public inbox for gcc-bugs@sourceware.org
help / color / mirror / Atom feed
* [Bug c/105969] New: [12/13 Regression] ICE in Floating point exception
@ 2022-06-14 10:23 gscfq@t-online.de
2022-06-15 8:50 ` [Bug c/105969] " rguenth at gcc dot gnu.org
` (5 more replies)
0 siblings, 6 replies; 7+ messages in thread
From: gscfq@t-online.de @ 2022-06-14 10:23 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=105969
Bug ID: 105969
Summary: [12/13 Regression] ICE in Floating point exception
Product: gcc
Version: 13.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: c
Assignee: unassigned at gcc dot gnu.org
Reporter: gscfq@t-online.de
Target Milestone: ---
Started between 20220522 and 20220529 :
$ cat z1.c
#include <stdio.h>
struct A
{
char a[0][0][0];
};
extern struct A b[][2];
void f (void)
{
sprintf (b[0][0].a[1][0], "%s", b[0][0].a[1][0]);
}
$ gcc-13-20220612 -c z1.c -Wall
z1.c: In function 'f':
during GIMPLE pass: warn-printf
z1.c:9:1: internal compiler error: Floating point exception
9 | }
| ^
0xc2a33f crash_signal
../../gcc/toplev.cc:322
0x184c71e get_origin_and_offset_r
../../gcc/gimple-ssa-sprintf.cc:2322
0x184c749 get_origin_and_offset_r
../../gcc/gimple-ssa-sprintf.cc:2385
0x185267f get_origin_and_offset
../../gcc/gimple-ssa-sprintf.cc:2447
0x185267f handle_printf_call(gimple_stmt_iterator*, pointer_query&)
../../gcc/gimple-ssa-sprintf.cc:4714
0xdfd21d strlen_pass::check_and_optimize_call(bool*)
../../gcc/tree-ssa-strlen.cc:5461
0xdfdbe1 strlen_pass::check_and_optimize_stmt(bool*)
../../gcc/tree-ssa-strlen.cc:5665
0xdfdfb4 strlen_pass::before_dom_children(basic_block_def*)
../../gcc/tree-ssa-strlen.cc:5849
0x17e9284 dom_walker::walk(basic_block_def*)
../../gcc/domwalk.cc:309
0xdfe420 printf_strlen_execute
../../gcc/tree-ssa-strlen.cc:5908
^ permalink raw reply [flat|nested] 7+ messages in thread
* [Bug c/105969] [12/13 Regression] ICE in Floating point exception
2022-06-14 10:23 [Bug c/105969] New: [12/13 Regression] ICE in Floating point exception gscfq@t-online.de
@ 2022-06-15 8:50 ` rguenth at gcc dot gnu.org
2022-06-15 11:15 ` cvs-commit at gcc dot gnu.org
` (4 subsequent siblings)
5 siblings, 0 replies; 7+ messages in thread
From: rguenth at gcc dot gnu.org @ 2022-06-15 8:50 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=105969
Richard Biener <rguenth at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Assignee|unassigned at gcc dot gnu.org |rguenth at gcc dot gnu.org
Last reconfirmed| |2022-06-15
Target Milestone|--- |12.2
Keywords| |accepts-invalid,
| |needs-bisection
Ever confirmed|0 |1
CC| |jsm28 at gcc dot gnu.org
Blocks| |105604
Status|UNCONFIRMED |ASSIGNED
--- Comment #1 from Richard Biener <rguenth at gcc dot gnu.org> ---
Confirmed.
(gdb) l
2317
2318 unsigned HOST_WIDE_INT byteoff = idx * elbytes;
2319
2320 if (byteoff < HOST_WIDE_INT_MAX
2321 && elbytes < HOST_WIDE_INT_MAX
2322 && byteoff / elbytes == idx)
2323 {
2324 /* For in-bounds constant offsets into constant-sized
arrays
2325 bump up *OFF, and for what's likely arrays or structs of
2326 arrays, also *FLDOFF, as necessary. */
(gdb) p elbytes
$1 = 0
I think this testcase should probably be rejected given we have b with
an array element size of zero which means elements overlap. Joseph?
The ICE can be mitigated by reworking the byteoff / elbytes == idx check
which seems to be looking for whether the byteoff computation overflowed?
