[Bug analyzer/96666] New: [11 Regression] Analyzer creates too many regions for a particular program

asolokha at gmx dot com Mon, 17 Aug 2020 22:29:22 -0700

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=96666


            Bug ID: 96666
           Summary: [11 Regression] Analyzer creates too many regions for
                    a particular program
           Product: gcc
           Version: 11.0
            Status: UNCONFIRMED
          Severity: normal
          Priority: P3
         Component: analyzer
          Assignee: dmalcolm at gcc dot gnu.org
          Reporter: asolokha at gmx dot com
  Target Milestone: ---

Created attachment 49071
  --> https://gcc.gnu.org/bugzilla/attachment.cgi?id=49071&action=edit
Testcase

g++-11.0.0-alpha20200816 snapshot (g:c99116aeeb9644ebddec653ee8b19de4d38b65bd)
segfaults due to stack space exhaustion when compiling the attached testcase,
partially reduced from
test/std/containers/unord/unord.multimap/unord.multimap.cnstr/range_size_hash_equal.pass.cpp
from the libc++ 10.0.1 test suite, w/ -fanalyzer:

% g++-11.0.0 -fanalyzer -w -c cgay3hpn.cc -wrapper gdb,-q,-batch,-ex,r,-ex,"bt
10",-ex,"echo \n",-ex,"bt -25",-ex,q,-args

Program received signal SIGSEGV, Segmentation fault.
0x00000000013906c6 in hash_table<hash_map<ana::field_region::key_t,
ana::field_region*,
simple_hashmap_traits<default_hash_traits<ana::field_region::key_t>,
ana::field_region*> >::hash_entry, false, xcallocator>::verify
(this=0x7fffffffcce8, comparable=..., hash=hash@entry=698366296) at
/var/tmp/portage/sys-devel/gcc-11.0.0_alpha20200816/work/gcc-11-20200816/gcc/hash-table.h:1024
1024   
/var/tmp/portage/sys-devel/gcc-11.0.0_alpha20200816/work/gcc-11-20200816/gcc/hash-table.h:
No such file or directory.
#0  0x00000000013906c6 in hash_table<hash_map<ana::field_region::key_t,
ana::field_region*,
simple_hashmap_traits<default_hash_traits<ana::field_region::key_t>,
ana::field_region*> >::hash_entry, false, xcallocator>::verify
(this=0x7fffffffcce8, comparable=..., hash=hash@entry=698366296) at
/var/tmp/portage/sys-devel/gcc-11.0.0_alpha20200816/work/gcc-11-20200816/gcc/hash-table.h:1024
#1  0x00000000013908e8 in hash_table<hash_map<ana::field_region::key_t,
ana::field_region*,
simple_hashmap_traits<default_hash_traits<ana::field_region::key_t>,
ana::field_region*> >::hash_entry, false, xcallocator>::find_with_hash
(this=this@entry=0x7fffffffcce8, comparable=..., hash=<optimized out>) at
/var/tmp/portage/sys-devel/gcc-11.0.0_alpha20200816/work/gcc-11-20200816/gcc/analyzer/region-model.h:1915
#2  0x000000000138a13d in hash_map<ana::field_region::key_t,
ana::field_region*,
simple_hashmap_traits<default_hash_traits<ana::field_region::key_t>,
ana::field_region*> >::get (k=..., this=0x7fffffffcce8) at
/var/tmp/portage/sys-devel/gcc-11.0.0_alpha20200816/work/gcc-11-20200816/gcc/inchash.h:51
#3  consolidation_map<ana::field_region>::get (k=..., this=0x7fffffffcce8) at
/var/tmp/portage/sys-devel/gcc-11.0.0_alpha20200816/work/gcc-11-20200816/gcc/analyzer/analyzer.h:281
#4  ana::region_model_manager::get_field_region (this=0x7fffffffc8e0,
parent=0x118e5800, field=0x7ffff73c2a00) at
/var/tmp/portage/sys-devel/gcc-11.0.0_alpha20200816/work/gcc-11-20200816/gcc/analyzer/region-model-manager.cc:780
#5  0x000000000136cb9a in ana::region::get_subregions_for_binding
(this=0x118e5800, mgr=0x7fffffffc8e0, relative_bit_offset=...,
size_in_bits=..., type=0x7ffff77c9000, out=0x7fffffffbca8) at
/var/tmp/portage/sys-devel/gcc-11.0.0_alpha20200816/work/gcc-11-20200816/gcc/analyzer/region.cc:313
#6  0x000000000136cbe3 in ana::region::get_subregions_for_binding
(this=0x118e54c0, mgr=0x7fffffffc8e0, relative_bit_offset=...,
size_in_bits=..., type=0x7ffff77c9000, out=0x7fffffffbca8) at
/var/tmp/portage/sys-devel/gcc-11.0.0_alpha20200816/work/gcc-11-20200816/gcc/analyzer/region.cc:314
#7  0x000000000136cbe3 in ana::region::get_subregions_for_binding
(this=0x118e5180, mgr=0x7fffffffc8e0, relative_bit_offset=...,
size_in_bits=..., type=0x7ffff77c9000, out=0x7fffffffbca8) at
/var/tmp/portage/sys-devel/gcc-11.0.0_alpha20200816/work/gcc-11-20200816/gcc/analyzer/region.cc:314
#8  0x000000000136cbe3 in ana::region::get_subregions_for_binding
(this=0x118e4e40, mgr=0x7fffffffc8e0, relative_bit_offset=...,
size_in_bits=..., type=0x7ffff77c9000, out=0x7fffffffbca8) at
/var/tmp/portage/sys-devel/gcc-11.0.0_alpha20200816/work/gcc-11-20200816/gcc/analyzer/region.cc:314
#9  0x000000000136cbe3 in ana::region::get_subregions_for_binding
(this=0x118e4b00, mgr=0x7fffffffc8e0, relative_bit_offset=...,
size_in_bits=..., type=0x7ffff77c9000, out=0x7fffffffbca8) at
/var/tmp/portage/sys-devel/gcc-11.0.0_alpha20200816/work/gcc-11-20200816/gcc/analyzer/region.cc:314

