From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: by sourceware.org (Postfix, from userid 48) id 0FA303857427; Wed, 15 Jun 2022 08:50:01 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 0FA303857427 From: "rguenth at gcc dot gnu.org" To: gcc-bugs@gcc.gnu.org Subject: [Bug c/105969] [12/13 Regression] ICE in Floating point exception Date: Wed, 15 Jun 2022 08:50:00 +0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: gcc X-Bugzilla-Component: c X-Bugzilla-Version: 13.0 X-Bugzilla-Keywords: accepts-invalid, ice-on-valid-code, needs-bisection X-Bugzilla-Severity: normal X-Bugzilla-Who: rguenth at gcc dot gnu.org X-Bugzilla-Status: ASSIGNED X-Bugzilla-Resolution: X-Bugzilla-Priority: P3 X-Bugzilla-Assigned-To: rguenth at gcc dot gnu.org X-Bugzilla-Target-Milestone: 12.2 X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: assigned_to cf_reconfirmed_on target_milestone keywords everconfirmed cc blocked bug_status Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: http://gcc.gnu.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: gcc-bugs@gcc.gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Gcc-bugs mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 15 Jun 2022 08:50:01 -0000 https://gcc.gnu.org/bugzilla/show_bug.cgi?id=3D105969 Richard Biener changed: What |Removed |Added ---------------------------------------------------------------------------- Assignee|unassigned at gcc dot gnu.org |rguenth at gcc dot = gnu.org Last reconfirmed| |2022-06-15 Target Milestone|--- |12.2 Keywords| |accepts-invalid, | |needs-bisection Ever confirmed|0 |1 CC| |jsm28 at gcc dot gnu.org Blocks| |105604 Status|UNCONFIRMED |ASSIGNED --- Comment #1 from Richard Biener --- Confirmed. (gdb) l 2317 2318 unsigned HOST_WIDE_INT byteoff =3D idx * elbytes; 2319 2320 if (byteoff < HOST_WIDE_INT_MAX 2321 && elbytes < HOST_WIDE_INT_MAX 2322 && byteoff / elbytes =3D=3D idx) 2323 { 2324 /* For in-bounds constant offsets into constant-sized arrays 2325 bump up *OFF, and for what's likely arrays or struct= s of 2326 arrays, also *FLDOFF, as necessary. */ (gdb) p elbytes $1 =3D 0 I think this testcase should probably be rejected given we have b with an array element size of zero which means elements overlap. Joseph? The ICE can be mitigated by reworking the byteoff / elbytes =3D=3D idx check which seems to be looking for whether the byteoff computation overflowed? (but we don't check whether *off +=3D byteoff overflows). The overflow checking can be preserved by doing elbytes =3D=3D 0 || byteoff / elbytes = =3D=3D idx. Referenced Bugs: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=3D105604 [Bug 105604] [10/11 Regression] ICE: in tree_to_shwi with vla in struct and sprintf=