public inbox for gcc-bugs@sourceware.org
help / color / mirror / Atom feed
* [Bug target/111418] New: ICE with the CVE-2023-4039 patches applied
@ 2023-09-14 13:26 ross at burtonini dot com
2023-09-14 14:42 ` [Bug target/111418] " Martin.Jansa at gmail dot com
` (3 more replies)
0 siblings, 4 replies; 5+ messages in thread
From: ross at burtonini dot com @ 2023-09-14 13:26 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=111418
Bug ID: 111418
Summary: ICE with the CVE-2023-4039 patches applied
Product: gcc
Version: 13.2.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: target
Assignee: unassigned at gcc dot gnu.org
Reporter: ross at burtonini dot com
CC: Martin.Jansa at gmail dot com, rsandifo at gcc dot gnu.org
Target Milestone: ---
Target: aarch64
After integrating the -fstack-protector fixes in CVE-2023-4039 to gcc 13.2.0, a
proprietary codebase is causing an ICE.
error: unrecognizable insn:
2923 | }
| ^
(insn 416 286 290 17 (parallel [
(set (mem/c:SI (plus:DI (reg/f:DI 29 x29)
(const_int -260 [0xfffffffffffffefc])) [1
redacted.pixel_format+0 S4 A32])
(const_int 0 [0]))
(set (mem/c:SI (plus:DI (reg/f:DI 29 x29)
(const_int -256 [0xffffffffffffff00])) [1
redacted.pixel_value+0 S4 A128])
(reg/v:SI 22 x22 [orig:141 color ] [141]))
])
"TOPDIR/BUILD/work/redacted/redacted/redacted/git/redacted.c":2903:45 -1
(expr_list:REG_DEAD (reg/v:SI 22 x22 [orig:141 color ] [141])
(nil)))
during RTL pass: cprop_hardreg
TOPDIR/BUILD/work/redacted/redacted/redacted/git/redacted.c:2923:1: internal
compiler error: in extract_insn, at recog.cc:2791
0x191624a internal_error(char const*, ...)
???:0
0x6bee26 fancy_abort(char const*, int, char const*)
???:0
0x697469 _fatal_insn(char const*, rtx_def const*, char const*, int, char
const*)
???:0
0x697485 _fatal_insn_not_found(rtx_def const*, char const*, int, char const*)
???:0
0xbef198 extract_constrain_insn(rtx_insn*)
???:0
Copying Martin Jansa who reported this originally and is working on a minimal
reproducer.
^ permalink raw reply [flat|nested] 5+ messages in thread
* [Bug target/111418] ICE with the CVE-2023-4039 patches applied
2023-09-14 13:26 [Bug target/111418] New: ICE with the CVE-2023-4039 patches applied ross at burtonini dot com
@ 2023-09-14 14:42 ` Martin.Jansa at gmail dot com
2023-09-14 14:45 ` pinskia at gcc dot gnu.org
` (2 subsequent siblings)
3 siblings, 0 replies; 5+ messages in thread
From: Martin.Jansa at gmail dot com @ 2023-09-14 14:42 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=111418
--- Comment #1 from Martin Jansa <Martin.Jansa at gmail dot com> ---
https://github.com/csmith-project/creduce
reduced my test case to:
typedef a;
typedef struct {
short b __attribute__((aligned(8)))
} c;
typedef struct {
short d __attribute__((aligned(8)))
} e;
typedef struct {
int f;
a g
} h;
typedef struct {
int i;
int j;
a k;
h l;
e m;
a n;
a o;
a p;
a a;
a q
} r;
typedef struct {
r s;
r t;
r u;
r b;
a : 2, : 22, : 10;
a : 4, : 4, : 16;
struct {
char c;
c d;
c e
}
} v;
w;
x() {
v a;
w = __builtin_alloca(sizeof(e));
a.s.l.f = a.s.l.g = x;
ai(a);
}
$ aarch64-oe-linux-gcc --version
aarch64-oe-linux-gcc (GCC) 13.2.0
And to reproduce need to use -fstack-protector-strong as well as -O2:
$ aarch64-oe-linux-gcc -fstack-protector-strong -O2 -c test.c
... bunch of warnings ...
test.c:43:1: error: unrecognizable insn:
43 | }
| ^
(insn 87 27 29 2 (parallel [
(set (mem/c:SI (plus:DI (reg/f:DI 29 x29)
(const_int -260 [0xfffffffffffffefc])) [1 a.s.l.f+0 S4
A32])
(reg:SI 4 x4 [107]))
(set (mem/c:SI (plus:DI (reg/f:DI 29 x29)
(const_int -256 [0xffffffffffffff00])) [1 a.s.l.g+0 S4
A128])
(reg:SI 4 x4 [107]))
]) "test.c":42:3 -1
(expr_list:REG_DEAD (reg:SI 4 x4 [107])
(nil)))
during RTL pass: cprop_hardreg
test.c:43:1: internal compiler error: in extract_insn, at recog.cc:2791
0x18d8d3b internal_error(char const*, ...)