#299535 0x000000000136cbe3 in ana::region::get_subregions_for_binding
(this=0x2b37530, mgr=0x7fffffffc8e0, relative_bit_offset=..., size_in_bits=...,
type=0x7ffff77c9000, out=0x7fffffffbca8) at
/var/tmp/portage/sys-devel/gcc-11.0.0_alpha20200816/work/gcc-11-20200816/gcc/analyzer/region.cc:314
#299536 0x000000000136cefc in ana::region::get_subregions_for_binding
(this=<optimized out>, mgr=0x7fffffffc8e0, relative_bit_offset=...,
size_in_bits=..., type=0x7ffff77c9000, out=0x7fffffffbca8) at
/var/tmp/portage/sys-devel/gcc-11.0.0_alpha20200816/work/gcc-11-20200816/gcc/wide-int.h:1295
#299537 0x000000000136cefc in ana::region::get_subregions_for_binding
(this=<optimized out>, mgr=0x7fffffffc8e0, relative_bit_offset=...,
size_in_bits=..., type=0x7ffff77c9000, out=0x7fffffffbca8) at
/var/tmp/portage/sys-devel/gcc-11.0.0_alpha20200816/work/gcc-11-20200816/gcc/wide-int.h:1295
#299538 0x000000000139bfcd in
ana::binding_cluster::get_representative_path_vars (this=<optimized out>,
model=0x2a0d8c0, visited=0x7fffffffbe20, base_reg=0x2ab00d0, sval=0x29b0e10,
out_pvs=0x7fffffffbdd0) at
/var/tmp/portage/sys-devel/gcc-11.0.0_alpha20200816/work/gcc-11-20200816/gcc/analyzer/region-model.h:2643
#299539 0x000000000139d088 in ana::store::get_representative_path_vars
(this=<optimized out>, model=0x2a0d8c0, visited=0x7fffffffbe20, sval=0x29b0e10,
out_pvs=0x7fffffffbdd0) at
/var/tmp/portage/sys-devel/gcc-11.0.0_alpha20200816/work/gcc-11-20200816/gcc/analyzer/store.cc:1805
#299540 0x00000000013719fe in ana::region_model::get_representative_path_var
(this=0x2a0d8c0, sval=<optimized out>, visited=0x7fffffffbe20) at
/var/tmp/portage/sys-devel/gcc-11.0.0_alpha20200816/work/gcc-11-20200816/gcc/analyzer/region-model.cc:1806
#299541 0x0000000001372148 in ana::region_model::get_representative_tree
(this=0x2a0d8c0, sval=0x29b0e10) at
/var/tmp/portage/sys-devel/gcc-11.0.0_alpha20200816/work/gcc-11-20200816/gcc/analyzer/region-model.cc:1851
#299542 0x000000000135c215 in ana::impl_sm_context::get_diagnostic_tree
(this=0x7fffffffbfb0, expr=0x7ffff73e3240) at
/var/tmp/portage/sys-devel/gcc-11.0.0_alpha20200816/work/gcc-11-20200816/gcc/analyzer/engine.cc:295
#299543 0x0000000001395e80 in ana::(anonymous
namespace)::malloc_state_machine::on_stmt (this=0x297f7a0,
sm_ctxt=0x7fffffffbfb0, node=0x296e200, stmt=0x7ffff73e9550) at
/var/tmp/portage/sys-devel/gcc-11.0.0_alpha20200816/work/gcc-11-20200816/gcc/gimple.h:957
#299544 0x0000000001356f30 in ana::exploded_node::on_stmt (this=0x2b2bf40,
eg=..., snode=0x296e200, stmt=0x7ffff73e9550, state=0x7fffffffc090) at
/var/tmp/portage/sys-devel/gcc-11.0.0_alpha20200816/work/gcc-11-20200816/gcc/analyzer/engine.cc:1098
#299545 0x000000000135800e in ana::exploded_graph::process_node
(this=0x7fffffffceb0, node=0x2b2bf40) at
