https://gcc.gnu.org/bugzilla/show_bug.cgi?id=118707
Bug ID: 118707
Summary: Hang with -fanalyzer -fno-analyzer-state-merge
Product: gcc
Version: 15.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: analyzer
Assignee: dmalcolm at gcc dot gnu.org
Reporter: dmantipov at yandex dot ru
Target Milestone: ---
Created attachment 60335
--> https://gcc.gnu.org/bugzilla/attachment.cgi?id=60335&action=edit
preprocessed input (compressed to fit into 1M upload limit)
This seems hangs forever somewhere in analyzer:
[/path/to]/cc1 -fpreprocessed vxlan_mdb.i -quiet -dumpdir drivers/net/vxlan/
-dumpbase vxlan_mdb.c -dumpbase-ext .c -mno-sse -mno-mmx -mno-sse2 -mno-3dnow
-mno-avx -m64 -mno-80387 -mno-fp-ret-in-387 -mpreferred-stack-boundary=3
-mskip-rax-setup -mtune=generic -mno-red-zone -mcmodel=kernel
-mindirect-branch=thunk-extern -mindirect-branch-register
-mindirect-branch-cs-prefix -mfunction-return=thunk-extern -march=x86-64 -O2
-Wall -Wundef -Werror=implicit-function-declaration -Werror=implicit-int
-Werror=return-type -Werror=strict-prototypes -Wno-format-security
-Wno-trigraphs -Wno-frame-address -Wno-address-of-packed-member
-Wmissing-declarations -Wmissing-prototypes -Wframe-larger-than=1024 -Wno-main
-Wdangling-pointer=0 -Wvla -Wno-pointer-sign -Wcast-function-type
-Wstringop-overflow=0 -Warray-bounds=0
-Walloc-size-larger-than=18446744073709551615EiB -Wimplicit-fallthrough=5
-Werror=date-time -Werror=incompatible-pointer-types -Werror=designated-init
-Wenum-conversion -Wextra -Wunused -Wsuggest-attribute=format
-Wmissing-include-dirs -Wunused-const-variable=2
-Wno-missing-field-initializers -Wno-type-limits -Wno-shift-negative-value
-Wno-maybe-uninitialized -Wno-sign-compare -Wno-unused-parameter -std=gnu11
-version -fshort-wchar -funsigned-char -fno-common -fno-PIE
-fno-strict-aliasing -fanalyzer -fno-analyzer-state-merge -fcf-protection=none
-falign-jumps=1 -falign-loops=1 -fno-asynchronous-unwind-tables
-fno-jump-tables -fpatchable-function-entry=16,16
-fno-delete-null-pointer-checks -fno-allow-store-data-races
-fstack-protector-strong -fno-omit-frame-pointer -fno-optimize-sibling-calls
-fno-stack-clash-protection -fmin-function-alignment=16 -fstrict-flex-arrays=3
-fno-strict-overflow -fstack-check=no -fconserve-stack -fsanitize=bounds-strict
-fsanitize=shift -fsanitize=bool -fsanitize=enum -o vxlan_mdb.s
GNU C11 (GCC) version 15.0.1 20250130 (experimental) (x86_64-pc-linux-gnu)
compiled by GNU C version 15.0.1 20250130 (experimental), GMP version
6.3.0, MPFR version 4.2.1, MPC version 1.3.1, isl version isl-0.16.1-GMP
GGC heuristics: --param ggc-min-expand=100 --param ggc-min-heapsize=131072
Compiler executable checksum: 317a7284de1e3886bc93f79d3a0361c9
[ ... >1hr on a reasonably modern machine, then 'gdb -q -p' ]
#0 0x0000000000ed41a2 in ana::region::accept (this=<optimized out>,
v=0x7fff9ad37440) at ../../source/gcc/analyzer/region.cc:1125
