https://gcc.gnu.org/bugzilla/show_bug.cgi?id=105969
Richard Biener <rguenth at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Assignee|unassigned at gcc dot gnu.org |rguenth at gcc dot
gnu.org
Last reconfirmed| |2022-06-15
Target Milestone|--- |12.2
Keywords| |accepts-invalid,
| |needs-bisection
Ever confirmed|0 |1
CC| |jsm28 at gcc dot gnu.org
Blocks| |105604
Status|UNCONFIRMED |ASSIGNED
--- Comment #1 from Richard Biener <rguenth at gcc dot gnu.org> ---
Confirmed.
(gdb) l
2317
2318 unsigned HOST_WIDE_INT byteoff = idx * elbytes;
2319
2320 if (byteoff < HOST_WIDE_INT_MAX
2321 && elbytes < HOST_WIDE_INT_MAX
2322 && byteoff / elbytes == idx)
2323 {
2324 /* For in-bounds constant offsets into constant-sized
arrays
2325 bump up *OFF, and for what's likely arrays or structs of
2326 arrays, also *FLDOFF, as necessary. */
(gdb) p elbytes
$1 = 0
I think this testcase should probably be rejected given we have b with
an array element size of zero which means elements overlap. Joseph?
The ICE can be mitigated by reworking the byteoff / elbytes == idx check
which seems to be looking for whether the byteoff computation overflowed?
(but we don't check whether *off += byteoff overflows). The overflow
checking can be preserved by doing elbytes == 0 || byteoff / elbytes == idx.
Referenced Bugs:
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=105604
[Bug 105604] [10/11 Regression] ICE: in tree_to_shwi with vla in struct and
sprintf