/var/tmp/portage/sys-devel/gcc-11.0.0_alpha20200816/work/gcc-11-20200816/gcc/analyzer/engine.cc:2525
#299546 0x0000000001358afb in ana::exploded_graph::process_worklist
(this=0x7fffffffceb0) at
/var/tmp/portage/sys-devel/gcc-11.0.0_alpha20200816/work/gcc-11-20200816/gcc/analyzer/engine.cc:2341
#299547 0x000000000135ac30 in ana::impl_run_checkers (logger=0x0) at
/var/tmp/portage/sys-devel/gcc-11.0.0_alpha20200816/work/gcc-11-20200816/gcc/analyzer/engine.cc:4107
#299548 0x000000000135b84d in ana::run_checkers () at
/var/tmp/portage/sys-devel/gcc-11.0.0_alpha20200816/work/gcc-11-20200816/gcc/analyzer/analyzer-logging.h:150
#299549 0x0000000001350209 in (anonymous namespace)::pass_analyzer::execute
(this=<optimized out>) at
/var/tmp/portage/sys-devel/gcc-11.0.0_alpha20200816/work/gcc-11-20200816/gcc/analyzer/analyzer-pass.cc:84
#299550 0x0000000000f0dd38 in execute_one_pass (pass=0x28958b0) at
/var/tmp/portage/sys-devel/gcc-11.0.0_alpha20200816/work/gcc-11-20200816/gcc/passes.c:2509
#299551 0x0000000000f0f1a7 in execute_ipa_pass_list (pass=0x28958b0) at
/var/tmp/portage/sys-devel/gcc-11.0.0_alpha20200816/work/gcc-11-20200816/gcc/passes.c:2936
#299552 0x0000000000bb5400 in ipa_passes () at
/var/tmp/portage/sys-devel/gcc-11.0.0_alpha20200816/work/gcc-11-20200816/gcc/cgraphunit.c:2691
#299553 symbol_table::compile (this=0x7ffff7606100) at
/var/tmp/portage/sys-devel/gcc-11.0.0_alpha20200816/work/gcc-11-20200816/gcc/cgraphunit.c:2768
#299554 0x0000000000bb7753 in symbol_table::compile (this=0x7ffff7606100) at
/var/tmp/portage/sys-devel/gcc-11.0.0_alpha20200816/work/gcc-11-20200816/gcc/cgraphunit.c:3013
#299555 symbol_table::finalize_compilation_unit (this=0x7ffff7606100) at
/var/tmp/portage/sys-devel/gcc-11.0.0_alpha20200816/work/gcc-11-20200816/gcc/cgraphunit.c:3013
#299556 0x0000000000fe24ec in compile_file () at
/var/tmp/portage/sys-devel/gcc-11.0.0_alpha20200816/work/gcc-11-20200816/gcc/toplev.c:482
#299557 0x000000000086cb96 in do_compile () at
/var/tmp/portage/sys-devel/gcc-11.0.0_alpha20200816/work/gcc-11-20200816/gcc/toplev.c:2314
#299558 toplev::main (this=0x7fffffffd356, argc=<optimized out>,
argv=<optimized out>) at
/var/tmp/portage/sys-devel/gcc-11.0.0_alpha20200816/work/gcc-11-20200816/gcc/toplev.c:2453
#299559 0x000000000087096c in main (argc=15, argv=0x7fffffffd468) at
/var/tmp/portage/sys-devel/gcc-11.0.0_alpha20200816/work/gcc-11-20200816/gcc/main.c:39
A debugging session is active.

        Inferior 1 [process 3507966] will be killed.

Quit anyway? (y or n) [answered Y; input not from terminal]
[Inferior 1 (process 3510420) exited normally]
No stack.

No stack.

[Bug analyzer/96666] New: [11 Regression] Analyzer creates too many regions for a particular program

Reply via email to