

	* ipa-profile.cc (ipa_profile): Use widest_int to avoid
	possible overflows.

diff --git a/gcc/ipa-profile.cc b/gcc/ipa-profile.cc
index 08638667f65c9af0afedb93a6ace056d59c34e53..c8b8529e38b7f7720f1035f4911d445eb442651c 100644 (file)
--- a/gcc/ipa-profile.cc
+++ b/gcc/ipa-profile.cc
@@ -764,7 +764,8 @@ ipa_profile (void)
   int order_pos;
   bool something_changed = false;
   int i;
-  gcov_type overall_time = 0, cutoff = 0, cumulated = 0, overall_size = 0;
+  widest_int overall_time = 0, cumulated = 0;
+  gcov_type overall_size = 0;
   struct cgraph_node *n,*n2;
   int nindirect = 0, ncommon = 0, nunknown = 0, nuseless = 0, nconverted = 0;
   int nmismatch = 0, nimpossible = 0;
@@ -775,37 +776,44 @@ ipa_profile (void)
     dump_histogram (dump_file, histogram);
   for (i = 0; i < (int)histogram.length (); i++)
     {
-      overall_time += histogram[i]->count * histogram[i]->time;
+      overall_time += ((widest_int)histogram[i]->count) * histogram[i]->time;
+      /* Watch for overflow.  */
+      gcc_assert (overall_time >= 0);
       overall_size += histogram[i]->size;
     }
   threshold = 0;
-  if (overall_time)
+  if (overall_time != 0)
     {
       gcc_assert (overall_size);
 
-      cutoff = (overall_time * param_hot_bb_count_ws_permille + 500) / 1000;
+      widest_int cutoff = ((overall_time * param_hot_bb_count_ws_permille
+                          + 500) / 1000);
+      /* Watch for overflow.  */
+      gcc_assert (cutoff >= 0);
       for (i = 0; cumulated < cutoff; i++)
        {
-         cumulated += histogram[i]->count * histogram[i]->time;
+         cumulated += ((widest_int)histogram[i]->count) * histogram[i]->time;
           threshold = histogram[i]->count;
        }
       if (!threshold)
        threshold = 1;
       if (dump_file)
        {
-         gcov_type cumulated_time = 0, cumulated_size = 0;
+         widest_int cumulated_time = 0;
+         gcov_type cumulated_size = 0;
 
           for (i = 0;
               i < (int)histogram.length () && histogram[i]->count >= threshold;
               i++)
            {
-             cumulated_time += histogram[i]->count * histogram[i]->time;
+             cumulated_time += ((widest_int)histogram[i]->count)
+                                * histogram[i]->time;
              cumulated_size += histogram[i]->size;
            }
          fprintf (dump_file, "Determined min count: %" PRId64
                   " Time:%3.2f%% Size:%3.2f%%\n",
                   (int64_t)threshold,
-                  cumulated_time * 100.0 / overall_time,
+                  (cumulated_time * 10000 / overall_time).to_shwi () / 100.0,
                   cumulated_size * 100.0 / overall_size);
        }