#1 0x0000000000f350e6 in ana::initial_svalue::accept (this=0x294423e0,
v=0x7fff9ad37440) at ../../source/gcc/analyzer/svalue.cc:1350
#2 0x0000000000f36149 in ana::binop_svalue::accept (this=0x293cced0,
v=0x7fff9ad37440) at ../../source/gcc/analyzer/svalue.cc:1590
#3 0x0000000000f36159 in ana::binop_svalue::accept (this=0x294b5650,
v=0x7fff9ad37440) at ../../source/gcc/analyzer/svalue.cc:1591
#4 0x0000000000f36149 in ana::binop_svalue::accept (this=0x294b5930,
v=0x7fff9ad37440) at ../../source/gcc/analyzer/svalue.cc:1590
#5 0x0000000000f36159 in ana::binop_svalue::accept (this=0x294b5aa0,
v=0x7fff9ad37440) at ../../source/gcc/analyzer/svalue.cc:1591
#6 0x0000000000f36159 in ana::binop_svalue::accept (this=0x294b5d80,
v=0x7fff9ad37440) at ../../source/gcc/analyzer/svalue.cc:1591
#7 0x0000000000f36149 in ana::binop_svalue::accept (this=0x294b6060,
v=0x7fff9ad37440) at ../../source/gcc/analyzer/svalue.cc:1590
#8 0x0000000000f36159 in ana::binop_svalue::accept (this=0x294b6340,
v=0x7fff9ad37440) at ../../source/gcc/analyzer/svalue.cc:1591
#9 0x0000000000f36149 in ana::binop_svalue::accept (this=0x294b6620,
v=0x7fff9ad37440) at ../../source/gcc/analyzer/svalue.cc:1590
#10 0x0000000000f36149 in ana::binop_svalue::accept (this=0x294b6a70,
v=0x7fff9ad37440) at ../../source/gcc/analyzer/svalue.cc:1590
#11 0x0000000000f36149 in ana::binop_svalue::accept (this=0x294b6be0,
v=0x7fff9ad37440) at ../../source/gcc/analyzer/svalue.cc:1590
#12 0x0000000000f36159 in ana::binop_svalue::accept (this=0x294b6ec0,
v=0x7fff9ad37440) at ../../source/gcc/analyzer/svalue.cc:1591
#13 0x0000000000f36159 in ana::binop_svalue::accept (this=0x294b71a0,
v=0x7fff9ad37440) at ../../source/gcc/analyzer/svalue.cc:1591
#14 0x0000000000f36149 in ana::binop_svalue::accept (this=0x294b75f0,
v=0x7fff9ad37440) at ../../source/gcc/analyzer/svalue.cc:1590
#15 0x0000000000f36149 in ana::binop_svalue::accept (this=0x294b7760,
v=0x7fff9ad37440) at ../../source/gcc/analyzer/svalue.cc:1590
#16 0x0000000000f36159 in ana::binop_svalue::accept (this=0x294e63a0,
v=0x7fff9ad37440) at ../../source/gcc/analyzer/svalue.cc:1591
#17 0x0000000000f36149 in ana::binop_svalue::accept (this=0x294e6420,
v=0x7fff9ad37440) at ../../source/gcc/analyzer/svalue.cc:1590
#18 0x0000000000f36159 in ana::binop_svalue::accept (this=0x294e6460,
v=0x7fff9ad37440) at ../../source/gcc/analyzer/svalue.cc:1591
#19 0x0000000000f36149 in ana::binop_svalue::accept (this=0x294e6520,
v=0x7fff9ad37440) at ../../source/gcc/analyzer/svalue.cc:1590
#20 0x0000000000f36159 in ana::binop_svalue::accept (this=0x294e6560,
v=0x7fff9ad37440) at ../../source/gcc/analyzer/svalue.cc:1591
#21 0x0000000000f36159 in ana::binop_svalue::accept (this=0x294e65e0,
v=0x7fff9ad37440) at ../../source/gcc/analyzer/svalue.cc:1591
#22 0x0000000000f36149 in ana::binop_svalue::accept (this=0x294e6660,
v=0x7fff9ad37440) at ../../source/gcc/analyzer/svalue.cc:1590
#23 0x0000000000f36159 in ana::binop_svalue::accept (this=0x294e66e0,
