From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: by sourceware.org (Postfix, from userid 48) id EE588393BC2A; Tue, 28 Apr 2020 13:58:38 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org EE588393BC2A DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gcc.gnu.org; s=default; t=1588082318; bh=2t7VVB/A2pYRjfc+q7HiZxcD9vektVIxHPtbhf89PsI=; h=From:To:Subject:Date:From; b=IforBBj6vpBB/qdXIdftLV0tkjSTSkZss93s/OsIQoa6WFrsmJ/lrBARYNV3eostZ fZ2Cav3W0ZnLNA/A0O9ZG6gJb7dUQJPwNrNTT+R3jTAi1VI4YWYjjxJF/YxhJFwi+X m5Ey5MAiM6P0EuF91yNTnhRB9W+2mPn7RxSimXDw= From: "lizekun1 at huawei dot com" To: gcc-bugs@gcc.gnu.org Subject: [Bug lto/94822] New: ICE in lto with option -Warray-bounds and -fno-use-linker-plugin Date: Tue, 28 Apr 2020 13:58:38 +0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: new X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: gcc X-Bugzilla-Component: lto X-Bugzilla-Version: 10.0 X-Bugzilla-Keywords: X-Bugzilla-Severity: normal X-Bugzilla-Who: lizekun1 at huawei dot com X-Bugzilla-Status: UNCONFIRMED X-Bugzilla-Resolution: X-Bugzilla-Priority: P3 X-Bugzilla-Assigned-To: unassigned at gcc dot gnu.org X-Bugzilla-Target-Milestone: --- X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: bug_id short_desc product version bug_status bug_severity priority component assigned_to reporter cc target_milestone attachments.created Message-ID: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: http://gcc.gnu.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: gcc-bugs@gcc.gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Gcc-bugs mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 28 Apr 2020 13:58:39 -0000 https://gcc.gnu.org/bugzilla/show_bug.cgi?id=3D94822 Bug ID: 94822 Summary: ICE in lto with option -Warray-bounds and -fno-use-linker-plugin Product: gcc Version: 10.0 Status: UNCONFIRMED Severity: normal Priority: P3 Component: lto Assignee: unassigned at gcc dot gnu.org Reporter: lizekun1 at huawei dot com CC: marxin at gcc dot gnu.org Target Milestone: --- Created attachment 48393 --> https://gcc.gnu.org/bugzilla/attachment.cgi?id=3D48393&action=3Dedit gcc10-lto-constructor-array-bounds.patch Hi, I find an ICE when testing GCC10.0 on aarch64 at '-O3 -flto -fno-use-linker-plugin -Warray-bounds' with POCs below: test.h --- typedef struct { int i; int ints[]; } struct_t; --- test0.c --- /* { dg-lto-do link } */ #include "test.h" extern struct_t my_struct; int main() { return my_struct.ints[1]; } --- test1.c --- #include "test.h" struct_t my_struct =3D { 20, { 1, 2 } }; --- GCC version: gcc version 10.0.1 20200421 (experimental) Runcommand: gcc -O3 -flto -fno-use-linker-plugin -Warray-bounds -c -o test0.o test0.c gcc -O3 -flto -fno-use-linker-plugin -Warray-bounds -c -o test1.o test1.c gcc test0.o test1.o -flto -Warray-bounds -fno-use-linker-plugin -o test.exe Stack dump: during GIMPLE pass: vrp test0.c: In function 'main': test0.c:7:5: internal compiler error: tree check: expected constructor, have error_mark in get_initializer_for, at tree.c:13565 7 | int main() { | ^ 0x15d8fc7 tree_check_failed(tree_node const*, char const*, int, char const*, ...) /home/lzk /gcc-10.0/gcc/tree.c:9685 0x9b0a37 tree_check(tree_node*, char const*, int, char const*, tree_code) /home/lzk /gcc-10.0/gcc/tree.h:3278 0x15eafdf get_initializer_for /home/lzk gcc-10.0/gcc/tree.c:13565 0x15eb73f component_ref_size(tree_node*, bool*) /home/lzk/ gcc-10.0/gcc/tree.c:13678 0x15a2037 vrp_prop::check_array_ref(unsigned int, tree_node*, bool) /home/lzk/gcc-10.0/gcc/tree-vrp.c:3525 0x15a46c3 check_array_bounds /home/lzk /gcc-10.0/gcc/tree-vrp.c:4062 0x15e3cc3 walk_tree_1(tree_node**, tree_node* (*)(tree_node**, int*, void*), void*, hash_set >*, tree_node* (*)(tree_node**, int*, tree_node* (*)(tree_node**, int*, void*), void*, hash_set >*)) /home/lzk/gcc-10.0/gcc/tree.c:11954 0xd2cd37 walk_gimple_op(gimple*, tree_node* (*)(tree_node**, int*, void*), walk_stmt_info*) /home/lzk/gcc-10.0/gcc/gimple-walk.c:202 0x15a485b check_array_bounds_dom_walker::before_dom_children(basic_block_de= f*) /home/lzk/gcc-10.0/gcc/tree-vrp.c:4120 0x1f8c863 dom_walker::walk(basic_block_def*) /home/lzk/gcc-10.0/gcc/domwalk.c:309 0x15a48b7 vrp_prop::check_all_array_refs() /home/lzk/gcc-10.0/gcc/tree-vrp.c:4137 0x15a805f vrp_prop::vrp_finalize(bool) /home/lzk/gcc-10.0/gcc/tree-vrp.c:5209 0x15a80cb execute_vrp /home/lzk/gcc-10.0/gcc/tree-vrp.c:5277 0x15a82fb execute /home/lzk/gcc-10.0/gcc/tree-vrp.c:5359 This ICE appears because gcc will stream it to the function_body section wh= en processing the variable with the initial value of the constructor type, and= the error_mark_node to the decls section. When recompiling, the value obtained = with DECL_INITIAL will be error_mark. My proposed fix is: --- diff --git a/gcc/tree.c b/gcc/tree.c index 63dc6730b2b..385c22e667f 100644 --- a/gcc/tree.c +++ b/gcc/tree.c @@ -13719,6 +13719,13 @@ component_ref_size (tree ref, bool *inte the initializer of the BASE object if it has one. */ if (tree init =3D DECL_P (base) ? DECL_INITIAL (base) : NULL_TREE) { + varpool_node *vnode; + if (TREE_CODE (init) =3D=3D ERROR_MARK + && in_lto_p + && VAR_P (base) + && (vnode =3D varpool_node::get (base) + ? varpool_node::get (base)->ultimate_alias_target () : NULL= )) + init =3D vnode->get_constructor (); init =3D get_initializer_for (init, member); if (init) { --- any suggestion?=