After integrating the -fstack-protector fixes in CVE-2023-4039 to gcc 13.2.0, a proprietary codebase is causing an ICE. error: unrecognizable insn: 2923 | } | ^ (insn 416 286 290 17 (parallel [ (set (mem/c:SI (plus:DI (reg/f:DI 29 x29) (const_int -260 [0xfffffffffffffefc])) [1 redacted.pixel_format+0 S4 A32]) (const_int 0 [0])) (set (mem/c:SI (plus:DI (reg/f:DI 29 x29) (const_int -256 [0xffffffffffffff00])) [1 redacted.pixel_value+0 S4 A128]) (reg/v:SI 22 x22 [orig:141 color ] [141])) ]) "TOPDIR/BUILD/work/redacted/redacted/redacted/git/redacted.c":2903:45 -1 (expr_list:REG_DEAD (reg/v:SI 22 x22 [orig:141 color ] [141]) (nil))) during RTL pass: cprop_hardreg TOPDIR/BUILD/work/redacted/redacted/redacted/git/redacted.c:2923:1: internal compiler error: in extract_insn, at recog.cc:2791 0x191624a internal_error(char const*, ...) ???:0 0x6bee26 fancy_abort(char const*, int, char const*) ???:0 0x697469 _fatal_insn(char const*, rtx_def const*, char const*, int, char const*) ???:0 0x697485 _fatal_insn_not_found(rtx_def const*, char const*, int, char const*) ???:0 0xbef198 extract_constrain_insn(rtx_insn*) ???:0 Copying Martin Jansa who reported this originally and is working on a minimal reproducer.
https://github.com/csmith-project/creduce reduced my test case to: typedef a; typedef struct { short b __attribute__((aligned(8))) } c; typedef struct { short d __attribute__((aligned(8))) } e; typedef struct { int f; a g } h; typedef struct { int i; int j; a k; h l; e m; a n; a o; a p; a a; a q } r; typedef struct { r s; r t; r u; r b; a : 2, : 22, : 10; a : 4, : 4, : 16; struct { char c; c d; c e } } v; w; x() { v a; w = __builtin_alloca(sizeof(e)); a.s.l.f = a.s.l.g = x; ai(a); } $ aarch64-oe-linux-gcc --version aarch64-oe-linux-gcc (GCC) 13.2.0 And to reproduce need to use -fstack-protector-strong as well as -O2: $ aarch64-oe-linux-gcc -fstack-protector-strong -O2 -c test.c ... bunch of warnings ... test.c:43:1: error: unrecognizable insn: 43 | } | ^ (insn 87 27 29 2 (parallel [ (set (mem/c:SI (plus:DI (reg/f:DI 29 x29) (const_int -260 [0xfffffffffffffefc])) [1 a.s.l.f+0 S4 A32]) (reg:SI 4 x4 [107])) (set (mem/c:SI (plus:DI (reg/f:DI 29 x29) (const_int -256 [0xffffffffffffff00])) [1 a.s.l.g+0 S4 A128]) (reg:SI 4 x4 [107])) ]) "test.c":42:3 -1 (expr_list:REG_DEAD (reg:SI 4 x4 [107]) (nil))) during RTL pass: cprop_hardreg test.c:43:1: internal compiler error: in extract_insn, at recog.cc:2791 0x18d8d3b internal_error(char const*, ...) ???:0 0x6b3c5a fancy_abort(char const*, int, char const*) ???:0 0x692708 _fatal_insn(char const*, rtx_def const*, char const*, int, char const*) ???:0 0x69272a _fatal_insn_not_found(rtx_def const*, char const*, int, char const*) ???:0 0xbe23ef extract_constrain_insn(rtx_insn*) ???:0 Will check with gcc trunk if it's still reproducible there. gcc-12.3.0 shows the same ICE while gcc-11.4.0 built the same code OK.
Dup of bug 111411. *** This bug has been marked as a duplicate of bug 111411 ***
Reproduced with: 13.2.1 20230914 (revision 9cddebd822aeff9b7c0e9951909d5ec96c959e4f) and 14.0.0 20230914 (experimental) (revision 8517317ce8e9fbea0b4c7a8f87a86d07d95dc8c7) as well.
Thanks, your test case is nicer than mine in the original.