v=0x7fff9ad37440) at ../../source/gcc/analyzer/svalue.cc:1591
#24 0x0000000000f36159 in ana::binop_svalue::accept (this=0x294e6760,
v=0x7fff9ad37440) at ../../source/gcc/analyzer/svalue.cc:1591
#25 0x0000000000f36159 in ana::binop_svalue::accept (this=0x294e67e0,
v=0x7fff9ad37440) at ../../source/gcc/analyzer/svalue.cc:1591
#26 0x0000000000f36159 in ana::binop_svalue::accept (this=0x294e6860,
v=0x7fff9ad37440) at ../../source/gcc/analyzer/svalue.cc:1591
#27 0x0000000000f36149 in ana::binop_svalue::accept (this=0x294e69a0,
v=0x7fff9ad37440) at ../../source/gcc/analyzer/svalue.cc:1590
#28 0x0000000000f36159 in ana::binop_svalue::accept (this=0x29515230,
v=0x7fff9ad37440) at ../../source/gcc/analyzer/svalue.cc:1591
#29 0x0000000000f36149 in ana::binop_svalue::accept (this=0x29515370,
v=0x7fff9ad37440) at ../../source/gcc/analyzer/svalue.cc:1590
#30 0x0000000000f36159 in ana::binop_svalue::accept (this=0x29515480,
v=0x7fff9ad37440) at ../../source/gcc/analyzer/svalue.cc:1591
#31 0x0000000000f36149 in ana::binop_svalue::accept (this=0x295155c0,
v=0x7fff9ad37440) at ../../source/gcc/analyzer/svalue.cc:1590
#32 0x0000000000f36159 in ana::binop_svalue::accept (this=0x29515640,
v=0x7fff9ad37440) at ../../source/gcc/analyzer/svalue.cc:1591
#33 0x0000000000f36149 in ana::binop_svalue::accept (this=0x29515700,
v=0x7fff9ad37440) at ../../source/gcc/analyzer/svalue.cc:1590
#34 0x0000000000f36149 in ana::binop_svalue::accept (this=0x29515740,
v=0x7fff9ad37440) at ../../source/gcc/analyzer/svalue.cc:1590
#35 0x0000000000f36159 in ana::binop_svalue::accept (this=0x295157c0,
v=0x7fff9ad37440) at ../../source/gcc/analyzer/svalue.cc:1591
#36 0x0000000000f36159 in ana::binop_svalue::accept (this=0x29515840,
v=0x7fff9ad37440) at ../../source/gcc/analyzer/svalue.cc:1591
#37 0x0000000000f36159 in ana::binop_svalue::accept (this=0x29544470,
v=0x7fff9ad37440) at ../../source/gcc/analyzer/svalue.cc:1591
#38 0x0000000000f36159 in ana::binop_svalue::accept (this=0x295444b0,
v=0x7fff9ad37440) at ../../source/gcc/analyzer/svalue.cc:1591
#39 0x0000000000f36149 in ana::binop_svalue::accept (this=0x29544530,
v=0x7fff9ad37440) at ../../source/gcc/analyzer/svalue.cc:1590
#40 0x0000000000f36149 in ana::binop_svalue::accept (this=0x29544670,
v=0x7fff9ad37440) at ../../source/gcc/analyzer/svalue.cc:1590
#41 0x0000000000f36149 in ana::binop_svalue::accept (this=0x295447b0,
v=0x7fff9ad37440) at ../../source/gcc/analyzer/svalue.cc:1590
#42 0x0000000000f36159 in ana::binop_svalue::accept (this=0x29544830,
v=0x7fff9ad37440) at ../../source/gcc/analyzer/svalue.cc:1591
#43 0x0000000000f36159 in ana::binop_svalue::accept (this=0x295448b0,
v=0x7fff9ad37440) at ../../source/gcc/analyzer/svalue.cc:1591
#44 0x0000000000f36159 in ana::binop_svalue::accept (this=0x29544930,
v=0x7fff9ad37440) at ../../source/gcc/analyzer/svalue.cc:1591
#45 0x0000000000f36149 in ana::binop_svalue::accept (this=0x29544a70,
