Created attachment 56926 [details] reduced testcase Compiler output: $ x86_64-pc-linux-gnu-gcc -O2 testcase.c -wrapper valgrind,-q ==23272== Invalid read of size 2 ==23272== at 0x2635303: contains_struct_check (tree.h:3757) ==23272== by 0x2635303: gimple_lower_bitint() (gimple-lower-bitint.cc:6585) ==23272== by 0x13C87DA: execute_one_pass(opt_pass*) (passes.cc:2646) ==23272== by 0x13C90CF: execute_pass_list_1(opt_pass*) (passes.cc:2755) ==23272== by 0x13C90E1: execute_pass_list_1(opt_pass*) (passes.cc:2756) ==23272== by 0x13C9108: execute_pass_list(function*, opt_pass*) (passes.cc:2766) ==23272== by 0xFC9795: expand (cgraphunit.cc:1842) ==23272== by 0xFC9795: cgraph_node::expand() (cgraphunit.cc:1795) ==23272== by 0xFCAADA: expand_all_functions (cgraphunit.cc:2025) ==23272== by 0xFCAADA: symbol_table::compile() [clone .part.0] (cgraphunit.cc:2399) ==23272== by 0xFCD657: compile (cgraphunit.cc:2312) ==23272== by 0xFCD657: symbol_table::finalize_compilation_unit() (cgraphunit.cc:2584) ==23272== by 0x150A701: compile_file() (toplev.cc:473) ==23272== by 0xDE58FB: do_compile (toplev.cc:2150) ==23272== by 0xDE58FB: toplev::main(int, char**) (toplev.cc:2306) ==23272== by 0xDE70DA: main (main.cc:39) ==23272== Address 0x0 is not stack'd, malloc'd or (recently) free'd ==23272== during GIMPLE pass: bitintlower testcase.c: In function 'bar': testcase.c:5:1: internal compiler error: Segmentation fault 5 | bar(unsigned _BitInt(1) c, _BitInt(401) d) | ^~~ 0x150a21f crash_signal /repo/gcc-trunk/gcc/toplev.cc:316 0x2635303 contains_struct_check(tree_node*, tree_node_structure_enum, char const*, int, char const*) /repo/gcc-trunk/gcc/tree.h:3757 0x2635303 gimple_lower_bitint /repo/gcc-trunk/gcc/gimple-lower-bitint.cc:6585 Please submit a full bug report, with preprocessed source (by using -freport-bug). Please include the complete backtrace with any bug report. See <https://gcc.gnu.org/bugs/> for instructions. $ x86_64-pc-linux-gnu-gcc -v Using built-in specs. COLLECT_GCC=/repo/gcc-trunk/binary-latest-amd64/bin/x86_64-pc-linux-gnu-gcc COLLECT_LTO_WRAPPER=/repo/gcc-trunk/binary-trunk-r14-6806-20231222122934-gcefae511ed7-checking-yes-rtl-df-extra-nobootstrap-amd64/bin/../libexec/gcc/x86_64-pc-linux-gnu/14.0.0/lto-wrapper Target: x86_64-pc-linux-gnu Configured with: /repo/gcc-trunk//configure --enable-languages=c,c++ --enable-valgrind-annotations --disable-nls --enable-checking=yes,rtl,df,extra --disable-bootstrap --with-cloog --with-ppl --with-isl --build=x86_64-pc-linux-gnu --host=x86_64-pc-linux-gnu --target=x86_64-pc-linux-gnu --with-ld=/usr/bin/x86_64-pc-linux-gnu-ld --with-as=/usr/bin/x86_64-pc-linux-gnu-as --disable-libstdcxx-pch --prefix=/repo/gcc-trunk//binary-trunk-r14-6806-20231222122934-gcefae511ed7-checking-yes-rtl-df-extra-nobootstrap-amd64 Thread model: posix Supported LTO compression algorithms: zlib zstd gcc version 14.0.0 20231222 (experimental) (GCC)
Confirmed.
Created attachment 56983 [details] gcc14-pr113120.patch Untested fix.
The master branch has been updated by Jakub Jelinek <jakub@gcc.gnu.org>: https://gcc.gnu.org/g:efef8d7ff43c6c489fd6e7c52d71494d21324c87 commit r14-7001-gefef8d7ff43c6c489fd6e7c52d71494d21324c87 Author: Jakub Jelinek <jakub@redhat.com> Date: Mon Jan 8 13:58:28 2024 +0100 lower-bitint: Fix up lowering of huge _BitInt 0 PHI args [PR113120] The PHI argument expansion of INTEGER_CSTs where bitint_min_cst_precision returns significantly smaller precision than the PHI result precision is optimized by loading the much smaller constant (if any) from memory and then either setting the remaining limbs to {} or calling memset with -1. The case where no constant is loaded (i.e. c == NULL) is when the INTEGER_CST is 0 or all_ones - in that case we can just set all the limbs to {} or call memset with -1 on everything. While for the all ones extension case that is what the code was already doing, I missed one spot in the zero extension case, where constricting the offset of the MEM_REF lhs of the = {} store it was using unconditionally the byte size of c, which obviously doesn't work if c is NULL. In that case we want to use zero offset. 2024-01-08 Jakub Jelinek <jakub@redhat.com> PR tree-optimization/113120 * gimple-lower-bitint.cc (gimple_lower_bitint): Fix handling of very large _BitInt zero INTEGER_CST PHI argument. * gcc.dg/bitint-62.c: New test.
Fixed.
The master branch has been updated by Jakub Jelinek <jakub@gcc.gnu.org>: https://gcc.gnu.org/g:2611cdc329e0229330b228e441934f386d6d5ff7 commit r14-7095-g2611cdc329e0229330b228e441934f386d6d5ff7 Author: Jakub Jelinek <jakub@redhat.com> Date: Wed Jan 10 12:46:00 2024 +0100 sra: Partial fix for BITINT_TYPEs [PR113120] As changed in other parts of the compiler, using build_nonstandard_integer_type is not appropriate for arbitrary precisions, especially if the precision comes from a BITINT_TYPE or something based on that, build_nonstandard_integer_type relies on some integral mode being supported that can support the precision. The following patch uses build_bitint_type instead for BITINT_TYPE precisions. Note, it would be good if we were able to punt on the optimization (but this code doesn't seem to be able to punt, so it needs to be done somewhere earlier) at least in cases where building it would be invalid. E.g. right now BITINT_TYPE can support precisions up to 65535 (inclusive), but 65536 will not work anymore (we can't have > 16-bit TYPE_PRECISION). I've tried to replace 513 with 65532 in the testcase and it didn't ICE, so maybe it ran into some other SRA limit. 2024-01-10 Jakub Jelinek <jakub@redhat.com> PR tree-optimization/113120 * tree-sra.cc (analyze_access_subtree): For BITINT_TYPE with root->size TYPE_PRECISION don't build anything new. Otherwise, if root->type is a BITINT_TYPE, use build_bitint_type rather than build_nonstandard_integer_type. * gcc.dg/bitint-63.c: New test.