???:0
0x6b3c5a fancy_abort(char const*, int, char const*)
???:0
0x692708 _fatal_insn(char const*, rtx_def const*, char const*, int, char
const*)
???:0
0x69272a _fatal_insn_not_found(rtx_def const*, char const*, int, char const*)
???:0
0xbe23ef extract_constrain_insn(rtx_insn*)
???:0
Will check with gcc trunk if it's still reproducible there. gcc-12.3.0 shows
the same ICE while gcc-11.4.0 built the same code OK.
^ permalink raw reply [flat|nested] 5+ messages in thread
* [Bug target/111418] ICE with the CVE-2023-4039 patches applied
2023-09-14 13:26 [Bug target/111418] New: ICE with the CVE-2023-4039 patches applied ross at burtonini dot com
2023-09-14 14:42 ` [Bug target/111418] " Martin.Jansa at gmail dot com
@ 2023-09-14 14:45 ` pinskia at gcc dot gnu.org
2023-09-14 15:33 ` Martin.Jansa at gmail dot com
2023-09-15 1:14 ` sjames at gcc dot gnu.org
3 siblings, 0 replies; 5+ messages in thread
From: pinskia at gcc dot gnu.org @ 2023-09-14 14:45 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=111418
Andrew Pinski <pinskia at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Resolution|--- |DUPLICATE
Status|UNCONFIRMED |RESOLVED
--- Comment #2 from Andrew Pinski <pinskia at gcc dot gnu.org> ---
Dup of bug 111411.
*** This bug has been marked as a duplicate of bug 111411 ***
^ permalink raw reply [flat|nested] 5+ messages in thread
* [Bug target/111418] ICE with the CVE-2023-4039 patches applied
2023-09-14 13:26 [Bug target/111418] New: ICE with the CVE-2023-4039 patches applied ross at burtonini dot com
2023-09-14 14:42 ` [Bug target/111418] " Martin.Jansa at gmail dot com
2023-09-14 14:45 ` pinskia at gcc dot gnu.org
@ 2023-09-14 15:33 ` Martin.Jansa at gmail dot com
2023-09-15 1:14 ` sjames at gcc dot gnu.org
3 siblings, 0 replies; 5+ messages in thread
From: Martin.Jansa at gmail dot com @ 2023-09-14 15:33 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=111418
--- Comment #3 from Martin Jansa <Martin.Jansa at gmail dot com> ---
Reproduced with:
13.2.1 20230914 (revision 9cddebd822aeff9b7c0e9951909d5ec96c959e4f)
and
14.0.0 20230914 (experimental) (revision
8517317ce8e9fbea0b4c7a8f87a86d07d95dc8c7)
as well.
^ permalink raw reply [flat|nested] 5+ messages in thread
* [Bug target/111418] ICE with the CVE-2023-4039 patches applied
2023-09-14 13:26 [Bug target/111418] New: ICE with the CVE-2023-4039 patches applied ross at burtonini dot com
` (2 preceding siblings ...)
2023-09-14 15:33 ` Martin.Jansa at gmail dot com
@ 2023-09-15 1:14 ` sjames at gcc dot gnu.org
3 siblings, 0 replies; 5+ messages in thread
From: sjames at gcc dot gnu.org @ 2023-09-15 1:14 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=111418
Sam James <sjames at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |sjames at gcc dot gnu.org
--- Comment #4 from Sam James <sjames at gcc dot gnu.org> ---
Thanks, your test case is nicer than mine in the original.
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2023-09-15 1:14 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2023-09-14 13:26 [Bug target/111418] New: ICE with the CVE-2023-4039 patches applied ross at burtonini dot com
2023-09-14 14:42 ` [Bug target/111418] " Martin.Jansa at gmail dot com
2023-09-14 14:45 ` pinskia at gcc dot gnu.org
2023-09-14 15:33 ` Martin.Jansa at gmail dot com
2023-09-15 1:14 ` sjames at gcc dot gnu.org
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).