https://gcc.gnu.org/bugzilla/show_bug.cgi?id=83058
Jakub Jelinek <jakub at gcc dot gnu.org> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |jakub at gcc dot gnu.org, | |msebor at gcc dot gnu.org Target Milestone|8.0 |6.5 Summary|[8 Regression] ICE on C++ |[6/7/8 Regression] ICE on |code with negative array |C++ code with negative |index: in |array index: in |warn_placement_new_too_smal |warn_placement_new_too_smal |l, at cp/init.c:2666 |l, at cp/init.c:2666 --- Comment #1 from Jakub Jelinek <jakub at gcc dot gnu.org> --- Not so recent regression, started with r229827. There are multiple bugs in that code: if (CONSTANT_CLASS_P (adj)) should really be a test for TREE_CODE (adj) == INTEGER_CST, tree_to_shwi is going to ICE on anything else. const_tree adj = TREE_OPERAND (oper, 1); if (!use_obj_size && CONSTANT_CLASS_P (adj)) adjust += tree_to_shwi (adj); similarly, plus there is no checking of addition overflows. I think it might be better to turn adjust into an offset_int in which you compute everything and then check if it can actually be used (or force use_obj_size otherwise). gcc_checking_assert (0 <= adjust); this is where we ICE. The comparison operand order is incorrect too. if (CONSTANT_CLASS_P (size)) Again, wrong check. Should be probably if (tree_fits_uhwi_p (size)). bytes_need = tree_to_uhwi (size); else if (nelts && CONSTANT_CLASS_P (nelts)) bytes_need = tree_to_uhwi (nelts) * tree_to_uhwi (TYPE_SIZE_UNIT (type)); The above is also misformatted, should be bytes_need = tree_to_uhwi (nelts) * tree_to_uhwi (TYPE_SIZE_UNIT (type)); or bytes_need = (tree_to_uhwi (nelts) * tree_to_uhwi (TYPE_SIZE_UNIT (type))); or bytes_need = tree_to_uhwi (nelts) * tree_to_uhwi (TYPE_SIZE_UNIT (type))); What about the case when TYPE_SIZE_UNIT doesn't fit into uhwi? That will ICE too. else if (tree_fits_uhwi_p (TYPE_SIZE_UNIT (type))) bytes_need = tree_to_uhwi (TYPE_SIZE_UNIT (type));