[Bug tree-optimization/103062] New: [12 Regression] ICE: SIGSEGV in gimple_simplify_CONVERT_EXPR with -O2 -fno-tree-forwprop

zsojka at seznam dot cz via Gcc-bugs Wed, 03 Nov 2021 08:59:23 -0700

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=103062


            Bug ID: 103062
           Summary: [12 Regression] ICE: SIGSEGV in
                    gimple_simplify_CONVERT_EXPR with -O2
                    -fno-tree-forwprop
           Product: gcc
           Version: 12.0
            Status: UNCONFIRMED
          Keywords: ice-on-valid-code
          Severity: normal
          Priority: P3
         Component: tree-optimization
          Assignee: unassigned at gcc dot gnu.org
          Reporter: zsojka at seznam dot cz
  Target Milestone: ---
              Host: x86_64-pc-linux-gnu

Created attachment 51729
  --> https://gcc.gnu.org/bugzilla/attachment.cgi?id=51729&action=edit
reduced testcase

Compiler output:
$ x86_64-pc-linux-gnu-gcc -O2 -fno-tree-forwprop testcase.c -wrapper
valgrind,-q
==10691== Conditional jump or move depends on uninitialised value(s)
==10691==    at 0xE5364C: bitmap_clear_bit (sbitmap.h:153)
==10691==    by 0xE5364C: verify_loop_structure() (cfgloop.c:1579)
==10691==    by 0x115BDF4: checking_verify_loop_structure (cfgloop.h:646)
==10691==    by 0x115BDF4: loop_optimizer_init(unsigned int) (loop-init.c:130)
==10691==    by 0x161A109: execute_ranger_vrp(function*, bool)
(tree-vrp.c:4342)
==10691==    by 0x124343C: execute_one_pass(opt_pass*) (passes.c:2567)
==10691==    by 0x1243CAF: execute_pass_list_1(opt_pass*) (passes.c:2656)
==10691==    by 0x1243CC1: execute_pass_list_1(opt_pass*) (passes.c:2657)
==10691==    by 0x1243CE8: execute_pass_list(function*, opt_pass*)
(passes.c:2667)
==10691==    by 0x124461C: do_per_function_toporder(void (*)(function*, void*),
void*) [clone .part.0] (passes.c:1773)
==10691==    by 0x124481E: do_per_function_toporder (passes.c:1740)
==10691==    by 0x124481E: execute_ipa_pass_list(opt_pass*) (passes.c:3001)
==10691==    by 0xE86C6E: ipa_passes (cgraphunit.c:2154)
==10691==    by 0xE86C6E: symbol_table::compile() [clone .part.0]
(cgraphunit.c:2289)
==10691==    by 0xE89767: compile (cgraphunit.c:2269)
==10691==    by 0xE89767: symbol_table::finalize_compilation_unit()
(cgraphunit.c:2537)
==10691==    by 0x134CF4A: compile_file() (toplev.c:477)
==10691== 
==10691== Conditional jump or move depends on uninitialised value(s)
==10691==    at 0xE53505: verify_loop_structure() (cfgloop.c:1600)
==10691==    by 0x115BDF4: checking_verify_loop_structure (cfgloop.h:646)
==10691==    by 0x115BDF4: loop_optimizer_init(unsigned int) (loop-init.c:130)
==10691==    by 0x161A109: execute_ranger_vrp(function*, bool)
(tree-vrp.c:4342)
==10691==    by 0x124343C: execute_one_pass(opt_pass*) (passes.c:2567)
==10691==    by 0x1243CAF: execute_pass_list_1(opt_pass*) (passes.c:2656)
==10691==    by 0x1243CC1: execute_pass_list_1(opt_pass*) (passes.c:2657)
==10691==    by 0x1243CE8: execute_pass_list(function*, opt_pass*)
(passes.c:2667)
==10691==    by 0x124461C: do_per_function_toporder(void (*)(function*, void*),
void*) [clone .part.0] (passes.c:1773)
==10691==    by 0x124481E: do_per_function_toporder (passes.c:1740)
==10691==    by 0x124481E: execute_ipa_pass_list(opt_pass*) (passes.c:3001)
==10691==    by 0xE86C6E: ipa_passes (cgraphunit.c:2154)
==10691==    by 0xE86C6E: symbol_table::compile() [clone .part.0]
(cgraphunit.c:2289)
==10691==    by 0xE89767: compile (cgraphunit.c:2269)
==10691==    by 0xE89767: symbol_table::finalize_compilation_unit()
(cgraphunit.c:2537)
==10691==    by 0x134CF4A: compile_file() (toplev.c:477)
==10691== 
==10691== Invalid read of size 8
==10691==    at 0x1653789: pointer_equiv_analyzer::get_equiv(tree_node*) const
(value-pointer-equiv.cc:151)
==10691==    by 0x165381E: pta_valueize(tree_node*)
(value-pointer-equiv.cc:242)
==10691==    by 0x185A185: do_valueize (gimple-match-head.c:1105)
==10691==    by 0x185A185: do_valueize (gimple-match-head.c:1101)
==10691==    by 0x185A185: gimple_simplify_CONVERT_EXPR(gimple_match_op*,
gimple**, tree_node* (*)(tree_node*), code_helper, tree_node*, tree_node*)
[clone .constprop.0] (gimple-match.c:29983)
==10691==    by 0x17E6E92: gimple_resimplify1(gimple**, gimple_match_op*,
