[Bug sanitizer/113251] New: [14 Regression] ICE on gcc.dg/asan/pr63845.c on i686-linux since r14-6946

[Bug sanitizer/113251] New: [14 Regression] ICE on gcc.dg/asan/pr63845.c on i686-linux since r14-6946

[jakub at gcc dot gnu.org]

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=113251

            Bug ID: 113251
           Summary: [14 Regression] ICE on gcc.dg/asan/pr63845.c on
                    i686-linux since r14-6946
           Product: gcc
           Version: 14.0
            Status: UNCONFIRMED
          Severity: normal
          Priority: P3
         Component: sanitizer
          Assignee: unassigned at gcc dot gnu.org
          Reporter: jakub at gcc dot gnu.org
                CC: dodji at gcc dot gnu.org, dvyukov at gcc dot gnu.org,
                    jakub at gcc dot gnu.org, kcc at gcc dot gnu.org, marxin at gcc dot gnu.org
  Target Milestone: ---

Since r14-6946-ge66dc37b299cac4171b1c5b90cf6b54388bd5bc5
I'm seeing on i686-linux:
+FAIL: gcc.dg/asan/pr63845.c   -O0  (internal compiler error: Segmentation
fault)
+FAIL: gcc.dg/asan/pr63845.c   -O0  (test for excess errors)
+FAIL: gcc.dg/asan/pr63845.c   -O1  (internal compiler error: Segmentation
fault)
+FAIL: gcc.dg/asan/pr63845.c   -O1  (test for excess errors)
+FAIL: gcc.dg/asan/pr63845.c   -O2  (internal compiler error: Segmentation
fault)
+FAIL: gcc.dg/asan/pr63845.c   -O2  (test for excess errors)
+FAIL: gcc.dg/asan/pr63845.c   -O2 -flto  (internal compiler error:
Segmentation fault)
+FAIL: gcc.dg/asan/pr63845.c   -O2 -flto  (test for excess errors)
+FAIL: gcc.dg/asan/pr63845.c   -O2 -flto -flto-partition=none  (internal
compiler error: Segmentation fault)
+FAIL: gcc.dg/asan/pr63845.c   -O2 -flto -flto-partition=none  (test for excess
errors)
+FAIL: gcc.dg/asan/pr63845.c   -O3 -g  (internal compiler error: Segmentation
fault)
+FAIL: gcc.dg/asan/pr63845.c   -O3 -g  (test for excess errors)
+FAIL: gcc.dg/asan/pr63845.c   -Os  (internal compiler error: Segmentation
fault)
+FAIL: gcc.dg/asan/pr63845.c   -Os  (test for excess errors)
(reproduceable also with -fPIC -fsanitize=address -m32 on x86_64-linux).
The ICE is:
/home/jakub/src/gcc/gcc/testsuite/gcc.dg/asan/pr63845.c:16:1: internal compiler
error: Segmentation fault
0x90680da crash_signal
        ../../gcc/toplev.cc:316
0x90813b8 asan_function_start()
        ../../gcc/asan.cc:1484
0x944b657 ix86_code_end
        ../../gcc/config/i386/i386.cc:6334
Please submit a full bug report, with preprocessed source (by using
-freport-bug).
Please include the complete backtrace with any bug report.
See <https://gcc.gnu.org/bugs/> for instructions.
compiler exited with status 1
The problem is when ix86_code_end does
6334              ASM_DECLARE_FUNCTION_NAME (asm_out_file, name, decl);
cfun is still NULL and so when asan_function_start is called,
current_function_funcdef_no access ICEs.
Either varasm.cc could avoid calling asan_function_start if cfun is NULL, or
e.g. ix86_code_end could work it around by temporarily clearing flag_sanitize
around this,
after all, there is no asan support in PIC landing pad.

[Bug sanitizer/113251] [14 Regression] ICE on gcc.dg/asan/pr63845.c on i686-linux since r14-6946

[jakub at gcc dot gnu.org]

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=113251

Jakub Jelinek <jakub at gcc dot gnu.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
   Target Milestone|---                         |14.0
           Priority|P3                          |P1
                 CC|                            |iii at gcc dot gnu.org,
                   |                            |uros at gcc dot gnu.org

[Bug sanitizer/113251] [14 Regression] ICE on gcc.dg/asan/pr63845.c on i686-linux since r14-6946

[iii at linux dot ibm.com]

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=113251

Ilya Leoshkevich <iii at linux dot ibm.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |iii at linux dot ibm.com

--- Comment #1 from Ilya Leoshkevich <iii at linux dot ibm.com> ---
I can reproduce this manually and will work on a fix.