(but we don't check whether *off += byteoff overflows). The overflow
checking can be preserved by doing elbytes == 0 || byteoff / elbytes == idx.
Referenced Bugs:
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=105604
[Bug 105604] [10/11 Regression] ICE: in tree_to_shwi with vla in struct and
sprintf
^ permalink raw reply [flat|nested] 7+ messages in thread
* [Bug c/105969] [12/13 Regression] ICE in Floating point exception
2022-06-14 10:23 [Bug c/105969] New: [12/13 Regression] ICE in Floating point exception gscfq@t-online.de
2022-06-15 8:50 ` [Bug c/105969] " rguenth at gcc dot gnu.org
@ 2022-06-15 11:15 ` cvs-commit at gcc dot gnu.org
2022-06-15 15:57 ` [Bug c/105969] [12 " joseph at codesourcery dot com
` (3 subsequent siblings)
5 siblings, 0 replies; 7+ messages in thread
From: cvs-commit at gcc dot gnu.org @ 2022-06-15 11:15 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=105969
--- Comment #2 from CVS Commits <cvs-commit at gcc dot gnu.org> ---
The master branch has been updated by Richard Biener <rguenth@gcc.gnu.org>:
https://gcc.gnu.org/g:edb9330c29fe8a0a0b76df6fafd6a223a4d0e41f
commit r13-1105-gedb9330c29fe8a0a0b76df6fafd6a223a4d0e41f
Author: Richard Biener <rguenther@suse.de>
Date: Wed Jun 15 10:54:48 2022 +0200
tree-optimization/105969 - FPE with array diagnostics
For a [0][0] array we have to be careful when dividing by the element
size which is zero for the outermost dimension. Luckily the division
is only for an overflow check which is pointless for array size zero.
2022-06-15 Richard Biener <rguenther@suse.de>
PR tree-optimization/105969
* gimple-ssa-sprintf.cc (get_origin_and_offset_r): Avoid division
by zero in overflow check.
* gcc.dg/pr105969.c: New testcase.
^ permalink raw reply [flat|nested] 7+ messages in thread
* [Bug c/105969] [12 Regression] ICE in Floating point exception
2022-06-14 10:23 [Bug c/105969] New: [12/13 Regression] ICE in Floating point exception gscfq@t-online.de
2022-06-15 8:50 ` [Bug c/105969] " rguenth at gcc dot gnu.org
2022-06-15 11:15 ` cvs-commit at gcc dot gnu.org
@ 2022-06-15 15:57 ` joseph at codesourcery dot com
2022-07-15 8:58 ` [Bug c/105969] [12 Regression] ICE in Floating point exception since r13-750-g10d1986aee47c5 marxin at gcc dot gnu.org
` (2 subsequent siblings)
5 siblings, 0 replies; 7+ messages in thread
From: joseph at codesourcery dot com @ 2022-06-15 15:57 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=105969
--- Comment #3 from joseph at codesourcery dot com <joseph at codesourcery dot com> ---
Overlapping elements is simply a consequence of the zero-sized-objects
extension, I don't see anything invalid here to reject (though there might
be undefined behavior at runtime when sprintf accesses bytes beyond the
zero-sized object; even if char a[0][0][0] is treated like a flexible
array member, it's not clear a flexible array member whose elements
themselves have zero size can be validly used to access any bytes).
^ permalink raw reply [flat|nested] 7+ messages in thread
* [Bug c/105969] [12 Regression] ICE in Floating point exception since r13-750-g10d1986aee47c5
2022-06-14 10:23 [Bug c/105969] New: [12/13 Regression] ICE in Floating point exception gscfq@t-online.de
` (2 preceding siblings ...)
2022-06-15 15:57 ` [Bug c/105969] [12 " joseph at codesourcery dot com
@ 2022-07-15 8:58 ` marxin at gcc dot gnu.org
2022-07-19 11:38 ` cvs-commit at gcc dot gnu.org
2022-07-19 11:39 ` rguenth at gcc dot gnu.org
5 siblings, 0 replies; 7+ messages in thread
From: marxin at gcc dot gnu.org @ 2022-07-15 8:58 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=105969
Martin Liška <marxin at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |marxin at gcc dot gnu.org,
| |msebor at gcc dot gnu.org
Summary|[12 Regression] ICE in |[12 Regression] ICE in
|Floating point exception |Floating point exception
| |since
| |r13-750-g10d1986aee47c5
Keywords|needs-bisection |
--- Comment #4 from Martin Liška <marxin at gcc dot gnu.org> ---
Btw. started with r13-750-g10d1986aee47c5.