v=0x7fff9ad37440) at ../../source/gcc/analyzer/svalue.cc:1590
#46 0x0000000000f36159 in ana::binop_svalue::accept (this=0x29419a60,
v=0x7fff9ad37440) at ../../source/gcc/analyzer/svalue.cc:1591
#47 0x0000000000f36149 in ana::binop_svalue::accept (this=0x294b79f0,
v=0x7fff9ad37440) at ../../source/gcc/analyzer/svalue.cc:1590
#48 0x0000000000f36149 in ana::binop_svalue::accept (this=0x295b6cb0,
v=0x7fff9ad37440) at ../../source/gcc/analyzer/svalue.cc:1590
#49 0x0000000000f36149 in ana::binop_svalue::accept (this=0x295bde10,
v=0x7fff9ad37440) at ../../source/gcc/analyzer/svalue.cc:1590
#50 0x0000000000f36159 in ana::binop_svalue::accept (this=0x295bf690,
v=0x7fff9ad37440) at ../../source/gcc/analyzer/svalue.cc:1591
#51 0x0000000000f36149 in ana::binop_svalue::accept (this=0x295c00a0,
v=0x7fff9ad37440) at ../../source/gcc/analyzer/svalue.cc:1590
#52 0x0000000000f36149 in ana::binop_svalue::accept (this=0x295c0380,
v=0x7fff9ad37440) at ../../source/gcc/analyzer/svalue.cc:1590
#53 0x0000000000f36149 in ana::binop_svalue::accept (this=0x2961d080,
v=0x7fff9ad37440) at ../../source/gcc/analyzer/svalue.cc:1590
#54 0x0000000000f37806 in ana::svalue::involves_p (this=this@entry=0x2961d080,
other=other@entry=0x1b1304a0)
at ../../source/gcc/analyzer/svalue.cc:791
#55 0x0000000000f21dc2 in ana::binding_cluster::purge_state_involving
(this=0x295bd850, sval=0x1b1304a0, sval_mgr=0x7fff9ad384a8)
at ../../source/gcc/analyzer/store.cc:1650
#56 0x0000000000f23741 in ana::store::purge_state_involving
(this=0x7fff9ad377a8, sval=0x1b1304a0, sval_mgr=0x7fff9ad384a8)
at ../../source/gcc/analyzer/store.cc:3080
#57 0x0000000000ee55a8 in ana::region_model::purge_state_involving
(this=0x7fff9ad377a0, sval=0x1b1304a0, ctxt=0x0)
at ../../source/gcc/analyzer/region-model.cc:2040
#58 0x0000000000efd5cd in ana::conjured_purge::purge (this=0x7fff9ad37600,
sval=<optimized out>)
at ../../source/gcc/analyzer/region-model-manager.cc:1375
#59 ana::region_model_manager::get_or_create_conjured_svalue
(this=0x7fff9ad384a8, type=0x7fdb5f20f5e8, stmt=0x7fdb5de75ed8,
id_reg=0x1b0b97b0, p=..., idx=idx@entry=0) at
../../source/gcc/analyzer/region-model-manager.cc:1399
#60 0x0000000001d56ed7 in ana::call_details::get_or_create_conjured_svalue
(this=0x7fff9ad37640, reg=<optimized out>)
at ../../source/gcc/analyzer/region.h:169
#61 ana::call_details::set_any_lhs_with_defaults (this=0x7fff9ad37640) at
../../source/gcc/analyzer/call-details.cc:239
#62 0x0000000000edf800 in ana::region_model::on_call_pre
(this=this@entry=0x7fff9ad377a0, call=call@entry=0x7fdb5de75ed8,
ctxt=ctxt@entry=0x0) at ../../source/gcc/analyzer/region-model.cc:1958
#63 0x0000000000eab228 in ana::feasibility_state::update_for_stmt
(this=0x7fff9ad377a0, stmt=0x7fdb5de75ed8)
at ../../source/gcc/analyzer/engine.cc:5040
#64 0x0000000000eab309 in ana::feasibility_state::maybe_update_for_edge
(this=this@entry=0x7fff9ad377a0, logger=logger@entry=0x0,
eedge=eedge@entry=0x1b132ba0, ctxt=ctxt@entry=0x0,
