| Message ID | ri6k19z5c6u.fsf@suse.cz |
|---|---|
| State | New |
| Headers | show |
| Series | [PR,91832] Do not ICE on negative offsets in ipa-sra | expand |
On Mon, Sep 23, 2019 at 4:17 PM Martin Jambor <mjambor@suse.cz> wrote: > > Hi, > > IPA-SRA asserts that an offset obtained from get_ref_base_and_extent > is non-negative (after it verifies it is based on a parameter). That > assumption is invalid as the testcase shows. One could probably also write a > testcase with defined behavior, but unless I see a reasonable one > where the transformation is really desirable, I'd like to just punt on > those cases. > > Bootstrapped and tested on x86_64-linux. OK for trunk? OK. Richard. > Thanks, > > Martin > > 2019-09-23 Martin Jambor <mjambor@suse.cz> > > PR ipa/91832 > * ipa-sra.c (scan_expr_access): Check that offset is non-negative. > > testsuite/ > * gcc.dg/ipa/pr91832.c: New test. > --- > gcc/ipa-sra.c | 7 ++++++- > gcc/testsuite/gcc.dg/ipa/pr91832.c | 12 ++++++++++++ > 2 files changed, 18 insertions(+), 1 deletion(-) > create mode 100644 gcc/testsuite/gcc.dg/ipa/pr91832.c > > diff --git a/gcc/ipa-sra.c b/gcc/ipa-sra.c > index a32defb59bd..0ccebbd4607 100644 > --- a/gcc/ipa-sra.c > +++ b/gcc/ipa-sra.c > @@ -1692,7 +1692,12 @@ scan_expr_access (tree expr, gimple *stmt, isra_scan_context ctx, > disqualify_split_candidate (desc, "Encountered a bit-field access."); > return; > } > - gcc_assert (offset >= 0); > + if (offset < 0) > + { > + disqualify_split_candidate (desc, "Encountered an access at a " > + "negative offset."); > + return; > + } > gcc_assert ((offset % BITS_PER_UNIT) == 0); > gcc_assert ((size % BITS_PER_UNIT) == 0); > if ((offset / BITS_PER_UNIT) >= (UINT_MAX - ISRA_ARG_SIZE_LIMIT) > diff --git a/gcc/testsuite/gcc.dg/ipa/pr91832.c b/gcc/testsuite/gcc.dg/ipa/pr91832.c > new file mode 100644 > index 00000000000..4a0d62ec1d9 > --- /dev/null > +++ b/gcc/testsuite/gcc.dg/ipa/pr91832.c > @@ -0,0 +1,12 @@ > +/* { dg-do compile } */ > +/* { dg-options "-O2" } */ > + > +struct A1 { > + char a1[1]; > +}; > + > +void fn2(char a); > + > +void fn1(struct A1 *p1) { > + fn2(p1->a1[-1]); > +} > -- > 2.23.0 >
diff --git a/gcc/ipa-sra.c b/gcc/ipa-sra.c index a32defb59bd..0ccebbd4607 100644 --- a/gcc/ipa-sra.c +++ b/gcc/ipa-sra.c @@ -1692,7 +1692,12 @@ scan_expr_access (tree expr, gimple *stmt, isra_scan_context ctx, disqualify_split_candidate (desc, "Encountered a bit-field access."); return; } - gcc_assert (offset >= 0); + if (offset < 0) + { + disqualify_split_candidate (desc, "Encountered an access at a " + "negative offset."); + return; + } gcc_assert ((offset % BITS_PER_UNIT) == 0); gcc_assert ((size % BITS_PER_UNIT) == 0); if ((offset / BITS_PER_UNIT) >= (UINT_MAX - ISRA_ARG_SIZE_LIMIT) diff --git a/gcc/testsuite/gcc.dg/ipa/pr91832.c b/gcc/testsuite/gcc.dg/ipa/pr91832.c new file mode 100644 index 00000000000..4a0d62ec1d9 --- /dev/null +++ b/gcc/testsuite/gcc.dg/ipa/pr91832.c @@ -0,0 +1,12 @@ +/* { dg-do compile } */ +/* { dg-options "-O2" } */ + +struct A1 { + char a1[1]; +}; + +void fn2(char a); + +void fn1(struct A1 *p1) { + fn2(p1->a1[-1]); +}