tree_node* (*)(tree_node*)) (gimple-match-head.c:244)
==10691==    by 0x1011499: gimple_fold_stmt_to_constant_1(gimple*, tree_node*
(*)(tree_node*), tree_node* (*)(tree_node*)) (gimple-fold.c:7350)
==10691==    by 0x1653930: pointer_equiv_analyzer::visit_stmt(gimple*)
(value-pointer-equiv.cc:269)
==10691==    by 0x14FFD74:
substitute_and_fold_dom_walker::before_dom_children(basic_block_def*)
(tree-ssa-propagate.c:803)
==10691==    by 0x21C3B87: dom_walker::walk(basic_block_def*) (domwalk.c:309)
==10691==    by 0x14FEE95:
substitute_and_fold_engine::substitute_and_fold(basic_block_def*)
(tree-ssa-propagate.c:987)
==10691==    by 0x161A17B: execute_ranger_vrp(function*, bool)
(tree-vrp.c:4349)
==10691==    by 0x124343C: execute_one_pass(opt_pass*) (passes.c:2567)
==10691==    by 0x1243CAF: execute_pass_list_1(opt_pass*) (passes.c:2656)
==10691==  Address 0x5581fa8 is 0 bytes after a block of size 72 alloc'd
==10691==    at 0x48413EF: operator new[](unsigned long) (in
/usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so)
==10691==    by 0x165365F:
pointer_equiv_analyzer::pointer_equiv_analyzer(gimple_ranger*)
(value-pointer-equiv.cc:118)
==10691==    by 0x161A16A: rvrp_folder (tree-vrp.c:4269)
==10691==    by 0x161A16A: execute_ranger_vrp(function*, bool)
(tree-vrp.c:4348)
==10691==    by 0x124343C: execute_one_pass(opt_pass*) (passes.c:2567)
==10691==    by 0x1243CAF: execute_pass_list_1(opt_pass*) (passes.c:2656)
==10691==    by 0x1243CC1: execute_pass_list_1(opt_pass*) (passes.c:2657)
==10691==    by 0x1243CE8: execute_pass_list(function*, opt_pass*)
(passes.c:2667)
==10691==    by 0x124461C: do_per_function_toporder(void (*)(function*, void*),
void*) [clone .part.0] (passes.c:1773)
==10691==    by 0x124481E: do_per_function_toporder (passes.c:1740)
==10691==    by 0x124481E: execute_ipa_pass_list(opt_pass*) (passes.c:3001)
==10691==    by 0xE86C6E: ipa_passes (cgraphunit.c:2154)
==10691==    by 0xE86C6E: symbol_table::compile() [clone .part.0]
(cgraphunit.c:2289)
==10691==    by 0xE89767: compile (cgraphunit.c:2269)
==10691==    by 0xE89767: symbol_table::finalize_compilation_unit()
(cgraphunit.c:2537)
==10691==    by 0x134CF4A: compile_file() (toplev.c:477)
==10691== 
during GIMPLE pass: evrp
testcase.c: In function 'foo':
testcase.c:4:1: internal compiler error: in operator[], at vec.h:889
    4 | }
      | ^
0x7f91ec vec<tree_node*, va_heap, vl_embed>::operator[](unsigned int)
        /repo/gcc-trunk/gcc/vec.h:889
0x7f92f6 vec<tree_node*, va_heap, vl_embed>::operator[](unsigned int)
        /repo/gcc-trunk/gcc/value-pointer-equiv.cc:132
0x7f92f6 vec<tree_node*, va_heap, vl_ptr>::operator[](unsigned int) const
        /repo/gcc-trunk/gcc/vec.h:1486
0x7f92f6 ssa_equiv_stack::get_replacement(tree_node*) const
        /repo/gcc-trunk/gcc/value-pointer-equiv.cc:112
0x7f92f6 pointer_equiv_analyzer::get_equiv(tree_node*) const
        /repo/gcc-trunk/gcc/value-pointer-equiv.cc:154
0x165381e pta_valueize
        /repo/gcc-trunk/gcc/value-pointer-equiv.cc:242
0x185a185 do_valueize(tree_node* (*)(tree_node*), tree_node*)
        /repo/gcc-trunk/gcc/gimple-match-head.c:1105
0x185a185 do_valueize(tree_node* (*)(tree_node*), tree_node*)
        /repo/gcc-trunk/gcc/gimple-match-head.c:1101
0x185a185 gimple_simplify_CONVERT_EXPR
        /repo/build-gcc-trunk-amd64/gcc/gimple-match.c:29983
0x17e6e92 gimple_resimplify1
        /repo/gcc-trunk/gcc/gimple-match-head.c:244
0x1011499 gimple_fold_stmt_to_constant_1(gimple*, tree_node* (*)(tree_node*),
tree_node* (*)(tree_node*))
        /repo/gcc-trunk/gcc/gimple-fold.c:7350
0x1653930 pointer_equiv_analyzer::visit_stmt(gimple*)
        /repo/gcc-trunk/gcc/value-pointer-equiv.cc:269
0x14ffd74 substitute_and_fold_dom_walker::before_dom_children(basic_block_def*)
        /repo/gcc-trunk/gcc/tree-ssa-propagate.c:803
0x21c3b87 dom_walker::walk(basic_block_def*)
        /repo/gcc-trunk/gcc/domwalk.c:309
0x14fee95 substitute_and_fold_engine::substitute_and_fold(basic_block_def*)
        /repo/gcc-trunk/gcc/tree-ssa-propagate.c:987
0x161a17b execute_ranger_vrp(function*, bool)
        /repo/gcc-trunk/gcc/tree-vrp.c:4349
Please submit a full bug report,
with preprocessed source if appropriate.
Please include the complete backtrace with any bug report.
See <https://gcc.gnu.org/bugs/> for instructions.

