public inbox for gcc-bugs@sourceware.org
help / color / mirror / Atom feed
* [Bug analyzer/96860] New: [11 Regression] ICE in apply_ctor_to_region, at analyzer/store.cc:445
@ 2020-08-31 9:06 asolokha at gmx dot com
2020-08-31 13:13 ` [Bug analyzer/96860] " rguenth at gcc dot gnu.org
` (3 more replies)
0 siblings, 4 replies; 5+ messages in thread
From: asolokha at gmx dot com @ 2020-08-31 9:06 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=96860
Bug ID: 96860
Summary: [11 Regression] ICE in apply_ctor_to_region, at
analyzer/store.cc:445
Product: gcc
Version: 11.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: analyzer
Assignee: dmalcolm at gcc dot gnu.org
Reporter: asolokha at gmx dot com
Target Milestone: ---
Target: x86_64-pc-linux-gnu
gcc-11.0.0-alpha20200830 snapshot (g:6ccadc4c0486ff011a32c74de1a31148acb3cbe2)
ICEs when compiling the following testcase, reduced from
gcc/testsuite/gcc.c-torture/execute/pr89634.c, w/ -fanalyzer --param
analyzer-max-svalue-depth=0:
void
x7 (void)
{
__int128 z5[] = {
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 1, 0, 1, 0, 1,
};
}
% x86_64-pc-linux-gnu-gcc-11.0.0 -fanalyzer --param analyzer-max-svalue-depth=0
-c z2ncgwrg.c
during IPA pass: analyzer
z2ncgwrg.c: In function 'x7':
z2ncgwrg.c:4:12: internal compiler error: in apply_ctor_to_region, at
analyzer/store.cc:445
4 | __int128 z5[] = {
| ^~
0x7244b1 ana::binding_map::apply_ctor_to_region(ana::region const*, tree_node*,
ana::region_model_manager*)
/var/tmp/portage/sys-devel/gcc-11.0.0_alpha20200830/work/gcc-11-20200830/gcc/analyzer/store.cc:445
0x110cea4 ana::decl_region::get_svalue_for_constructor(tree_node*,
ana::region_model_manager*) const
/var/tmp/portage/sys-devel/gcc-11.0.0_alpha20200830/work/gcc-11-20200830/gcc/analyzer/region.cc:907
0x1111db4 ana::region_model::get_store_value(ana::region const*) const
/var/tmp/portage/sys-devel/gcc-11.0.0_alpha20200830/work/gcc-11-20200830/gcc/analyzer/region-model.cc:1284
0x1113c6a ana::region_model::get_rvalue(tree_node*, ana::region_model_context*)
/var/tmp/portage/sys-devel/gcc-11.0.0_alpha20200830/work/gcc-11-20200830/gcc/analyzer/region-model.cc:1190
0x1116727 ana::region_model::on_assignment(gassign const*,
ana::region_model_context*)
/var/tmp/portage/sys-devel/gcc-11.0.0_alpha20200830/work/gcc-11-20200830/gcc/analyzer/region-model.cc:562
0x10f7532 ana::exploded_node::on_stmt(ana::exploded_graph&, ana::supernode
const*, gimple const*, ana::program_state*) const
/var/tmp/portage/sys-devel/gcc-11.0.0_alpha20200830/work/gcc-11-20200830/gcc/analyzer/engine.cc:1029
0x10f877d ana::exploded_graph::process_node(ana::exploded_node*)
/var/tmp/portage/sys-devel/gcc-11.0.0_alpha20200830/work/gcc-11-20200830/gcc/analyzer/engine.cc:2526
0x10f926a ana::exploded_graph::process_worklist()
/var/tmp/portage/sys-devel/gcc-11.0.0_alpha20200830/work/gcc-11-20200830/gcc/analyzer/engine.cc:2341
0x10fb39f ana::impl_run_checkers(ana::logger*)
/var/tmp/portage/sys-devel/gcc-11.0.0_alpha20200830/work/gcc-11-20200830/gcc/analyzer/engine.cc:4107
0x10fbfbc ana::run_checkers()
/var/tmp/portage/sys-devel/gcc-11.0.0_alpha20200830/work/gcc-11-20200830/gcc/analyzer/engine.cc:4175
0x10f0978 execute
/var/tmp/portage/sys-devel/gcc-11.0.0_alpha20200830/work/gcc-11-20200830/gcc/analyzer/analyzer-pass.cc:84
It's also possible to trigger this ICE w/ -m32 when one replaces __int128 w/
long int in z5 declaration.
