https://gcc.gnu.org/bugzilla/show_bug.cgi?id=114897
Bug ID: 114897
Summary: ICE in get_or_create_widening_svalue, at
analyzer/region-model-manager.cc:1336 since
r13-3077-gbfca9505f6f
Product: gcc
Version: 14.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: analyzer
Assignee: dmalcolm at gcc dot gnu.org
Reporter: iamanonymous.cs at gmail dot com
Target Milestone: ---
Compiler Explorer: https://godbolt.org/z/WMK1K7cMs
Bisected to r13-3077-gbfca9505f6f
*******************************************************************************
OS and Platform:
$ uname -a:
Linux ubuntu 4.15.0-213-generic #224-Ubuntu SMP Mon Jun 19 13:30:12 UTC 2023
x86_64 x86_64 x86_64 GNU/Linux
*******************************************************************************
gcc version:
$ gcc -v
Using built-in specs.
COLLECT_GCC=/root/gcc_set/202404101100/bin/gcc
COLLECT_LTO_WRAPPER=/root/gcc_set/202404101100/libexec/gcc/x86_64-pc-linux-gnu/14.0.1/lto-wrapper
Target: x86_64-pc-linux-gnu
Configured with: ../gcc/configure --prefix=/root/gcc_set/202404101100
--with-gmp=/root/build_essential --with-mpfr=/root/build_essential
--with-mpc=/root/build_essential --enable-languages=c,c++ --disable-multilib
--with-sanitizer=address,undefined,thread,leak
Thread model: posix
Supported LTO compression algorithms: zlib
gcc version 14.0.1 20240410 (experimental) (GCC)
git version: 0774240b4df9a9bc48ce33a9625788e402498f5a
*******************************************************************************
Program:
$ cat mutant.c
int a, b;
char *c;
char *e(char *f) {
while (a) {
unsigned d = *f++;
}
return b ? f : 0;
}
void g() {
c = e(c);
e(c);
}
*******************************************************************************
Command Lines:
$ gcc -fanalyzer -fanalyzer-call-summaries -c mutant.c
during IPA pass: analyzer
mutant.c: In function āgā:
mutant.c:11:3: internal compiler error: in get_or_create_widening_svalue, at
analyzer/region-model-manager.cc:1336
11 | e(c);
| ^~~~
0x88f731 ana::region_model_manager::get_or_create_widening_svalue(tree_node*,
ana::function_point const&, ana::svalue const*, ana::svalue const*)
../../gcc/gcc/analyzer/region-model-manager.cc:1336
0x217b2aa ana::call_summary_replay::convert_svalue_from_summary(ana::svalue
const*)
../../gcc/gcc/analyzer/call-summary.cc:236
0x219584b ana::replay_fact_visitor::on_fact(ana::svalue const*, tree_code,
ana::svalue const*)
../../gcc/gcc/analyzer/constraint-manager.cc:3273
0x2189728 ana::constraint_manager::for_each_fact(ana::fact_visitor*) const
../../gcc/gcc/analyzer/constraint-manager.cc:3240
0x2189958
ana::constraint_manager::replay_call_summary(ana::call_summary_replay&,
ana::constraint_manager const&)
../../gcc/gcc/analyzer/constraint-manager.cc:3307
0x1491770 ana::region_model::replay_call_summary(ana::call_summary_replay&,
ana::region_model const&)
../../gcc/gcc/analyzer/region-model.cc:5640
0x14723eb ana::program_state::replay_call_summary(ana::call_summary_replay&,
ana::program_state const&)
../../gcc/gcc/analyzer/program-state.cc:1635
0x1458743 ana::call_summary_edge_info::update_state(ana::program_state*,
ana::exploded_edge const*, ana::region_model_context*) const
../../gcc/gcc/analyzer/engine.cc:1633
0x1450d9a ana::exploded_graph::process_node(ana::exploded_node*)
../../gcc/gcc/analyzer/engine.cc:4241
0x145166a ana::exploded_graph::process_worklist()
../../gcc/gcc/analyzer/engine.cc:3516
0x1453c4b ana::impl_run_checkers(ana::logger*)
../../gcc/gcc/analyzer/engine.cc:6210
0x1454bb6 ana::run_checkers()
../../gcc/gcc/analyzer/engine.cc:6308
0x1443a98 execute
../../gcc/gcc/analyzer/analyzer-pass.cc:87
Please submit a full bug report, with preprocessed source (by using
-freport-bug).
Please include the complete backtrace with any bug report.
See <https://gcc.gnu.org/bugs/> for instructions.