Surprisingly, this does not show in my test results. I.e.:

$ make check-gcc RUNTESTFLAGS="asan.exp=pr63845.c --debug"
                === gcc Summary ===

# of expected passes            7

$ cat gcc/testsuite/gcc/gcc.sum

PASS: gcc.dg/asan/pr63845.c   -O0  (test for excess errors)
PASS: gcc.dg/asan/pr63845.c   -O1  (test for excess errors)
PASS: gcc.dg/asan/pr63845.c   -O2  (test for excess errors)
PASS: gcc.dg/asan/pr63845.c   -O3 -g  (test for excess errors)
PASS: gcc.dg/asan/pr63845.c   -Os  (test for excess errors)
PASS: gcc.dg/asan/pr63845.c   -O2 -flto -fno-use-linker-plugin
-flto-partition=none  (test for excess errors)
PASS: gcc.dg/asan/pr63845.c   -O2 -flto -fuse-linker-plugin
-fno-fat-lto-objects  (test for excess errors)

But!

$ cat gcc/testsuite/gcc/dbg.log

expect: does "fPIC170653.c:3:13: internal compiler error: Segmentation
fault\r\n" (spawn_id exp7) match regular expression ".+"? (No Gate, RE only)
gate=yes re=yes

compiler exited with status 1

So the problem manifests itself during the test run, but the runner fails to
recognize it for some reason.

[Bug sanitizer/113251] [14 Regression] ICE on gcc.dg/asan/pr63845.c on i686-linux since r14-6946

[cvs-commit at gcc dot gnu.org]

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=113251

--- Comment #2 from GCC Commits <cvs-commit at gcc dot gnu.org> ---
The master branch has been updated by Ilya Leoshkevich <iii@gcc.gnu.org>:

https://gcc.gnu.org/g:ba4cfef0a45dd50e16ca7bee158bc630fa646ee7

commit r14-7012-gba4cfef0a45dd50e16ca7bee158bc630fa646ee7
Author: Ilya Leoshkevich <iii@linux.ibm.com>
Date:   Mon Jan 8 10:11:59 2024 +0100

    asan: Do not call asan_function_start () without the current function
[PR113251]

    Using ASAN on i686-linux with -fPIC causes an ICE, because when
    pc_thunks are generated, there is no current function anymore, but
    asan_function_start () expects one.

    Fix by not calling asan_function_start () without one.

    A narrower fix would be to temporarily disable ASAN around pc_thunk
    generation.  However, the issue looks generic enough, and may affect
    less often tested configurations, so go for a broader fix.

    Fixes: e66dc37b299c ("asan: Align .LASANPC on function boundary")
    Suggested-by: Jakub Jelinek <jakub@redhat.com>
    Signed-off-by: Ilya Leoshkevich <iii@linux.ibm.com>

    gcc/ChangeLog:

            PR sanitizer/113251
            * varasm.cc (assemble_function_label_raw): Do not call
            asan_function_start () without the current function.

[Bug sanitizer/113251] [14 Regression] ICE on gcc.dg/asan/pr63845.c on i686-linux since r14-6946

[pinskia at gcc dot gnu.org]

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=113251

Andrew Pinski <pinskia at gcc dot gnu.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |mjires at suse dot cz

--- Comment #3 from Andrew Pinski <pinskia at gcc dot gnu.org> ---
*** Bug 113273 has been marked as a duplicate of this bug. ***

[Bug sanitizer/113251] [14 Regression] ICE on gcc.dg/asan/pr63845.c on i686-linux since r14-6946

[rguenth at gcc dot gnu.org]

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=113251

Richard Biener <rguenth at gcc dot gnu.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|UNCONFIRMED                 |RESOLVED
         Resolution|---                         |FIXED

--- Comment #4 from Richard Biener <rguenth at gcc dot gnu.org> ---
Fixed.