Compiler Explorer: https://godbolt.org/z/vPM1Gshzx ******************************************************************************* OS and Platform: $ uname -a: Linux ubuntu 4.15.0-213-generic #224-Ubuntu SMP Mon Jun 19 13:30:12 UTC 2023 x86_64 x86_64 x86_64 GNU/Linux ******************************************************************************* gcc version: $ gcc -v Using built-in specs. COLLECT_GCC=/root/gcc_set/202404101100/bin/gcc COLLECT_LTO_WRAPPER=/root/gcc_set/202404101100/libexec/gcc/x86_64-pc-linux-gnu/14.0.1/lto-wrapper Target: x86_64-pc-linux-gnu Configured with: ../gcc/configure --prefix=/root/gcc_set/202404101100 --with-gmp=/root/build_essential --with-mpfr=/root/build_essential --with-mpc=/root/build_essential --enable-languages=c,c++ --disable-multilib --with-sanitizer=address,undefined,thread,leak Thread model: posix Supported LTO compression algorithms: zlib gcc version 14.0.1 20240410 (experimental) (GCC) git version: 0774240b4df9a9bc48ce33a9625788e402498f5a ******************************************************************************* Program: $ cat mutant.c int a; int b(int); __attribute__((pure, returns_twice)) int c() { a = 1; while (a) a = 2; return a; } int e(void) { int d = c(); b(d); } ******************************************************************************* Command Lines: $ gcc -fsanitize=address -O1 -c mutant.c during GIMPLE pass: asan mutant.c: In function ‘e’: mutant.c:9:5: internal compiler error: in edge_before_returns_twice_call, at gimple-iterator.cc:981 9 | int e(void) { | ^ 0x792bf8 edge_before_returns_twice_call ../../gcc/gcc/gimple-iterator.cc:981 0xcb169e gsi_safe_insert_before(gimple_stmt_iterator*, gimple*) ../../gcc/gcc/gimple-iterator.cc:1054 0x1060c36 maybe_instrument_call ../../gcc/gcc/asan.cc:3032 0x1060c36 transform_statements ../../gcc/gcc/asan.cc:3118 0x1060fe7 asan_instrument ../../gcc/gcc/asan.cc:4262 0x1060fe7 execute ../../gcc/gcc/asan.cc:4303 Please submit a full bug report, with preprocessed source (by using -freport-bug). Please include the complete backtrace with any bug report. See <https://gcc.gnu.org/bugs/> for instructions.
Confirmed. I suspect the patches which fixed PR 112709 caused this one which so this is also a regression on the GCC 13 branch too.
Saying a function is valid code in this case is difficult, claiming that a noreturn function is pure or returns_twice is wrong, it isn't pure, nor returns_twice, as it never returns.
Created attachment 57929 [details] gcc14-pr114687.patch Untested fix. The tree-cfg.cc verification that ECF_RETURNS_TWICE call is the first in bb appart from labels/debug stmts is keyed on it appearing in a bb which has abnormal predecessor, this patch guards the code that attempts to maintain that invariant on the same condition.
The master branch has been updated by Jakub Jelinek <jakub@gcc.gnu.org>: https://gcc.gnu.org/g:c9e94ae448ba309dba74de3ee1974a3ed9248889 commit r14-9933-gc9e94ae448ba309dba74de3ee1974a3ed9248889 Author: Jakub Jelinek <jakub@redhat.com> Date: Fri Apr 12 10:59:54 2024 +0200 Limit special asan/ubsan/bitint returns_twice handling to calls in bbs with abnormal pred [PR114687] The tree-cfg.cc verifier only diagnoses returns_twice calls preceded by non-label/debug stmts if it is in a bb with abnormal predecessor. The following testcase shows that if a user lies in the attributes (a function which never returns can't be pure, and can't return twice when it doesn't ever return at all), when we figure it out, we can remove the abnormal edges to the "returns_twice" call and perhaps whole .ABNORMAL_DISPATCHER etc. edge_before_returns_twice_call then ICEs because it can't find such an edge. The following patch limits the special handling to calls in bbs where the verifier requires that. 2024-04-12 Jakub Jelinek <jakub@redhat.com> PR sanitizer/114687 * gimple-iterator.cc (gsi_safe_insert_before): Only use edge_before_returns_twice_call if bb_has_abnormal_pred. (gsi_safe_insert_seq_before): Likewise. * gimple-lower-bitint.cc (bitint_large_huge::lower_call): Only push to m_returns_twice_calls if bb_has_abnormal_pred. * gcc.dg/asan/pr114687.c: New test.
Fixed on the trunk so far.
The releases/gcc-13 branch has been updated by Jakub Jelinek <jakub@gcc.gnu.org>: https://gcc.gnu.org/g:7a1a52934a2ab9ac9205a3a4d5b82a672fefba7e commit r13-8631-g7a1a52934a2ab9ac9205a3a4d5b82a672fefba7e Author: Jakub Jelinek <jakub@redhat.com> Date: Fri Apr 12 10:59:54 2024 +0200 Limit special asan/ubsan/bitint returns_twice handling to calls in bbs with abnormal pred [PR114687] The tree-cfg.cc verifier only diagnoses returns_twice calls preceded by non-label/debug stmts if it is in a bb with abnormal predecessor. The following testcase shows that if a user lies in the attributes (a function which never returns can't be pure, and can't return twice when it doesn't ever return at all), when we figure it out, we can remove the abnormal edges to the "returns_twice" call and perhaps whole .ABNORMAL_DISPATCHER etc. edge_before_returns_twice_call then ICEs because it can't find such an edge. The following patch limits the special handling to calls in bbs where the verifier requires that. 2024-04-12 Jakub Jelinek <jakub@redhat.com> PR sanitizer/114687 * gimple-iterator.cc (gsi_safe_insert_before): Only use edge_before_returns_twice_call if bb_has_abnormal_pred. (gsi_safe_insert_seq_before): Likewise. * gcc.dg/asan/pr114687.c: New test. (cherry picked from commit c9e94ae448ba309dba74de3ee1974a3ed9248889)
Fixed for 13.3 too.