$ x86_64-pc-linux-gnu-gcc -v
Using built-in specs.
COLLECT_GCC=/repo/gcc-trunk/binary-latest-amd64/bin/x86_64-pc-linux-gnu-gcc
COLLECT_LTO_WRAPPER=/repo/gcc-trunk/binary-trunk-r12-4872-20211103145922-g600dcd74b8e-checking-yes-rtl-df-extra-nobootstrap-amd64/bin/../libexec/gcc/x86_64-pc-linux-gnu/12.0.0/lto-wrapper
Target: x86_64-pc-linux-gnu
Configured with: /repo/gcc-trunk//configure --enable-languages=c,c++
--enable-valgrind-annotations --disable-nls --enable-checking=yes,rtl,df,extra
--disable-bootstrap --with-cloog --with-ppl --with-isl
--build=x86_64-pc-linux-gnu --host=x86_64-pc-linux-gnu
--target=x86_64-pc-linux-gnu --with-ld=/usr/bin/x86_64-pc-linux-gnu-ld
--with-as=/usr/bin/x86_64-pc-linux-gnu-as --disable-libstdcxx-pch
--prefix=/repo/gcc-trunk//binary-trunk-r12-4872-20211103145922-g600dcd74b8e-checking-yes-rtl-df-extra-nobootstrap-amd64
Thread model: posix
Supported LTO compression algorithms: zlib zstd
gcc version 12.0.0 20211103 (experimental) (GCC)

[Bug tree-optimization/103062] New: [12 Regression] ICE: SIGSEGV in gimple_simplify_CONVERT_EXPR with -O2 -fno-tree-forwprop

Reply via email to