^ permalink raw reply [flat|nested] 5+ messages in thread
* [Bug analyzer/96860] [11 Regression] ICE in apply_ctor_to_region, at analyzer/store.cc:445
2020-08-31 9:06 [Bug analyzer/96860] New: [11 Regression] ICE in apply_ctor_to_region, at analyzer/store.cc:445 asolokha at gmx dot com
@ 2020-08-31 13:13 ` rguenth at gcc dot gnu.org
2020-08-31 14:01 ` dmalcolm at gcc dot gnu.org
` (2 subsequent siblings)
3 siblings, 0 replies; 5+ messages in thread
From: rguenth at gcc dot gnu.org @ 2020-08-31 13:13 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=96860
Richard Biener <rguenth at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Target Milestone|--- |11.0
Priority|P3 |P4
^ permalink raw reply [flat|nested] 5+ messages in thread
* [Bug analyzer/96860] [11 Regression] ICE in apply_ctor_to_region, at analyzer/store.cc:445
2020-08-31 9:06 [Bug analyzer/96860] New: [11 Regression] ICE in apply_ctor_to_region, at analyzer/store.cc:445 asolokha at gmx dot com
2020-08-31 13:13 ` [Bug analyzer/96860] " rguenth at gcc dot gnu.org
@ 2020-08-31 14:01 ` dmalcolm at gcc dot gnu.org
2020-08-31 22:31 ` cvs-commit at gcc dot gnu.org
2020-08-31 22:34 ` dmalcolm at gcc dot gnu.org
3 siblings, 0 replies; 5+ messages in thread
From: dmalcolm at gcc dot gnu.org @ 2020-08-31 14:01 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=96860
David Malcolm <dmalcolm at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Ever confirmed|0 |1
Status|UNCONFIRMED |ASSIGNED
Last reconfirmed| |2020-08-31
--- Comment #1 from David Malcolm <dmalcolm at gcc dot gnu.org> ---
Thanks for filing this bug. Confirmed; am testing a fix.
^ permalink raw reply [flat|nested] 5+ messages in thread
* [Bug analyzer/96860] [11 Regression] ICE in apply_ctor_to_region, at analyzer/store.cc:445
2020-08-31 9:06 [Bug analyzer/96860] New: [11 Regression] ICE in apply_ctor_to_region, at analyzer/store.cc:445 asolokha at gmx dot com
2020-08-31 13:13 ` [Bug analyzer/96860] " rguenth at gcc dot gnu.org
2020-08-31 14:01 ` dmalcolm at gcc dot gnu.org
@ 2020-08-31 22:31 ` cvs-commit at gcc dot gnu.org
2020-08-31 22:34 ` dmalcolm at gcc dot gnu.org
3 siblings, 0 replies; 5+ messages in thread
From: cvs-commit at gcc dot gnu.org @ 2020-08-31 22:31 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=96860
--- Comment #2 from CVS Commits <cvs-commit at gcc dot gnu.org> ---
The master branch has been updated by David Malcolm <dmalcolm@gcc.gnu.org>:
https://gcc.gnu.org/g:18056e45db1c75aa209fa9a756395ddceb867a88
commit r11-2955-g18056e45db1c75aa209fa9a756395ddceb867a88
Author: David Malcolm <dmalcolm@redhat.com>
Date: Mon Aug 31 09:00:23 2020 -0400
analyzer: fix ICE on unknown index in CONSTRUCTOR [PR96860]
PR analyzer/96860 reports an ICE inside CONSTRUCTOR-handling with
--param analyzer-max-svalue-depth=0 when attempting to build a
binding_map for the CONSTRUCTOR's values.
The issue is that when handling (index, value) pairs for initializing
an array, the index values for the elements exceeds the svalue
complexity limit, and the index is thus treated as unknown, leading to
a symbolic rather than concrete offset for each array element.
This patch updates the CONSTRUCTOR-handling code so that it can
fail, returning an unknown value for the overall value of the
constructor for this case, fixing the ICE.
gcc/analyzer/ChangeLog:
PR analyzer/96860
* region.cc (decl_region::get_svalue_for_constructor): Support
apply_ctor_to_region failing.
* store.cc (binding_map::apply_ctor_to_region): Add failure
handling.
(binding_map::apply_ctor_val_to_range): Likewise.
(binding_map::apply_ctor_pair_to_child_region): Likewise. Replace
assertion that child_base_offset is not symbolic with error
handling.
* store.h (binding_map::apply_ctor_to_region): Convert return type
from void to bool.
(binding_map::apply_ctor_val_to_range): Likewise.
(binding_map::apply_ctor_pair_to_child_region): Likewise.
gcc/testsuite/ChangeLog:
PR analyzer/96860
* gcc.dg/analyzer/pr96860-1.c: New test.
* gcc.dg/analyzer/pr96860-2.c: New test.
^ permalink raw reply [flat|nested] 5+ messages in thread
* [Bug analyzer/96860] [11 Regression] ICE in apply_ctor_to_region, at analyzer/store.cc:445
2020-08-31 9:06 [Bug analyzer/96860] New: [11 Regression] ICE in apply_ctor_to_region, at analyzer/store.cc:445 asolokha at gmx dot com
` (2 preceding siblings ...)
2020-08-31 22:31 ` cvs-commit at gcc dot gnu.org
@ 2020-08-31 22:34 ` dmalcolm at gcc dot gnu.org
3 siblings, 0 replies; 5+ messages in thread
From: dmalcolm at gcc dot gnu.org @ 2020-08-31 22:34 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=96860
David Malcolm <dmalcolm at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|ASSIGNED |RESOLVED
Resolution|--- |FIXED
--- Comment #3 from David Malcolm <dmalcolm at gcc dot gnu.org> ---
Should be fixed by the above commit.
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2020-08-31 22:34 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-08-31 9:06 [Bug analyzer/96860] New: [11 Regression] ICE in apply_ctor_to_region, at analyzer/store.cc:445 asolokha at gmx dot com
2020-08-31 13:13 ` [Bug analyzer/96860] " rguenth at gcc dot gnu.org
2020-08-31 14:01 ` dmalcolm at gcc dot gnu.org
2020-08-31 22:31 ` cvs-commit at gcc dot gnu.org
2020-08-31 22:34 ` dmalcolm at gcc dot gnu.org
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).