Bug 104942 - [12 Regression] ICE in size_for_offset, at tree-object-size.cc:352 since r12-6482-g06bc1b0c539e3a60
Summary: [12 Regression] ICE in size_for_offset, at tree-object-size.cc:352 since r12-...
Status: RESOLVED FIXED
Alias: None
Product: gcc
Classification: Unclassified
Component: tree-optimization (show other bugs)
Version: 12.0
: P1 normal
Target Milestone: 12.0
Assignee: Siddhesh Poyarekar
URL:
Keywords: ice-on-valid-code
Depends on:
Blocks:
 
Reported: 2022-03-15 21:30 UTC by Martin Liška
Modified: 2022-03-16 10:43 UTC (History)
1 user (show)

See Also:
Host:
Target:
Build:
Known to work:
Known to fail:
Last reconfirmed: 2022-03-15 00:00:00

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Martin Liška 2022-03-15 21:30:53 UTC 
Reduced from gzip package:

$ cat savedir.i
char *streamsavedir_name_space;
long streamsavedir_used;

void *ximalloc() __attribute__((__alloc_size__(1)));

const char **x;

void
streamsavedir___src() {
  streamsavedir_name_space = ximalloc(streamsavedir_used);
  char *dest = streamsavedir_name_space + streamsavedir_used;
  long __trans_tmp_1 = __builtin_dynamic_object_size(dest, 1);
  __builtin___stpcpy_chk(dest, *x, __trans_tmp_1);
}

$ gcc savedir.i -D_FORTIFY_SOURCE=3 -O
during GIMPLE pass: objsz
savedir.i: In function ‘streamsavedir___src’:
savedir.i:9:1: internal compiler error: in size_for_offset, at tree-object-size.cc:352
    9 | streamsavedir___src() {
      | ^~~~~~~~~~~~~~~~~~~
0x79987d size_for_offset
	/home/marxin/Programming/gcc/gcc/tree-object-size.cc:352
0x1006124 plus_stmt_object_size
	/home/marxin/Programming/gcc/gcc/tree-object-size.cc:1354
0x1006124 collect_object_sizes_for
	/home/marxin/Programming/gcc/gcc/tree-object-size.cc:1645
0x10070a7 compute_builtin_object_size(tree_node*, int, tree_node**)
	/home/marxin/Programming/gcc/gcc/tree-object-size.cc:1106
0xa1d849 fold_builtin_object_size
	/home/marxin/Programming/gcc/gcc/builtins.cc:10397
0xa1d849 fold_builtin_2
	/home/marxin/Programming/gcc/gcc/builtins.cc:9420
0xa1d849 fold_builtin_n
	/home/marxin/Programming/gcc/gcc/builtins.cc:9528
0x1007d2e dynamic_object_sizes_execute_one
	/home/marxin/Programming/gcc/gcc/tree-object-size.cc:1974
0x1007d2e object_sizes_execute
	/home/marxin/Programming/gcc/gcc/tree-object-size.cc:2034
Please submit a full bug report, with preprocessed source (by using -freport-bug).
Please include the complete backtrace with any bug report.
See <https://gcc.gnu.org/bugs/> for instructions.
Comment 1 GCC Commits 2022-03-16 10:41:30 UTC 
The master branch has been updated by Siddhesh Poyarekar <siddhesh@gcc.gnu.org>:

https://gcc.gnu.org/g:818e305ea692ebc6578fb40881887d45382f876b

commit r12-7667-g818e305ea692ebc6578fb40881887d45382f876b
Author: Siddhesh Poyarekar <siddhesh@gotplt.org>
Date:   Wed Mar 16 16:10:51 2022 +0530

    tree-optimization/104942: Retain sizetype conversions till the end
    
    Retain the sizetype alloc_object_size to guarantee the assertion in
    size_for_offset and to avoid adding a conversion there.  nop conversions
    are eliminated at the end anyway in dynamic object size computation.
    
    gcc/ChangeLog:
    
            PR tree-optimization/104942
            * tree-object-size.cc (alloc_object_size): Remove STRIP_NOPS.
    
    gcc/testsuite/ChangeLog:
    
            PR tree-optimization/104942
            * gcc.dg/builtin-dynamic-object-size-0.c (alloc_func_long,
            test_builtin_malloc_long): New functions.
            (main): Use it.
    
    Signed-off-by: Siddhesh Poyarekar <siddhesh@gotplt.org>
Comment 2 Siddhesh Poyarekar 2022-03-16 10:43:50 UTC 
Fixed.