out_rc=out_rc@entry=0x7fff9ad37770) at ../../source/gcc/analyzer/engine.cc:4950
#65 0x0000000001d6e1f4 in ana::epath_finder::process_worklist_item
(this=this@entry=0x7fff9ad37c00,
worklist=worklist@entry=0x7fff9ad37900, tg=..., fg=fg@entry=0x7fff9ad378e0,
target_enode=target_enode@entry=0x1c11a5e0,
target_stmt=target_stmt@entry=0x7fdb5de90688, pd=..., diag_idx=1,
out_best_path=0x7fff9ad37ae8)
at ../../source/gcc/analyzer/diagnostic-manager.cc:521
#66 0x0000000001d6ec8a in ana::epath_finder::explore_feasible_paths
(this=0x7fff9ad37c00, target_enode=0x1c11a5e0,
target_stmt=0x7fdb5de90688, pd=..., desc=0x2201a79 "deref_before_check",
diag_idx=1)
at ../../source/gcc/analyzer/diagnostic-manager.cc:436
#67 0x0000000001d6f3c8 in ana::epath_finder::get_best_epath
(this=this@entry=0x7fff9ad37c00, enode=0x1c11a5e0,
target_stmt=0x7fdb5de90688, pd=..., desc=0x2201a79 "deref_before_check",
diag_idx=1, out_problem=0x1c1345d8)
at ../../source/gcc/analyzer/diagnostic-manager.cc:177
#68 0x0000000001d6f4e4 in ana::saved_diagnostic::calc_best_epath
(this=this@entry=0x1c134570, pf=0x7fff9ad37c00)
at
/home/antipov/projects/gcc/objdir-x86_64-pc-linux-gnu/prev-x86_64-pc-linux-gnu/libstdc++-v3/include/bits/unique_ptr.h:193
#69 0x0000000001d73363 in ana::dedupe_winners::add (this=0x7fff9ad37c10,
logger=0x0, pf=<optimized out>, sd=0x1c134570)
at ../../source/gcc/analyzer/diagnostic-manager.cc:1368
#70 0x0000000001d70a07 in ana::diagnostic_manager::emit_saved_diagnostics
(this=0x7fff9ad37f60, eg=...)
at ../../source/gcc/analyzer/analyzer-logging.h:152
#71 0x0000000000eb640a in ana::impl_run_checkers (logger=logger@entry=0x0) at
../../source/gcc/analyzer/exploded-graph.h:856
#72 0x0000000000eb74d7 in ana::run_checkers () at
../../source/gcc/analyzer/analyzer-logging.h:152
#73 0x0000000000ea6729 in (anonymous namespace)::pass_analyzer::execute
(this=<optimized out>)
at ../../source/gcc/analyzer/analyzer-pass.cc:86
#74 0x00000000009aae0f in execute_one_pass (pass=pass@entry=0x1a73e5b0) at
../../source/gcc/passes.cc:2659
#75 0x00000000009abc17 in execute_ipa_pass_list (pass=0x1a73e5b0) at
../../source/gcc/passes.cc:3112
#76 0x000000000060a6c5 in ipa_passes () at ../../source/gcc/cgraphunit.cc:2286
#77 symbol_table::compile (this=this@entry=0x7fdb62606000) at
../../source/gcc/cgraphunit.cc:2351
#78 0x000000000060caf8 in symbol_table::compile (this=0x7fdb62606000) at
../../source/gcc/cgraphunit.cc:2329
#79 symbol_table::finalize_compilation_unit (this=0x7fdb62606000) at
../../source/gcc/cgraphunit.cc:2603
#80 0x0000000000ac1a22 in compile_file () at ../../source/gcc/toplev.cc:479
#81 0x000000000044af00 in do_compile () at ../../source/gcc/toplev.cc:2208
#82 toplev::main (this=this@entry=0x7fff9ad3d4fe, argc=<optimized out>,
argc@entry=98, argv=<optimized out>, argv@entry=0x7fff9ad3d638)
at ../../source/gcc/toplev.cc:2368
#83 0x000000000044c7be in main (argc=98, argv=0x7fff9ad3d638) at
../../source/gcc/main.cc:39