^ permalink raw reply [flat|nested] 7+ messages in thread
* [Bug c/105969] [12 Regression] ICE in Floating point exception since r13-750-g10d1986aee47c5
2022-06-14 10:23 [Bug c/105969] New: [12/13 Regression] ICE in Floating point exception gscfq@t-online.de
` (3 preceding siblings ...)
2022-07-15 8:58 ` [Bug c/105969] [12 Regression] ICE in Floating point exception since r13-750-g10d1986aee47c5 marxin at gcc dot gnu.org
@ 2022-07-19 11:38 ` cvs-commit at gcc dot gnu.org
2022-07-19 11:39 ` rguenth at gcc dot gnu.org
5 siblings, 0 replies; 7+ messages in thread
From: cvs-commit at gcc dot gnu.org @ 2022-07-19 11:38 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=105969
--- Comment #5 from CVS Commits <cvs-commit at gcc dot gnu.org> ---
The releases/gcc-12 branch has been updated by Richard Biener
<rguenth@gcc.gnu.org>:
https://gcc.gnu.org/g:4f34a9e8d5ffcef99a212180d58718b00bdbb7d2
commit r12-8579-g4f34a9e8d5ffcef99a212180d58718b00bdbb7d2
Author: Richard Biener <rguenther@suse.de>
Date: Wed Jun 15 10:54:48 2022 +0200
tree-optimization/105969 - FPE with array diagnostics
For a [0][0] array we have to be careful when dividing by the element
size which is zero for the outermost dimension. Luckily the division
is only for an overflow check which is pointless for array size zero.
2022-06-15 Richard Biener <rguenther@suse.de>
PR tree-optimization/105969
* gimple-ssa-sprintf.cc (get_origin_and_offset_r): Avoid division
by zero in overflow check.
* gcc.dg/pr105969.c: New testcase.
(cherry picked from commit edb9330c29fe8a0a0b76df6fafd6a223a4d0e41f)
^ permalink raw reply [flat|nested] 7+ messages in thread
* [Bug c/105969] [12 Regression] ICE in Floating point exception since r13-750-g10d1986aee47c5
2022-06-14 10:23 [Bug c/105969] New: [12/13 Regression] ICE in Floating point exception gscfq@t-online.de
` (4 preceding siblings ...)
2022-07-19 11:38 ` cvs-commit at gcc dot gnu.org
@ 2022-07-19 11:39 ` rguenth at gcc dot gnu.org
5 siblings, 0 replies; 7+ messages in thread
From: rguenth at gcc dot gnu.org @ 2022-07-19 11:39 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=105969
Richard Biener <rguenth at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Known to work| |12.1.1
Known to fail|12.1.1 |12.1.0
Status|ASSIGNED |RESOLVED
Resolution|--- |FIXED
--- Comment #6 from Richard Biener <rguenth at gcc dot gnu.org> ---
Fixed.
^ permalink raw reply [flat|nested] 7+ messages in thread
end of thread, other threads:[~2022-07-19 11:39 UTC | newest]
Thread overview: 7+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-06-14 10:23 [Bug c/105969] New: [12/13 Regression] ICE in Floating point exception gscfq@t-online.de
2022-06-15 8:50 ` [Bug c/105969] " rguenth at gcc dot gnu.org
2022-06-15 11:15 ` cvs-commit at gcc dot gnu.org
2022-06-15 15:57 ` [Bug c/105969] [12 " joseph at codesourcery dot com
2022-07-15 8:58 ` [Bug c/105969] [12 Regression] ICE in Floating point exception since r13-750-g10d1986aee47c5 marxin at gcc dot gnu.org
2022-07-19 11:38 ` cvs-commit at gcc dot gnu.org
2022-07-19 11:39 ` rguenth at gcc dot gnu.org
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).