From 2fbea4190e76a59c4880727cf84706fe083c00ae Mon Sep 17 00:00:00 2001 From: David Malcolm Date: Thu, 23 Jan 2020 18:28:54 -0500 Subject: [PATCH] analyzer: restore input_location (PR 93349) PR analyzer/93349 reports an ICE in IPA pass: simdclone for some input files when -fanalyzer is supplied, with: error: location references block not in block tree The root cause is that the analyzer touches input_location in some places (to make it easier to track down which source construct the analyzer can't handle in the case of an analyzer ICE) and fails to reset it. For the ICE in question, this sets input_location to a location_t that references some arbitrary block (specifically, that of the last statement to be analyzed, within the original CFG of whichever is the last such function to be analyzed). Later, within omp-simd-clone.c, input_location is used by gimplify_expr (called via gimplify_and_add), which has: 14492 if (!gimple_seq_empty_p (*pre_p)) 14493 annotate_all_with_location_after (*pre_p, pre_last_gsi, input_location); thus using whatever the value of input_location is, leading to statements that reference some arbitrary block in the original CFG. For the reproducer, this happens to be a block in the CFG for the original function, rather than that of the clone, but in general it could be some arbitrary other function in the TU. This code appears to assume that input_location has some arbitrary value *not* in the block tree, which is potentially violated by the analyzer's changes to input_location. This patch adds a save and restore of input_location at the top-level function of the analyzer, fixing the ICE. gcc/analyzer/ChangeLog: PR analyzer/93349 * engine.cc (run_checkers): Save and restore input_location. gcc/testsuite/ChangeLog: PR analyzer/93349 * gcc.dg/analyzer/torture/pr93349.c: New test. --- gcc/analyzer/ChangeLog | 5 +++++ gcc/analyzer/engine.cc | 8 ++++++++ gcc/testsuite/ChangeLog | 5 +++++ gcc/testsuite/gcc.dg/analyzer/torture/pr93349.c | 4 ++++ 4 files changed, 22 insertions(+) create mode 100644 gcc/testsuite/gcc.dg/analyzer/torture/pr93349.c diff --git a/gcc/analyzer/ChangeLog b/gcc/analyzer/ChangeLog index 4a99c3f12a7..3a2d179c766 100644 --- a/gcc/analyzer/ChangeLog +++ b/gcc/analyzer/ChangeLog @@ -1,3 +1,8 @@ +2020-01-27 David Malcolm + + PR analyzer/93349 + * engine.cc (run_checkers): Save and restore input_location. + 2020-01-27 David Malcolm * call-string.cc (call_string::cmp_1): Delete, moving body to... diff --git a/gcc/analyzer/engine.cc b/gcc/analyzer/engine.cc index 8961c557c49..2bc0aff6a6e 100644 --- a/gcc/analyzer/engine.cc +++ b/gcc/analyzer/engine.cc @@ -3589,6 +3589,9 @@ impl_run_checkers (logger *logger) void run_checkers () { + /* Save input_location. */ + location_t saved_input_location = input_location; + /* Handle -fdump-analyzer and -fdump-analyzer-stderr. */ FILE *dump_fout = NULL; /* Track if we're responsible for closing dump_fout. */ @@ -3619,6 +3622,11 @@ run_checkers () if (owns_dump_fout) fclose (dump_fout); + + /* Restore input_location. Subsequent passes may assume that input_location + is some arbitrary value *not* in the block tree, which might be violated + if we didn't restore it. */ + input_location = saved_input_location; } } // namespace ana diff --git a/gcc/testsuite/ChangeLog b/gcc/testsuite/ChangeLog index 56acbd926ad..b4f298a7ea0 100644 --- a/gcc/testsuite/ChangeLog +++ b/gcc/testsuite/ChangeLog @@ -1,3 +1,8 @@ +2020-01-27 David Malcolm + + PR analyzer/93349 + * gcc.dg/analyzer/torture/pr93349.c: New test. + 2020-01-27 David Malcolm PR analyzer/93291 diff --git a/gcc/testsuite/gcc.dg/analyzer/torture/pr93349.c b/gcc/testsuite/gcc.dg/analyzer/torture/pr93349.c new file mode 100644 index 00000000000..a9d06367722 --- /dev/null +++ b/gcc/testsuite/gcc.dg/analyzer/torture/pr93349.c @@ -0,0 +1,4 @@ +__attribute__ ((simd)) void +test (void) +{ +} -- 2.30.2