From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: by sourceware.org (Postfix, from userid 48) id 68C56388204E; Wed, 3 May 2023 15:23:04 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 68C56388204E DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gcc.gnu.org; s=default; t=1683127385; bh=e6ioY1ZLEJxBtzs/+3/7ZIRYiHzmarX7xiJQlbrqicI=; h=From:To:Subject:Date:In-Reply-To:References:From; b=AYGxD8SI19A9CALsxfLFQ/cF9lt0j3s8Ni33DJWG2BBSDmHsgSKjPIiKcBu4Mz+WX Op0p5E3pUNsaRxZHoj5HxhbJOK+JXbM+ufeCxNNf6jYHKoJmqe2ouXrP3/xbzKfqaL Pp+C8DMihiy5nsQrZOSl230Qpci5PQftGwVQ2Tr4= From: "cvs-commit at gcc dot gnu.org" To: gcc-bugs@gcc.gnu.org Subject: [Bug middle-end/106190] [10 Regression] ICE in expand_builtin_eh_common with -fnon-call-exceptions -fsanitize=address,undefined -fno-sanitize-recover=all Date: Wed, 03 May 2023 15:23:04 +0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: gcc X-Bugzilla-Component: middle-end X-Bugzilla-Version: 13.0 X-Bugzilla-Keywords: EH, ice-on-valid-code X-Bugzilla-Severity: normal X-Bugzilla-Who: cvs-commit at gcc dot gnu.org X-Bugzilla-Status: ASSIGNED X-Bugzilla-Resolution: X-Bugzilla-Priority: P2 X-Bugzilla-Assigned-To: jakub at gcc dot gnu.org X-Bugzilla-Target-Milestone: 10.5 X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: http://gcc.gnu.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 List-Id: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=3D106190 --- Comment #15 from CVS Commits --- The releases/gcc-10 branch has been updated by Jakub Jelinek : https://gcc.gnu.org/g:c8dc9e474549c3c6692a71f5d0c791ef900cb60c commit r10-11383-gc8dc9e474549c3c6692a71f5d0c791ef900cb60c Author: Jakub Jelinek Date: Tue Mar 28 10:56:44 2023 +0200 sanopt: Return TODO_cleanup_cfg if any .{UB,HWA,A}SAN_* calls were lowe= red [PR106190] The following testcase ICEs, because without optimization eh lowering decides not to duplicate finally block of try/finally and so we end up with variable guarded cleanup. The sanopt pass creates a cfg that ought to be cleaned up (some IFN_UBSAN_* functions are lowered in this case w= ith constant conditions in gcond and when not allowing recovery some bbs wh= ich end with noreturn calls actually have successor edges), but the cfg cle= anup is actually (it is -O0) done only during the optimized pass. We notice there that the d[1][a] =3D 0; statement which has an EH edge is unreach= able (because ubsan would always abort on the out of bounds d[1] access), re= move the EH landing pad and block, but because that block just sets a variab= le and jumps to another one which tests that variable and that one is reachable from normal control flow, the __builtin_eh_pointer (1) later in there is kept in the IL and we ICE during expansion of that statement because the EH region has been removed. The following patch fixes it by doing the cfg cleanup already during sanopt pass if we create something that might need it, while the EH landing pad is then removed already during sanopt pass, there is ehclea= nup later and we don't ICE anymore. 2023-03-28 Jakub Jelinek PR middle-end/106190 * sanopt.c (pass_sanopt::execute): Return TODO_cleanup_cfg if a= ny of the IFN_{UB,HWA,A}SAN_* internal fns are lowered. * gcc.dg/asan/pr106190.c: New test. (cherry picked from commit 39a43dc336561e0eba0de477b16c7355f19d84ee)=