[Bug c/107898] [11/12/13 Regression] ICE in irange_intersect, at value-range.cc:1640

[rguenth at gcc dot gnu.org]

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107898

Richard Biener <rguenth at gcc dot gnu.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
   Last reconfirmed|                            |2022-11-29
          Component|tree-optimization           |c
     Ever confirmed|0                           |1
                 CC|                            |aldyh at gcc dot gnu.org,
                   |                            |mpolacek at gcc dot gnu.org
             Status|UNCONFIRMED                 |NEW

--- Comment #1 from Richard Biener <rguenth at gcc dot gnu.org> ---
Confirmed.

(gdb) up
#1  0x00000000019f5fed in irange::irange_intersect (this=0x7fffffffc500, r=...)
    at /home/rguenther/src/trunk/gcc/value-range.cc:2559
2559      gcc_checking_assert (undefined_p () || r.undefined_p ()
(gdb) l
2554
2555    bool
2556    irange::irange_intersect (const irange &r)
2557    {
2558      gcc_checking_assert (!legacy_mode_p () && !r.legacy_mode_p ());
2559      gcc_checking_assert (undefined_p () || r.undefined_p ()
2560                           || range_compatible_p (type (), r.type ()));
2561
2562      if (undefined_p ())
2563        return false;
(gdb) p debug (r)
[irange] long unsigned int [5001, +INF]
$1 = void
(gdb) p debug (*this)
[irange] unsigned int [1, +INF]

and we invoke this from

#4  0x0000000002bf496d in alloca_call_type (stmt=<gimple_call 0x7ffff631c120>, 
    is_vla=false)
    at /home/rguenther/src/trunk/gcc/gimple-ssa-warn-alloca.cc:228
(gdb) l
223           // The invalid bits are anything outside of [0, MAX_SIZE].
224           int_range<2> invalid_range (build_int_cst (size_type_node, 0),
225                                       build_int_cst (size_type_node,
max_size),
226                                       VR_ANTI_RANGE);
227
228           r.intersect (invalid_range);
229           if (r.undefined_p ())
230             return alloca_type_and_limit (ALLOCA_OK);

and the issue is that the argument of the 'alloca' call is of type
unsigned int due to the "parsing" error with -fpreprocessed.  The C frontend
again makes 'alloca' built-in with a mismatched prototype here.

I'm not sure why we have to require compatible ranges on intersection
of irange though?  Since we don't have anti-ranges there's no implicit
min/max of types involved here, only symbolics (if they could creep in)
would make things difficult.  There's

  if (varying_p ())
    {
      operator= (r);
      return true;
    }

that would require range "conversion" (we don't want to change the type
of 'this') and all the ::to_wide would instead require ::to_widest.

Anyway, it's easy to "fix" the Walloca pass here.

Unfortunately there's no conversion operator or operator> for irange,
we just want to ask if (r > max_size) (and have max_size converted to
the type of r with saturation).